top of page
Search

Recent Russian hacks on Dutch public infrastructure

Article Written by: Aryan Singh

Article Designed by: Aryan Singh & Sanvi Desai


What comes to mind when you hear the word “cyberattack”?


When people think of cyberattacks, they usually think of attackers targeting computers and websites. But that is quickly changing. Today, cyberattacks are hitting physical infrastructure we rely on every day. Since these systems are run by computers, they are increasingly becoming new targets for hackers.


A recent example of this happened in the Netherlands, where a Russian cyberattack hit their public systems, disabling dozens of speed cameras. However silly it seems to target speed cameras, this wasn't just a minor issue. The cameras were on high-speed highways, and with the cameras offline, thousands of cars were put in danger, as speeding was left unchecked.


Image by DutchNews 


This attack poses a crucial question though, how did the hackers get in? By exploiting a major security flaw, namely the Citrix NetScaler zero-day vulnerability, hackers forced their way into the system. A "zero-day" means the software company didn't know about the flaw, so there was no fix available when the hackers used it. This allowed the hackers to have access to the system for at least three weeks, unnoticed.


Even more concerning was the delayed response to the vulnerability. The National Cyber Security Centre (NCSC) issued a public alert about the vulnerability seven days after the speed cameras were already taken down. This shows that even in critical scenarios, defenses can sometimes be too slow to keep up with hackers' speed. 


This delay also highlights the widening gap between offensive and defensive cyber capabilities. Attackers have the resources to rapidly discover and exploit new vulnerabilities, while public institutions often rely on outdated hardware leading to slow detection times. As a result, defenders frequently find themselves having to stop the carnage of an attack rather than preventing it beforehand.


Image by Stratosphere Networks


Another important point raised by the incident is how little the public understands the vulnerability of devices they encounter every day. Many assume traffic cameras are simple tools, but under the hood, they run complex software with access to sensitive data. This is why they are increasingly becoming more attractive gateways for intruders who want to breach into more critical systems.


One aspect that made the incident even more alarming is how interconnected the public systems were. Speed cameras didn’t just function as standalone devices, they were tied into larger municipal networks that also connect traffic lights and road sensors. When attackers breached these systems, they weren’t just disabling speed cameras, they were gaining critical intel into how Dutch infrastructure communicates and operates behind the scenes.


It's likely that this attack was just a test. When hackers can disrupt minor public infrastructure like speed cameras, it suggests they could be planning to hack bigger things with much more impact. If hackers were able to shut down all speed cameras this easily, what would happen if they targeted the power grid or water supply?


This incident needs to serve as a wake-up call for everyone in cybersecurity. More time and money needs to be invested into protecting all public infrastructure that relies on computers. Cybersecurity is no longer just about protecting data in the cyber world, it's about protecting our physical world too.





Works Cited




 
 
 

Comments

bottom of page