Police arrests suspect for DDoS attack on Dutch government website
Breda - On Friday, April 10, 2020, a 19-year-old man from Breda was arrested, who is suspected of having shut down the websites MijnOverheid.nl and Overheid.nl by carrying out DDoS attacks. These attacks were carried out on March 19. The aforementioned sites were therefore offline for some time. Overheid.nl was and is frequently visited because of the corona crisis. During these times, the availability of this website to citizens is crucial for the country.
“Conducting a DDoS attack is a criminal offense. We always report an attack. And in good cooperation with the cybercrime team, this has led to a quick arrest,” says Logius (the management organisation). The investigation was carried out by the cybercrime team of the Dutch police in Utrecht, who specializes in investigating and counteracting DDoS attacks. The investigation was led by a public prosecutor from The Hague. During the Easter weekend, the prosecutor will decide whether the suspect will be brought before the examining magistrate in The Hague.
On March 19, the above sites were unavailable for several hours. In a DDoS attack, servers of a website are bombarded with data traffic. This may cause the servers to fail. Then, visitors are unable to access the website. Especially in these times where many emergency ordinances and other emergency regulations are made accessible through this site, it is critical to keep this site accessible to citizens. The arrested man is formally suspected of having endangered vital processes that would compromise our safety.
MijnOverheid is a kind of digital letterbox where citizens receive mail from the government, for example about their tax returns or child benefits. Citizens also access personal information here, such as registration with the municipality or the date of the MOT.
“By taking a website like this offline, you are denying citizens access to their personal data and important government information. We take this very high, especially now that the corona crisis is causing additional uncertainty and a great need for information by many people. We want to protect people and companies and make it increasingly difficult for cyber criminals to carry out a DDoS attack,” said Jeroen Niessen of the cybercrime team of the Central Netherlands Police.
Prevent DDoS attacks
Last week, the Central Netherlands police, also, shut down 15 so-called booters. Booters are a form of online service where customers can use an infrastructure of (mostly) hacked computers to attack a target. In most cases, offering and using booters is therefore a criminal offense. Buying DDoS attacks from so-called booters is a common way to cause DDoS attacks. “Many users don't realise this. Many DDoS attacks are committed by young people. Out of boredom or as a challenge; to see if they succeed in taking down a target. Perpetrators underestimate the consequences of these attacks for victims. Moreover, they do not realise that the police are able to find them and that they are facing a penalty and a substantial claim for damages.”
15 booters down in one week
In addition to tackling people who carry out DDoS attacks, we also focus on tackling the booter websites. The cybercrime team of the Central Netherlands Police uses innovative methods to detect such booters. In the past week, 15 booters have been blacked out at the request of the police. We worked in conjunction with external parties, such as hosters or registrars, international police forces, Europol, Interpol, and the FBI.
“With these investigations, we want to protect people as much as possible against DDoS attacks. By taking booters and their domain names offline, we obstruct cyber criminals. We have now put quite a few on black. If they pop up elsewhere, we will immediately act on it again. Our goal is to seize more and more booters.”.