Cyber Incident Victim: Kamer van Koophandel
Date:
Aug 2023
Location:
Netherlands
Summary
The Chamber of Commerce experienced a DDoS attack that disrupted website accessibility, particularly affecting international users, though most services were restored for domestic visitors. The organization mitigated the attack by restricting access to Dutch IP addresses, inadvertently limiting legitimate foreign users. While the attack did not compromise underlying data or indicate secondary intrusions, it highlighted broader cybersecurity vulnerabilities amid a reported increase in such incidents nationally. Russian hackers were suspected but not confirmed by the organization. The incident coincided with similar attacks on other Dutch infrastructure entities, underscoring operational risks posed by DDoS disruptions to critical services.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 10, 2023, the Dutch Chamber of Commerce (KVK) experienced a distributed denial-of-service (DDoS) attack that disrupted access to its website. The attack began on Thursday, flooding the site with excessive traffic that overwhelmed its capacity and created accessibility issues for users attempting to reach it. By midday (12:48 PM), KVK spokesperson Veerle Maris confirmed most services had been restored for users within the Netherlands, though international access remained problematic. The organization mitigated the attack by implementing geographical restrictions, limiting website availability exclusively to Dutch IP addresses. This containment strategy successfully repelled the ongoing attack but resulted in continued access barriers for entrepreneurs and users outside the Netherlands. KVK assured stakeholders that the DDoS attack did not compromise underlying systems or data integrity, with no evidence found of secondary intrusions or data breaches during the incident. The disruption primarily affected website availability, with no reported impacts on backend services or business registries.
The incident occurred amid a documented increase in DDoS attacks across the Netherlands, as reported by the National Cyber Security Center. Other organizations, including the Association of Public Transport Companies and Maastricht Airport, faced similar disruptions during the same week. While unconfirmed by KVK, media reports suggested potential Russian involvement in the attack. The Chamber of Commerce declined to attribute responsibility or comment on the attackers' origins. Service restoration prioritized domestic users, reflecting the targeted nature of the mitigation strategy. The attack underscored operational vulnerabilities to high-volume traffic floods, though KVK's response demonstrated effective containment capabilities for such incidents. No prolonged downtime or financial impact assessments were disclosed by KVK following service restoration.