Author profile picture

Whether it is Microsoft, the KNVB, beer brewery Duvel, a baby TV show, or our hoovers: companies and consumers are increasingly facing cyber attacks. But, how do cyber attacks work? How can businesses guard against them? And what can you do to stay safe? In this column, we put these – and other – questions to expert Patrick Jordens. He is the director of Trusted Third Party (TT3P): a Dutch company specialising in cybersecurity. TT3P helps companies better defend themselves against, among other things, hackers taking company systems hostage or unlawfully obtaining data.

Patrick Jordens

Patrick Jordens (1969) is an entrepreneur with a heart for digital security. He is director of Trusted Third Party and founder of DMCC Group, which helps organizations comply with all external laws, regulations and internal policies in the field of privacy and consumer law. He is also a guest lecturer in marketing, data privacy and ethics at the Hogeschool van Rotterdam.

The number of cyber-attacks has increased considerably in recent years. Why is that?

“Since the COVID-19 pandemic, the number of incidents has increased significantly. Criminals also had to stay indoors and they focused on cybercrime. Moreover, people started working from home en masse. Organizations became more vulnerable as a result.

The continuous development of technologies also contributes to the growth of cybercrime. Criminals around the world have access to generative AI, for example. Within no time, they draft a phishing email in perfect Dutch with ChatGPT.”

Patrick Jordens

Let’s zoom in on companies. Can we find a common thread in the types of attacks they face?

“There are two types of attacks that we are seeing a lot of lately. One is data extraction. This involves stealing data from a company. The attack on KNVB is an example of this.

A second category is hostage software, malware, and ransomware. This puts pressure on the continuity of your organization. You will no longer be able to continue working. When you start up your computer in the morning, nothing happens. Installation company Hoppenbrouwers had to deal with this three years ago.”

Where are the vulnerabilities of many Dutch companies?

“Many organizations and companies underestimate the importance of a well-thought-out backup strategy. They often only back up every so often. I recently spoke to a company from the Westland region that a ransomware attack had hit. The last backup they had made had failed and therefore they had to restore an old one.
When companies get hacked and restore their systems to a backup a few weeks old, a lot of data is lost. Companies need to ask themselves how much data loss they can afford. In addition, they need to think carefully about where they store that backup. Because the first thing hackers do when they penetrate your system is to encrypt the backup, that’s how they try to gain power over the company.”

The number of cyber attacks seems to be anything but decreasing. How next?

“I hope companies will take cyber security more seriously in the coming years. Many large organizations are already aware of their security; SMEs and charities in particular need to start taking steps. Often, the thinking among smaller organisations is: there is nothing to be gained from us. And then cyber security is pushed into the background. That makes them a very desirable target. Yes, it costs money to protect yourself. But it costs you much more if you become a target.”