Conference Matters 144

Digital resilien continues to be crucial but you don't have to be For

still a world to win, especially with smaller organi sations.” According to the report Cyber Security Assess ment Netherlands 2024 (CSAN 2024), the digital threat against the Netherlands is significant and diverse. Most attacks come from state actors such as Russia and China or from cyber criminals who use ransomware (demanding a ransom in exchange for decryption) or steal data, which can cause major damage. Ransomware impacted at least 178 Dutch organisations in 2023. However, since not all victims report incidents and customers are also affected, their actual number is much higher. The weakest link is people According to Robert Molenaar at Hoffmann, a company that tests digital resilience, the big gest risk is often people’s behaviour, not just technology. “Some 80% of attacks start with event, the largest network overload occurred, with an average of 1.6 million bot attacks per minute. It shows how international events can be an attractive target from a political standpoint. BT Group’s conferencing division in the UK was hit by a Black Basta ransomware attack in December 2024. While the services were not directly affected, the hackers claimed to have stolen 500GB of sensitive data, including user information and confidential documents. It shows that conference infrastructures can be vulnerable to data theft.

The threat posed by cyber attacks is no longer hypothetical. Organisations are increasingly falling victim to cyber criminals and state actors. Is the Netherlands equipped to deal with these digital dangers? What steps should a conference organisation take to minimise the damage? “Cyber security is no longer only a technical matter. It affects everyone,” says Marcel Spruit, lecturer in Information Security at The Hague University of Applied Sciences. He has been researching digital resilience for governments, vital infrastructure and companies for 20 years. Spruit sees that his field is getting increasingly more attention. “It’s structurally higher on the agenda than it was 10 years ago, also due to visi ble incidents and political tensions. But there is At a conference hosted by gaming platform Roblox in June 2024, FNTech’s registration service was hacked and participants’ personal information was stolen, including full names, email addresses and IP addresses. The incident highlights the vulnerability of conferences to external suppliers involved in their organisation. During the G20 summit in India in September 2023, Indonesian hacktivist groups focused on the digital infrastructure. In the run-up to the event, DDoS attacks frequently caused the summit’s website to be unavailable. During the By Bas Hakker

THREE RECENT HACKS ON CONFERENCE INFRASTRUCTURES

14