In January 2025, Dutch educational institutions were targeted by prolonged, complex DDoS-attacks over several days. This led to a lot of concerns in Dutch society, which NBIP general director Octavia de Weerdt addressed with a post (in Dutch) on Linkedin. Because the contents of that post are valid for DDoS attacks and defence against these attacks in general, we have also made this post available in English below.
The recent DDoS attacks have led to concerns about what is going on and we at NBIP feel it is necessary to offer some perspective on the situation. One thing is certain: the current impact of these attacks is exceptional, but no reason for alarm.
In general, we have very good arrangements in the Netherlands when it comes to DDoS protection and mitigation (defence) capacity. Thanks in part to the national Anti-DDoS Coalition, which cooperates with the Dutch Police and the National Cyber Security Centre (NCSC-NL), among others, there is a high level of awareness and resilience among organisations in the Netherlands. Some Dutch organisations face dozens of DDoS attacks every day, which are almost always successfully repelled.
The fact that we can generally use online services without worry and without interruption is therefore partly due to the preparations that have been made to repel DDoS attacks.
So how is it possible that these types of attacks have had such an impact this January? This is because DDoS attacks are evolving and those who carry out these types of attacks are constantly on the lookout for weaknesses in the defences. DDoS should be seen as a classic arms race in which new types and combinations of attacks are constantly being deployed to circumvent existing defence mechanisms.
For several years now, these attacks have been part of hybrid conflicts involving groups that are supported by state actors. This means that more resources are available for malicious parties to develop and carry out (complex) attacks.
Even if you have thoroughly prepared for DDoS attacks, they can still manage to overwhelm or circumvent your defences.
That does not mean we are defenceless. High-impact attacks provide new insights that can be used to develop new measures. But we must realise that the problem of DDoS will not go away. And that we will occasionally have to deal with attacks that are successful to a certain degree.
Unfortunately, when it comes to cyber threats, there is no such thing as 100% protection. Resilience is not only about technical measures and bringing in or having the right expertise. It is also about a mindset in which we as a society become more aware of the fact that these types of incidents sometimes occur and from which we can respond resiliently.
In my opinion, that resilience also lies in cooperation. DDoS is pre-eminently a problem that can be tackled collectively, as we do with our dykes or the fire service. By joining forces, exchanging knowledge and organising our resilience together, we ensure that the impact of DDoS attacks is minimised.
