NBIP logo

Dutch public sector targeted by prolonged, complex DDoS attacks

In January 2025, Dutch educational institutions were targeted by prolonged, complex DDoS-attacks over several days. This led to a lot of concerns in Dutch society, which NBIP general director Octavia de Weerdt addressed with a post (in Dutch) on Linkedin. Because the contents of that post are valid for DDoS attacks and defence against these attacks in general, we have also made this post available in English below.

The recent DDoS attacks have led to concerns about what is going on and we at NBIP feel it is necessary to offer some perspective on the situation. One thing is certain: the current impact of these attacks is exceptional, but no reason for alarm.

In general, we have very good arrangements in the Netherlands when it comes to DDoS protection and mitigation (defence) capacity. Thanks in part to the national Anti-DDoS Coalition, which cooperates with the Dutch Police and the National Cyber Security Centre (NCSC-NL), among others, there is a high level of awareness and resilience among organisations in the Netherlands. Some Dutch organisations face dozens of DDoS attacks every day, which are almost always successfully repelled.

The fact that we can generally use online services without worry and without interruption is therefore partly due to the preparations that have been made to repel DDoS attacks.

So how is it possible that these types of attacks have had such an impact this January? This is because DDoS attacks are evolving and those who carry out these types of attacks are constantly on the lookout for weaknesses in the defences. DDoS should be seen as a classic arms race in which new types and combinations of attacks are constantly being deployed to circumvent existing defence mechanisms.

For several years now, these attacks have been part of hybrid conflicts involving groups that are supported by state actors. This means that more resources are available for malicious parties to develop and carry out (complex) attacks.

Even if you have thoroughly prepared for DDoS attacks, they can still manage to overwhelm or circumvent your defences.

That does not mean we are defenceless. High-impact attacks provide new insights that can be used to develop new measures. But we must realise that the problem of DDoS will not go away. And that we will occasionally have to deal with attacks that are successful to a certain degree.

Unfortunately, when it comes to cyber threats, there is no such thing as 100% protection. Resilience is not only about technical measures and bringing in or having the right expertise. It is also about a mindset in which we as a society become more aware of the fact that these types of incidents sometimes occur and from which we can respond resiliently.

In my opinion, that resilience also lies in cooperation. DDoS is pre-eminently a problem that can be tackled collectively, as we do with our dykes or the fire service. By joining forces, exchanging knowledge and organising our resilience together, we ensure that the impact of DDoS attacks is minimised.

News

DDoS attacks in Q3 2025
NaWas, News
NBIP publishes latest edition of the Annual Monitor
Reports
Connect2Trust, NBIP, and SIDN Fund are jointly increasing the Netherlands’ digital resilience
News
DDoS attacks in Q2 2025
NaWas, News

Wil je meer informatie of je abonneren op onze nieuwsbrief?

NBIP logo
NBIP NEXT
Platform- and supplier-independent Cloud with Haven

Thursday, 27 November – 1:50 p.m. – 2:30 p.m.

Haven is an open solution for platform- and supplier-independent Cloud services. Haven is a building block of the pGDI and the NDS. Haven offers agnostic configuration of Cloud technology and provides organisations with a feasible exit plan. Expect an inspiring story about the practice of ecosystem-driven collaboration, in which we use the power of digitisation for the benefit of society.

Highlights:

  • Haven+
  • Ecosystem-driven collaboration
  • Platform- and supplier-independent cloud services
  • Data sovereignty

About Jacco Brouwer

Jacco Brouwer works for the Association of Netherlands Municipalities as Cloud Policy Coordinator and represents municipal interests in the NDS implementation programme on Cloud. From the Innovation Knowledge Centre at VNG, Jacco is the initiator of the public Incubator GROEI, through which VNG guides municipal collaboration and innovations based on a start-up philosophy in scaling up to broad and collective use among municipalities and fellow authorities.

Jacqueline van de Werken is bijna 10 jaar actief als global general counsel bij Leaseweb, na een loopbaan in de advocatuur en actief te zijn geweest in legal & regulatory affairs bij buitenlandse telecom/ datacom aanbieders.

Sinds enige tijd is Jacqueline ook board member & secretaris van brancheorganisatie Dutch Cloud Community. Als president/chair bij Cloud Infrastructure Service Providers Europe richt ze zich ook op het behartigen van regulatory belangen van de IAAS cloud sector.

Woensdag 26 november 

Van vrijwillig naar verplicht: de nieuwe werkelijkheid van regelgeving voor providers

Interactieve sessie

11:15 – 12:00 uur

Ir. Bas Dunnebier EngD

Bas Dunnebier is Chief Science and Technology Officer (CSTO) bij de Algemene Inlichtingen- en Veiligheidsdienst (AIVD). De CSTO speelt in op de kansen en uitdagingen die technologische en wetenschappelijke innovatie met zich meebrengen, onder meer voor de offensieve en defensieve taken van de dienst.

Eerder vervulde Dunnebier verschillende andere functies binnen de AIVD, waaronder die van hoofd Unit Weerbaarheid. Hij heeft daardoor een brede expertise ontwikkeld op het gebied van (cyber)weerbaarheid, inlichtingen, en technologieën zoals AI, quantum en cryptologie. Hij studeerde Toegepaste Wiskunde aan de Universiteit Twente, en Informatie- en Communicatietechnologie aan de Technische Universiteit Eindhoven. Voordat Dunnebier bij de AIVD kwam werken, werkte hij onder meer bij Thales, TNO en Technolution.

Het huidige dreigingsbeeld volgens de AIVD: wat nu te doen?

Woensdag 26 november 
14:00 – 14:35
Parkzaal: Wet- en Weerbaarheid

During his presentation, Dr. Alberto P. Martí will provide an update on the European IPCEI Cloud Infrastructure and Services (CIS) project.

Thursday, 27 November

3:00 p.m. – 3:45 p.m.

Parkzaal: Towards digital autonomy

During NBIP NEXT, René will share more about the implementation of the eEvidence legislation that will come into force for internet service providers on 18 August 2026.

Wednesday 26 November

3:00 p.m. – 3:35 p.m.

Parkzaal: Track Law & Resilience

During NBIP NEXT, Johan will give a presentation as part of the DDoS Mitigation track on how to use a WAF to mitigate layer 7 attacks.

Wednesday, 26 November
1:15 p.m. – 1:50 p.m.
Fonteinzaal: Collaborative DDoS mitigation track (ENGLISH)

Dr. Cristina Caffarra is one of the driving forces behind EuroStack. This movement, which has the ear of politicians and policymakers in Europe, is campaigning for more investment in European technology, based on the belief that this is the only path to digital autonomy.

Caffarra is a competition expert and knows the world of big tech companies from the inside. She has made important contributions to competition investigations into mergers and antitrust cases for the European Commission. Caffarra does not mince her words and tells it like it is: we must work together to give shape to European digital autonomy as quickly as possible. At NBIP NEXT, she will share her vision during an inspiring keynote speech, followed by an opportunity for discussion.

Thursday 27 November
1:15 p.m. – 1:50 p.m.
Parkzaal: Towards digital autonomy