NBIP logo

It’s time to rethink resilience against DDoS attacks

News

We will increasingly face DDoS attacks intended to disrupt societies, and sometimes they will succeed. However, there is no cause for concern, but we do need to focus more on a collective approach to DDoS resilience.

DDoS attacks are a growing threat. In 2025 alone, in the Netherlands and Europe, we have seen attacks affecting higher education, healthcare and public transport. Other digital infrastructure was also targeted, crippling government websites and online services for citizens, targeting elections and aiming to cause societal unrest. In short, these attacks are now used as political weapons. To remain resilient, we need to approach this problem differently.

Arms race in a hybrid battle

DDoS attacks are part of a new normal characterised by a hybrid conflict between different geopolitical power blocs. They are now being used strategically to disrupt free, democratic societies in Europe. Not surprisingly, the intelligence agencies recently sounded the alarm about this.

This is not to say, incidentally, that recent attacks have all had this intention. This is known about some attacks, others not so much. But we do know that the motives of attackers often lie in retaliation and the disruptive effect of attacks and that they themselves often link these motives to developments in the geopolitical arena. With this, DDoS attacks have long since ceased to be “mischief” or “digital vandalism”, but are part of a broader, global struggle.

DDoS and the protection measures that are taken, moreover, have the dynamics of a classic arms race. Defences that are adequate today may be insufficient or obsolete tomorrow. This dynamic makes it virtually impossible to achieve 100% protection. And it is a big task to keep up to date in terms of knowledge and technology to repel these kinds of attacks.

Dependency

It stings in this respect that we in Europe have made ourselves largely dependent on non-European-made DDoS protection. Because in this area too, as for many other online services, it is only a handful of mainly US companies that control almost the entire market. If we feel that the government has made itself vulnerable by hosting sensitive data at US cloud providers, we should also ask ourselves whether we should not organise our resilience against cyber-attacks such as DDoS differently.

After all, European countries have every interest in organising their own digital resilience. With their own knowledge, technology and on their own soil. This is of great importance for the digital sovereignty and strategic autonomy of Europe and thus also the Netherlands.

It is therefore obvious to seek much more cooperation, both within the Netherlands and within Europe. This is already happening in the Netherlands in the anti-DDoS coalition, in which government and critical sectors work together on their resilience against DDoS attacks. For example, a methodology has been developed there to exchange characteristics of attacks via a so-called Clearing House, as a result of which attacks can be better recognised and repelled by organisations that have access to this Clearing House.

In Europe, in addition, as part of the multi-billion programme Important Projects of Common European Interest – Cloud Infrastructure and Services (IPCEI-CIS), digital resilience (security by design) is being worked on where it matters most, namely in tomorrow’s digital infrastructure at Europe’s geographical borders.

But while useful and important, both examples do not solve the challenges we face today. For that, something else is needed first.

Shift in thinking

We must be realistic: as long as many organisations (have to) organise their resilience against DDoS attacks individually, we will remain vulnerable as a society. A shift in thinking is therefore needed here. We have been stuck for too long in a paradigm in which individual responsibility for organisations’ digital resilience prevails. The new Cyber Security Act offers and enforces a different approach to cyber security, but only for a limited group of organisations. We will therefore have to approach this issue from the perspective of collective responsibility. Commercial interests are thereby subordinated to the broader, societal interest: stability through the availability of (critical) online services. And, not unimportantly, making a fist against those who try to disrupt our societies and way of life. We should not be naive about that.

By joining forces in initiatives that increase our collective resilience, we ensure that individual organisations stay afloat. We must develop, exchange knowledge and organise our own resilience ourselves in a Dutch and European context, without dependencies outside our own, European sphere. This is only possible if we think differently about DDoS and further organise ourselves collectively. In this way, the new normal need not be a threat, but an important step towards a digitally sovereign and resilient Netherlands and Europe.

Octavia de Weerdt is general director of the NBIP non-for-profit and chair of the NL anti-DDoS coalition. This article appeared in abridged form in the Dutch national newspaper NRC on 3 May 2025.

News

NBIP NEXT 2025: Europe is on track to strengthen its digital resilience (but we are not there yet)
Events, News
DDoS attacks in Q3 2025
NaWas, News
How do you prepare for eEvidence?
News
NBIP publishes latest edition of the Annual Monitor
Reports

Wil je meer informatie of je abonneren op onze nieuwsbrief?

NBIP logo
NBIP NEXT
Platform- and supplier-independent Cloud with Haven

Thursday, 27 November – 1:50 p.m. – 2:30 p.m.

Haven is an open solution for platform- and supplier-independent Cloud services. Haven is a building block of the pGDI and the NDS. Haven offers agnostic configuration of Cloud technology and provides organisations with a feasible exit plan. Expect an inspiring story about the practice of ecosystem-driven collaboration, in which we use the power of digitisation for the benefit of society.

Highlights:

  • Haven+
  • Ecosystem-driven collaboration
  • Platform- and supplier-independent cloud services
  • Data sovereignty

About Jacco Brouwer

Jacco Brouwer works for the Association of Netherlands Municipalities as Cloud Policy Coordinator and represents municipal interests in the NDS implementation programme on Cloud. From the Innovation Knowledge Centre at VNG, Jacco is the initiator of the public Incubator GROEI, through which VNG guides municipal collaboration and innovations based on a start-up philosophy in scaling up to broad and collective use among municipalities and fellow authorities.

Jacqueline van de Werken is bijna 10 jaar actief als global general counsel bij Leaseweb, na een loopbaan in de advocatuur en actief te zijn geweest in legal & regulatory affairs bij buitenlandse telecom/ datacom aanbieders.

Sinds enige tijd is Jacqueline ook board member & secretaris van brancheorganisatie Dutch Cloud Community. Als president/chair bij Cloud Infrastructure Service Providers Europe richt ze zich ook op het behartigen van regulatory belangen van de IAAS cloud sector.

Woensdag 26 november 

Van vrijwillig naar verplicht: de nieuwe werkelijkheid van regelgeving voor providers

Interactieve sessie

11:15 – 12:00 uur

Ir. Bas Dunnebier EngD

Bas Dunnebier is Chief Science and Technology Officer (CSTO) bij de Algemene Inlichtingen- en Veiligheidsdienst (AIVD). De CSTO speelt in op de kansen en uitdagingen die technologische en wetenschappelijke innovatie met zich meebrengen, onder meer voor de offensieve en defensieve taken van de dienst.

Eerder vervulde Dunnebier verschillende andere functies binnen de AIVD, waaronder die van hoofd Unit Weerbaarheid. Hij heeft daardoor een brede expertise ontwikkeld op het gebied van (cyber)weerbaarheid, inlichtingen, en technologieën zoals AI, quantum en cryptologie. Hij studeerde Toegepaste Wiskunde aan de Universiteit Twente, en Informatie- en Communicatietechnologie aan de Technische Universiteit Eindhoven. Voordat Dunnebier bij de AIVD kwam werken, werkte hij onder meer bij Thales, TNO en Technolution.

Het huidige dreigingsbeeld volgens de AIVD: wat nu te doen?

Woensdag 26 november 
14:00 – 14:35
Parkzaal: Wet- en Weerbaarheid

During his presentation, Dr. Alberto P. Martí will provide an update on the European IPCEI Cloud Infrastructure and Services (CIS) project.

Thursday, 27 November

3:00 p.m. – 3:45 p.m.

Parkzaal: Towards digital autonomy

During NBIP NEXT, René will share more about the implementation of the eEvidence legislation that will come into force for internet service providers on 18 August 2026.

Wednesday 26 November

3:00 p.m. – 3:35 p.m.

Parkzaal: Track Law & Resilience

During NBIP NEXT, Johan will give a presentation as part of the DDoS Mitigation track on how to use a WAF to mitigate layer 7 attacks.

Wednesday, 26 November
1:15 p.m. – 1:50 p.m.
Fonteinzaal: Collaborative DDoS mitigation track (ENGLISH)

Dr. Cristina Caffarra is one of the driving forces behind EuroStack. This movement, which has the ear of politicians and policymakers in Europe, is campaigning for more investment in European technology, based on the belief that this is the only path to digital autonomy.

Caffarra is a competition expert and knows the world of big tech companies from the inside. She has made important contributions to competition investigations into mergers and antitrust cases for the European Commission. Caffarra does not mince her words and tells it like it is: we must work together to give shape to European digital autonomy as quickly as possible. At NBIP NEXT, she will share her vision during an inspiring keynote speech, followed by an opportunity for discussion.

Thursday 27 November
1:15 p.m. – 1:50 p.m.
Parkzaal: Towards digital autonomy