THE NETHERLANDS. The cyber attack on the Dutch Research Council’s network appears to have been perpetrated by DoppelPaymer, an internationally-operating ransomware group. The Dutch Research Council has refused to pay a ransom, even after some of their documents had been shared online.
The hackers began leaking classified internal NWO documents on the dark web yesterday. NWO expects more stolen files to follow.
In a statement published by the NWO, the organisation shares that it deeply regrets that “information of our own employees will be made public without our permission”. A spokesperson would not comment on the exact nature of the personal information in question.
No information was shared on the ransom amount the hackers demanded in order to reverse their attack, either. The following statement was released: “As part of the Dutch national government, the Dutch Research Council refuses to negotiate with criminals on principle.”
The Dutch Research Council is already working hard to restore their network, and expects it to be “useable” in a few weeks and “fully operational” shortly after.
According to the Volkskrant newspaper, DoppelPaymer is a ransomware group that launches cyber attacks on major companies, organisations and government bodies around the world, demanding millions of euros in ransom. The American intelligence agency, the FBI, recently warned that the group does not hesitate to contact employees if their organisation refuses to pay.
Whether or not the group is also responsible for the recent hack of the University of Amsterdam and Amsterdam University of Applied Sciences is uncertain. A rumour claiming a connection with infected NWO email attachments and files that supposedly circulated there was denied.
HOP, Hein Cuppen