Dutch police on Friday arrested a 19-year-old man from Breda suspected of launching a distributed denial of service (DDoS) attack on a government website.
As a result of the attack, Overheid.nl and one of its subdomains, Mijn.Overheid.nl (MijnOverheid), were knocked offline for several hours on March 19.
Functioning as a sort of digital letterbox, MijnOverheid allows citizens to receive mail from the government, including information on their tax returns or child benefits. Moreover, individuals can access personal information such as registration with the municipality or the date of their vehicle inspection.
Overheid.nl is a guide for information and services from all government organizations in the Netherlands. According to Dutch law enforcement, Overheid.nl has been frequently visited during the current COVID-19 crisis, and the availability of the website to citizens “is crucial for the country.”
During a DDoS attack, the targeted website is overwhelmed with traffic in an effort to make it inaccessible to legitimate users.
Given the current coronavirus crisis, when emergency ordinances and regulations are made accessible through this site, the Dutch police notes, keeping it accessible is vital.
“The arrested man is formally suspected of having endangered vital processes that would compromise our safety,” the Dutch law enforcement agency says.
An investigation into the incident was carried out by the cybercrime team of the Dutch police in Utrecht, led by a public prosecutor from The Hague.
“By taking a website like this offline, you are denying citizens access to their personal data and important government information. We take this very high, especially now that the corona crisis is causing additional uncertainty and a great need for information by many people. We want to protect people and companies and make it increasingly difficult for cyber criminals to carry out a DDoS attack,” said Jeroen Niessen of the cybercrime team of the Central Netherlands Police.
The week before, the Central Netherlands Police — in cooperation with Europol, Interpol, the FBI, other police forces, and external parties — shut down 15 so-called booters. These are online services that allow wannabe-criminals to hire networks of mostly compromised machines to launch DDoS attacks on targets of their choosing.
Related: HHS Says DDoS Attack Failed to Cause Disruption
Related: Georgia Man Admits to Launching DDoS Attack
Related: How to Stop a DDoS Attack Without Sabotaging Your Own Network