Sabotage of critical infrastructure “is the kind of thing that might keep you awake at night,” Bertholee told a timely cyber security conference in The Hague, as global experts grapple with the fallout of a massive cyberattack over the past days.
Digital threats “are not imaginary, they are everywhere around us,” the head of the country’s intelligence services (AIVD) told the conference organised by the Dutch government.
“In my opinion, we might be closer to a serious act of digital sabotage than a lot of people can imagine,” he told hundreds of experts and officials.
Bertholee highlighted how in 2012 the computers at Saudi Arabia’s largest oil company came under brief attack, or how three years later Ukrainian electricity companies were hacked causing a massive blackout lasting several hours.
The world’s infrastructure was heavily interconnected, which had huge benefits, but also “vulnerabilities”.
“Imagine what would happen if the entire banking system were sabotaged for a day, two days, for a week,” he asked.
“Or if there was a breakdown in our transportation network. Or if air traffic controllers faced cyberattacks while directing flights. The consequences could be catastrophic.”
Added Bertholee: “Sabotage on one of these sectors could have major public repercussions, causing unrest, chaos and disorder.”
The threat of “cyber terrorism” from terror groups such as the so-called Islamic State jihadist and Al-Qaeda was still limited, he said, but “jihadist-inspired terrorism is the number one priority” of the Dutch intelligence services.
“The level of technical expertise available to a jihadist group is still insufficient to inflict significant damage or personal injury through digital sabotage,” Bertholee said.
“They may not yet have the capability but they definitely have the intent,” he warned.
Countries must be prepared for future threats in the digital domain, with governments and private sector working closely together, as this is “where our societies have become most vulnerable,” he said.
Security researchers investigating the massive cyberattack campaign over past days on Tuesday reported signs that it might be slowing, and suggested a possible North Korean link.
In the first clues of the origin of the massive ransomware attacks, Google researcher Neel Mehta posted computer code that showed similarities between the “WannaCry” malware and a vast hacking effort widely attributed to Pyongyang.
Europol meanwhile said the number of affected IP addresses around the world was 163,745 — a 38 percent percent fall from the 226,000 reported on Sunday.