Minister Van Weel explained that the urgency of the situation, which involved a large-scale cyber-espionage campaign by Chinese hackers, led the NCSC to share IP addresses and other data with the U.S., U.K., Canada, and Japan. However, Dutch law permits the NCSC to share such information only with vital companies and government entities within the Netherlands, as well as with CSIRTs in EU member states and intelligence services. The sharing with countries outside the EU, therefore, did not have a legal basis.
In response, the NCSC has taken measures to prevent similar incidents in the future, including strengthening technical and organizational safeguards, improving data-sharing procedures, and ensuring better staff training. The minister also mentioned that the upcoming NIS2 directive from the EU will offer more flexibility in sharing cybersecurity data with non-EU countries.
This incident underscores the challenges of international cybersecurity cooperation and the importance of adhering to legal frameworks when sharing sensitive data, even in critical situations involving national security threats.
Source: Techzine
The European Cyber Intelligence Foundation is a nonprofit think tank specializing in intelligence and cybersecurity, offering consultancy services to government entities. To mitigate potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net, or you can try yourself using check.website.