Contact us
Request demo →
Contact us
German website
search
close

79 Hackers attack the municipality of The Hague for 6 hours

by Cybersprint News 30 Sep 2019

On Monday 30 September, 79 ethical hackers sat down in the Atrium of City Hall to hack the IT-systems of the Municipality of The Hague and several of its suppliers. The event was the third instalment of the yearly event ‘Hâck The Hague 2019’. The initiative was co-organised by the Municipality of The Hague and Dutch cyber security company Cybersprint, with the goal to test the digital infrastructure of the Municipality and its suppliers for vulnerabilities. The municipality of The Hague has passed the test and is very pleased with the 102 reports of vulnerabilities found and is working with them.

The 79 ethical hackers (of whom 67 Dutch, and 12 international hackers from six different countries) reported a total of 102 ‘vulnerabilities’ and ‘bugs’ during the six-hour long hackathon.

The hacker’s findings

“A great result,” said deputy mayor Rachid Guernaoui, who is responsible for the municipality’s IT-infrastructure. “I’d rather have ethical hackers discover flaws in our systems, than malicious hackers. Our digital systems are monitored for vulnerabilities 24 hours a day, so there is practically no reason to doubt its security. Still, it’s wise to regularly put our systems to the test. Every organisation has its digital challenges, and large municipalities such as The Hague are no exception. We keep improving the security of our IT-systems by collaborating with qualified organisations and talented hackers. Today’s results illustrate the importance of such tests”.

The hacker’s dome

The Hague’s City Hall was transformed into a true ‘hacker’s dome’. The hackers tried to penetrate the municipality’s digital defences, while sitting right in the middle of the Atrium. Similar to last year’s edition, both professional hackers as well as students signed up to compete. All ethical hackers had to agree to the rules of engagement and responsible disclosure of the contest: it was compulsory to report all findings to the organisation - and only to the organisation.

Pieter Jansen, CEO of Cybersprint: “Organising this hack event, inviting so many ethical hackers, is an important way to test the digital infrastructure. Organising a hacking competition with so many ethical hackers is an excellent way to test digital systems, as well as checking digital security on a daily basis”.

 

Four categories, 12 prizes

Alderman Guernaoui rewarded the money prizes in four different categories.

  • The most surprising hack: Redteam-R
  • The most sophisticated hack: Wietse Boonstra
  • The most impactful hack for students: Picco Bello
  • The most impactful hack for professionals: dickonvio

Each category knew a third, second and first place; winning 500, €1000 and €2000 respectfully.

It was the third consecutive year the municipality and Cybersprint organised the hack event. Deputy mayor Guernaoui: “With ‘Hâck The Hague’, we are at the forefront. I can highly recommend such an approach to other municipalities, as it keeps us on our toes.”

Following ‘Hâck The Hague’ is the ‘One Conference’, which starts on Tuesday 1 October. It is the international cyber security conference with many prominent speakers sharing developments, ideas and insights. The One Conference is an initiative of the Dutch National Cybersecurity Centre (NCSC) and Ministry of Economical Affairs and Climate, in cooperation with the municipality of The Hague. NCSC director Hans de Vries awarded the winners of ‘Hâck The Hague’ with tickets to the One Conference as an extra prize. The conference is from 2 to 4 October 2019.

 

Cybersprint nominated for Deloitte's Technology Fast 50

We are excited to have been included the Deloitte Technology Fast 50  list. Cybersprint is one of the 50 technology companies in the Netherlands to be recognised for exceptional growth performance in the last four years.

read more

Why you need to know your certificate supply chain

Last week, on Thursday 30 September, a root certificate from Let’s Encrypt expired. This is not uncommon in itself, but as the certificate had no update or alternative, it meant that all domains and subdomains running the certificate were suddenly no longer listed as SSL / TLS-secured. The result: thousands of web pages and applications failed and were unable to serve the content people requested. What went wrong? And what can organisations do to fix similar issues in the future?

read more

Cybersprint nominated as one of the 10 best cybersecurity providers at Computable

Our team is proud to announce that Cybersprint is nominated for the Computable Awards 2021 in the category Security & Forensics! With our Attack Surface Management platform, we help organisations monitor their attack surface and mitigate the associated risks within. We are pleased that Computable recognises our approach to help make organisations become more digitally secure.

read more

Do you have a question?

Our experts have the answers

Contact us