The invisible war behind our screens: how vulnerable are we really?

It is a wake-up call that Modderkolk has brought to Rotterdam. At the Ministry of Defense, they use a color chart: green means peace, red means war. Right now, we are in dark orange, which means we are closer to war than to peace. “This war looks different than before,” he explains. 

“Future conflicts will no longer be decided on the battlefield but primarily in the information domain.” Countries like Russia and China use cyberattacks as weapons. Hackers infiltrate IT systems, companies are spied on, and critical infrastructure can be sabotaged remotely.

As an expert on intelligence agencies and a journalist for de Volkskrant-newspaper, he knows numberless examples. He tells the story of an attack where Russian hackers tried to break into a company in Washington. Since they could not gain direct access to the network, they switched to a smarter method: they hacked a laptop in a nearby home, created a Wi-Fi network, and thus managed to infiltrate the system. “Ten years ago, these methods were only available to the most advanced intelligence agencies. Now, Russians and Chinese hackers do it just as easily.”

Sorry, your data has been leaked

In addition to targeted cyberattacks, there is another major problem: companies store massive amounts of customer data and place cookies. Often without clear necessity and without realizing they are making themselves an attractive target. “Whether it is webshops, energy suppliers, or healthcare institutions, we continuously give away our data. Companies store everything and then forget they even have it. Two years later, you receive a message: ‘Sorry, your data has been leaked.’ But why did they still have it in the first place? That is something we should seriously consider.”

He cites the example of smart energy meters, where energy suppliers store data for years and even share it with third parties, including companies outside the EU. Personal data circulates without people having control over it. “We make it far too easy for hackers, which is evident from the many data breaches that occur. In the Netherlands alone, there are about 10,000 data leaks every six months. One in five companies is hacked annually, and one in twenty companies is currently hacked without even knowing it.”

Russia and China on the attack

Modderkolk has researched how foreign intelligence agencies exploit weaknesses in our IT systems. He cites the example of the European Medicines Agency (EMA) in Amsterdam. During the COVID-19 crisis, it became an attractive target because it held sensitive vaccine information. Russian hackers gained access by exploiting weak two-step verification. They observed a new employee and managed to obtain her login credentials. The result: they were inside for months and had access to highly confidential documents.

China takes an even more structural approach, using both digital and human espionage. “China is building its own passenger aircraft, but they still cannot develop the engine themselves. What did they do? They infiltrated Western companies to steal that knowledge. A Chinese employee at General Electric was caught hiding confidential documents about turbine seals in the properties of a sunset photo and emailing it to China. With this, China gained five years of development time in one go, worth billions of dollars.”

Tweets from Elon Musk

According to Modderkolk, the Western response to these threats is far too weak. “We happily outsource our IT without even considering the consequences. Governments rely on Microsoft, while the U.S. government can demand access to data at any time. Do we want that?”

Algorithms also play an increasing role in how information is spread and manipulated. “Elon Musk’s tweets are viewed more often than all the posts from Republicans and Democrats combined. What I mean to say is: technology is not neutral! It has preferences, and it can be used for political and geopolitical purposes.”