Dutch Public Prosecution Service taken off-line: Citrix Netscalers

Discussion in 'other security issues & news' started by FanJ, Jul 19, 2025 at 7:48 PM.

  1. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    4,980
    The Dutch Public Prosecution Service have been taken off-line since a few days: Citrix Netscalers

    I don't know whether there are articles in English; I have only articles in Dutch.
    There are lots of articles in Dutch about the issue.

    First of all the Dutch "Public Prosecution Service" is called in Dutch "Openbaar Ministerie" (OM).
    Site: https://www.om.nl/

    Article there in Dutch from 18-07-2025 | 17:49
    Onderzoek naar aanleiding van signaal NCSC
    https://www.om.nl/actueel/nieuws/2025/07/18/onderzoek-naar-aanleiding-van-signaal-ncsc

    More articles in Dutch:

    Security.nl :
    Openbaar Ministerie koppelt digitale omgeving los van internet vanwege kwetsbaarheid
    https://www.security.nl/posting/896...geving los van internet vanwege kwetsbaarheid

    Newspaper NRC :
    Digitale werkomgeving Openbaar Ministerie nog steeds uit de lucht
    https://www.nrc.nl/nieuws/2025/07/1...r-ministerie-nog-steeds-uit-de-lucht-a4900727

    The questions (among other questions):
    Did the OM patched there systems? And if so, when?
    Was the digital infostructure already compromised? And if so, for how long, and by who?

    It looks like that the Citrix Bleed 2 was already known. Was Citrix really open about it in public, and since when?
    See article at BleepingComputer from July 17, 2025
    Citrix Bleed 2 exploited weeks before PoCs as Citrix denied attacks
    https://www.bleepingcomputer.com/ne...d-weeks-before-pocs-as-citrix-denied-attacks/
     
    FanJ, Jul 19, 2025 at 7:48 PM
    #1
  2. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    4,980
    They said today that it could take weeks before they will get back online.

    Articles in Dutch:
    NOS, the public broadcaster, today:
    OM mogelijk nog weken afgesloten van internet: 'Heel veel printen'
    https://nos.nl/artikel/2575857

    Message from the OM, today:
    Werk OM mogelijk komende weken nog verstoord
    https://www.om.nl/actueel/nieuws/2025/07/21/werk-om-mogelijk-komende-weken-nog-verstoord

    Quote in Dutch:
     
    FanJ, Jul 21, 2025 at 11:40 AM
    #2
  3. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    4,980
    The systems of the OM were indeed hacked.

    Dutch newspaper NRC reveals it. It was a closed meeting by the OM, but NRC got the news somehow.

    NRC - 22 july 2025
    Digitale werkomgeving OM inderdaad gehackt, onderzoek moet uitwijzen welke informatie is gestolen
    https://www.nrc.nl/nieuws/2025/07/2...twijzen-welke-informatie-is-gestolen-a4901019

    Quote in Dutch:
    The OM refuses to comment, according to NRC:
     
    FanJ, Jul 22, 2025 at 6:03 PM
    #3
  4. FanJ

    FanJ Updates Team

    Joined:
    Feb 9, 2002
    Posts:
    4,980
    According to article at security.nl there are 1500 servers at the OM. Checking, cleaning, etc is going to take weeks.
    https://www.security.nl/posting/897601/NRC: inbraak bij Openbaar Ministerie via Citrix NetScaler-lek

    In Dutch:
     
    FanJ, Jul 23, 2025 at 12:08 PM
    #4
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...