The three biggest Dutch banks are too dependent on a single US cyber security company to protect them against DDoS attacks, the Financieele Dagblad reported on Monday.
The paper quotes a report by the government’s macro-economic think-tank CPB which says in a new report on cyber crime that giving one player such a strong position is ‘worrisome’.
‘You can ask whether such a large market concentration is desirable from the point of view of society,’ the CPB said. It points out that if the company – Akamai – should itself collapse or be hacked, that the Dutch banking sector could be crippled as well.
The CPB says 16 of the world’s biggest banks use Akamai, and that ABN Amro, Rabobank and ING are also all users.
However, the banks told the paper that they are not running risks using the US company. ‘We use other providers as well as Akamai,’ an ING spokesman said. ‘And we have our own systems for detecting attacks and fending them off.’
ABN Amro and ING both said they use other forms of protection as well.
Aiko Pras, a professor in cyber security at Twente University told the paper there are risks in becoming dependent on non-EU providers. ‘American companies like Akamai are getting to know our payment traffic systems better and better, while we are losing the expertise,’ he said. ‘A cyber war is closer than we think.’