When one click affects your business and the whole industry

What has become clear to me again in recent weeks is how tangible digital risks have become. Cyberattacks are no longer a distant threat. They take place in our industry, with our growers, and directly affect daily practice.

Last week, we received reports from several growers dealing with suspicious emails. At first glance, these messages seemed to come from a trusted sender. That is precisely what makes this type of attack so insidious. One click on a link led to an apparently familiar login screen, where — after logging in — unnoticed access was gained to the mailbox. From there, attackers could spread further within the supply chain. We were able to detect and block the attack within our own systems in time, but at the same time saw that some growers in the supply chain were affected. 

Above all, what this situation shows is that cybercrime is becoming more sophisticated. It has long since stopped being just about suspicious senders or poorly written emails. Attackers use existing contacts, copy writing styles and operate in an increasingly professional manner. The chance that you will have to deal with this only increases as a result.

Break the taboo
Perhaps what struck me most was the reaction of some affected growers when we approached them for support: "How do you know this?" Behind that is often shame. As if it is your own fault when you become a victim. We really need to break that. When there is fire, everyone helps. When there is a break-in, everyone sympathises. But in cyber incidents, things often remain quiet. And that is precisely what makes us vulnerable. Because the longer we wait to share, the greater the damage. Not just for one company, but for the whole supply chain. Therefore, my appeal is simple: if you see anything suspicious, report it. 

Together we are stronger
As a cooperative, we want and need to take responsibility for this. We did the same last week. We immediately deployed our information security specialists, conducted analyses and contacted external parties such as the National Cyber Security Centre to address the source of the attack. Our specialists collected industry signals, recognised patterns and re-enacted the attack in an isolated environment to understand how criminals operated. We then passed on that knowledge and advice. Cyberattacks are increasingly so-called 'supply chain attacks': criminals target the crowd and use scouts to gather information. Email is a common means for this, putting everyone at risk of becoming a victim. The resilience of one party directly affects the other. Working together is therefore not a choice, but a necessity. That also makes it clear that we can only tackle this effectively together.

What can you do yourself?
The reality is that you can never completely rule out an attack. But you can prepare.yourself. Stay critical, even if an e-mail seems to come from a known sender. Have doubts? Pick up the phone and check via another route. Do not simply click on links or attachments that you have not requested. And just as important is for an entrepreneur to consider another question: what happens if things do go wrong? Can you keep your business running? Do you have backups? Is there a plan B? You need to have that conversation within your organisation as well as with your IT partner.

From awareness to action
At Royal FloraHolland, we are putting extra effort into strengthening cyber resilience in the sector in the coming period. We do this by sharing knowledge, conducting analyses, supporting investigations when growers are affected and providing practical tools. Consider monitoring the dark web to spot accounts being offered for sale. We are also organising a webinar on 26 May from 11am-12.30pm where we will talk about how these attacks work and what you can do specifically. Sign up here.  

Ultimately, it starts with openness. Only by sharing experiences do we learn from each other and strengthen the industry as a whole. Do you see suspicious situations or suspect an attack? If so, please contact our Information Security team at: cyber@royalfloraholland.com. Together, we ensure that the floriculture industry remains resilient. Today and tomorrow.