Dutch Prosecution Service Suffers Cyberattack, Leading to Temporary Shutdown of Speed Cameras
Speed Cameras Remain Offline in Netherlands Following Cyberattack
Dozens of speed cameras across the Netherlands remain offline due to a cyberattack that targeted the Public Prosecution Service (Openbaar Ministerie) in July 2025. The attack, which exploited Citrix vulnerabilities, forced the authorities to take key systems offline, disrupting the cameras’ ability to capture evidence of traffic violations.
The affected speed cameras include fixed speed cameras, average speed cameras, and flex (mobile) speed cameras, primarily deployed along A roads (motorways) and N roads (regional roads). Despite efforts to reactivate the cameras, they have not yet been reconnected.
The Public Prosecution Service announced a phased relaunch process on August 5, citing the need to decrease disruption to the criminal justice system. However, the authorities are waiting for full security clearance and confirmation of hacker removal before reconnecting systems and reactivating the cameras.
The exact number of offline cameras is not publicly disclosed for security reasons. The Central Processing Office (CVOM) has confirmed the issues to local media but has been coy about the number of inactive cameras. The CVOM also declined to share their locations or detailed status to avoid misuse by motorists.
The Dutch NCSC updated its report on the Citrix NetScaler zero-day, stating several critical organizations in the Netherlands had been compromised. According to the NCSC, the vulnerabilities were exploited as far back as early May.
The Public Prosecution Service is working closely with partners to minimize disruptions to their systems and processes. The Service's emails were the first system to be reinstated, with external parties able to reach it via email as of August 7.
The Public Prosecution Service is committed to minimizing the impact on victims, suspects, and convicted persons. The organization is in contact with the Netherlands Bar and Victim Support Netherlands regarding the next steps. Rinus Otte, chairman of the Board of Prosecutors General, said it will take time for all systems to function like they used to, and it's currently difficult to estimate exactly how long this will take.
This situation highlights the risk of critical infrastructure disruption through cyberattacks and the challenges in balancing system restoration with cybersecurity. Rinus Otte expressed admiration for the dedication, goodwill, and patience of Public Prosecution staff, partners, and other stakeholders in the coming weeks.
*N roads, where some cameras are also deployed, are a step down from A roads and are often built to connect cities and towns. Fixed speed cameras are mainly deployed across A roads, which are comparable to motorways or highways in other countries. The types of cameras include mobile flex speed cameras, which are often deployed in a single location for a limited time.
[1] NOS [2] AD [3] RTL Nieuws [4] Rijnmond [5] De Telegraaf
- To enhance mobile security in the current situation, the Public Prosecution Service might consider implementing AI-powered software solutions for detecting and responding to potential cyber threats, thereby alleviating the risk of further disruptions to the speed cameras and other systems.
- Given the prolonged offline status of the mobile flex speed cameras and the potential for cybercriminals to capitalize on the vulnerabilities exposed by this attack, there is a pressing need for increased technology investment in cybersecurity measures to protect critical infrastructure across the Netherlands.
- As the Public Prosecution Service resumes operations and reconnects systems, it's crucial to prioritize cybersecurity initiatives in the development and deployment of future software and technology, ensuring these upgrades are equipped with advanced protection measures to prevent future cyberattacks targeting mobile speed cameras and other digital assets.
