Nevertheless, Ruwhof sees that this danger is not always high on the agenda for companies. “I feel quite uncomfortable sitting at the table with a multinational company to discuss a security incident of which the cause is not yet known, while there are all kinds of telephones on the table.”
Frank Groenewegen, chief security expert at Fox-IT, also recognizes the danger. “This happens, a thousand percent. Which Dutch top executives? Nothing is publicly known about that.”
According to him, on the one hand, it concerns companies in the high-tech sector that are interesting. “But I would like to broaden it, what do you think of the parties that are now working on a corona vaccine? When you talk about the composition of that, you better be very careful in advance and not talk about it openly with your phone. or laptop on the table. “
Groenewegen thinks such information could be very interesting for Russia or China, for example. “They won’t shy away from putting in whatever it takes to get to this information, like one zero day“These are leaks in software that are not yet known and can therefore be used to crack phones, for example. For mobile operating systems Android or iOS, these can easily cost 2 million dollars, says Groenewegen.
Smartphones in the candy jar
Groenewegen has empty candy jars on his desk. “If we are going to talk about very sensitive things, the smartphones go into the candy jar that draws a vacuum. Then the chance is much smaller that a party will hear something.”
The question is whether listening in to a meeting is the most obvious method of eavesdropping. “If you have access to a device, you probably know a lot more than what is discussed in a boardroom,” says Michel van Eeten, professor of cybersecurity at TU Delft.