The email systems of the Tweede Kamer – the lower house of Dutch parliament – are not well protected, which means that third parties can relatively easily send emails posing as parliamentarians, Follow the Money reported based on its own research.

Follow the Money proved this by sending emails under the names of Prime Minister Mark Rutte, VVD chairman and new Minister of Foreign Affairs Hable Zijlstra, PVV leader Geert Wilders and D66 leader Alexander Pechtold.

Last year Binnenlands Bestuur reported that many municipalities still don’t use modern security standards for email. It now appears that the Tweede Kamer doesn’t use modern security standards either. The domain tweedekamer.nl is set up to allow emails to be sent from any mail server, instead of the modern standard of only allowing trusted servers. According to Follow the Money, this vulnerability has been known for at least a year, and can be fixed within a few minutes. But so far, nothing is done about it.

Tweede Kamer president Khadija Arib said in response that she is taking this issue very seriously, ANP reports. “We are quickly taking anti-spoofing measures to prevent such abuse. The measures will probably be taken the coming night”, she said, according to the news wire.

Leave a Reply