How Dutch intelligence spied on the Russian hackers attacking the DNC

Whole lot of hacking going on.

How Dutch intelligence spied on the Russia hackers attacking the DNC

Media reports from The Netherlands claim that hackers embedded within the Dutch intelligence agency AIVD watched Russian hackers attack the United States… for years.

After boring their way deep into the Russian hackers’ computer network, Dutch operatives were even able to gain access to a security camera monitoring the comings and goings of their Russian suspects as they went about their dirty work at a university building next to Red Square in Moscow.

Who needs to parachute a spy behind enemy lines when the Dutch can comfortably snoop on foreign actors from the comfort of AIVD’s headquarters in headquarters in Zoetermeer?

The news of how the Dutch intelligence agency provided crucial evidence to the United States of Russia’s hacking activities comes from six anonymous American and Dutch sources who are said to be familiar with the material.

The Cozy Bear hackers are in a space in a university building near the Red Square. The group’s composition varies, usually about ten people are active. The entrance is in a curved hallway. A security camera records who enters and who exits the room. The AIVD hackers manage to gain access to that camera. Not only can the intelligence service now see what the Russians are doing, they can also see who’s doing it. Pictures are taken of every visitor. In Zoetermeer, these pictures are analyzed and compared to known Russian spies. Again, they’ve acquired information that will later prove to be vital.”

AIVD’s hackers were in place to see the infamous Cozy Bear hacking group launch its attack on the United States’ Democratic Party, an assault which resulted in emails being leaked, creating a controversy which - in the view of Hillary Clinton - may have swung the US presidential election.

Russia has also been implicated in the spreading of “fake news” via bots on social media, in an attempt to influence elections in the West.

Access to Cozy Bear turns out to be a goldmine for the Dutch hackers. For years, it supplies them with valuable intelligence about targets, methods and the interests of the highest ranking officials of the Russian security service. From the pictures taken of visitors, the AIVD deduces that the hacker group is led by Russia’s external intelligence agency SVR.”

According to the report, AIVD’s hackers no longer have access to Cozy Bear’s computer systems.

Further reading:

Tags: , , , ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security podcasts"

Latest episodes:

, , , ,

One Response

  1. Etaoin Shrdlu

    January 27, 2018 at 11:50 am #

    And the first rule of fight club is…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.