How Dutch intelligence spied on the Russian hackers attacking the DNC

Whole lot of hacking going on.

Graham Cluley
Graham Cluley
@[email protected]

How Dutch intelligence spied on the Russia hackers attacking the DNC

Media reports from The Netherlands claim that hackers embedded within the Dutch intelligence agency AIVD watched Russian hackers attack the United States… for years.

After boring their way deep into the Russian hackers’ computer network, Dutch operatives were even able to gain access to a security camera monitoring the comings and goings of their Russian suspects as they went about their dirty work at a university building next to Red Square in Moscow.

Who needs to parachute a spy behind enemy lines when the Dutch can comfortably snoop on foreign actors from the comfort of AIVD’s headquarters in headquarters in Zoetermeer?

Sign up to our free newsletter.
Security news, advice, and tips.

The news of how the Dutch intelligence agency provided crucial evidence to the United States of Russia’s hacking activities comes from six anonymous American and Dutch sources who are said to be familiar with the material.

“The Cozy Bear hackers are in a space in a university building near the Red Square. The group’s composition varies, usually about ten people are active. The entrance is in a curved hallway. A security camera records who enters and who exits the room. The AIVD hackers manage to gain access to that camera. Not only can the intelligence service now see what the Russians are doing, they can also see who’s doing it. Pictures are taken of every visitor. In Zoetermeer, these pictures are analyzed and compared to known Russian spies. Again, they’ve acquired information that will later prove to be vital.”

AIVD’s hackers were in place to see the infamous Cozy Bear hacking group launch its attack on the United States’ Democratic Party, an assault which resulted in emails being leaked, creating a controversy which – in the view of Hillary Clinton – may have swung the US presidential election.

Russia has also been implicated in the spreading of “fake news” via bots on social media, in an attempt to influence elections in the West.

“Access to Cozy Bear turns out to be a goldmine for the Dutch hackers. For years, it supplies them with valuable intelligence about targets, methods and the interests of the highest ranking officials of the Russian security service. From the pictures taken of visitors, the AIVD deduces that the hacker group is led by Russia’s external intelligence agency SVR.”

According to the report, AIVD’s hackers no longer have access to Cozy Bear’s computer systems.

Further reading:

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

2 comments on “How Dutch intelligence spied on the Russian hackers attacking the DNC”

  1. Etaoin Shrdlu

    And the first rule of fight club is…

  2. Ik

    Fake news.
    There is no evidence delivered otherwise it would have been used in the Müller report and leaked to the media.
    I feel ashamed for my country that we allow such filthy traitors as Mark Rutte, Frans Timmermans and Joris Demmink to govern us.
    I feel ashamed people see this kind of reports as truth and spread the lies across the world.
    Stupid, dumb programmed human sheep.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.