Friday, January 26, 2018
Dutch Intelligence Hacked the Russians Who Hacked the DNC
There have been rumblings from time to time about Dutch and German intelligence services knowing something, perhaps a lot, about Russian efforts to meddle in America's 2016 presidential election. It seems there's substance to those rumours.
According to a report in the Dutch newspaper de Volkskrant, the General Intelligence and Security Service of the Netherlands (AIVD)—the Netherlands' domestic intelligence service—had hacked into the network of a building at a Russian university in Moscow some time in the summer of 2014. The building housed a group running a hacking campaign now known as "Cozy Bear," one of the "threat groups" that would later target the Democratic National Committee.
AIVD's intrusion into the network gave them access to computers used by the group behind Cozy Bear and to the closed-circuit television cameras that watched over them, allowing them to literally witness everything that took place in the building near Red Square, according to the report. Access to the video cameras in a hallway outside the space where the Russian hacking team worked allowed the AIVD to get images of every person who entered the room and match them against known Russian intelligence agents and officials.
Based on the images, analysts at AIVD later determined that the group working in the room was operated by Russia’s Foreign Intelligence Service (SVR). An information and technology sharing arrangement with the National Security Agency and other US intelligence agencies resulted in the determination that Cozy Bear’s efforts were at least in part being driven by the Russian Federation’s leadership—including Russian President Vladimir Putin.
AIVD’s penetration into the Cozy Bear network lasted for more than a year. The information gathered during the surveillance, Modderkolk’s sources suggested, was key to the US intelligence agencies’ attribution of the DNC breach to Russia. And the leaks that have followed, as well as the Trump administration’s recalcitrance in accepting the attribution, have made the Dutch intelligence community a “lot more cautious when it comes to sharing intelligence,” Modderkolk wrote.