Netherlands | intelNews.org

Russia covertly mapping key energy infrastructure for sabotage, Dutch report warns

February 21, 2023 by Joseph Fitsanakis 2 Comments

AIVD Holland THE RUSSIAN INTELLIGENCE SERVICES are “covertly mapping” the energy infrastructure of the North Sea, in preparation for acts of disruption and sabotage, according to a new report form the Dutch government. The 32-page report was published this week, ahead of the one-year anniversary of the 2022 Russian invasion of Ukraine. It was authored collaboratively by the two main intelligence agencies of the Netherlands, the General Intelligence and Security Service (AIVD) and the Military Intelligence and Security Service (MIVD).

The report notes that Russian spy ships, drones, satellites and human agents are engaged in an unprecedented effort to chart the energy and other “vital marine infrastructure” of the North Sea. The purpose of this effort is to understand how the energy and other key infrastructure works in the North Sea. The term North Sea refers to the maritime region that lies between France, Belgium, the Netherlands, Germany, Denmark, Norway and the United Kingdom. It hosts key energy infrastructure, including oil, natural gas, wind and wave power installations, which supply energy to much of northern Europe.

According to the report, Russian intelligence and espionage activities in the North Sea “indicate preparatory acts of disruption and sabotage. These appear to be aimed at energy systems, but also other vital infrastructure, such as undersea power and communication cables, and even drinking water facilities. Consequently, physical threats toward any and all of these facilities should be viewed as conceivable, the report warns.

On Saturday, the Dutch government said it would expel an undisclosed number (believed to be at least ten) of Russian diplomats. It also accused Moscow of engaging in constant efforts to staff its diplomat facilities in the Netherlands with undercover intelligence officers. On the same day, the Dutch government said it would shut down its consulate in Russia’s second-largest city, St. Petersburg, and ordered Russia to shut down its trade mission in the port city of Amsterdam.

► Author: Joseph Fitsanakis | Date: 21 February 2023 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with AIVD (Netherlands), energy networks, espionage, MIVD (Netherlands), Netherlands, News, Russia

More on Russian alleged spies expelled from the Netherlands and Belgium

October 20, 2022 by Joseph Fitsanakis 2 Comments

Kremlin Koot As intelNews reported earlier this week, a joint investigative effort by Dutch and Belgian media exposed details about a group of alleged Russian intelligence officers, who were expelled by Belgium and The Netherlands in March 2022. Dutch state broadcaster NOS and its flagship current affairs program, Nieuwsuur, aired the names, photos and backgrounds of 17 Russian intelligence officers, who were expelled from the Netherlands in March of this year. According to the Dutch government, the expelled diplomats were involved in counterintelligence and in espionage targeting the country’s high-tech sector.

According to the reports, at least 20 Russian official-cover officers were active in the Netherlands in early 2022. The reporters said they spoke with intelligence sources and the Dossier Center. That organization is financed by banned Russian oligarch and Putin critic Mikhail Khodorkovsky, and claims to have access to leaked databases that contain information about the education and background of Russian intelligence officers.

Eight of the expelled officers work for the Russian Foreign Intelligence Service (SVR), while the other nine work for the Main Directorate of the Russian Armed Forces’ General Staff (GRU). Some of them presented themselves as trade representatives in Amsterdam, as military attachés, or as diplomats at the Organisation for the Prohibition of Chemical Weapons. Read more of this post

Filed under A specialized intelligence website written by experts, since 2008 Tagged with counterintelligence, diplomatic expulsions, GRU, Netherlands, News, Russian embassy in the Netherlands, SVR (Russia)

Journalists reveal names of Russian diplomats expelled by Netherlands for espionage

October 17, 2022 by Joseph Fitsanakis 1 Comment

SVR hq

AN INVESTIGATION BY A consortium of journalists from the Netherlands and Belgium has revealed the identities of 17 Russian diplomats, who were expelled in April by Dutch authorities for allegedly engaging in espionage. The expelled diplomats were among hundreds of members of the Russian diplomatic corps, who were expelled from all over Europe in March and April of this year, in response to Russia’s invasion of Ukraine.

As intelNews reported on April 4, the diplomats who were expelled from the Netherlands were serving at the Russian embassy in The Hague. Some of them also represented Russia at the Organization for the Prohibition of Chemical Weapons (OPCW) headquarters in The Hague. Russia responded on April 19, by announcing the expulsion of 15 Dutch diplomats from the embassy of the Netherlands in Moscow. As is customary in such cases, neither the Netherlands nor Russia revealed the names of the expelled diplomats.

Now, however, the identities of the expelled Russian diplomats have been revealed, thanks to an investigation by of a group of Dutch and Belgian journalists. The investigation was conducted under the auspices of the Dossier Center, a London-based Russian-language organization that specializes in investigative reporting. The conclusions of the invesgitation were first reported by Belgian newspaper De Tijd and by Netherlands public television, NOS.

According to the investigation, eight of the 17 expelled Russian diplomats were employees of the Russian Foreign Intelligence Service, known as SVR. The remaining nine were employed by the Main Directorate of the Russian Armed Forces’ General Staff, which is commonly known as GRU. At least six of the expelled diplomats worked as encryption specialists. They handled the communications systems that the Russian intelligence personnel who were stationed in the Netherlands used in order to exchange secret information with Moscow. A smaller number worked in counterintelligence, and were tasked with preventing efforts by adversary intelligence services to recruit Russian diplomatic personnel stationed in the Netherlands.

The report by the Dossier Center includes information about the identities of the Russian diplomats, as well as photographs and detailed biographical data about their background. According to the authors of the report, all information included in the report was collected from open sources, including from social media accounts that were maintained by the expelled Russian diplomats.

► Author: Joseph Fitsanakis | Date: 17 October 2022 | Permalink

Dutch intelligence disrupts Russian effort to infiltrate International Criminal Court

June 16, 2022 by intelNews 1 Comment

ON JUNE 16, THE Dutch General Intelligence and Security Service (AIVD) announced that it prevented a Russian military intelligence officer from gaining access as an intern to the International Criminal Court (ICC) in The Hague. The ICC is of interest to the GRU because it investigates possible war crimes committed by Russia in the Russo-Georgian War of 2008 and more recently in Ukraine.

The GRU officer reportedly traveled from Brazil to Schiphol Airport in Amsterdam in April 2022, using a Brazilian cover identity, making him a so-called “illegal”. This means the intelligence operative was not formally associated with a Russian diplomatic facility. He allegedly planned to start an internship with the ICC, which would have given him access to the ICC’s building and systems. This could have enabled the GRU to collect intelligence, spot and recruit sources, and possibly influence criminal proceedings inside the ICC.

On his arrival at Schiphol, the AIVD informed the Dutch Immigration and Naturalization Service (IND), after which the officer was refused entry to the Netherlands and put on the first plane back to Brazil as persona non grata. The AIVD assessed the officer as a “potentially very serious” threat to both national security and the security of the ICC and Holland’s international allies, due to his access to the organization.

In a first-ever for the AIVD, the agency also released the contents of a partially redacted 4-page document that describes the “extensive and complex” cover identity of the officer. It was originally written in Portuguese, “probably created around mid-2010” and “likely written” by the officer himself. According to the AIVD, the information provides valuable insight into his modus operandi. The cover identity hid any and all links between him and Russia. According to the AIVD, the construction of this kind of cover identity “generally takes years to complete”.

In the note accompanying the document, the AIVD says that Russian intelligence services “spend years” on the construction of cover identities for illegals, using “information on how other countries register and store personal data”. Alternatively, they illegally procure or forge identity documents. Information in the cover identity “can therefore be traceable to one or more actual persons, living or dead” as well as to forged identities of individuals “who only exist on paper or in registries of local authorities”.

► Author: Matthijs Koot | Date: 17 June 2022 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with AIVD (Netherlands), Brazil, GRU, International Criminal Court, Netherlands, News, non-official-cover

Several EU member states expel dozens of Russian diplomats for suspected espionage

April 4, 2022 by intelNews 1 Comment

Russian Embassy Prague A WEEK AFTER POLAND announced the expulsion of 45 Russian diplomats, the foreign ministries of Belgium, the Czech Republic, Ireland and the Netherlands announced on March 29, 2022 that they would expel Russian diplomats. A day later, Slovakia followed up by announcing it will expel 35 Russian diplomats. On Monday, April 4, France, Germany and Lithuania followed suit with dozens of expulsions.

The German federal government announced it will expel 40 Russian diplomats who, according to minister of foreign affairs Annalena Baerbock, “worked every day against our freedom and against the cohesion of our society”, and are “a threat to those who seek our protection”. The persons involved have five days to leave Germany. Later that day, France announced it will expel “many” Russian diplomats “whose activities are contrary to our security interests”, adding that “this action is part of a European approach”. No further details are known at this time.

Furthermore, Lithuania ordered the Russian ambassador to Vilnius to leave the country, and announced their ambassador to Ukraine will return to Kyiv. In an official statement, foreign minister Gabrielius Landsbergis said Lithuania was “lowering the level of diplomatic representation with Russia, this way expressing its full solidarity with Ukraine and the Ukrainian people, who are suffering from Russia’s unprecedented aggression”. Meanwhile, Latvian minister of foreign affairs Edgars Rinkēvičs announced in a tweet that Latvia will “limit diplomatic relations” with the Russian Federation “taking into account the crimes committed by the Russian armed forces in Ukraine”, and that “specific decisions will be announced once internal procedures have been complete”.

The Czech Republic, which in 2021 called on the European Union (EU) and the North Atlantic Treaty Organization (NATO) to expel Russian diplomats in solidarity against Moscow, announced the expulsion of one diplomat from the Russian embassy in Prague, on a 72-hour notice. In a tweet, the Czech ministry of foreign affairs stated that “Together with our Allies, we are reducing the Russian intelligence presence in the EU”.

Belgium has order the expulsion of 21 diplomats from the Russian embassy in Brussels and consulate in Antwerp. Minister Sophie Wilmès said the measure was taken to protect national security and was unrelated to the war in Ukraine. “Diplomatic channels with Russia remain open, the Russian embassy can continue to operate and we continue to advocate dialogue”, Wilmès said.

The Netherlands will be expelling 17 diplomats from the Russian embassy in The Hague. According to minister Wopke Hoekstra, the diplomats were secretly active as intelligence officers. Hoekstra based this on information from the Dutch secret services AIVD and MIVD. The Russian embassy in The Hague has 75 registered diplomats, of which 58 will remain. Hoekstra says the decision was taken with “a number of like-minded countries”, based on grounds of national security. Like his Belgian colleague, Woekstra adds he wants diplomatic channels with Russia to remain open.

Ireland will be expelling four “senior officials” from the Russian embassy in Dublin, for engaging in activities “not […] in accordance with international standards of diplomatic behaviour”. They were suspected of being undercover military officers of the GRU and were already on the radar of Garda Síochána, the Irish national police and security service, for some time.

Dutch intelligence disrupt large-scale botnet belonging to Russian spy agency

March 7, 2022 by intelNews Leave a comment

GRU Kt ON MARCH 3, 2022, Dutch newspaper Volkskrant reported that the Dutch Military Intelligence and Security Service (MIVD) took action in response to abuse of SOHO-grade network devices in the Netherlands. The attacks are believed to have been perpetrated by the Main Intelligence Directorate of the General Staff of the Russian Armed Forces (GRU) Unit 74455. The unit, which is also known as Sandworm or BlackEnergy, is linked to numerous instances of influence operations and sabotage around the world.

The devices had reportedly been compromised and made part of a large-scale botnet consisting of thousands of devices around the globe, which the GRU has been using to carry out digital attacks. The MIVD traced affected devices in the Netherlands and informed their owners, MIVD chief Jan Swillens told Volkskrant. The MIVD’s discovery came after American and British [pdf] services warned in late February that Russian operatives were using a formerly undisclosed kind of malware, dubbed Cyclops Blink. According to authorities, the botnet in which the compromised devices were incorporated has been active since at least June 2019.

Cyclops Blink leverages a vulnerability in WatchGuard Firebox appliances that can be exploited if the device is configured to allow unrestricted remote management. This feature is disabled by default. The malware has persistence, in that it can survive device reboots and firmware updates. The United Kingdom’s National Cyber Security Centre describes Cyclops Blink as a “highly sophisticated piece of malware”.

Some owners of affected devices in the Netherlands were asked by the MIVD to (voluntarily) hand over infected devices. They were advised to replace the router, and in a few cases given a “coupon” for an alternative router, according to the Volkskrant. The precise number of devices compromised in the Netherlands is unclear, but is reportedly in the order of dozens. Swillens said the public disclosure is aimed at raising public awareness. “The threat is sometimes closer than you think. We want to make citizens aware of this. Consumer and SOHO devices, used by the grocery around the corner, so to speak, are leveraged by foreign state actors”, he added.

The disclosure can also be said to fit in the strategy of public attribution that was first mentioned in the Netherlands’ Defense Cyber Strategy of 2018. Published shortly after the disclosure of the disruption by MIVD of an attempted GRU attack against the computer network of the OPCW, the new strategy included the development of attribution capabilities, as well as the development of offensive capabilities in support of attribution. It advocates the view that state actors “that are [publicly] held accountable for their actions will make a different assessment than attackers who can operate in complete anonymity”.

► Author: Matthijs Koot | Date: 07 March 2022 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with BlackEnergy, botnets, computer hacking, GRU, GRU Unit 74455, MIVD (Netherlands), Netherlands, News, SandwormTeam

Dutch intelligence service warns public about online recruitment by foreign spies

February 15, 2022 by intelNews Leave a comment

LAST WEEK, THE DUTCH General Intelligence and Security Service (AIVD) launched an awareness campaign dubbed ‘Check before connecting’. The purpose of the campaign is to inform the Dutch public about risks of foreign actors using fake accounts on social media, in efforts to acquire sensitive business information. According to the AIVD, such online campaigns frequently target and recruit employees of Dutch private sector companies. The awareness campaign is carried out via Twitter, Instagram and LinkedIn. It is aimed at raising awareness in society at-large. The AIVD will publish a number of fictitious practical examples over time, in order to educate the public.

AIVD director-general Erik Akerboom told Dutch newspaper Het Financieele Dagblad that Dutch and other Western secret services have been surprised by the sheer number of cases in which private sector employees disclosed sensitive information, after being blackmailed or enticed with money to share information. After foreign intelligence operatives make initial contact with their target via LinkedIn, the relationship quickly turns more “personal”, according to Akerboom. The new contact acts flatteringly about the unsuspecting target’s knowledge and competence. “You are asked to translate something. This can be followed by a physical meeting”, he says.

Potential targets are “ranked” by their position in an organization, position in a business network, and level of access to sensitive information. “The rankings determine which persons are prioritized for recruitment attempts”, according to Akerboom. This sometimes involves the creation of fake human resource recruitment agencies, as British, Australian and American intelligence agencies have warned about in the past.

While not a new phenomenon, the scope and effectiveness of foreign infiltration attempts have now reached a scale that has prompted the AIVD to warn the public. China and Russia have made attempts to acquire advanced technology in Western countries, including the Netherlands, via corporate takeovers, digital espionage, and human intelligence operations. Last year, the Netherlands expelled two Russian spies who successfully recruited employees at a number of Dutch high-tech companies. One of the Russians created fake profiles posing as a scientist, consultant and recruiter. The AIVD did not disclose the names of these companies. Read more of this post

Filed under A specialized intelligence website written by experts, since 2008 Tagged with AIVD (Netherlands), China, Erik Akerboom, LinkedIn, Netherlands, Russia

Hacker behind attack on popular booking site has ties to US intelligence, paper claims

November 12, 2021 by Joseph Fitsanakis 1 Comment

Booking.com A HACKER WHO TARGETED a major Dutch-based reservations website has ties to intelligence agencies in the United States, according to a new report. The claim was made on Wednesday by three Dutch investigative journalists, Merry Rengers, Stijn Bronzwaer and Joris Kooiman. In a lengthy report published in NRC Handelsblad, Holland’s newspaper of record, the three journalists allege that the attack occurred in 2016. Its target was Booking.com, a popular flight and hotel reservations website, which is jointly owned by Dutch and American venture firms.

The authors argue that the interest Booking.com poses for security services is “no surprise”. The website’s data includes valuable information about “who is staying where and when, where diplomats are, who is traveling to suspicious countries or regions, where top executives book an outing with their secretary —all valuable information for [the world’s intelligence] services”.

According to the report, the hacker was able to penetrate an insufficiently secured server belonging to Booking.com, and gain access to the accounts of customers, by stealing their personal identification numbers, or PINs. Accordingly, the hacker stole “details of hotel [and flight] reservations” of thousands of Booking.com customers in the Middle East. The report claims that targeted customers included Middle East-based foreign diplomats, government officials and other “persons of interest” to American intelligence.’’

After detecting the breach, Booking.com allegedly conducted an internal probe, which verified that the hacker —nicknamed “Andrew”— had “connections to United States spy agencies”, according to the report. The company then sought the assistance of the Dutch General Intelligence and Security Service (AIVD). At the same time, however, Booking.com consulted with a British-based law firm, which advised it that it was not obligated to make news of the hacker attack public. It therefore chose not to publicize the incident, according to the NRC article.

► Author: Joseph Fitsanakis | Date: 12 November 2021 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with AIVD (Netherlands), Booking.com, computer hacking, Netherlands, News

Russian actors had access to Dutch police computer network during MH17 probe

June 17, 2021 by intelNews Leave a comment

Flight MH17

Russian hackers compromised the computer systems of the Dutch national police while the latter were conducting a criminal probe into the downing of Malaysia Airlines Flight 17 (MH17), according to a new report. MH17 was a scheduled passenger flight from Amsterdam to Kuala Lumpur, which was shot down over eastern Ukraine on July 17, 2014. All 283 passengers and 15 crew on board, 196 of them Dutch citizens, were killed.

Dutch newspaper De Volkskrant, which revealed this new information last week, said the compromise of the Dutch national police’s computer systems was not detected by Dutch police themselves, but by the Dutch General Intelligence and Security Service (AIVD). The paper said that neither the police nor the AIVD were willing to confirm the breach, but added that it had confirmed the breach took place through multiple anonymous sources.

On July 5, 2017, the Netherlands, Ukraine, Belgium, Australia and Malaysia announced the establishment of the Joint Investigation Team (JIT) into the downing of flight MH-17. The multinational group stipulated that possible suspects of the downing of flight MH17 would be tried in the Netherlands. In September 2017, the AIVD said it possessed information about Russian targets in the Netherlands, which included an IP address of a police academy system. That system turned out to have been compromised, which allowed the attackers to access police systems. According to four anonymous sources, evidence of the attack was detected in several different places.

The police academy is part of the Dutch national police, and non-academy police personnel can access the network using their log-in credentials. Some sources suggest that the Russian Foreign Intelligence Service (SVR) carried out the attack through a Russian hacker group known as APT29, or Cozy Bear. However, a growing number of sources claim the attack was perpetrated by the Main Directorate of the Russian Armed Forces’ General Staff, known commonly as GRU, through a hacker group known as APT28, or Fancy Bear. SVR attackers are often involved in prolonged espionage operations and are careful to stay below the radar, whereas the GRU is believed to be more heavy-handed and faster. The SVR is believed to be partly responsible for the compromise of United States government agencies and companies through the supply chain attack known as the SolarWinds cyber attack, which came to light in late 2020.

Russia has tried to sabotage and undermine investigation activities into the MH17 disaster through various means: influence campaigns on social media, hacking of the Dutch Safety Board, theft of data from Dutch investigators, manipulation of other countries involved in the investigation, and the use of military spies. The Dutch police and public prosecution service were repeatedly targeted by phishing emails, police computer systems were subjected to direct attacks, and a Russian hacker drove a car with hacking equipment near the public prosecution office in Rotterdam.

The above efforts are not believed to have been successful. But the attack that came to light in September 2017 may have been. The infected police academy system ran “exotic” (meaning uncommon) software, according to a well-informed source. The Russians reportedly exploited a zero day vulnerability in that software. After the incident, the national police made improvements in their logging and monitoring capabilities, and in their Security Operations Center (SOC). It is not currently known how long the attackers had access to the national police system, nor what information they were able to obtain.

► Author: Matthijs Koot | Date: 17 June 2021 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with AIVD (Netherlands), computer hacking, Dutch National Police, espionage, Joint Investigation Team, MH17, Netherlands, News, Russia, Ukraine, War in Donbass

Chinese technology firm denies it had access to Dutch government’s phone calls

April 21, 2021 by Joseph Fitsanakis Leave a comment

Huawei Poland A LEADING CHINESE TELECOMMUNICATIONS firm has strongly denied a claim by a newspaper that its service personnel could listen in on calls made by Dutch telephone users, including senior government officials. The report dates from 2010 and was authored by consultancy firm Capgemini on behalf of KPN, one of Holland’s largest telecommunications service providers. The Rotterdam-based firm had hired Capgemini to conduct a risk analysis on whether more equipment should be purchased from Chinese telecommunications giant Huawei. By that time the Chinese company, one of the world’s largest in its field, was already supplying KPN with hardware and software equipment.

According to the newspaper De Volkskrant, which accessed the 2010 Capgemini report, the consultants cautioned KPN against purchasing more equipment from Huawei. They told KPN bosses that the Chinese firm had “unlimited access” to the content of phone conversations by subscribers through Huawei-built hardware and software that was already present in the Dutch company’s telephone system. These included Holland’s then-Prime Minister, Jan Peter Balkenende, and virtually every government minister. The report claimed that privacy standards existed in theory, but there was no mechanism in place to ensure that they were being followed.

On Tuesday, Huawei issued strong denials of the De Volkskrant report. The firm’s chief operating officer in the Netherlands, Gert-Jan van Eck, said that the Capgemini report allegations, as reported by the newspaper, were “just not [technically] possible”. Van Eck added that such claims were “patently untrue” and represented “an underestimation of the security of the interception environment” that Huawei was operating under in Europe. The Dutch government has made no comment on the De Volkskrant report.

► Author: Joseph Fitsanakis | Date: 21 April 2021 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with China, Huawei Technologies, Jan Peter Balkenende, Netherlands, News, telecommunications industry, telephone surveillance

Iran spies on dissidents via web server based in Holland, registered in Cyprus

February 19, 2021 by Joseph Fitsanakis Leave a comment

Computer hacking A WEB SERVER BASED in Holland and owned by a company registered in Cyprus is being used by the Iranian government to spy on its critics abroad, according to Dutch public radio. The information about Iranian espionage was revealed on Thursday by NPO Radio 1, one of Holland’s public radio stations, with the help of Romanian cybersecurity firm BitDefender.

The discovery was reportedly made after an Iranian dissident based in Holland was sent an infected file by a user of the popular instant messaging application Telegram. Instead of opening the file, the recipient contacted cybersecurity experts, who identified it as a type of infected software that is known to have been used in the past by the Iranian state. Once it infects a computer, the software takes screenshots and uses the machine’s built-in microphone to make surreptitious recordings.

According to BitDefender’s cybersecurity experts, the server is being used for “command and control” functions in order to facilitate remote control of infected computers and phones. These functions include stealing data, as well as collecting screen shots and audio recordings. The server had been previously used to penetrate computers in Holland, Sweden, Germany, and several other countries, including India.

Cybersecurity experts from BitDefender found that the infected file was delivered to its target via a web server facility based in Haarlem, a city located 20 miles west of Amsterdam. The cybersecurity company said the server is registered to a company that belongs to a Romanian service provider. The company is registered in Cyprus and provides services to a number of companies, including in this case an American company. The latter reportedly stopped using the service provider once it was told of the Iranian connection, according to reports.

► Author: Joseph Fitsanakis | Date: 19 February 2021 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with BitDefender, computer hacking, cybersecurity, Cyprus, Iran, Netherlands, News

Holland expels two Russian diplomats, summons Kremlin envoy to issue protest

December 14, 2020 by intelNews 1 Comment

AIVD Holland On 10 December 2020, the Dutch Minister of the Interior and Kingdom Relations, Kajsa Ollongren, sent a letter to the House of Representatives to inform them about the disruption of a Russian espionage operation in the Netherlands by the Dutch General Intelligence and Security Service (AIVD).

In connection with Ollongren’s revelations, two Russians using a diplomatic cover to commit espionage on behalf of the Russian Foreign Intelligence Service (SVR) were expelled from the Netherlands. The Russian ambassador to the Netherlands was summoned by the Dutch ministry of Foreign Affairs, which informed him that the two Russians have been designated as persona non grata (unwanted persons). In an unusual move, the AIVD also issued a press statement about this incident in English. The AIVD also released surveillance footage (see 32nd minute of video) of one of the two Russian SVR officers meeting an asset at a park and exchanging material.

The two expelled persons were officially accredited as diplomats at the Russian embassy in The Hague. Minister Ollongren says one of the two SVR intelligence officers built a “substantial” network of sources working in the Dutch high-tech sector. He pursued unspecified information about artificial intelligence, semiconductors, and nano technology that has both civilian and military applications. The Netherlands has designated “High Tech Systems and Materials” (HTSM) as one of 10 “Top Sectors” for the Dutch economy.

In some cases the sources of the SVR officers received payments for their cooperation. According to Erik Akerboom, Director-General of the AIVD, said the agency had detected “relatively intensive” contact between sources and the SVR officers in ten cases. The case involves multiple companies and one educational institute, whose identities have not been revealed. The minister states in her letter that the espionage operation “has very likely caused damage to the organizations where the sources are or were active, and thereby to the Dutch economy and national security”.

The minister announced that the Immigration and Naturalization Service (IND) will take legal action against one source of the two Russians, on the basis of immigration law. The minister also announced that the government will look into possibilities to criminalize the act of cooperating with a foreign intelligence service. Currently, that act on and by itself is not a punishable offense. Under current Dutch and European law, legal possibilities do exist to prosecute persons for violation of confidentiality of official secrets or company secrets.

This newly revealed espionage operation follows other incidents in the Netherlands, including a GRU operation in 2018 that targeted the Organization for the Prohibition of Chemical Weapons in The Hague, and a case in 2015 involving a talented Russian physicist working on quantum optics at the Eindhoven University of Technology. In the latter case, no information was made public about what information the physicist sold to Russian intelligence services. And in 2012, a senior official of the Dutch Ministry of Foreign Affairs was arrested for intending to sell classified official information to a Russian couple in Germany who spied for Russia. He was eventually given an eight year prison sentence.

► Author: Matthijs Koot | Date: 14 December 2020 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with AIVD (Netherlands), counterintelligence, espionage, Kajsa Ollongren, Netherlands, News, Russia, SVR (Russia)

News you may have missed #899

May 24, 2020 by Ian Allen Leave a comment

Kevin Rudd • Dutch spies helped Britain break Argentine crypto during Falklands War. Flowing from revelations made earlier this year that Swiss cipher machine company Crypto AG was owned by the CIA and its German counterpart the BND during most of the Cold War, an academic paper has described the Maximator alliance which grew from the Crypto AG compromise. Authored by Professor Bart Jacobs of Radboud University Nijmegen in the Netherlands, the article argues that Dutch spies operating as a part of the Maximator alliance helped Britain’s GCHQ break Argentinian codes during the Falklands War.
• The Pandemic’s Geopolitical Aftershocks Are Coming. With most European countries confident that they are past the worst of the coronavirus pandemic, their attention is turning to the chance of its resurgence once society returns to some semblance of normal. But beyond the epidemiological challenges lies a slowly amassing threat that is not pathological in nature, but economic, political, and military. This is the geopolitical second wave, and its power is already starting to concern Western leaders.
• The coming post-COVID anarchy. The former prime minister of Australia, Kevin Rudd (pictured), argues in this article that “China and the United States are both likely to emerge from this crisis significantly diminished […]. Both powers will be weakened, at home and abroad”, he opines. And he goes on to suggest that “the result will be a continued slow but steady drift toward international anarchy across everything from international security to trade to pandemic management […]. The chaotic nature of national and global responses to the pandemic thus stands as a warning of what could come on an even broader scale”.

Author: Ian Allen | Date: 24 May 2020 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with 0 Dutch spies helped Britain break Argentine crypto during Falklands War, 0 The coming post-COVID anarchy, 0 The Pandemic’s geopolitical aftershocks are coming, Coronavirus, COVID-19, Crypto AG, disease intelligence, Maximator Alliance, Netherlands, news you may have missed

Iranian engineer recruited by Holland helped CIA and Mossad deliver Stuxnet virus

September 4, 2019 by Joseph Fitsanakis 2 Comments

AIVD Holland An Iranian engineer who was recruited by Dutch intelligence helped the United States and Israel infect computers used in Iran’s nuclear program with the Stuxnet cyber weapon, according to a new report. Discovered by researchers in 2010, Stuxnet is believed to have been designed with the aim of sabotaging the nuclear program of the Islamic Republic of Iran. The virus targeted the industrial computers —known as programmable logic controllers— that regulated mechanical and electronic hardware in Iranian nuclear installations. By compromising the software installed on these computers, Stuxnet manipulated the rotor speed of nuclear centrifuges at Iran’s Natanz Fuel Enrichment Plant. By increasing the centrifuges’ rotor speed to unmanageable levels, Stuxnet rendered many of these machines permanently inoperable.

Most observers agree that Stuxnet was a joint cyber sabotage program that was devised and executed by the United States and Israel, with crucial assistance from Germany and France. But now a new report from Yahoo News claims that the contribution of Dutch intelligence was central in the Stuxnet operation. Citing “four intelligence sources”, Yahoo News’ Kim Zetter and Huib Modderkolk said on Monday that Holland’s General Intelligence and Security Service (AIVD) was brought into the Stuxnet operation in 2004. In November of that year, a secret meeting took place in The Hague that involved representatives from the AIVD, the United States Central Intelligence Agency, and Israel’s Mossad.

It was known that the Islamic Republic’s nuclear weapons program was crucially assisted by A.Q. Khan, a Pakistani nuclear physicist and engineer. In 1996, Khan sold the Iranians designs and hardware for uranium enrichment, which were based on blueprints he had access to while working for a Dutch company in the 1970s. By 2004, when the Dutch were consulted by the CIA and the Mossad, the AIVD had already infiltrated Khan’s supply network in Europe and elsewhere, according to Yahoo News. It also had recruited an Iranian engineer who was able to apply for work in the Iranian nuclear program as a contractor. This individual was provided with proprietary cover, said Yahoo News, which included two “dummy compan[ies] with employees, customers and records showing a history of activity”. The goal of the AIVD, CIA and Mossad was to have at least one of these companies be hired to provide services at the Natanz nuclear facility.

That is precisely what happened, according to Yahoo News. By the summer of 2007, the AIVD mole was working as a mechanic inside Natanz. The information he provided to the AIVD helped the designers of Stuxnet configure the virus in accordance with the specifications of Natanz’s industrial computers and networks. Later that year, the AIVD mole was able to install the virus on Natanz’s air-gapped computer network using a USB flash drive. It is not clear whether he was able to install the virus himself or whether he was able to infect the personal computer of a fellow engineer, who then unwittingly infected the nuclear facility’s system. The Yahoo News article quotes an intelligence source as saying that “the Dutch mole was the most important way of getting the virus into Natanz”.

It is believed that, upon discovering Stuxnet, the Iranian government arrested and probably executed a number of personnel working at Natanz. The Yahoo News article confirms that there was “loss of life over the Stuxnet program”, but does not specify whether the AIVD mole was among those who were executed. The website said it contacted the CIA and the Mossad to inquire about the role of the AIVD in the Stuxnet operation, but received no response. The AIVD declined to discuss its alleged involvement in the operation.

► Author: Joseph Fitsanakis | Date: 04 September 2019 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with AIVD (Netherlands), computer hacking, Iran, Iranian nuclear program, Netherlands, News, Stuxnet

Holland recalls Iran ambassador after Tehran expels Dutch diplomats

March 6, 2019 by Joseph Fitsanakis Leave a comment

Holland embassy Iran Holland said on Monday that it had recalled its ambassador from Tehran after Iran expelled two Dutch diplomats, in a deepening dispute involving the assassination of two Dutch citizens by alleged Iranian agents. In July of last year, Holland announced its decision to expel two Iranian diplomats from The Hague, but did not explain the reason for the expulsions. In January of this year, the Dutch Foreign Ministry confirmed that the diplomatic expulsions were in retaliation to the assassination of two Dutch nationals of Iranian background. One of the victims, Mohammad-Reza Kolahi, was shot dead in the head at point-blank range by two assailants in December 2015 in Almere, a coastal town 25 miles east of Amsterdam. Nearly two years later, in November 2017, another man, Ahmad Mola Nissi, was shot in the head in broad daylight in The Hague. Both men were members of Iranian militant anti-government groups that the Iranian state accuses of terrorism and crimes against the state.

On Monday, the Dutch Minister of Foreign Affairs Stef Blok informed the Dutch House of Representatives in The Hague that Tehran had informed his Ministry on February 20 that two Dutch diplomats would be expelled from Holland’s embassy in the Iranian capital. The two diplomats, who have not been named, were ordered to leave the country by Monday, March 4. Later on Monday, Bahram Ghasemi, spokesman for the Iranian Ministry of Foreign Affairs, confirmed that “two of the diplomats of the Netherlands embassy in Tehran were considered undesirable elements in the framework of a retaliatory measure and were asked to leave the country”. The Iranian move was not made public until last Monday. Blok wrote to the House of Representatives that, in response to Tehran’s move, the Dutch government had decided to recall its ambassador to Iran “for consultations” on how to proceed. Blok noted in his letter that Iran’s decision to expel the Dutch diplomats was “unacceptable and damaging to the bilateral relations between the two countries”.

Late on Monday, the Dutch government also summoned the Iranian ambassador in order to protest the expulsions of its diplomats from Tehran. It was also reported in the Dutch media that a series of financial sanctions imposed on Iran by Holland and its European Union partners in June —presumably over the alleged assassinations that took place on Dutch soil— would remain in place. The sanctions are against two individuals associated with Iranian military intelligence.

► Author: Joseph Fitsanakis | Date: 06 March 2019 | Permalink

Filed under A specialized intelligence website written by experts, since 2008 Tagged with Ahmad Mola Nissi, assassinations, diplomatic expulsions, Dutch embassy in Iran, Iran, Mohammad-Reza Kolahi, Netherlands, News, Stef Blok, The Hague

← Older posts

intelNews.org