As if the story of the 2016 election and associated cyberattacks wasn’t already complicated enough, new information now suggests that Dutch intelligence has for years been aware of, and sharing, information on the Russian hackers suspected to be behind a number of high-profile hacks.
Dutch broadcaster NOS and newspaper Volkskrant reported the news today.
The Netherlands’ Joint Sigint Cyber Unit, in the summer of 2014, seems to have found the den of “Cozy Bear,” as the state-sponsored group came to be known (also APT29) after the DNC hack in 2016. JSCU infiltrated its network and a nearby security camera, allowing it to see what Cozy Bear was up to, and possibly who was a member.
JSCU shared this data with the CIA and NSA on a continuing basis all the way through the 2016 election, after which their surveillance was discontinued or compromised. A report in the Washington Post months later apparently revealed a bit more than they were comfortable with, and the report says that the Dutch intelligence sources have been more guarded with their information since that time.
The full story is well worth reading; clearly we have a lot to thank our Dutch allies for. No doubt this treasure trove of information will (perhaps already has been) prove extremely useful in our own government’s ongoing investigation in Russian interference in the election.