The Netherlands’ spy service broke into the computers used by a powerful Russian hacking group and may be sitting on evidence relating to the breach of the U.S. Democratic National Committee, a Dutch newspaper and television show jointly reported Friday.
Reports carried in the respected daily Volkskrant and by the current affairs show Nieuwsuur said hackers working for the Dutch General Intelligence and Security Service penetrated the computers used by the group, often nicknamed Cozy Bear, in mid-2014 and watched them for at least a year, even managing to catch the hackers on camera.
Dutch Interior Minister Kajsa Ollongren, interviewed by reporters in The Hague before the government’s weekly Cabinet meeting, declined to address the report, saying only that she was “very happy that we have good security services in the Netherlands that do their work well.”
President Vladimir Putin’s spokesman, Dmitry Peskov, said he had yet to see any official comment from the Dutch intelligence services on the matter.
“If the Dutch media want to fuel anti-Russian hysteria in the U.S., it’s an activity that can’t be called honorable,” he added.
Volkskrant and Nieuwsuur said that the Dutch spies used their access to help oust Cozy Bear from U.S. State Department computers in late 2014. Volkskrant said American spies were so grateful they sent the Dutch cake and flowers.
Ko Colijn, a researcher at Clingendael, the Netherlands Institute of International Relations, said the report may indicate a leveling trend in which small but tech-savvy countries like the Netherlands “can compensate their military inferiority with cyber quality surpluses.”
The news drew particular attention in Washington, where Cozy Bear has been identified as one of two Russian government-linked hacking groups that broke in to the DNC ahead of the 2016 presidential election. The other group is usually called Fancy Bear.
Unmasking the Cozy Bear hackers would provide key evidence for investigators trying to unravel the DNC breach, but it may not dispel the mystery surrounding the leaks that followed.
A recent AP investigation found that all but one of the two dozen or so officials whose emails were published in the run-up to the 2016 election were targeted by Fancy Bear, which cybersecurity firm CrowdStrike said operated independently from Cozy Bear.
The Kremlin has denied meddling in the U.S. presidential vote.
Satter reported from London. Vladimir Isachenkov in Moscow contributed to this report.
Volkskrant report (in English): https://www.volkskrant.nl/media/dutch-agencies-provide-crucial-intel-about-russia-s-interference-in-us-elections~a4561913/
Niewsuur report (in Dutch): https://nos.nl/nieuwsuur/artikel/2213762-hackteam-aivd-gaf-fbi-cruciale-info-over-russische-inmenging-verkiezingen.html