Dutch agencies provide crucial intel about Russia's interference in US-elections
Hackers from the Dutch intelligence service AIVD have provided the FBI with crucial information about Russian interference with the American elections. For years, AIVD had access to the infamous Russian hacker group Cozy Bear. That's what de Volkskrant and Nieuwsuur have uncovered in their investigation.
Huib Modderkolk25 januari 2018, 21:00
It's the summer of 2014. A hacker from the Dutch intelligence agency AIVD has penetrated the computer network of a university building next to the Red Square in Moscow, oblivious to the implications. One year later, from the AIVD headquarters in Zoetermeer, he and his colleagues witness Russian hackers launching an attack on the Democratic Party in the United States. The AIVD hackers had not infiltrated just any building; they were in the computer network of the infamous Russian hacker group Cozy Bear. And unbeknownst to the Russians, they could see everything.:shakingdamn:
That's how the AIVD becomes witness to the Russian hackers harassing and penetrating the leaders of the Democratic Party, transferring thousands of emails and documents. It won't be the last time they alert their American counterparts. And yet, it will be months before the United States realize what this warning means: that with these hacks the Russians have interfered with the American elections. And the AIVD hackers have seen it happening before their very eyes.
The Dutch access provides crucial evidence of the Russian involvement in the hacking of the Democratic Party, according to six American and Dutch sources who are familiar with the material, but wish to remain anonymous. It's also grounds for the FBI to start an investigation into the influence of the Russian interference on the election race between the Democratic candidate Hillary Clinton and the Republican candidate Donald Trump.
'High confidence'
After Trump's election in May 2017, this investigation was taken over by special prosecutor Robert Mueller. While it also aims to uncover contacts between Trump's presidential campaign and the Russian government, the prime objective is bringing to light the Russian interference with the elections. An attempt to undermine the democratic process, and an act that caused tensions between the two superpowers to rise to new heights, bringing about a string of diplomatic acts of revenge.
Three American intelligence services state with 'high confidence' that the Kremlin was behind the attack on the Democratic Party.
That certainty, sources say, is derived from the AIVD hackers having had access to the office-like space in the center of Moscow for years. This is so exceptional that the directors of the foremost American intelligence services are all too happy to receive the Dutchmen. They provide technical evidence for the attack on the Democratic Party, and it becomes apparent that they know a lot more.
The prime objective is bringing to light the Russian interference with the elections
Cozy Bear
Specialists from the best intelligence services have been hunting them for years
It's somewhat of a 'fluke' that the AIVD hackers were able to acquire such useful information in 2014. The team uses a CNA, which stands for Computer Network Attack. These hackers are permitted to perform offensive operations: to penetrate and attack hostile networks. It's a relatively small team within a larger digital business unit of about 80-100 people. All cyberoperations converge here. Part of the unit is focused on intercepting or managing sources, while another team is dedicated to Computer Network Defence. In turn, this team is part of the Joint Sigint Cyber Unit, a collaborative unit of the AIVD and the Dutch Military Intelligence and Security Service MIVD, of about 300 people.
It's unknown what exact information the hackers acquire about the Russians, but it is clear that it contains a clue as to the whereabouts of one of the most well-known hacker groups in the world: Cozy Bear, also referred to as APT29. Since 2010, this group has attacked governments, energy corporations and telecom companies around the world, including Dutch companies and ministries. Specialists from the best intelligence services, among them the British, the Israelis and the Americans, have been hunting Cozy Bear for years, as have analysts from major cybersecurity companies.
Vital information
The Dutch hacker team spends weeks preparing itself. Then, in the summer of 2014, the attack takes place, most likely before the tragic crash of flight MH17. With some effort and patience, the team manages to penetrate the internal computer network. The AIVD can now trace the Russian hackers' every step. But that's not all.
The Cozy Bear hackers are in a space in a university building near the Red Square. The group's composition varies, usually about ten people are active. The entrance is in a curved hallway. A security camera records who enters and who exits the room. The AIVD hackers manage to gain access to that camera. Not only can the intelligence service now see what the Russians are doing, they can also see who's doing it. Pictures are taken of every visitor. In Zoetermeer, these pictures are analyzed and compared to known Russian spies. Again, they've acquired information that will later prove to be vital.
The AIVD hackers manage to gain access to a security camera
Rare battle
What follows is a rare battle between the attackers and its defenders
The Dutch access to the Russian hackers' network soon pays off. In November, the Russians prepare for an attack on one of their prime targets: the American State Department. By now, they've obtained e-mail addresses and the login credentials of several civil servants. They manage to enter the non-classified part of the computer network.
The AIVD and her military counterpart MIVD inform the NSA-liaison at the American embassy in The Hague. He immediately alerts the different American intelligence services.
What follows is a rare battle between the attackers, who are attempting to further infiltrate the State Department, and its defenders, FBI and NSA teams - with clues and intelligence provided by the Dutch. This battle lasts 24 hours, according to American media.
The Russians are extremely aggressive but do not know they're being spied on. :shakingdamn:Thanks to the Dutch spies, the NSA and FBI are able to counter the enemy with enormous speed. The Dutch intel is so crucial that the NSA opens a direct line with Zoetermeer, to get the information to the United States as soon as possible.
Back and forth
We could see how they were changing their methods
@DonKnock @SJUGrad13 @88m3 @wire28 @smitty22 @fact @Hood Critic @ExodusNirvana @Blessed Is the Man @dtownreppin214 @JKFrazier @tmonster @BigMoneyGrip @Soymuscle Mike @.r. @GnauzBookOfRhymes @Dorian Breh @Dameon Farrow @TheNig @VR Tripper @re'up @Blackfyre_Berserker @Cali_livin