Your article on openrijk.nl?

MIVD: Netherlands also target of espionage campaign by Russian hackers

The Russian GRU cyber unit 26165, better known as APT28, is responsible for cyber espionage against Ukraine and NATO countries. The Netherlands has also been a target. This is evident from research by multiple parties, including the American services National Security Agency (NSA) and Cybersecurity & Infrastructure Security Agency (CISA). The Federal Bureau of Investigation (FBI) and the Dutch Military Intelligence and Security Service (MIVD) also confirmed this.

The goal of the Russian military intelligence services cyber unit is to gain visibility into and disrupt Western (military) support for Ukraine. The NSA, CISA, FBI, MIVD, and more than 15 other international services warn about this in a so-called Cybersecurity Advisory.

The Dutch armed forces, ministries, and the business sector have been direct and indirect targets of cyber espionage attempts. The MIVD has informed them about this, and measures have been taken.

Target

APT28 is of great strategic importance to Russia in the war with Ukraine. ‘By bringing this Russian practice to light, the digital freedom of movement of GRU personnel is restricted. Their operations are disrupted,” says MIVD director Vice Admiral Peter Reesink. “Victims are also helped to discover whether they have been attacked and what they can do about it. The MIVD will continue to support such actions in the future,” he explains.

‘Specifically, APT28 aims to acquire military, diplomatic, and economic information about Ukraine and NATO allies. This GRU unit tries to gain insight into the transport of Western military support through its operations, both within and outside Ukraine. Therefore, countries like the Netherlands, which are part of the supply route, are targets of these cyber operations.’

In September 2024, the MIVD already warned about cyber operations by GRU unit 29155 with the same aim: disrupting Western aid to Ukraine. The US, together with the MIVD and other partner services, also issued a warning and technical advice at that time. This not only outlined how countries and organizations could recognize the operations of unit 29155 but also indicated what measures could be taken to defend against them.

The OPCW Case

In 2018, hackers from APT28 traveled to the Netherlands with the intent to set up a cyber operation here. The target was the Organisation for the Prohibition of Chemical Weapons (OPCW) in The Hague. The MIVD disrupted this cyber operation at that time. The four involved Russian intelligence officers were expelled from the country, preventing the OPCWs systems from being hacked. At that time, this organization was conducting research into the poisoning of Russian Sergei Skripal and his daughter.

Share this article

Source last updated: 22 May 25

Published on Openrijk: 22 May 25

Source: Defensie

Lees al je overheidsnieuws op één plek

.....

Your article on openrijk.nl?

MIVD: Netherlands also target of espionage campaign by Russian hackers

Target

The OPCW Case