The Netherlands has also been a target of the global cyber espionage campaign by the Chinese hacking organization Salt Typhoon, as reported by the Dutch intelligence and security services MIVD and AIVD today.
At the end of 2024, a large-scale Chinese cyber espionage campaign against the global telecom sector came to light. The US attributed this campaign to the state-sponsored Chinese hacking organization Salt Typhoon. The MIVD and AIVD can now confirm part of the content of the American investigation with independent intelligence.
The MIVD and AIVD endorse the warning issued by the American services National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI), as well as European intelligence services BND (Germany), SUPO (Finland), NCSC (United Kingdom), and AISE (Italy).
Targets in the Netherlands
The Dutch organizations likely did not receive the same level of attention from the hackers of Salt Typhoon as those in the US. However, both services have observed targets in the Netherlands. These are not large telecommunications providers, but smaller Internet Service and Hosting providers.
Research by the MIVD and AIVD shows that the Chinese hacking organization had access to routers of the Dutch targets. As far as is known, the hackers did not penetrate further into their internal networks. Where possible, the MIVD, AIVD, and the NCSC (National Cyber Security Centre) have previously shared threat information with targets and other relevant audiences.
The MIVD and AIVD have long warned about the growing Chinese cyber threat. These activities have become so advanced that continuous effort and attention are needed to detect and address cyber operations against Dutch interests in a timely manner. While risks can be reduced, they cannot be completely eliminated. This poses a significant challenge to Dutch resilience.