Follow Us on WhatsApp | Telegram | Google News

Chinese Hackers Target Dutch Defence Network in Espionage Campaign

Table of Contents

Chinese spies hacked Dutch defence network

The Dutch government revealed alarming details today about a cyber attack by Chinese state-sponsored hackers who infiltrated a military network last year. The incident marks the first time the Netherlands has publicly attributed such hostile digital espionage activities to China.

In a joint report, the Dutch Defense Intelligence and Security Service (MIVD) and General Intelligence and Security Service (AIVD) stated that malicious software was discovered on a Dutch armed forces network used for unclassified research by around 50 people.

The malware, dubbed "Coathanger" due to a coded reference to a Roald Dahl short story, was designed to hide its presence and remain persistent even after system reboots.

"It is important that espionage activities of this kind committed by China are made public, as this will help increase international resilience to this type of cyber espionage," said Dutch Defense Minister Kajsa Ollongren. "MIVD and AIVD emphasize that this incident is part of a broader trend of Chinese political espionage against the Netherlands and its allies." [PDF]

The intelligence agencies assessed with "high confidence" that the cyber intrusion and custom malware were the work of Chinese state-backed actors. 

Coathanger has also been found on networks belonging to other Western organizations and international government entities. Notably, the malware appears specially crafted to target Fortinet FortiGate firewalls, critical cybersecurity infrastructure used globally.

“The malware has been developed specifically for FortiGate devices, which are used by organisations as a firewall to protect their systems."

China has long been accused of widespread cyber espionage campaigns, though Beijing routinely denies hacking allegations and claims it opposes all forms of cyber attacks. - Reuters reported

Last April, Dutch intelligence warned that China posed the biggest threat to the country's economic security through relentless industrial espionage targeting high-tech firms and universities. This appears part of China's aggressive effort to obtain cutting-edge Dutch technology.

According to the report, the prime target was ASML, the world's leading supplier of lithography systems critical for manufacturing semiconductors. The AIVD believes ASML is squarely in China's crosshairs as it seeks to rapidly advance its domestic chip industry. China has also tried to illegally obtain sensitive Dutch space and satellite technology, according to the MIVD.

While the full extent of the damage is still being assessed, Dutch officials say the impact appears limited since the compromised network was separate from core military systems. However, the audacious intrusion still enabled Chinese hackers to siphon unknown quantities of data and represented a troubling breach of Dutch cybersecurity.

The revelation comes just weeks after a Reuters report that the U.S. government took action to disrupt "Volt Typhoon," a massive Chinese state-sponsored hacking operation that infected tens of thousands of home routers, firewalls and other network appliances worldwide. It's unclear if the Dutch cyber attack is linked to this wider Chinese campaign.

Read Also
Post a Comment