The Dutch newspaper de Volkskrant (“The People’s Paper”) has quite the intriguing story today. Apparently AIVD, the Dutch equivalent of the CIA, broke into the computer systems of a nondescript building in Moscow a few years ago. They had no idea what was there, but eventually they figured it out. It was the workplace of Cozy Bear, Russia’s most infamous hacking group:
That’s how the AIVD becomes witness to the Russian hackers harassing and penetrating the leaders of the Democratic Party, transferring thousands of emails and documents. It won’t be the last time they alert their American counterparts. And yet, it will be months before the United States realize what this warning means: that with these hacks the Russians have interfered with the American elections. And the AIVD hackers have seen it happening before their very eyes.
….The Cozy Bear hackers are in a space in a university building near the Red Square. The group’s composition varies, usually about ten people are active. The entrance is in a curved hallway. A security camera records who enters and who exits the room. The AIVD hackers manage to gain access to that camera. Not only can the intelligence service now see what the Russians are doing, they can also see who’s doing it. Pictures are taken of every visitor. In Zoetermeer, these pictures are analyzed and compared to known Russian spies.
….Access to Cozy Bear turns out to be a goldmine for the Dutch hackers. For years, it supplies them with valuable intelligence about targets, methods and the interests of the highest ranking officials of the Russian security service [which they share with the United States]….In return, the Dutch are given knowledge, technology and intelligence. According to one American source, in late 2015, the NSA hackers manage to penetrate the mobile devices of several high ranking Russian intelligence officers. They learn that right before a hacking attack, the Russians search the internet for any news about the oncoming attack.
de Volkskrant says the Dutch are pretty pissed off that our intelligence services, in an effort to prove that Russia really did interfere with the US election, have repeatedly bragged about the remarkable efforts of a “Western ally.” However, the details in this story come from both American and Dutch sources, so apparently there are at least a few folks in the Netherlands who figure they might as well brag about it themselves now that the operation is over.
If all this is true, the primary sources for our knowledge of the 2016 election hacking are the Dutch operation and the NSA penetration of Russian mobile devices. Those are some pretty good sources, and it accounts for why the US intelligence community is so certain that Russia was behind all the various hacks. And there are other Russian attacks, too, which are described in some detail in the story. I wonder if they have similar intelligence about Wikileaks?