HomeSecurity OperationsChinese Hackers Target Dutch Defense Network for Espionage Operation

Chinese Hackers Target Dutch Defense Network for Espionage Operation

Published on

spot_img

A cyber attack by Chinese state-sponsored hackers that infiltrated a Dutch military network last year has been revealed by the Dutch government today. This incident marks the first time the Netherlands has publicly attributed such hostile digital espionage activities to China.

The Dutch Defense Intelligence and Security Service (MIVD) and General Intelligence and Security Service (AIVD) stated in a joint report that malicious software, called “Coathanger,” was discovered on a Dutch armed forces network used for unclassified research by around 50 people. The malware was designed to hide its presence and remain persistent even after system reboots.

Dutch Defense Minister Kajsa Ollongren emphasized the significance of making espionage activities committed by China public in order to increase international resilience to cyber espionage. The MIVD and AIVD assert that this incident is part of a broader trend of Chinese political espionage against the Netherlands and its allies.

The intelligence agencies assessed with “high confidence” that the cyber intrusion and custom malware were the work of Chinese state-backed actors. The Coathanger malware has also been found on networks belonging to other Western organizations and international government entities, with a specific focus on targeting Fortinet FortiGate firewalls, critical cybersecurity infrastructure used globally.

China has consistently denied hacking allegations and claims it opposes all forms of cyber attacks. However, last April, Dutch intelligence warned that China posed the biggest threat to the country’s economic security through relentless industrial espionage targeting high-tech firms and universities. The report highlighted ASML, the world’s leading supplier of lithography systems crucial for manufacturing semiconductors, as a prime target for Chinese espionage. The AIVD believes ASML is a focal point in China’s efforts to rapidly advance its domestic chip industry. China has also attempted to illegally obtain sensitive Dutch space and satellite technology, according to the MIVD.

While the full extent of the damage is still being assessed, Dutch officials have indicated that the impact appears limited since the compromised network was separate from core military systems. However, the intrusion enabled Chinese hackers to siphon unknown quantities of data and represented a troubling breach of Dutch cybersecurity.

This comes shortly after a Reuters report that the U.S. government took action to disrupt “Volt Typhoon,” a massive Chinese state-sponsored hacking operation that infected tens of thousands of home routers, firewalls, and other network appliances worldwide. It is unclear if the Dutch cyber attack is linked to this wider Chinese campaign.

In conclusion, the revelation of the cyber attack on the Dutch defense network by Chinese state-sponsored hackers has raised concerns about China’s aggressive efforts to obtain cutting-edge Dutch technology and its broader trend of political espionage against the Netherlands and its allies. The Dutch government’s decision to publicly attribute the attack to China aims to increase global awareness and resilience to such cyber espionage activities.

Source link

Latest articles

Jscrambler NPM Supply Chain Attack Compromises Cloud Credentials and Crypto Wallet Secrets

Supply Chain Compromise: Jscrambler npm Package Under Siege In a recent cybersecurity incident, a malicious...

New GhostCommit Technique Conceals Exploits in Images to Avoid Detection by AI Code Reviewers

Researchers Uncover GhostCommit Technique: A New Threat to Code Security In a groundbreaking revelation, researchers...

CISA Includes ColdFusion, Langflow, and Joomla Vulnerabilities in KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has emphasized the urgent need for federal...

North LA County Regional Center Ransomware Incident

Ransomware Attack Affects North Los Angeles County Regional Center: Data Breach Notifications Sent In a...

More like this

Jscrambler NPM Supply Chain Attack Compromises Cloud Credentials and Crypto Wallet Secrets

Supply Chain Compromise: Jscrambler npm Package Under Siege In a recent cybersecurity incident, a malicious...

New GhostCommit Technique Conceals Exploits in Images to Avoid Detection by AI Code Reviewers

Researchers Uncover GhostCommit Technique: A New Threat to Code Security In a groundbreaking revelation, researchers...

CISA Includes ColdFusion, Langflow, and Joomla Vulnerabilities in KEV Catalog

The Cybersecurity and Infrastructure Security Agency (CISA) has emphasized the urgent need for federal...