The Dutch security service known as the AIVD reportedly spied on the Russian hacking team Cozy Bear as it breached the Democratic National Committee.
A new report sheds light on why US intelligence has been so confident Russia tried to interfere with the 2016 presidential election. They had the help of a Dutch ally, which spied on the state-sponsored hackers as they infiltrated the Democratic National Committee.
Dutch newspaper De Volkskrant, citing six unnamed American and Dutch sources, reports that the Dutch security service known as the AIVD snooped on the Russian hacking team Cozy Bear by penetrating its computer network in a Moscow university building back in the summer of 2014. Specifically, it witnessed the Russian hackers stealing thousands of emails and files from the DNC.
The AIVD then warned US intelligence about the hack, but it reportedly spied on Cozy Bear for up to 2.5 years, and even had access to a security camera within the Moscow building, where the Russian hackers were based.
“Not only can the intelligence service now see what the Russians are doing, they can also see who’s doing it. Pictures are taken of every visitor,” the report said.
From those pictures, Dutch intelligence deduced that a Russian intelligence agency known as the SVR actually leads Cozy Bear.
So far, the FBI and the AIVD haven’t commented on the reporting. But on Friday, a Russian presidential spokesman dismissed it as adding “fuel to the fire of anti-Russian hysteria.” Dutch newspapers are not the most reliable source, the spokesman Dmitry Peskov told Russian news agency TASS.
Still, the De Volkskrant report echoes a 2017 Washington Post article that indicated a US ally had hijacked the security cameras of a building used by the Russian hackers.
According to De Volkskrant, Cozy Bear is a small team of about 10 people. The building they use is located near Moscow’s Red Square, but the Dutch security service is no longer inside Cozy Bear’s network. “Hacker groups frequently change their methods and even a different firewall can cut off access,” the report said.