A cyber attacker linked to Russia broke the computer system of the Dutch national police in 2017 while authorities were investigating the down of Malaysia Airlines Flight 17 (MH-17).
Dutch newspaper De Volkskrant We first reported last week’s news, revealing that the breach was discovered by the General Intelligence and Security Service (AIVD) in the Netherlands. This warned the police about the intrusion.
Neither the National Police nor AIVD have so far admitted any violations, Volkskrant He said he was able to confirm the case through multiple anonymous sources.
MH17 was on the way from Amsterdam to Kuala Lumpur on the 17thth When it was shot down over Ukraine by a surface-to-air missile in July 2014. The crash killed all 298 people on board, 196 of whom were Dutch.
When MH17 was shot down, a Russian-backed pro-Russian militant rebellion was underway in eastern Ukraine.
The Kremlin denied involvement in the MH17 case, and separatists and Ukrainian troops also denied responsibility for the case.
On July 5, 2017, the Netherlands, Malaysia, Australia, Belgium and Ukraine announced that they would establish a joint investigation team (JIT) to investigate airplane downs.
by VolkskrantThe attack targeting the Dutch police system dates back to September 2017. In this attack, a hacker exploited a security vulnerability to compromise a server belonging to a Dutch police academy.
Following the initial intrusion, hackers made lateral movements to access other systems on the main police network.
A breach was discovered after AIVD noticed the IP address of a Dutch police officer communicating with a malicious server operated by a Russian APT group.
Some sources told the press that the attack was likely carried out by Russians. APT29 Group, Also known as Cozy Bear after receiving a command from the Russian Foreign Intelligence Service (SVR). APT 29 was revealed in 2016 as the main suspect behind the infamous Democratic National Committee breach for the 2016 US presidential election.
Some sources also said Volkskrant The attack is likely to have been carried out by a threat group APT28 (Fancy Bear), instructions from the Russian Army General Staff (GRU).
AIVD’s investigation also revealed that Russian attackers are targeting other agencies, including Dutch police and prosecution services, through phishing emails and direct cyberattacks on police computer systems. ..
In one case, a Russian hacker drove a car equipped with hacking equipment near the Rotterdam Prosecutor’s Office.
Due to the lack of surveillance / logging capabilities, AIVD and Dutch police have little knowledge of what hackers have done within the police network or what information could be stolen from the system.
https://www.computing.co.uk/news/4033118/russian-hackers-breached-dutch-police-systems-mh17-probe Russian hacker breached Dutch police system during MH17 investigation