Apparently Dutch intel had pretty deep access into the Russian systems. Going so far as even screenshotting people's faces as they appear on their security cameras.
Seriously, everyone here will find this a fascinating read. It's almost like a thriller.
From the article:
Using so-called command and control servers, digital command centres, the Russians attempt to establish a connection to the malware in the Department, in order to request and transfer information. The Americans, having been told by the Dutch where the servers are, repeatedly and swiftly cut off access to these servers, followed each time by another attempt by the Russians. It goes back and forth like this for 24 hours. Afterwards, sources tell CNN that this was 'the worst hack attack ever' on the American government. The Department has to cut off access to the e-mail system for a whole weekend in order to upgrade the security.
Luckily, the NSA was able to find out the means and tactics of their attackers, deputy director of the NSA Richard Ledgett states at a discussion forum in Aspen in March 2017. 'So we could see how they were changing their methods. That's very useful information.' On the authority of intelligence services, American media write that this was thanks to a 'western ally'. Eventually, the Americans manage to dispel the Russians from the Department, but not before Russian attackers use their access to send an e-mail to a person in the White House.
I'm actually impressed by our AIVD. Being Dutch, I always assumed our intelligence service were sheep in a world of wild animals; SAP consultants among elite hackers.
This shows I was wrong, they seem to be actually competent and doing good work. Maybe I'll even rethink my opinion on the dragnet surveillance law that we will be voting on...
AIVD is very impressive. It is nowhere near as well funded as foreign intelligence services but they are at the top of their game.
That should not change your opinion on the dragnet surveillance though, especially because that will simply increase the size of the haystack with the same number of needles and so will take attention away from things that urgently require it. Dragnet surveillance is a net negative when you are resource constrained.
Another Dutch official entity that has my admiration is the anti-child porn division, they are quite capable and deal with some of the worst stuff the internet has to offer.
A few years ago I participated in the AIVD's cyber challenge. It involved reverse engineering an executable, spotting a flaw in the (custom) crypto algorithm which made it brute-forcable and then finally going to some train station where a final clue was hidden. After that, we, the people who solved the puzzle (5 or 6 iirc) were invited to the AIVD offices for a chat with the authors and a bit of PR and a tour through the museum (during which the big boss offered jobs (whispering) to a few of us). I was impressed by their skills, never expected that from government people really.
It’s slightly paradoxical that we can recognise the competent intelligence outfits, but the elite are, by nature of their work, indistinguishable from the timidly inept
The visible part of these organizations (head, management and recommendations) are pitiful or plain outrageous (recommendations are usually years behind the reality, which contrasts with recent NIST posture).
At the same time, the regular folks are usually surprisingly good, open and forward - thinking. They either work in the dark or have propositions which never reach the top.
When I say "surprisingly", it is because that are statistically better than their counterparts in the private sector, and are payed way less.
To be honest, this is very standard tradecraft to security folks.
If this kind of thing is interesting, I’d recommend a read of Kim Zetters “countdown to zero day” about stuxnet. A piece of malware potentially as old as 2005, but an order of magnitude more sophisticated than what’s being described with the DNC
> For years, Painter was responsible for America's cyber policy. He resigned last August. "We'd never expected that the Russians would do this, attacking our vital infrastructure and undermining our democracy."
Is he just lying in the worst attempt to cover ass, or is he actually just that bad at his job?
I am not saying the article is saying that. I am simply wondering why it's been tied to the election then.
If the CIA and NSA were aware of this going on, unless they are outright incompetent and Obama didn't care then they must have known all along that they were being broken into.
Senate Majority Leader Mitch McConnell informed Obama that if he did carry out the alert that he would cry partisan politics and interference in the election by the sitting administration.
Why would he alert the public? Why not just deal with it internally? But i can see that this discussion is already getting toxic with the amount of downvotes so whatevs.
By that point the US was actively seeing known Russian attempts to penetrate various electoral systems. He probably would have had to call for a delay of the election or something equally drastic.
You can imagine the uproar that would follow.
Shortly after the election the US expelled 35 diplomats and shuttered a Russian-owned compound.
That, and the FBI had started an investigation into the interference (which is often decried as a hoax or other silly terms). The CIA and NSA had been working on it for some time, however if you read the article, the Russian actors had already penetrated other state services and were moving moving quickly. It was a cat and mouse game at that point.
Members of the senate signed a letter noting that they were aware of Russia's interference and called for them to stop when the president couldn't speak publicly about it.
I'm curious about what other acts you suggest he could have pursued.
The point is the tying to Trump which seems absurd now. Anyway im getting downvoted for even suggesting this and dont want to give the people who cant argue their case more opportunities than this.
It’s a fair point because most of the story wasn’t about the DNC. But they also saw the DNC hack later on:
Together with another group of Russian hackers (Fancy Bear, also known as APT28), Cozy Bear is also held responsible for the cyberintrusion of the DNC. In April 2016, Fancy Bear accessed the Washington servers of the Democrats; Cozy Bear had done so as early as the summer of 2015. Once more, the group was caught red-handed by the Dutch, who again alerted their U.S. counterparts.
I'm I the only one who does not believe a word any intel agency says? Paid liars. They better not at all talk to the public that they "vow to protect" (my ass). We need more leakers, they, IMHO, show more truth: that they are paid (by us the people) liars.
> I'm I the only one who does not believe a word any intel agency says?
Which words in particular do you not believe? If an intel agency tells you they are gathering intel on geopolitical adversaries that sounds pretty plausible to me. And in this case there seems to be plenty of corroboration from other sources - not that that should have ever happened.
> Rob Bertholee, head of AIVD, said that he had no doubt that the Kremlin was directly responsible for the Russian cyber campaign against U.S. government agencies.
I believe non of it. Intel big shot sais "said that he had no doubt", I think: "your a professional and tax paid liar, I do not believe you sir!"
Well, that gives the Kremlin a free pass to do whatever they want in your book because no statement from anybody - especially not those who are in a position to evaluate the evidence - would be acceptable.
That's a rather high standard you are upholding there, so high that it is unusable.
To turn this around: what other state actor would you posit has stakes as high as Russia in order to attempt to get US government agencies taken down a notch or two?
And, finally: what level of evidence presented by who would be enough to convince you this actually happened?
I'll never be convinced anything has actually happened in this area (intelligence). And to be honest I could not care less. Totally corrupt branches of gov't.
The outlets who published this news (Volkskrant and NOS) are reliable, and even the responsible minister has more-or-less confirmed the story.
Of course, this news comes at a time when there is a (non-binding) ballot coming about dragnet surveillance here. So clearly this news is helpful for some parties.
You're pretty foolish to make such blatant statements without any source to back it up. Just because the NOS is a public broadcaster doesn't mean they're not independnant.
Actually by law the goverment has no say in it's content and it is in no way beholden to corporate interests since it is a non-profit that doesn't need ads.
While the law states NOS (or rather NPO) has to be independent from government interference reality shows another picture, just like it does in other countries - Sweden being a good example. In both cases - NOS in the Netherlands, SVT (Sveriges Television) and SR (Sveriges Radio) in Sweden - these companies have a distinct political signature which is not representative for the public they are supposed to represent. A case study by Kent Asp, professor of journalism at the University of Gothenburg titled "journalistkårens partisympatier' (journalist's party affiliations) [1] clearly shows this in that the majority of journalists working for the public broadcasters identify with two of the parties to the extreme left of the spectrum ('miljöpartiet' (greens) and 'vänsterpartiet' ('left-wing party', they originally called themselves 'vänsterpartiet kommunisterna' (left-wing party communists) but changed their moniker with the fall of the wall and the dissolution of the Soviet Union)). While these two parties currently are supported by about 12% of the population at large they garner around 77% of votes among journalists working for the public broadcasters. Add the support for the social democratic party (around 12%, this is actually far lower than the support for that party among the population (around 20%-25%)) and it becomes clear that journalists working for public broadcasters are far more left-leaning than the general population. There are many other sources [2][3] to back up these claims.
The situation with the Dutch public broadcaster seems to be slightly different due to the way this institution has grown from formerly independent broadcasters but the results are comparable [4].
So while these public broadcasters are not beholden to corporate interests and not dependent on advertising - they are financed by fees and taxes - they do have other affiliations and as such can not been seen as 'independent'.
Do you have any citations on that? Remember, “fake news” doesn’t mean “the story wasn’t good for my political side” or “a reporter made a mistake” but rather the blatant attempt to pass propaganda off as accurate without correction. Real news organizations aren’t perfect but they do retract stories and fire people.
It's not completely surprising the Dutch were looking into Cozy Bear.
The Dutch led the investigation into the MH17 shoot-down, and Russian misinformation groups (of which Cozy Bear was one) have been working hard on that, too.
Do you see a date anywhere? All I could read in the article was that JSCU was launched in 'the summer of 2014' and received a tip about Cozy Bear that same summer. And MH17 was shot down July 17, 2014, so it seems like it depends entirely on a precise date for that tip whether it happened before or after the shootdown.
Now I wonder if the US, as a return favor, shared their intel on the MH17 incident too. I mean that was an actual act of physical aggression by the Russians where citizens died - something that hasn't happened between Russia and the US, well, ever.
> US, as a return favor, shared their intel on the MH17 incident too.
As I can remember US told the world that it MH-17 was shot by a missile (not Ukrainian jet, as Russia tried to imply for months) and most probably Russian missile - and all of it almost immediately after the tragedy.
As much as I hate Russian government, I can't believe the mh17 was shot on purpose. It was probably a mistake. Probably some people were in power where they should never be. Unfortunately, it looks like the next 6 years there wouldn't be any significant change in Russian government.
No one thinks the Russian government shot it down. It was the Russian backed rebels in the Ukraine who were supplied and supported by Russia. And yes, they somehow thought it was a fighter jet they were shooting at.
(Fox gave this conspiracy an air of legitimacy despite no evidence, and then quietly removed the stories from their website without ever apologizing or clarifying.)
This revelation brings a lot of things into focus for me. One, is that it finally sheds light onto that very large and disruptive attack on State Dept back in 2014. It was assumed it was a state actor, and now we know it was Russia.
Secondly is how important our allies are in this new era of clandestine cyber-warfare. Who knows how much damage that attack could've done without AIVD's assistance.
Third is that allied intelligence agencies are probably playing a significant role in unraveling the Trump/Russia scandal. Maybe a lot of the intel won't be declassified for some time, but I have to think that the Special Counsel has received tips from our NATO and FVEY partners that will help them crack the case.
All are aware to some extent, sure. But I bet few realize how bad it is - US with its politics became a place that's not even fun to joke about anymore.
But all this doesn't matter as long as average citizens vote as they vote, while still thinking US is the best place in the world, beacon of democracy and whatnot.
I mean, come on man. Play the chess game out just two moves. Look at East Africa, for Christ's sake. They are being courted by the Chinese something fierce. And Donny just gives any anti-US factions a golden goose of political talking points. Now what are the in-power/pro-US factions supposed to do? The hamstringing of our allies is plain stupid.
I shudder to think about the lasting damage to America's reputation this administration has caused, and what the geopolitical implications of that may be.
I think the political instability of the US will create strategic opportunities for other nations like China to fill, not to mention that it will reduce America's persuasiveness on all sorts of global matters.
Trust is an enormously valuable thing that is often undervalued until it is gone. Unfortunately I think the loss of trust others have in the United States (which didn't start with Trump) is going to create major difficulties for some time to come.
I do however think that once this situation is put to rest, our strongest alliances will hold, and hopefully we can start behaving like a trusted partner again.
Our many illegal wars, global campaign of drone assassinations, black sites and torture camps destroyed our reputation among everyone with a shred of awareness and morality long before Trump came along.
Notice what's at the very end. The head of Dutch intelligence says that because Trump is president, he shares less with the US:
"AIVD director Bertholee stated that he is extra careful when it comes to sharing intelligence with the U.S., now that Donald Trump is President."
The mere fact that Trump is president is harming US security. And the head of Dutch intelligence is willing to say so publicly. That is pretty striking.
That's what Trumps supporters want though, right? As much isolation from the outside world as possible. His supporters probably see this as MAGA-ing:-/
I think he is implicitly saying that the problem with the Trump administration is that they tend to 'blurt out' sensitive information.
If this is really true:
As of now, the AIVD hackers do not seem to have access to Cozy Bear any longer. Sources suggest that the openness of US intelligence sources, who in 2017 praised the help of a Western ally in news stories, may have ruined their operation. The openness caused great anger in The Hague and Zoetermeer.
There was also the instance of Trump sharing Israeli intelligence with the Russian ambassador when they visited the White House. (in the meeting where Trump blocked all American press, and only allowed a Russian photographer into the room)
Look at the whole Stormy Daniels thing: I don't so much care that he has no class, but he tried to cover it up and paid hush money.
Stormy Daniels had leverage on Trump, but didn't really seem to do much with it; she was fine with a payout. What would happen, on the other hand, if a hostile intelligence agency got some more salacious or more incriminating (money laundering, say) leverage on him?
This news comes at a very peculiar time and thats why i dont trust it. Yes i believe they are capable of the hack but the news comes at the best time for the aivd and the best time for the Clinton camp with deep state under research. Have to see how this develops
I'm curious about timelines here. This article states the Dutch notified the US of the intrusions in the summer of 2015, but a lot of emails leaked were from 2016. Either the 2016 emails were from a separate hack or the Russians were inexplicably allowed to continue to operate for a full year.
74 comments
[ 5.1 ms ] story [ 131 ms ] threadRead this article; an in depth analasys directly from source.: https://www.volkskrant.nl/media/dutch-agencies-provide-cruci...
Seriously, everyone here will find this a fascinating read. It's almost like a thriller.
From the article:
Using so-called command and control servers, digital command centres, the Russians attempt to establish a connection to the malware in the Department, in order to request and transfer information. The Americans, having been told by the Dutch where the servers are, repeatedly and swiftly cut off access to these servers, followed each time by another attempt by the Russians. It goes back and forth like this for 24 hours. Afterwards, sources tell CNN that this was 'the worst hack attack ever' on the American government. The Department has to cut off access to the e-mail system for a whole weekend in order to upgrade the security.
Luckily, the NSA was able to find out the means and tactics of their attackers, deputy director of the NSA Richard Ledgett states at a discussion forum in Aspen in March 2017. 'So we could see how they were changing their methods. That's very useful information.' On the authority of intelligence services, American media write that this was thanks to a 'western ally'. Eventually, the Americans manage to dispel the Russians from the Department, but not before Russian attackers use their access to send an e-mail to a person in the White House.
This shows I was wrong, they seem to be actually competent and doing good work. Maybe I'll even rethink my opinion on the dragnet surveillance law that we will be voting on...
That should not change your opinion on the dragnet surveillance though, especially because that will simply increase the size of the haystack with the same number of needles and so will take attention away from things that urgently require it. Dragnet surveillance is a net negative when you are resource constrained.
Another Dutch official entity that has my admiration is the anti-child porn division, they are quite capable and deal with some of the worst stuff the internet has to offer.
It's about what you'd expect if you ask a group of cryptographers to come up with crossword-style puzzles. It's all very challenging.
I wouldn't be surprised if the upcoming referendum on that dragnet law has something to do with this news coming out now.
The visible part of these organizations (head, management and recommendations) are pitiful or plain outrageous (recommendations are usually years behind the reality, which contrasts with recent NIST posture).
At the same time, the regular folks are usually surprisingly good, open and forward - thinking. They either work in the dark or have propositions which never reach the top.
When I say "surprisingly", it is because that are statistically better than their counterparts in the private sector, and are payed way less.
If this kind of thing is interesting, I’d recommend a read of Kim Zetters “countdown to zero day” about stuxnet. A piece of malware potentially as old as 2005, but an order of magnitude more sophisticated than what’s being described with the DNC
Is he just lying in the worst attempt to cover ass, or is he actually just that bad at his job?
If the CIA and NSA were aware of this going on, unless they are outright incompetent and Obama didn't care then they must have known all along that they were being broken into.
Senate Majority Leader Mitch McConnell informed Obama that if he did carry out the alert that he would cry partisan politics and interference in the election by the sitting administration.
https://www.cbsnews.com/news/biden-mcconnell-wanted-no-part-...
https://www.theatlantic.com/technology/archive/2016/12/why-d...
You can imagine the uproar that would follow.
Shortly after the election the US expelled 35 diplomats and shuttered a Russian-owned compound.
https://www.theguardian.com/us-news/2016/dec/29/barack-obama...
That, and the FBI had started an investigation into the interference (which is often decried as a hoax or other silly terms). The CIA and NSA had been working on it for some time, however if you read the article, the Russian actors had already penetrated other state services and were moving moving quickly. It was a cat and mouse game at that point.
Members of the senate signed a letter noting that they were aware of Russia's interference and called for them to stop when the president couldn't speak publicly about it.
I'm curious about what other acts you suggest he could have pursued.
Together with another group of Russian hackers (Fancy Bear, also known as APT28), Cozy Bear is also held responsible for the cyberintrusion of the DNC. In April 2016, Fancy Bear accessed the Washington servers of the Democrats; Cozy Bear had done so as early as the summer of 2015. Once more, the group was caught red-handed by the Dutch, who again alerted their U.S. counterparts.
I remember Reagan being painted almost as a devil in the eighties.
Which words in particular do you not believe? If an intel agency tells you they are gathering intel on geopolitical adversaries that sounds pretty plausible to me. And in this case there seems to be plenty of corroboration from other sources - not that that should have ever happened.
For instance this:
> Rob Bertholee, head of AIVD, said that he had no doubt that the Kremlin was directly responsible for the Russian cyber campaign against U.S. government agencies.
I believe non of it. Intel big shot sais "said that he had no doubt", I think: "your a professional and tax paid liar, I do not believe you sir!"
That's a rather high standard you are upholding there, so high that it is unusable.
To turn this around: what other state actor would you posit has stakes as high as Russia in order to attempt to get US government agencies taken down a notch or two?
And, finally: what level of evidence presented by who would be enough to convince you this actually happened?
Of course, this news comes at a time when there is a (non-binding) ballot coming about dragnet surveillance here. So clearly this news is helpful for some parties.
Volkskrant is known to fabricate fake news long before the word existed ( i.e. the 'Martel hoax' )
Actually by law the goverment has no say in it's content and it is in no way beholden to corporate interests since it is a non-profit that doesn't need ads.
The situation with the Dutch public broadcaster seems to be slightly different due to the way this institution has grown from formerly independent broadcasters but the results are comparable [4].
So while these public broadcasters are not beholden to corporate interests and not dependent on advertising - they are financed by fees and taxes - they do have other affiliations and as such can not been seen as 'independent'.
[1] https://jmg.gu.se/digitalAssets/1284/1284227_nr38.pdf
[2] https://www.svt.se/opinion/svt-och-sr-dags-att-erkanna-era-p...
[3] http://magasinetneo.se/okategoriserade/jo-den-svenska-journa...
[4] https://www.elsevierweekblad.nl/nederland/blog/2017/08/kan-s...
The Dutch led the investigation into the MH17 shoot-down, and Russian misinformation groups (of which Cozy Bear was one) have been working hard on that, too.
As I can remember US told the world that it MH-17 was shot by a missile (not Ukrainian jet, as Russia tried to imply for months) and most probably Russian missile - and all of it almost immediately after the tragedy.
(Fox gave this conspiracy an air of legitimacy despite no evidence, and then quietly removed the stories from their website without ever apologizing or clarifying.)
Secondly is how important our allies are in this new era of clandestine cyber-warfare. Who knows how much damage that attack could've done without AIVD's assistance.
Third is that allied intelligence agencies are probably playing a significant role in unraveling the Trump/Russia scandal. Maybe a lot of the intel won't be declassified for some time, but I have to think that the Special Counsel has received tips from our NATO and FVEY partners that will help them crack the case.
Even if they pretend they aren't.
But all this doesn't matter as long as average citizens vote as they vote, while still thinking US is the best place in the world, beacon of democracy and whatnot.
I mean, come on man. Play the chess game out just two moves. Look at East Africa, for Christ's sake. They are being courted by the Chinese something fierce. And Donny just gives any anti-US factions a golden goose of political talking points. Now what are the in-power/pro-US factions supposed to do? The hamstringing of our allies is plain stupid.
I think the political instability of the US will create strategic opportunities for other nations like China to fill, not to mention that it will reduce America's persuasiveness on all sorts of global matters.
Trust is an enormously valuable thing that is often undervalued until it is gone. Unfortunately I think the loss of trust others have in the United States (which didn't start with Trump) is going to create major difficulties for some time to come.
I do however think that once this situation is put to rest, our strongest alliances will hold, and hopefully we can start behaving like a trusted partner again.
Or I'm guessing there were multiple hacks?
https://news.ycombinator.com/item?id=14998421
"AIVD director Bertholee stated that he is extra careful when it comes to sharing intelligence with the U.S., now that Donald Trump is President."
The mere fact that Trump is president is harming US security. And the head of Dutch intelligence is willing to say so publicly. That is pretty striking.
If this is really true:
As of now, the AIVD hackers do not seem to have access to Cozy Bear any longer. Sources suggest that the openness of US intelligence sources, who in 2017 praised the help of a Western ally in news stories, may have ruined their operation. The openness caused great anger in The Hague and Zoetermeer.
That'd quite a catastrophic/dumb mistake.
https://www.washingtonpost.com/world/national-security/trump...
https://www.reuters.com/article/us-northkorea-missiles-subma...
Stormy Daniels had leverage on Trump, but didn't really seem to do much with it; she was fine with a payout. What would happen, on the other hand, if a hostile intelligence agency got some more salacious or more incriminating (money laundering, say) leverage on him?