“Sabotage” may be behind Schiphol rail problems; Cyberattack hits NATO summit websites

Dutch authorities are investigating whether sabotage caused a fire that disrupted train traffic to and from Schiphol Airport Tuesday, while a pro-Russian hacker group claimed responsibility for cyberattacks on Dutch websites linked to the NATO summit.

At 5:41 a.m. Tuesday, a fire broke out alongside the railroad tracks at Oeverlandenweg in Amsterdam, damaging power cables critical to train operations. The fire forced a complete halt to train traffic in the area. Rail infrastructure manager ProRail reported “significant damage” and warned repairs would take several hours. The exact cause of the fire remains unknown.

“ProRail and the police are currently investigating the cause of the power outage on the tracks near Schiphol,” the company said. “All possible scenarios are being considered.”

Justice and Security Minister David van Weel confirmed sabotage is one possibility under investigation. “That is one of the things we are investigating,” Van Weel said Tuesday during the NATO summit in The Hague. “Then the question is: who is behind it? It could be an activist group; it could be another country. It could be anything. The most important thing now is to repair the cables and get traffic moving again.”

Another possibility being examined is copper theft, according to Dutch broadcaster NOS. ProRail declined to speculate on the cause but said it aims to determine the cause as soon as possible.

Forensic teams secured evidence at the fire scene and immediately began investigations. Police are actively treating the incident as a possible crime and are reviewing surveillance footage from the area. They also urge anyone who witnessed suspicious activity near Oeverlandenweg early Tuesday morning to come forward. Witnesses or those with doorbell, dashcam, or security camera footage can contact police at 0900-8844 or anonymously via Meld Misdaad Anoniem at 0800-7000, police reported.

Separately, the pro-Russian hacker group NoName057(16) claimed responsibility for a series of distributed denial-of-service (DDoS) cyberattacks targeting Dutch websites. The attacks briefly disrupted public transport company Connexxion’s website and two NATO summit side events in The Hague — the Just Peace Festival and Road to Summit.

A Transdev Nederland spokesperson confirmed the Connexxion website, along with sister brands Breng and Hermes, experienced an outage lasting less than 30 minutes. The source of the attack remains unconfirmed.

The municipality of The Hague also confirmed the cyberattack, stating, “This aligns with the expectations we had beforehand,” according to a spokesperson.

NoName057(16) additionally claimed responsibility for a Monday DDoS attack on NotuBiz, a platform used by Dutch municipalities and provinces to publish official announcements. The group has a history of attacking institutions in countries that support Ukraine.