Strong indications that Russia is behind hack at Dutch Public Prosecutor: report

There are strong indications that Russia is behind the hack at the Dutch Public Prosecution Service (OM), “well-informed sources” told the newspaper AD. The hackers may have had access to the judiciary’s systems, which contain information about ongoing police investigations, criminal files, and employees’ personal data, for around three weeks.

The first warning of the hack came on June 17th, when a critical flaw in software used by the OM and companies worldwide was discovered. A day later, the National Cyber Security Center (NCSC) also issued a warning about this vulnerability, stating that it was “likely” hackers would exploit it and “strongly” advising users of the software to update it immediately.

The OM patched the hole on June 24, according to the newspaper, seven days after the first report. But it was already too late. Last week, following a new warning from the NCSC, the OM discovered that hackers had broken into its system. On July 17, the OM disconnected its systems from the internet. That means that the hacker potentially had access to the OM’s systems for around three weeks.

Cyber experts have indications that hacker groups affiliated with China and Russia carried out cyber attacks on dozens of organizations to see if they could break in. According to AD’s sources, Russian hackers gained access to the OM’s systems.

Experts also told AD that Russia is a more likely culprit than China in this case. “They’re interested in MH17, they want to know what investigations are underway into Russia, or who works in the justice system,” Pim Takkenberg of the cybersecurity company Northwave told the newspaper. The Koninklijke Marechaussee, a policing force that works as part of the Dutch military, has also been involved in multiple investigations into Russian war crimes in Ukraine.

China’s attacks typically focus more on stealing intellectual property and technologies, the experts said.