Dutch Hackers Infiltrated Kremlin’s Cozy Bear in 2014

Dutch hackers infiltrated Cozy Bear HQ in an university building near Kremlin’s Red Square. Once inside the Cozy Bear computer network the Dutch managed to  take control of the security camera at the entrance to the computer room. A photo of each person entering the secure location was gathered. All the intelligence was shared real time with the NSA as the Dutch civil (AIVD) and military intelligence (MIVD) are part of the AngloSaxon nine-eyes spy network.

The Russians succeeded to infiltrate inside the White House and compromise e-mail and communications traffic.

In July 2015 Cozy Bear infiltrated DNC computer systems.

[Update-1] Dutch cyber warfare hackers provided crucial evidence about Russian interference during election 2016 | Dutch De Volkskrant |

It’s the summer of 2014. A hacker from the Dutch intelligence agency AIVD has penetrated the computer network of a university building next to the Red Square in Moscow, oblivious to the implications. One year later, from the AIVD headquarters in Zoetermeer, he and his colleagues witness Russian hackers launching an attack on the Democratic Party in the United States. The AIVD hackers had not infiltrated just any building; they were in the computer network of the infamous Russian hacker group Cozy Bear. And unbeknownst to the Russians, they could see everything.

Cozy Bear

It’s somewhat of a ‘fluke’ that the AIVD hackers were able to acquire such useful information in 2014. The team uses a CNA, which stands for Computer Network Attack. These hackers are permitted to perform offensive operations: to penetrate and attack hostile networks. It’s a relatively small team within a larger digital business unit of about 80-100 people. All cyberoperations converge here. Part of the unit is focused on intercepting or managing sources, while another team is dedicated to Computer Network Defence. In turn, this team is part of the Joint Sigint Cyber Unit, a collaborative unit of the AIVD and the Dutch Military Intelligence and Security Service MIVD, of about 300 people.

More below the fold …

Timeline

Summer 2014 Hackers of the AIVD gain access to the computer network of ‘Cozy Bear’, a Russian hack group that is also called APT29.

November 2014 Cozy Bear attacks the US State Department and enters the unclassified system. AIVD and MIVD warn American services.

November / December 2014 Cozy Bear also enters White House and gains access to the e-mails and agenda of President Barack Obama. The AIVD and MIVD again warn US services.

July 2015 Cozy Bear attacks the DNC (Democratic Party Party Board) and invades the computer system. AIVD and MIVD warn American services.

Autumn 2015 FBI warns DNC that hackers are in their systems. DNC does nothing with warning.

Spring 2016 Russian hacking group ‘Fancy Bear’, also known as APT28, enters DNC networks.

June 2016 Security company Crowdstrike confirms that Cozy Bear and Fancy Bear were in the computer systems of the DNC.

July 2016 WikiLeaks reveals 19 thousand e-mails and eight thousand attachments from the Democratic Party administration. According to the American services, the documents come from Fancy Bear.

November 8, 2016 The Republican presidential candidate Donald Trump wins the election.

Spring 2017 FBI director James Comey says the FBI is investigating Russian interference in the US presidential election.

May 2017 President Donald Trump fires FBI director Comey, special prosecutor Robert Mueller takes over the investigation into Russian interference.

June 2017 Former FBI director Comey says during a hearing that there is ‘no doubt’ that the Russian government was behind the hacks at the DNC.

Just spreading the news, it’s preliminary and I will need to read more about the investigation by Dutch journalists.
All intelligence sources remain anonymous.

[Update-2] This Looks Like the DNC’s Hacked Trump Oppo File | Gawker – June 15, 2016 |

A 200+ page document that appears to be a Democratic anti-Trump playbook compiled by the Democratic National Committee has leaked online following this week’s report that the DNC was breached by Russian hackers. In it, Trump is pilloried as a “bad businessman” and “misogynist in chief.”

The document—which according to embedded metadata was created by a Democratic strategist named Warren Flood—was created on December 19th, 2015, and forwarded to us by an individual calling himself “Guccifer 2.0,” a reference to the notorious, now-imprisoned Romanian hacker who hacked various American political figures in 2013.

The enormous opposition document, titled simply “Donald Trump Report,” appears to be a summary of the Democratic Party’s strategy for delegitimizing and undermining Trump’s presidential aspirations—at least as they existed at the end of last year, well before he unseated a field of establishment Republicans and clinched the nomination.


The hackers were able to access opposition files and may have been able to read email and chat traffic, but did not touch any financial, donor, or personal information, the DNC said Tuesday. However, the user who sent the files to Gawker refuted that claim, writing, “DNC chairwoman Debbie Wasserman Schultz said no financial documents were compromised. Nonsense! Just look through the Democratic Party lists of donors! They say there were no secret docs! Lies again! Also I have some secret documents from Hillary’s PC she worked with as the Secretary of State.”

Among the files sent to Gawker are what appear to be several lists of donors, including email addresses and donation amounts, grouped by wealth and specific fundraising events. Gawker has not yet been able to verify that the Trump file was produced by the DNC, but we have been able to independently verify that the financial documents were produced by people or groups affiliated with the Democratic Party.

Also included are memos marked “confidential” and “secret” that appear to date back to 2008, and pertain to Obama’s transition into the White House, and a file marked “confidential” containing Hillary’s early talking points, at least some of which ended up being repeated verbatim in her April, 2015 candidacy announcement.

A Washington Post story in 2016 revealed that a Western intelligence agency provided the intel on the Russian hackers
activity on the US State Department. It blew the Dutch cover, the intelligence agency was not amused!

Archived my earlier diaries …

From the Quiet Mutiny
Dutch Cooperated with Sergei Mikhailov (FSB)
GCHQ and EU Intelligence Eavesdropped on Trump Tower Communication

Earlier this year, FSB agent Mikhailov was arrested and charged with treason. Likely that was the end of the
Dutch covert operation inside the walls of the Red Square in Moscow and was it possible to write this story.

Russia accuses cybersecurity experts of treasonous links to CIA | The Guardian – Jan. 31, 2017 |

Author: Oui

1904 World Fair -- Meet me at St. Louis!