China's Salt Typhoon Hit Small Dutch Telecommunications Firms, Confirmed by Dutch Authorities

The Dutch Ministry of Defence has issued a statement emphasizing the importance of proactive measures to detect and mitigate threats against Dutch interests, following investigations into a series of cyber attacks by the Chinese-sponsored hacking group, Salt Typhoon.

According to the statement, published on the Ministry's website on August 28, Salt Typhoon poses a significant challenge to the Netherlands' cyber resilience. The hacking group is known to have targeted organizations in the Netherlands, primarily small internet service providers (ISPs) and hosting providers.

The joint statement was made by the Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD). They confirmed parts of the US findings with their own intelligence, stating that Salt Typhoon gained access to the routers of Dutch targets. However, the agencies' probe found no evidence that the hackers penetrated deeper into the targeted companies' internal networks.

The Dutch National Cyber Security Centre (NCSC) was involved in the investigations alongside MIVD and AIVD. They collaborated to share threat intelligence with affected organizations and relevant stakeholders.

The statement acknowledges the need to reduce risks to Dutch cyber security and the ongoing need for constant vigilance against advanced Chinese cyber operations. It also refers to the ongoing challenge of securing Dutch cyber resilience against these operations, which were first highlighted in investigations conducted by US agencies in late 2024.

US agencies, including the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA), concluded that Salt Typhoon targeted US telecom firms in a cyber espionage campaign. However, the risks to the Netherlands' cyber security cannot be entirely eliminated, according to the statement.

The statement on the Dutch Ministry of Defence website emphasizes the need for constant vigilance and proactive measures to detect and mitigate threats against Dutch interests. It also refers to the investigations conducted by US agencies in late 2024 and the suspected involvement of the Russian military intelligence service (GRU) in possibly supporting the Dutch organizations targeted by Salt Typhoon.

Despite the targeted attacks, Salt Typhoon's targets in the Netherlands were not as heavily targeted as those in the US. The MIVD and AIVD have identified victims in the Netherlands, but the full extent of the damage is still under investigation.

In conclusion, the Dutch Ministry of Defence's statement serves as a reminder of the ongoing threat posed by advanced cyber operations, particularly those sponsored by China, and the need for constant vigilance and proactive measures to protect Dutch interests in the digital realm.

China's Salt Typhoon Hit Small Dutch Telecommunications Firms, Confirmed by Dutch Authorities