Blockbuster: Dutch agencies provide crucial intel on Russia’s interference in US-elections

Hackers from the Dutch intelligence service AIVD have provided the FBI with crucial information about Russian interference with the American elections


[ Editor’s note:  This is news because it is the most important story in the world today.  VT doesn’t say it is true but we also don’t withhold vital reporting from readers.  We have our own opinions, which at this time we keep to ourselves.  Sometimes reporting itself is the news.  This is one of those cases… Gordon Duff ]

It’s every man for himself in the cyber world

[ Editor’s Note two: My first question in reading all this, is “why now”? Why was this not released much sooner when the controversy was raging back and forth, a pin the tail on the donkey game?

During that time, because it was being drawn out so long, it had all the finger prints of being an Intel operation to keep the charges in the news as long as possible as those folks understand how the public can be imprinted with a version of of the story after seven repetitions.

The other smell that this story, as with all the others that preceded it, that with all the coverage about offense cyber Intel operations by the Russians, Western mass media never mentions a word about similar Western offensive hacking operations.

It is no secret that this is being done, and is a big part of the mosaic for the story, helping the public to follow what is going on, yet our allegedly free media does not utter a word about our own hacking. For that matter, neither do the Russian or Chinese make a big deal over it.

Like droughts for farmers, hurricanes for those living on the coast, crime, political corruptions, these problems are all a permanent part of modern life.

When are we going to have an official inquiry into the Dutch “hacking” the MH-17 investigation

And lastly, the Dutch being the heroes in the story, we have to keep in mind these are the people who have rigged the MH-17 investigation to try to hang in on Russia, without bothering to address what in the world their motive would have been.

Despite all of their own nationals having been killed, they rolled over on doing a real investigation to dump it on Putin. Their investigators have not made themselves available for a public grilling, where just VT alone could slice the to ribbons.

As with the 9-11 commission, the investigation was hacked from day one by choosing who would do it. Even a rookie counter-intelligence officer could spot this with a blindfold on.

So we have to ask ourselves why is Western journalism, after all of these years of governments hacking each other, trying to imprint a totally unrealistic dynamic on us? Most VT readers know the answer to that …Jim W. Dean ]

Jim's Editor’s Notes are solely crowdfunded via PayPal
Jim's work includes research, field trips, Heritage TV Legacy archiving & more. Thanks for helping. Click to donate >>

There is no UN treaty against spying, including the cyber version, because no one would want to give up their own offensive operations

– First published … January 26, 2018

Hackers from the Dutch intelligence service AIVD have provided the FBI with crucial information about Russian interference with the American elections. For years, AIVD had access to the infamous Russian hacker group Cozy Bear. That’s what de Volkskrant and Nieuwsuur have uncovered in their investigation.

It’s the summer of 2014. A hacker from the Dutch intelligence agency AIVD has penetrated the computer network of a university building next to the Red Square in Moscow, oblivious to the implications. One year later, from the AIVD headquarters in Zoetermeer, he and his colleagues witness Russian hackers launching an attack on the Democratic Party in the United States.

The AIVD hackers had not infiltrated just any building; they were in the computer network of the infamous Russian hacker group Cozy Bear. And unbeknownst to the Russians, they could see everything.

That’s how the AIVD becomes witness to the Russian hackers harassing and penetrating the leaders of the Democratic Party, transferring thousands of emails and documents. It won’t be the last time they alert their American counterparts.

And yet, it will be months before the United States realize what this warning means: that with these hacks the Russians have interfered with the American elections. And the AIVD hackers have seen it happening before their very eyes.

The Dutch access provides crucial evidence of the Russian involvement in the hacking of the Democratic Party, according to six American and Dutch sources who are familiar with the material, but wish to remain anonymous. It’s also grounds for the FBI to start an investigation into the influence of the Russian interference on the election race between the Democratic candidate Hillary Clinton and the Republican candidate Donald Trump.

‘High confidence’

After Trump’s election in May 2017, this investigation was taken over by special prosecutor Robert Mueller. While it also aims to uncover contacts between Trump’s presidential campaign and the Russian government, the prime objective is bringing to light the Russian interference with the elections. An attempt to undermine the democratic process, and an act that caused tensions between the two superpowers to rise to new heights, bringing about a string of diplomatic acts of revenge.

Three American intelligence services state with ‘high confidence’ that the Kremlin was behind the attack on the Democratic Party. That certainty, sources say, is derived from the AIVD hackers having had access to the office-like space in the center of Moscow for years.

This is so exceptional that the directors of the foremost American intelligence services are all too happy to receive the Dutchmen. They provide technical evidence for the attack on the Democratic Party, and it becomes apparent that they know a lot more.

The prime objective is bringing to light the Russian interference with the elections

Cozy Bear

Specialists from the best intelligence services have been hunting them for years

It’s somewhat of a ‘fluke’ that the AIVD hackers were able to acquire such useful information in 2014. The team uses a CNA, which stands for Computer Network Attack. These hackers are permitted to perform offensive operations: to penetrate and attack hostile networks. It’s a relatively small team within a larger digital business unit of about 80-100 people.

All cyberoperations converge here. Part of the unit is focused on intercepting or managing sources, while another team is dedicated to Computer Network Defence. In turn, this team is part of the Joint Sigint Cyber Unit, a collaborative unit of the AIVD and the Dutch Military Intelligence and Security Service MIVD, of about 300 people.

It’s unknown what exact information the hackers acquire about the Russians, but it is clear that it contains a clue as to the whereabouts of one of the most well-known hacker groups in the world: Cozy Bear, also referred to as APT29.

Since 2010, this group has attacked governments, energy corporations and telecom companies around the world, including Dutch companies and ministries. Specialists from the best intelligence services, among them the British, the Israelis and the Americans, have been hunting Cozy Bear for years, as have analysts from major cybersecurity companies.

Vital information

The Dutch hacker team spends weeks preparing itself. Then, in the summer of 2014, the attack takes place, most likely before the tragic crash of flight MH17. With some effort and patience, the team manages to penetrate the internal computer network. The AIVD can now trace the Russian hackers’ every step. But that’s not all.

The Cozy Bear hackers are in a space in a university building near the Red Square. The group’s composition varies, usually about ten people are active. The entrance is in a curved hallway. A security camera records who enters and who exits the room. The AIVD hackers manage to gain access to that camera.

Not only can the intelligence service now see what the Russians are doing, they can also see who’s doing it. Pictures are taken of every visitor. In Zoetermeer, these pictures are analyzed and compared to known Russian spies. Again, they’ve acquired information that will later prove to be vital.

The AIVD hackers manage to gain access to a security camera

Rare battle

What follows is a rare battle between the attackers and its defenders

The Dutch access to the Russian hackers’ network soon pays off. In November, the Russians prepare for an attack on one of their prime targets: the American State Department. By now, they’ve obtained e-mail addresses and the login credentials of several civil servants. They manage to enter the non-classified part of the computer network.

The AIVD and her military counterpart MIVD inform the NSA-liaison at the American embassy in The Hague. He immediately alerts the different American intelligence services.

What follows is a rare battle between the attackers, who are attempting to further infiltrate the State Department, and its defenders, FBI and NSA teams – with clues and intelligence provided by the Dutch. This battle lasts 24 hours, according to American media.

The Russians are extremely aggressive but do not know they’re being spied on. Thanks to the Dutch spies, the NSA and FBI are able to counter the enemy with enormous speed. The Dutch intel is so crucial that the NSA opens a direct line with Zoetermeer, to get the information to the United States as soon as possible.

Back and forth

We could see how they were changing their methods

Richard Ledgett, NSA

Using so-called command and control servers, digital command centres, the Russians attempt to establish a connection to the malware in the Department, in order to request and transfer information. The Americans, having been told by the Dutch where the servers are, repeatedly and swiftly cut off access to these servers, followed each time by another attempt by the Russians.

It goes back and forth like this for 24 hours. Afterwards, sources tell CNN that this was ‘the worst hack attack ever’ on the American government. The Department has to cut off access to the e-mail system for a whole weekend in order to upgrade the security.

Luckily, the NSA was able to find out the means and tactics of their attackers, deputy director of the NSA Richard Ledgett states at a discussion forum in Aspen in March 2017.

‘So we could see how they were changing their methods. That’s very useful information.’ On the authority of intelligence services, American media write that this was thanks to a ‘western ally’. Eventually, the Americans manage to dispel the Russians from the Department, but not before Russian attackers use their access to send an e-mail to a person in the White House.

Sources tell CNN that this was ‘the worst hack attack ever’ on the American government

Fake e-mail

He thinks he’s received an e-mail from the State Department – the e-mail address is similar – and clicks a link in the message. The link opens a website where the White House employee then enters his login credentials, now obtained by the Russians. And that is how the Russians infiltrate the White House.

They even gain access to the email servers containing the sent and received emails of president Barack Obama, but fail to penetrate the servers that control the message traffic from his personal BlackBerry, which holds state secrets, sources tell The New York Times.

They do, however, manage to access e-mail traffic with embassies and diplomats, agendas, notes on policy and legislation. And again, it’s the Dutch intelligence agencies who alert the Americans about this.


Access to Cozy Bear turns out to be a goldmine for the Dutch hackers. For years, it supplies them with valuable intelligence about targets, methods and the interests of the highest ranking officials of the Russian security service. From the pictures taken of visitors, the AIVD deduces that the hacker group is led by Russia’s external intelligence agency SVR.

There’s a reason the AIVD writes in its annual report about 2014 that many Russian government officials, including president Putin, use secret services to obtain information. Recently, the head of the AIVD, Rob Bertholee, said on the Dutch TV program CollegeTour that there is ‘no question’ that the Kremlin is behind the Russian hacking activities.

There is ‘no question’ that the Kremlin is behind the Russian hacking activities

Rob Bertholee, head of the AIVD


We’d never expected that the Russians would do this

Chris Painter

The Americans were taken completely by surprise by the Russian aggression, says Chris Painter in Washington. For years, Painter was responsible for America’s cyber policy. He resigned last August. ‘We’d never expected that the Russians would do this, attacking our vital infrastructure and undermining our democracy.’

The American intelligence services were unprepared for that, he says. That is one of the reasons the Dutch access is so appreciated. The Americans even sent ‘cake’ and ‘flowers’ to Zoetermeer, sources tell. And not just that. Intelligence is a commodity: it can be traded.

In 2016, the heads of the AIVD and MIVD, Rob Bertholee and Pieter Bindt, personally discuss the access to the Russian hacker group with James Clapper, then the highest ranking official of the American intelligence services, and Michael Rogers, head of the NSA.

In return, the Dutch are given knowledge, technology and intelligence. According to one American source, in late 2015, the NSA hackers manage to penetrate the mobile devices of several high ranking Russian intelligence officers. They learn that right before a hacking attack, the Russians search the internet for any news about the oncoming attack.

According to the Americans, this indirectly proves that the Russian government is involved in the hacks. Another source says it’s ‘highly likely’ that in return for the intelligence, the Dutch were given access to this specific American information. Whether any intelligence about MH17 was exchanged, is unknown.


There’s a long aftermath to the Russian attacks, particularly the attack on the Democratic Party. Moreover, the FBI investigation into the Russian interference adds a political dimension. After her defeat in November 2016, Clinton will say that the controversy about her leaked emails are what cost her the presidency.

President elect Donald Trump categorically refuses to explicitly acknowledge the Russian interference. It would tarnish the gleam of his electoral victory. He has also frequently praised Russia, and president Putin in particular.

This is one of the reasons the American intelligence services eagerly leak information: to prove that the Russians did in fact interfere with the elections. And that is why intelligence services have told American media about the amazing access of a ‘western ally’.

This has led to anger in Zoetermeer and The Hague. Some Dutchmen even feel betrayed. It’s absolutely not done to reveal the methods of a friendly intelligence service, especially if you’re benefiting from their intelligence.

But no matter how vehemently the heads of the AIVD and MIVD express their displeasure, they don’t feel understood by the Americans. It’s made the AIVD and MIVD a lot more cautious when it comes to sharing intelligence. They’ve become increasingly suspicious since Trump was elected president.

It’s absolutely not done to reveal the methods of a friendly intelligence service

The AIVD hackers are no longer in Cozy Bear’s computer network. The Dutch espionage lasted between 1 and 2,5 years. Hacker groups frequently change their methods and even a different firewall can cut off access. The AIVD declined to respond to de Volkskrant’s findings.

Translated by: Lisa Negrijn


We See The World From All Sides and Want YOU To Be Fully Informed
In fact, intentional disinformation is a disgraceful scourge in media today. So to assuage any possible errant incorrect information posted herein, we strongly encourage you to seek corroboration from other non-VT sources before forming an educated opinion.

About VT - Policies & Disclosures - Comment Policy
Due to the nature of uncensored content posted by VT's fully independent international writers, VT cannot guarantee absolute validity. All content is owned by the author exclusively. Expressed opinions are NOT necessarily the views of VT, other authors, affiliates, advertisers, sponsors, partners, or technicians. Some content may be satirical in nature. All images are the full responsibility of the article author and NOT VT.


  1. Well, to your first sentence – The Worldwide Jewish Assembly was located in the 1930ties in Amsterdam.
    Its Chairman Samuel Ultermeyer had declared War onto Germany from Amsterdam on 24th March 1933!

  2. Hey Commenters, die Mattjes wollen uns erzählen ” die Russische Spionage hat zu geschlagen ” WOW
    Nun sind wir desillosiniert. Verrückt ist nur bei den Abschuss von MH-17 hält man sich bedeckt. Wo sie doch genau wissen wer es war. Man hält die Welt für blöd. Man kann doch mal bei der eigenen NATO nachfragen.
    Die können es uns genau erklären, mit 100 % Sicherheit. Denn es lief zur selben Zeit das Maneuver mit dem
    Code Namen BREEZE in der Ukraine. Die Radar Aufzeichnung müßten ja vorliegen. Ich vermute der Mord soll
    im Nirwana verschwinden. ( Sie wissen was sie tun )

    • In der Tat gilt die Welt als dumm. So genannte “Führer” erwarten von uns, dass wir ihre Erzählungen glauben, egal wie unsensibel sie auch sein mögen. Ich stimme auch zu, dass “sie” genau wissen, wer MH-17 abgeschossen hat. Wenn heutzutage jemand von einer Leiter fällt, werden westliche Beamte Russland beschuldigen, ohne ein logisches Motiv oder einen echten Beweis vorzulegen.

  3. LS…

    The Netherlands are a province of Israel and our yellow lying (no balls) Prime Minister licks the balls of Nazi Netanyahu and the Old Nazi Queen… Crossing the Russians is a big mistake and the Dutch people will pay the bill !

    • PS…

      It is like the Royal Dutch Family sailing the German waters with the Swastika in top just before the war. They always want to be sure from witch corner the wind blows. When the Germans finally invaded the country they flew to London while the Dutch marines where dying on the Bridges of Rotterdam defending the country… So much for the Dutch (Khazarian) elite…

  4. Well, there’s a few minutes of my life that I won’t get back. What a waste of time. All I see is a bunch more unfounded allegations to be thrown on the mountain of BS. I must have missed the part where any real evidence of Russian hacking was presented..CNN will be happy to run with this for the next 16 months though. By making this comment, I mean no disrespect to Mr. Jim Dean as I have the utmost respect for him and I know he’s just sharing the story and not promoting it.

  5. A rather pathetic effort at filling a remarkably large gap over a (yawn!) twelve month period since the election. It is a cringe-worthy piece placed so low on the media post a passing dog could not help but piss on it. Solely my opinion. “Harassing and penetrating the leaders of the Democratic Party” now that sounds like something Trump might have organized for an organization already suffering from a severe bout of fistula and other problems of the rectum due to repeated kicks in the transom by American voters.

    • Concur! So Mr. Dean the murder, oh pardon me, Rich Seth suicided himself erroneously? Those nasty
      Ruskies were discovered at it again by certain AIVD! University building in or near Kremlin? Which one
      was/ is it? Lomonosov? That’s quite of a few kms away. It must have been MGIMO, as per Kissinger,
      Russian Harvard, specializing in international relations. But they are quite far away from Kremlin.
      Also, despite many words, what exactly were those hackers doing? Yes, we know some jokers Vovan &
      Leksus, probably Russians, warned Maxine Walters about Russian hacking elections in “Limpopo”,
      to Maxine’s promise to immediately notify State Dept. Perhaps Mr. Dean, your dislike of Trump prevailed
      your otherwise excellent senses, to jump into the Russia gate camp with the final “proof”(whatever that
      might be) – those “smart Dutch”, they’ve showed us again “the light” after their fantas-magorical MH17

  6. The Dutch, did they not realize by doing the MH17 cover for the outfit that the outfit would come back for more “favors” with an offer they can’t refuse certainly. The fact is our electronic voting method has too been rigged from the jump. Unauthorized illegal access to and tampering of the information contained therein is obviously easily accomplished. A return to the hanging chad paper ballot of yesterday would squelch the hacking meme and good ole ballot box stuffing will simplify the lives of those over worked media “hacks”.

    • During the American revolutionary war John Adams was sent across the Atlantic to assist Benjamin Franklin (yes, him!) with gaining assistance from the french. He also traveled north and was able to procure a loan (I can’t remember how much, millions perhaps, which was major moolah in those days!) from the same Dutch financiers. I believe this was the very first loan to the United States from the Dutch. A little bit of historical perspective. This stuff goes back a long, long way.

Comments are closed.