A Russian hacking unit known as 74455 has been targeting Dutch routers belonging to private individuals and small and medium sized businesses, adding them to a worldwide attack network of thousands of hacked devices under its control, the Volkskrant reports.
An investigation by the Dutch military intelligence agency MIVD identified the hacked routers whose owners have been warned about the situation, MIVD director Jan Swillens told the paper.
Exactly how many routers were hacked is not known but it may be ‘dozens’, the Volkskrant said. It is not clear if the activity is linked to the war in Ukraine.
It is not normal practice for the MIVD to publicise its findings but the agency is doing so now in the interest of ‘transparency’. ‘The threat is sometimes nearer than you think,’ Swillens said. ‘We want to make people aware of this. Dutch routers, owned by let’s say the bakery on the corner, are being used by a foreign state actor.’
Hacking unit 74455, which is also known as Sandworm or BlackEnergy, is part of the Russian intelligence service and considered to be one of the most dangerous hacking groups in the world, the paper said.
Among the acts of sabotage which have been blamed on it were the electricity outages in Ukraine in 2015 and 2016 as well as internet intervention during the opening ceremony of the South Korean Winter Olympics in 2018 which meant visitors could not enter the stadium.
The MIVD findings follow a warning by British and American intelligence agencies about a new type of malware called CyclopsBlink, the paper said.
Routers with standard settings allowing outside access are particularly vulnerable. Once the malware is installed, the router communicates with the 74455 unit computers in a network which is used for sabotage, spying and the spread of fake news.
On tracking the ‘aggressor’ the MIVD found Dutch IP addresses which seem to have been randomly chosen, Swillens said. No government or vital infrastructure have been affected, he said.
Victims of the router high jack have been advised to replace the routers while some who were asked to hand them over to the MIVD have been compensated.
Thank you for donating to DutchNews.nl
The DutchNews.nl team would like to thank all the generous readers who have made a donation in recent weeks. Your financial support has helped us to expand our coverage of the coronavirus crisis into the evenings and weekends and make sure you are kept up to date with the latest developments.
DutchNews.nl has been free for 14 years, but without the financial backing of our readers, we would not be able to provide you with fair and accurate news and features about all things Dutch. Your contributions make this possible.