Russian state hackers target Dutch routers: Volkskrant

Photo: Depositphotos.com
Photo: Depositphotos.com

A Russian hacking unit known as 74455 has been targeting Dutch routers belonging to private individuals and small and medium sized businesses, adding them to a worldwide attack network of thousands of hacked devices under its control, the Volkskrant reports.

An investigation by the Dutch military intelligence agency MIVD identified the hacked routers whose owners have been warned about the situation, MIVD director Jan Swillens told the paper.

Exactly how many routers were hacked is not known but it may be ‘dozens’, the Volkskrant said. It is not clear if the activity is linked to the war in Ukraine.

It is not normal practice for the MIVD to publicise its findings but the agency is doing so now in the interest of ‘transparency’. ‘The threat is sometimes nearer than you think,’ Swillens said. ‘We want to make people aware of this. Dutch routers, owned by let’s say the bakery on the corner, are being used by a foreign state actor.’

Hacking unit 74455, which is also known as Sandworm or BlackEnergy, is part of the Russian intelligence service and considered to be one of the most dangerous hacking groups in the world, the paper said.

Among the acts of sabotage which have been blamed on it were the electricity outages in Ukraine in 2015 and 2016 as well as internet intervention during the opening ceremony of the South Korean Winter Olympics in 2018 which meant visitors could not enter the stadium.

Malware

The MIVD findings follow a warning by British and American intelligence agencies about a new type of malware called CyclopsBlink, the paper said.

Routers with standard settings allowing outside access are particularly vulnerable. Once the malware is installed, the router communicates with the 74455 unit computers in a network which is used for sabotage, spying and the spread of fake news.

On tracking the ‘aggressor’ the MIVD found Dutch IP addresses which seem to have been randomly chosen, Swillens said. No government or vital infrastructure have been affected, he said.

Victims of the router high jack have been advised to replace the routers while some who were asked to hand them over to the MIVD have been compensated.

Thank you for donating to DutchNews.nl.

We could not provide the Dutch News service, and keep it free of charge, without the generous support of our readers. Your donations allow us to report on issues you tell us matter, and provide you with a summary of the most important Dutch news each day.

Make a donation