Netherlands exposes Chinese cyberespionage in military network

China denied involvement, via its embassy in the Hague.

Male spy using computer display with greenscreen

Dutch intelligence agencies revealed on Tuesday that Chinese state-backed cyberspies infiltrated a Dutch military network last year, marking the first public attribution of cyberespionage to China by the Netherlands. Dutch Defence Minister Kajsa Ollongren emphasised the importance of disclosing such activities to bolster international resilience against cyberespionage.

The incident reflects a broader pattern of Chinese political espionage against the Netherlands and its allies, according to the agencies Military Intelligence and Security Service (MIVD) and General Intelligence and Security Service (AIVD).

The hackers inserted malicious software into an armed forces network used for unclassified research by 50 individuals. Attackers leveraged a flaw in FortiGate devices to connect to networks remotely. The Dutch military’s computer was used for unclassified research and development within a self-contained system, and no collateral damage occurred. The military security service MIVD released a detailed technical report as a cautionary measure, highlighting the threat of Chinese cyberespionage.

In response, the Chinese embassy in The Hague denied the accusations, stating that ‘cybersecurity is a shared challenge and that China opposes and combats cyberattacks in accordance with the law’.

In its annual assessment last April, AIVD also highlighted China as the foremost threat to the economic security of the Netherlands, citing espionage efforts aimed at high-tech companies and universities. These activities focus on ASML, the world’s leading provider of lithography machines essential for producing computer chips.