Dutch intelligence agencies have revealed that the Chinese hacking group Salt Typhoon targeted organizations in the Netherlands.
In a joint statement published August 28 on the Dutch Ministry of Defence’s website, the Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) said they have now “independently confirmed parts of the US findings with their own intelligence.”
They referred to investigations conducted in late 2024 by several US agencies, including the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA), which concluded that Salt Typhoon, a Chinese-sponsored hacking group, had targeted US telecom firms in “a broad and significant cyber espionage campaign.”
Read more: Salt Typhoon Exploited Cisco Devices With Custom Tool to Spy on US Telcos
While Dutch organizations “most likely were not as heavily targeted as those in the US,” the MIVD and AIVD have identified victims in the Netherlands.
They stated that they observed evidence indicating Salt Typhoon gained access to the routers of Dutch targets, primarily small internet service providers (ISPs) and hosting providers.
However, their probe concluded that there is no evidence that the hackers penetrated deeper into those companies’ internal networks.
The agencies collaborated with the Dutch National Cyber Security Centre (NCSC) to share threat intelligence with affected organizations and relevant stakeholders wherever possible.
“Chinese cyber operations […] have become so advanced that constant vigilance and proactive measures are required to detect and mitigate threats against Dutch interests,” the statement on the Dutch Ministry of Defence website said.
“While risks can be reduced, they cannot be entirely eliminated, posing a significant challenge to the Netherlands’ cyber resilience.”
Read more: Chinese Tech Firms Linked to Salt Typhoon Espionage Campaigns