Dutch intelligence services have confirmed that the Chinese-backed hacking group Salt Typhoon has carried out cyber operations against organizations in the Netherlands.

In a joint statement released on August 28 by the Dutch Ministry of Defence, the Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) announced that they have “independently verified parts of the U.S. findings with their own intelligence.”

The confirmation follows investigations conducted in late 2024 by U.S. authorities—including the FBI and the Cybersecurity and Infrastructure Security Agency (CISA)—which determined that Salt Typhoon was responsible for a large-scale cyber espionage campaign targeting American telecommunications companies.

Dutch Organizations Affected

Although Dutch targets were not impacted as severely as their U.S. counterparts, the MIVD and AIVD identified cases of compromise within the Netherlands. Their findings suggest that Salt Typhoon successfully accessed routers belonging to small internet service providers (ISPs) and hosting providers.

However, investigators emphasized that there is no evidence the attackers managed to infiltrate the internal networks of these companies.

Coordinated Response

The Dutch agencies have been working alongside the National Cyber Security Centre (NCSC) to share intelligence with affected organizations and relevant stakeholders, helping them strengthen defenses and mitigate risks.

The joint statement stressed the evolving sophistication of Chinese cyber operations:

“Chinese cyber capabilities have advanced to the point where constant vigilance and proactive defense are essential to safeguard Dutch interests.”

Authorities also warned that while risk mitigation measures can reduce exposure, the threat cannot be completely eliminated, underscoring an ongoing challenge for the country’s cyber resilience.

Source: https://www.infosecurity-magazine.com/news/china-salt-typhoon-dutch-telcos