Dutch security services expelled four Russians over a cyber attack plot targeting the global chemical weapons watchdog, officials said.
The operation by Russia’s GRU military intelligence allegedly targeted the Organisation for the Prevention of Chemical Weapons in The Hague in April.
The OPCW has been probing the chemical attack on a Russian ex-spy in the UK.
The allegations are part of an organised push-back against alleged Russian cyber attacks around the world.
The Netherlands has summoned the Russian ambassador for an explanation, reports said.
Earlier, the UK government accused the GRU of being behind four high-profile cyber-attacks whose targets included firms in Russia and Ukraine; the US Democratic Party; and a small TV network in the UK.
Russia has called the accusations a “diabolical cocktail” of allegations.
What were the suspects doing?
The four suspects identified by Dutch officials had diplomatic passports and included an IT expert as well as support agents, officials said.
They hired a car and were scouting to hack into the OPCW’s wifi network.
Equipment in the car boot was pointed at the OPCW and was being used to intercept login details, Major General Onno Eichelsheim from the Dutch MIVD intelligence service said.
End of Twitter post by @gordoncorera
When the men were intercepted they tried to destroy one of the mobile phones they were carrying.
End of Twitter post by @annaholligan
One of their mobile phones was found to have been activated near the GRU building in Moscow. Another carried a receipt for a taxi journey from a street near the GRU to the airport.
Stunning revelations
By security correspondent Gordon Correra
Counter-intelligence investigations -tracking another country’s spies – are normally among the most secret.
So this was a stunning press conference from Dutch intelligence revealing exactly how they caught four Russian intelligence officers, what they were carrying and what they intended to do.
It is part of a co-ordinated push with the UK and US to pile on the pressure on the GRU about its activities in the wake of the Salisbury poisoning.
The revelations also went way beyond just the targeting of the OPCW to provide an insight into the “close access hacking operations” by the GRU in which they sent operatives abroad, as well as cyber activities coming out of Moscow.
What was on their computer?
A laptop seized from the suspects was found to have been used in Brazil, Switzerland and Malaysia.
In Malaysia it was used to target the investigation into the downing of Malaysia Airlines flight MH-17 over rebel-held territory in eastern Ukraine in 2014, killing all 298 people on board.
The cyber operation targeted Malaysia’s attorney general’s office and Malaysian police, the UK’s ambassador to the Netherlands Peter Wilson said.
Earlier this year Dutch-led international investigators concluded that the missile belonged to a Russian brigade. Russia has denied any involvement in the plane’s destruction.
Data from the laptop showed it was also present in the Swiss city of Lausanne where it was linked to the hacking of a laptop belonging to the World Anti-Doping Agency (Wada), which has exposed doping by Russian athletes.
What is the GRU?
Media playback is unsupported on your device
The GRU, also known as the Main Intelligence Directorate, is the intelligence arm of the Russian military.
It is different to the former KGB (now known as the SVR and FSB) as it conducts undercover military operations and collects intelligence operations around the globe.
In recent years the GRU has been accused of undercover involvement in the conflict in Ukraine, which saw the Russian annexation of Crimea in 2014.
This content was originally published here.