No evidence that NSA hacked Dutch telcos, say MPs

Three Dutch ministers have published an open letter stating that, unlike Belgium's incumbent telco, KPN hasn't been targeted by foreign intelligence services.

Read this

Belgacom clears up after hack attempt

The Belgian telco is dealing with the aftermath of an intrusion into its IT systems - with the NSA named as a potential suspect.

Read More

Unlike neighbouring Belgium, the Netherlands' networks haven't received the unwanted attentions of foreign intelligence services, the government has confirmed.

According to a joint letter from the Dutch minister of home affairs, Ronald Plasterk, security and justice minister Ivo Opstelten, and economic affairs minister Henk Kamp, there is no evidence of any foreign security services hacking the international phone traffic of Dutch operators. The three ministers published their findings last week, in response to questions of two members of parliament on the matter.

Belgacom hack

In September, Dutch and Belgian media reported that the US National Security Agency (NSA) had hacked several telcos for the purpose of eavesdropping on international phone traffic. Although the rumours stemmed from a hack of Belgian telco Belgacom – confirmed by the company , though not attributed to the NSA - two members of the Dutch parliament, Gerard Schouw and Kees Verhoeven, wanted to know whether the network infrastructure of any Dutch telcos had been targeted in similar attacks.

In their letter responding to this question, the three ministers state that the KPN did, in fact, suffer a hack early 2012, but that this hack had not been related to any activity by foreign security services.

However, the trio did point out that the Dutch intelligence agency AIVD has repeatedly stressed that the Dutch ICT infrastructure is extremely vulnerable to attack, which poses a serious espionage threat for the Netherlands.  The ministers add that this situation is unacceptable, since the Dutch nation depends greatly on its ICT networks and could be paralysed in the event of a successful attack.

Telcos responsible

However, the trio also stresses that these security matters should not be addressed by the government, but by the telcos in question: "The Telecommunications Act dictates that telecom operators are to guarantee the integrity and the safety of their networks and services, including the confidentiality of the telecommunication and the availability of their services. If necessary, the Telecommunications Act contains options to force telcos to take additional security measures or to have a security audit performed by an external party, where necessary."

Not long after the publication of the alleged NSA hack, German news magazine Der Speigel published information received from whistleblower Edward Snowden, stating that the NSA had not been responsible for the hack, but that its UK counterpart GCHQ had in fact been intercepting Belgacom's phone traffic since 2010 (although the organisation did then share this information with the NSA).

In their letter, the ministers add that the US government has been contacted about the NSA's activities, however, they did not disclose the outcome of this discussion.

More on the NSA