Last Friday, Dutch officials had arrested and expelled two alleged Russian intelligence agents who were caught attempting to hack into the Spiez Laboratory, a Swiss national laboratory that is home to the Swiss Federal Institute for NBC (Nuclear, Biological, and Chemical) Protection.
The agents were arrested as the result of a joint operation run by multiple European intelligence services in Europe, including the Dutch Military Intelligence and Security Service (MIVD). The Swiss intelligence service, the NDB, issued a statement confirming a “case of Russian spies discovered in The Hague and then expelled.
The lab had been targeted in a spear-phishing cyber attack, launched via a fake invitation that had been sent for a Spiez Laboratory conference with a malicious attachment.
This is not the first time Russian spies have been accused of hacking international labs, obviously. In 2016, the International Olympic Committee and the World Anti-Doping Agency were targeted in another spear-phishing attack by a group using tools and infrastructure tied to previous GRU hacking operations.
The Spiez lab was testing two sets of samples that were of interest to the Russian government on behalf of the Organization for the Prohibition of Chemical Weapons (OPCW): the “Novichok” agent used in an attack in the UK against former Russian spy Sergei Skripal and his daughter Yulia and samples from a poison gas attack in Syria. The OPCW’s headquarters is in The Hague in the Netherlands, which may explain why the attack on the Spiez lab was launched from there.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Spiez had told the OPCW that the sample from the Skripal poisoning had contained a nerve agent called BZ, (3-quinuclidinyl benzilate) which is made in the West.
BZ was originally invented by the Swiss pharmaceutical company Hoffman-Laroche in 1951 and tested as a “psycho-chemical” agent by the US Army between 1955 and 1975. It was also allegedly used by the Russian government to end the Nord-Ost hostage crisis in 2002—in an attempt to incapacitate the Chechen militants holding 912 hostages in a theater but instead killed as many as 100 of the hostages. It was also alleged to have been used by the Syrian military in 2013 attacks on Homs and Ghouta.
But the official conclusion of the OPCW was that the agent used against the Skripals was Novichok, a chemical weapon class manufactured only in Russia. The British government has accused two Russian nationals, alleged GRU agents, of undertaking the attack in Salisbury and presented video and photo evidence showing them traveling to Salisbury near the scene of the attack in March. Two men claiming to be the two Russians accused were interviewed on Russian television and said they were fitness instructors who were in Salisbury sightseeing.
We would continue to monitor this cyber problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.