Recently, the General Intelligence and Security Service of the Netherlands (ADIVD) publicly stated that the espionage activities of the Chinese Communist Party (CCP) are becoming increasingly rampant, posing a growing threat to national security. The Dutch police recently conducted a search at a Chinese security company located in Rotterdam. At the same time, the agency grouped the threats from the CCP, the Gaza conflict, and European jihadists together, noting that Dutch concerns about these forms of political extremism are also on the rise.
In its annual report, the General Intelligence and Security Service warned that cyberattacks and espionage activities, especially those originating from the CCP, are posing greater threats to the Netherlands. Many countries are engaging in cyberattacks to seek economic advantages and bolster their positions at the cost of sacrificing other nations. “This is not armed conflict, but rather political and economic warfare which affects national security and economic interests.”
The agency specifically pointed out that the Chinese government is attempting to sabotage Dutch businesses, particularly targeting high-tech companies, through means such as cyber espionage, political threats, technology theft, and economic infiltration. It stated, “Through espionage activities, political threats, technology theft, and economic penetration, the Chinese government is even capable of altering global political relationships, which will have far-reaching consequences for the Netherlands and the world.” Therefore, identifying and thwarting CCP interference, intensifying efforts to combat espionage activities, and preventing cyberattacks are urgent priorities. Additionally, the agency will enhance investigations into threats emanating from the CCP.
Previously, the agency had warned that quantum computing may one day easily crack current encryption technologies widely used to protect sensitive data, including national secrets. In March this year, the agency discovered that the CCP had been intercepting sensitive data and attempting to crack encryption technologies. Hence, organizations holding sensitive data must implement security measures against quantum decryption techniques. This means software developers must address this issue promptly rather than attempting to fix the problem after the fact.
In recent years, CCP espionage activities have been increasingly rampant in the Netherlands. Prior to 2023, after the discovery of Chinese surveillance balloons over the United States, the Dutch police decided to reduce their usage of drones manufactured in China. Journalist Marije Vlaskamp from “People’s Daily” became a target of violence and threats after writing a critical article about the CCP in April last year. Moreover, official sensitive networks and some high-tech companies have become targets of CCP espionage and cyberattacks.
At the end of 2023, Dutch media outlet NRC reported that the CCP hacker group “Chimera” breached the core technology network of Dutch semiconductor manufacturer NXP at the end of 2017. It wasn’t until spring 2020 that the company discovered this, meaning CCP hackers had unrestricted access to the company’s systems over a two-year period.
A spokesperson for NXP confirmed that hackers stole the company’s intellectual property, resulting in direct business losses. Reportedly, the hackers accessed the company’s network through employee accounts. They obtained account information from platforms like LinkedIn or Facebook and cracked the passwords to access the internal network.
Following a cyberattack on KLM subsidiary Transavia in spring 2020, the NXP hacking incident was exposed. In September 2019, hackers breached Transavia’s database and accessed the booking system to steal passenger information. Upon discovering this breach, Transavia promptly reported it to the Dutch Data Protection Authority and immediately hired the cybersecurity company Fox-IT to conduct an investigation.
During the investigation, researchers noticed connections to an IP address in Eindhoven, where NXP’s headquarters are located. Apart from the Netherlands, Taiwanese semiconductor companies also fell victim to the same hacker group, as reported by NRC.
On February 6, the Ministry of Defense issued a statement condemning long-term CCP cyber espionage in the Netherlands. The Military Intelligence and Security Service (MIVD) found a remote Trojan horse program from China in the network security software (Fortigate) used by the military, which the CCP used to monitor computer networks.
Defense Minister Kajsa Ollongren stated, “Providing notice and exposing the CCP’s engagement in such espionage activities is extremely important.” Other countries would also be alerted, allowing for enhanced international cooperation in resisting such network espionage activities.
Dutch authorities conducted a sudden search on April 24 at the headquarters of the Chinese security company Hikvision in Rotterdam. This action was seen as part of Europe’s efforts to combat illegal Chinese exports and unfair trading practices. Hikvision’s office in Poland also underwent a police search. The company specializes in providing surveillance technology for customs and border control. In addition to supplying technologies for customs, the state-owned Chinese company also provided container scanners to the port of Rotterdam and baggage scanners to Schiphol Airport, as reported by AD media outlets.
The European Commission stated that the raid was “absolutely necessary,” as there were indications that Hikvision was involved in illegal exports, which could potentially harm the EU market. Due to national security concerns, the United States and Canada had long since banned the use of certain security equipment from China supplied by the company.
Not only in the Netherlands, but various European countries are intensifying efforts to combat CCP espionage activities. At the end of April, there were three separate cases involving six individuals being charged with engaging in espionage activities for China – two in the UK and four in Germany. In the UK, the two individuals were charged with violating the Official Secrets Act by providing information “directly or indirectly useful to the CCP.” Among the four arrested in Germany, three were involved in economic espionage by transmitting sensitive information about German ship propulsion systems to China through a company called Innovative Dragon, clearly aiding China in building a modern navy.
The allegations of China utilizing espionage to infiltrate and influence democratic processes in Germany and the UK have raised special concerns in the EU. These accusations indicate that apart from promoting commercial espionage, China is also secretly implementing political interference. More perilous than traditional espionage activities is the use of a “potential network” by China. While these individuals may not directly work for the Chinese state security apparatus, they are easily utilized by the CCP and its overseas branches due to commercial or other reasons.
Dr. Ivana Karaskova, a Czech researcher at the International Institute of International Affairs at the Prague Independent Research Institute, stated that after years of trade disputes, Europe has shifted from “denying” CCP espionage activities and the resultant harm to “actively countering and defending European interests”.