A recent cyberattack by the Russian hacking group “Laundry Bear” compromised Dutch police data through a breach involving infostealer malware and pass-the-cookie techniques. The incident underscores the importance of basic cybersecurity measures to prevent such espionage operations. #LaundryBear #AIVD #infostealer #DutchPolice
Keypoints
- Laundry Bear has been active since April 2024, targeting NATO, Ukraine, and Western organizations.
- The group primarily focuses on data theft using stolen credentials and spear-phishing tactics.
- The Dutch police breach resulted from a single infostealer infection that stole session cookies in September 2024.
- Basic security practices like MFA and employee training could have prevented the breach.
- Organizations are advised to monitor endpoint activity, shorten session durations, and audit third-party access to mitigate risks.