Learn from Laundry Bear: tips for digital resilience
The AIVD and MIVD issued a joint warning about the Russian cyber group Laundry Bear on May 27, 2025. This group was behind the hack on the Dutch police in September 2024. In the process, work-related contact details of all officers were captured. The publication discusses how the group operates and how to protect your organization from such attacks.
Digitale Overheid June 10, 2025
Laundry Bear has been conducting targeted cyber attacks against Western governments and organizations since 2024. Their focus is on government, defense, defense suppliers, civil society organizations and digital service providers.
The group uses known methods of attack, such as password spraying, misusing session cookies and Living-off-the-Land techniques (using existing software within a system).
Tips from AIVD and MIVD
The AIVD and MIVD advise organizations in these sectors - and beyond - to strengthen their digital resilience. Key recommendations include:
- Use phishing-resistant multifactor authentication (MFA);
- Set access rules based on IP addresses and devices;
- Limit the use of session cookies;
- Manage all devices centrally. Avoid Bring Your Own Device (BYOD);
- Train employees on digital security;
- Apply the NCSC's 5 basic principles.
Read more about the publication(link to other website). Also see the
5 basic principles(link to other website) on the NCSC website.
