Russian Hackers Are Turning Doorbell and Security Cameras Into Spy Tools to Track NATO Military Logistics, Dutch Intelligence Warns

Published
Written by:
Lore Apostol
Lore Apostol
Cybersecurity Writer
Key Takeaways
  • Advisory Issued: The Netherlands' AIVD and MIVD warned that Russian state actors are compromising internet-connected cameras across Europe and Ukraine.
  • Intelligence Purpose: Hacked cameras track NATO military logistics and identify Ukrainian troops for battlefield targeting.
  • Transit Country: The Netherlands is a key espionage target due to its location and support for Ukraine.

Russian state-backed hackers are systematically compromising internet-connected security cameras in the Netherlands, other NATO and EU member states, and Ukraine to gather intelligence on NATO military logistics and identify Ukrainian troops for battlefield targeting, first reported by The Telegraph.

Dutch intelligence agencies warned in a public advisory that at least one Russian intelligence service has been carrying out these cyberespionage operations. Video-call systems and home doorbell or intercom cameras that owners monitor remotely via smartphone are particularly vulnerable, the agencies said. 

How Russian Actors Compromise IP Cameras

According to the Netherland General Intelligence and Security Service (AIVD) and Military Intelligence and Security Service (MIVD) advisory, attackers scan the internet for exposed devices, identify IP cameras based on manufacturer information, and exploit weak security, including:

Once inside, hackers automatically analyze video feeds using image-recognition software to identify military vehicles and cargo. The tactic has also been used by Ukrainian hackers to track Russian troop movements during the war, The Telegraph report says.

A small number of compromised cameras were positioned directly along military logistics routes in the Netherlands. "As a key transit country, the Netherlands is an important espionage target due to its geographic location and its support for Ukraine," the July advisory said

Broader NATO Espionage and Remediation Advice

Beyond the war, the Dutch agencies assess that Russia is also using compromised cameras to collect militarily relevant intelligence inside NATO and EU countries unrelated to Ukraine. 

Moscow has repeatedly denied conducting malicious cyber operations against Western countries. A related advisory on a large-scale Russian campaign targeting Signal and WhatsApp accounts belonging to dignitaries, military personnel, and civil servants.

Organizations are urged to:

Check Point Research (CPR) warned in March that Iran reportedly used compromised IP camera feeds in Israel, Iran, the UAE, Qatar, and Bahrain to support active military engagements.


For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: