OPINION — China is conducting intelligence operations in the Netherlands that are targeting key industrial sectors including semiconductors, aerospace and maritime technology, Dutch Defense Minister Ruben Brekelmans recently warned. Dutch national security and transatlantic supply chains are in danger because of state sponsored cyberattacks and clandestine intelligence operations. This activity threatens not only the Netherlands, but also the entire free world.
In reaction to similar Chinese targeting of semiconductor and tech industries in the United States, the U.S. Government has expressed solidarity with the Dutch and is strengthening cooperation on export control coordination, cyber defense, and counterespionage.
The latter is particularly important as it is the PRC intelligence services (MPS and MSS) that siphon this information out of companies in the Netherlands as well as other countries around the world that have tech industries. China does this to give themselves the advantage in economic and military competition against western and allied democracies (such as Japan, South Korea and others). But when it comes to safeguarding transatlantic innovation and security, unity is the key with NATO, EU-U.S. and intra-allied export controls and industrial capacity.
China’s strategic espionage campaign in the Netherlands
China engages in a systematic, state-sponsored, long-term campaign of industrial-espionage in the Netherlands. Dutch Defense Minister Brekelmans referred to cyber threats that are “intensifying” and singled out ASML, the leading Dutch semiconductor company, as Beijing’s principal target.
Being the home of ASML, the Netherlands is in a unique and precarious position because ASML, makes it an essential country to the production of semiconductors worldwide, an industry that is increasingly being viewed as a national security asset. China’s intrusion into Dutch technology companies not only jeopardizes domestic innovation but also puts supply chains in the U.S. and Europe at risk.
In January 2023, news of a Chinese cyberattack on Dutch defense networks served as a wake-up call for decisionmakers in Washington and The Hague. The U.S. Justice Department has pursued dozens of espionage cases dealing with confidential industrial data being stolen from American companies, and the similarities of these cases match that of the Dutch cyberattack in 2023.
China’s activities in the Netherlands are not isolated incidents but part of a coordinated global campaign to access dual-use technologies. These efforts endanger transatlantic resilience and innovation in a few key ways including:
Erosion of Technological Sovereignty: Dutch semiconductor and aerospace expertise is central to the EU’s ambition for strategic autonomy. Unauthorized transfers of intellectual property (IP) to China weaken Europe’s leverage in global supply chains and degrade long-term competitiveness and at the same time, hurt the EU’s economy.
Threats to NATO Interoperability: Technologies compromised in Dutch firms could be re-engineered by China and used in ways that degrade NATO readiness. Maritime systems and aerospace software, often integrated into joint EU–U.S. platforms, are at risk of being reverse-engineered for PLA military use.
The U.S. export restrictions on advanced chip-making tools to China – which include diplomatic pressure on ASML – lose their effectiveness when illegal technology access occurs through espionage, such as the PRC sending tech students to work in such industries for the purpose of stealing critical IP knowledge.
Not all of them are spies or want to be spies, but the pressure on them and their families from the PRC Government to report back and steal IP secrets is significant. This type of espionage threatens western and U.S.-led strategic containment plans for safeguarding critical technology.
China’s intelligence penetration in the Netherlands represents not only a transatlantic security issue that extends beyond bilateral relations but also is a threat to the entire western coalition (including non-western allied partners that produce such chips, like Taiwan and its market-leading Taiwan Semiconductor Manufacturing Company (TSMC).
The good news is that the Dutch government has started implementing enhanced export regulations together with enhanced investment screening procedures and better intelligence-sharing mechanisms. The government’s actions follow recent United States policies in this area creating potential collaborative possibilities. The Netherlands has restricted Chinese access to ASML’s advanced Extreme Ultraviolet (EUV) lithography systems as part of their export control system which matches U.S. policy.
In addition, the Netherlands is devoting additional resources to this effort. For instance, it is strengthening its cyber defense through public-private partnerships while recognizing the challenge to coordinate their response with the other European Union member-states and the U.S.
In relation to that, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has solicited interest to expand its transatlantic threat-sharing networks with Dutch and European partners alike. The Netherlands has recently created its own foreign investment screening system similar to the one outlined in the U.S. Committee on Foreign Investment (CFIUS) process. And at the EU level, a more focused policy harmonization would enable them to match U.S. standards. The Dutch and U.S. governments have agreed to an unprecedented move to formally identify China as the origin of espionage threats.
Chinese authorities strongly deny the allegations by the Dutch Defense Minister. The U.S. and Europe publicly accusing China indicates that a new period of direct and meaningful opposition to PRC interference in the domestic innovation system of allied and friendly democracies in Europe is emerging.
Sign up for The Cipher Brief’s Nightcap newsletter: the best way to unwind every day while still staying up to speed on national security.Sign up today.
Policy gaps and risks
But The Netherlands along with other European countries face ongoing security challenges which enable China to exploit technological vulnerabilities.
For instance, the Netherlands has found it necessary to enhance its regulatory framework, which is promising. However, fragmented EU enforcement mechanisms enable China to gain access to restricted technologies. In the past, China has directed acquisition operations toward member-states which have weak regulatory standards.
For example, Dutch SMEs face larger challenges compared to bigger companies across the globe, because they often don’t have as many resources to limit advanced sophisticated cyber threats and this is something policymakers should be looking at.
According to Dutch and U.S. intelligence assessments, the small and medium-sized enterprise sector remains the most vulnerable to foreign exploitation.
The Netherlands and other western nations face economic retaliation threats from China that could result in reduced rare-earth exports and decreased access to the Chinese market which would harm Dutch industries. The Netherlands together with its U.S. counterparts depends heavily on China for critical mineral imports.
The current approaches to diversification remain insufficient.
The Netherlands does not maintain formalized industry-government threat-exchange mechanisms like those that operate between CISA and the FBI in the United States. The implementation of cyber and export safeguards depends on voluntary industry participation which shows variability between research institutes and emerging companies.
Join us in Sea Island, Georgia for The Cipher Brief’s 2025 Threat Conference from October 19-22. See how you can save your seat at tcbconference.com
Policy considerations for a transatlantic response
Establishment of a NATO tech security policy agreement signed by all its member states could involve one or more of the following:
- Development of a curriculum for cyber risk training that could be used by both private businesses and intelligence services and governments.
- Enable real-time threat sharing between ASML, the U.S., European and allied countries’ firms while at the same time exploring the possibility for introducing cyber defense IP capabilities protection protocols. Any such agreements should cover critical private-sector organizations in addition to military operations.
- A joint licensing framework for a list of companies that will have been verified for being free of Chinese influence, to speed up the enactment of high-tech export controls between these member countries by enforcing standardized protocols for semiconductor tools, AI chips and aerospace designs. The U.S. has taken the first steps in that direction.
Enhance Counterintelligence Awareness in Industry
The Dutch and U.S. governments should start a joint campaign focused on raising awareness among small and medium enterprises as well as research institutions and universities that mimics the original U.S. “China Initiative” (the newer version has been in legislative limbo, having passed House approval but stuck, for now, in the Senate Committees) by teaching them how to identify insider threats and report incidents properly and promptly.
Diversify Critical Supply Chains
Strategic investments should focus on building raw-material supply chains from North American, Australian and Nordic sources to minimize reliance on Chinese inputs. The Dutch government should promote public-private funding programs which support joint mining and refining operations as well as rare-earth recycling ventures between the Netherlands, the U.S Australia and Nordic countries.
NATO should also its cyber defense responsibilities to protect economic infrastructure systems that operate within dual-use sectors as part of such an expanded mandate. A quick-response cyber team that handles industrial espionage attacks will serve as a preventive measure against continuous spying activities.
Chinese intelligence operations in the Netherlands and around the world demonstrate an organized approach to disrupt innovation networks and collective security systems. Defense Minister Brekelmans’ warnings match established U.S. evaluations which confirm that Chinese government-backed activities increasingly focus on allied infrastructure and high-tech sector systems.
It is essential, then, that the U.S. and the Netherlands should strengthen their strategic partnership on these issues through enhanced collaboration on cyber defense and export controls and counterintelligence frameworks while at the same time working in tandem with western and allied governments to that end. The transatlantic defense coalition stands as the strongest barrier to stop western technological sovereignty from being stealthily degraded by its ruthless rivals.
Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief
