Security Research At The Hague: The Mobile Malware Threat
The Hague Security Delta
One of the most interesting topics that came up during our visit was the issue of mobile network security, particularly now that Edward Snowden has let the cat somewhat out of the bag. Since his initial allegations shone light on the various activities of government spy agencies, we've seen an increased level of scrutiny on activities that were formerly flying under the radar.
The Netherlands is far from the only transatlantic connection hub between the US and Europe, but it certainly accounts for a significant chunk of total cable capacity. One of the brainchildren of the Security Delta is the creation of what it calls a Trusted Networks Initiative -- a program that would allow direct denial of service attacks originating from specific countries to be cut off.
This rather cartoonish image still gets the point across. By creating a network "bridge" that can be raised and lowered, the idea is that content and visitors can be cleanly isolated from the bad actors launching an attack. There's an intrinsic assumption here -- specifically, the idea that attackers are gathered into a group of systems that can cleanly be split from the so-called "Trusted" networks that would continue to operate.
When I asked the project leads if this program could also be used to facilitate censorship, they seemed surprised that anyone would even raise the question. I can believe that as a matter of principle, the Netherlands is scarcely seeking to emulate the rules of mainland China or its Great Firewall. Furthermore, it makes perfect sense that in an age where state-sponsored attacks are on the rise, countries are going to seek ways to protect their own internal networks from this kind of coercive attack. But the similarities between "Protect ourselves from outside attack" and "Create trusted networks that double as censorship systems" means that this kind of research will always be a double-edged sword.