Dutch to build A$1m espionage early warning system

The Netherlands Government is spending €800,000 (A$1.1 million) to build a "Cyber Attack Detector" (CAD) that will "instantly" warn government and business when there are signs of fraud espionage occurring on their networks.

The non-profit Netherlands Organisation for Applied Scientific Research (TNO) will pair up with Dutch security company Fox-IT to build a system to flag espionage threats early by "analysing a large number of digital espionage indicators."

The TNO is an incubator for pre-commercial technologies, playing a similar role there to Australia's CSIRO.

Fox-IT was the company hired earlier this year to investigate the hacking attack on Dutch certificate authorities, DigiNotar, whose infrastructure was used to issue over 200 fraudulent Secure Sockets Layer (SSL) certificates.

The attack was a blow to the government which had contracted DigiNotar as one of its official issuer of SSL certificates for government websites.

"Traditional protective equipment such as intrusion detection systems, firewalls, virus scanners, and log analyzers offer inadequate protection," Fox-IT says in its announcement.

"Early detection of infiltration means that espionage or an attack can be prevented or stopped."

The CAD project will develop a "sensor" which lays down a set of "tripwires" on ICT networks that watch for key attack indicators such as "entice, contaminate, collect and exfiltrate".

"Every feature in itself does not have to be a sign of a digital attack, but the combination of characteristic features can be," says Fox-IT.

The company expects the project to take two years to complete and envisages its customers to be any organisation that is a potential target of espionage, including government agencies, financial institutions, critical infrastructure providers and knowledge-intensive companies.

Copyright © 2011 IDG Communications, Inc.

The 10 most powerful cybersecurity companies