You are here

From ethical hackers to cryptographers: 3 success stories from Flanders

Let’s go back to the late 1990s. “A safer time,” many people would argue. Whether it truly was is up for debate. But at least one invention from around that time did help build a more secure world and still does to this day: the Advanced Encryption Standard (AES), also referred to as ‘Rijndael’.

Developed in Belgium’s northern region of Flanders, Rijndael is an algorithm used to scramble data shared on computer networks. The brainchild of Leuven University, it was first adopted by the US government after approval by the NSA to secure classified and top-secret information. Today, the algorithm is used to encrypt and protect internet traffic, hard disks, banking transactions and more around the globe.

Flanders’ building blocks for cybersecurity success (leaflet) 
Eager for more details about Flanders’ cybersecurity achievements, strengths, cases and stories? 
Flip through our free leaflet and discover the region’s 4 main building blocks for cybersecurity success.

Rijndael isn’t the only flagship contributing to Flanders’ reputation in cybersecurity and other digital niches. Pioneers such as Robert Cailliau, one of the co-inventors of the internet, and Dries Buytaert, founder of Drupal, have gained celebrity status in ICT entourages worldwide. As new bright minds take the tech stage in Flanders, the list grows longer by the day. Wim Sohier, science and technology councilor at Flanders Investment & Trade highlights 3 recent success stories from Flanders, Belgium’s northern region. (This article was first published via LinkedIn Pulse).

No. 1 – Foreshadow attack: hack it to believe it

Few Silicon Valley companies are as well-known as Intel. The American firm produces a broad portfolio of solutions from semiconductors and hardware components to Internet of Things platforms and antivirus software. In 2018, a Flanders-based research group from Leuven University – called DistriNet – launched an ethical cyberattack on Intel Software Guard Extensions (SGX), which protects processors against viruses that take advantage of system errors. Designed to increase the security of application code and data, Intel SGX allows users to define private regions of memory or enclaves, whose contents cannot be read or saved outside the enclave.

Sounds like a watertight application, but it took hacking to believe that it wasn’t. DistriNet carried out its ‘Foreshadow attack’ in collaboration with the Israel Institute of Technology, Michigan University and Adelaide University. In doing so, the research group revealed that Intel’s enclaves were very vulnerable to attackers trying to steal sensitive information from personal computers or third-party clouds.

No. 2 – Close the cookie jar, win Facebook’s Internet Defense Prize

Who left the cookie jar open? That’s how computer scientists from Leuven University phrased their punny research question. It was only a matter time before Gertjan Franken, Tom Van Goethem and Wouter Joosen revealed that security and privacy policies applied by 7 internet browsers and 45 domain name extensions could easily be bypassed by hackers with bad intentions. Their work enables critical improvements in how browsers prevent cross-site attacks and third-party tracking through cookies.

In August 2018, the three scientists from Flanders won first place and a $100,000 cash reward for their paper at Facebook’s annual Internet Defense Prize ceremony. Just like the bright minds behind the Foreshadow attack, the team is part of the DistriNet research group, which is associated with imecone of four strategic research centers in Flanders and a global reference in nanotech and digital innovation.

No. 3 – Stealing a Tesla for science

For many people, Tesla’s electric cars stand for intelligent design. To verify just how smart the cars’ security systems actually are, yet another Leuven University research group – called COSIC – united its cryptography scientists in an ethical key fob hacking project. Their target? The Passive Keyless Entry and Start system (PKES) that allows Tesla Model S electric cars to be remotely locked and unlocked.

With a budget of only $600 in radio and computer equipment, the Leuven University cryptography experts managed to hack and clone the PKES system in a mere 2 seconds – theoretically enabling them to steal the e-vehicle. The team notified Tesla about their findings in August 2018. The company immediately adapted its PKES system and rewarded the Flanders-based COSIC team with $10,000.

Cybersecurity powerhouse

Stories such as these are living proof of how Flanders continues to position itself as a cybersecurity powerhouse in the heart of the European Union. One of the reasons why digital and technological firms and innovators thrive in Flanders is the crosspollination occurring between the private, public and academic sectors – encouraged, driven and (financially) backed by the government of Flanders through its cluster policy.

Reported by
Flanders Investment & Trade
23 February 2019

More news about Flanders?

  • Regular updates
  • No spam

Interested in doing business in Flanders?

Let us help you!

  • We can introduce you to other companies, banks and regulators
  • We organize site visits to real estate locations
  • We assist with all legal aspects of setting up a business
  • We're an official government agency
  • Our services are completely free
  • We are a team of international experts

Receive our handbook to growing your business in Flanders

  • It's completely free.
  • Get an overview of all incentives relevant to your company.
  • Tax system explained in-depth.
  • Learn how to set up your business quickly.
  • Discover the benefits of Flanders (in addition to the chocolate).

In addition to the ebook, I agree to receive one or two follow-up emails