Platt Perspective on Business and Technology

Rethinking national security in a post-2016 US presidential election context: conflict and cyber-conflict in an age of social media 1

Posted in business and convergent technologies, social networking and business by Timothy Platt on May 12, 2017

We all face two fundamental challenges: two fundamental limitations in our thinking about risk and how to respond to it, and I am not sure which is more problematical:

• We can and all too often do, get so caught up in our standard routines, that we fail to pick up on and see what in retrospect were even clear warnings of new and emerging risks and threat vectors faced from routinely, automatically following them, and
• We can and all too often do overestimate both the range and reach of whatever security and risk management systems that we have in place now, and the range, reach and effectiveness of any newest and best add-on security solutions that we do institute.
• And that second presumption just starts with our tacitly assuming, for example, that if we have just uploaded the newest update patch to our anti-viral and anti-malware software in place, then our computers and networked systems must be essentially completely secure from those types of threat now, as if new and locally known but yet to be exploited zero-day vulnerabilities were now impossible. That second presumption can and all too often does find its way into all of our information systems security thinking, as an at-least starting point default that we have to continually watch out for and challenge.
• The two challenges noted in the first two of these bullet points in fact represent different sides to a single overall security risk phenomenon, and it is one that is much more wide-reaching than would just be encompassed in my simple if commonly familiar anti-virus/anti-malware example. And those two challenges comprise differing sides to that one larger source of risk that can and do interact with each other and build upon each other with an ongoing toxic synergy.

Let’s think past the walls and blinders that this synergy can and does create for us, and in more open-ended and general terms. What do we currently actually face? We might know, for example, of ongoing online problems such as social media troll behavior (see, for example Trolls and Other Antisocial, Disruptive and Divisive Social Networkers – Part 1 and its Part 2 continuation, and Cyber-Bullies, Cyber-Stalkers, Trolls and the Individual Social Networker.) And we might know of ongoing problems that we face societally such as how our online potentially-globally connecting community has been effectively shattered into separate epistemic bubble-limited groups and demographics, each with their own accepted “news” and opinion sharing sources and their own echo chamber validation of all that is known and presumed within them, and with no outside alternatives allowed in (see for example Thinking Through the Words We Use in Our Political Monologs .) And by now everyone should know about computer hacking and how sensitive and confidential information that is surreptitiously stolen from a targeted computer system can be publically posted online and through social media and related channels to cause explicit targeted damage, through resources such as Twitter and through sites such as WikiLeaks. But we do not necessarily connect the potentially connectable dots that emerging problems such as these create, to see how they and a constellation of other closely-related, weaponizable options could be used together to launch and carry out new far-reaching forms of unified cyber-attack, and against a business or organization, or even against an entire nation.

Note that when I wrote my above-cited 2010 cyber-trolling related postings, I explicitly did so in terms of individual online behavior, and in terms of what were for the most part still just lone individuals acting on their own initiative and in pursuit of their own personal agendas. That side to this challenge, of course still happens. But now the disruptive potential inherent in that once more localized and impact-limited form of antisocial behavior, has been weaponized as a key element for launching closely coordinated, targeted attacks too, with networks of trolls working together in a systematic centrally organized manner.

Think of this as scaling up the dark side to online social media for use in cyber-attacks, exactly as taking over veritable armies of individual, otherwise unrelated and geographically dispersed personal computers in assembling malware-controlled botnets can be used in launching attacks against even the largest organizational networked computer systems. And that quantitative shift on the trolling behavior side of this, makes troll behavior and related, a qualitatively new threat element too, just as coordinately suborning control over distant personal computers through assembly of organized botnets, made that a qualitatively new threat – and a qualitatively new weapon too.

And if new arises when the nature and scale of single specific potential cyber-vulnerabilities and cyber-threats such as these are scaled up individually, it also arises as at least initially, seemingly disparate and unrelated attack options and supportive circumstances for them (such as the ones noted above) are brought together and coordinately organized as new overall tools for new forms of potential cyber-warfare.

Let me add a third fundamental challenge, and limitation on our part to the above two that I began this posting with:

• Regardless of how many times we have stumbled for doing so, we all tend to prepare for the last battle faced and fought: the last war that we had to deal with and its learning curves, and not for the one that might be coming towards us.

I wrote a series to this blog beginning in September 2010 that focused on targeted malware, and with the stuxnet computer worm offered as an at least initial poster child example of that, that I built a more comprehensive discussion around. See Ubiquitous Computing and Communications – everywhere all the time, and its postings 58 and loosely following for Parts 1-15 of that series, and particularly see its Part 3: Stuxnet and the Democratization of Warfare.) We are all still thinking and planning in large part in terms of malware and target-specific malware as exemplified by stuxnet as a then game changing example. And we all think in terms of big systems attacks, such as large-scale botnet-driven dedicated denial of service (DDoS) attacks on business and government network servers and server farms. Those are still ongoing concerns, as are a great many other older sources of vulnerability that we should be more effectively managing, and limiting for their effectiveness against our networked systems. But the next big cyber-attack faced, and certainly any next such attack that rises to a level of impact so as to qualify as an act of cyber-warfare, is going to be led by and even build around weaponized use of social media and the interactive online, and other new and related, still just emerging threat vectors.

I have written repeatedly in this blog about how we do not learn from threats already faced and certainly when they have only been carried out somewhere else and against someone else, when updating and safeguarding our own computers and networked systems. I recently addressed that issue here in the new and still just emerging context of our still embryonic and forming internet of things, in Rethinking online security in an age of the internet of things: the more things change, the more they stay the same.

And this brings me to two areas of discussion that I have been leading up to in this posting:

• Russia’s recent forays into election interference through cyber-attack and both in the United States and in Europe, and
• A generally stated reframing of the overall cyber-security threat theatre faced and its dynamics, that would include within it an awareness of new and disruptive threat possibilities and influencers such as the ones I have just touched upon here.

I am going to continue this discussion in a next series installment where I will delve into those issues, starting with Russia’s recent interference in the 2016 United States elections, and on Great Britain’s Brexit vote and in recent European elections.

Meanwhile, you can find this and related postings and series at Ubiquitous Computing and Communications – everywhere all the time and its Page 2 continuation. And you can also find this and related material at Social Networking and Business 2, and also see that directory’s Page 1.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: