Nations can no longer afford to go it alone on cyber-security

Cyber-crime knows know borders, so nor should our defences.

Senior representatives from more than 90 governments met in Seoul recently to discuss cyber-space, including cyber-security and cyber-crime. It was the third in a series of international conferences that has followed a push from the UK government to bring a more international perspective to discussions about how to keep cyber-space open while addressing threats.

Cyber-crime does not operate in a world confined by national borders so an international response is our only option. We need to cooperate to protect devices and information infrastructures from malicious entities seeking to steal secrets, deny access to critical services and exploit our identities to commit crimes.

Vulnerable businesses
There is much work to be done. Weaknesses in infrastructures, policy and operations leave us vulnerable and threats to businesses and individuals are frequent and damaging. For example, a sophisticated malicious software recently infected a PC at a small British bakery, then managed to bypass all of the business’s online banking security software and steal £20,000. There is no end to the news of malware, viruses and spam that affect online accounts and home computers.

Recent research indicates that four in five of the UK’s largest quoted companies are unprepared for cyber attacks. The widely reported threats to systems within finance and banking are an uneasy reminder of our vulnerability – and a key priority of the Bank of England and other financial regulators. Even those companies that you might expect to see outsmarting cyber-criminals are not immune. Just a few weeks ago software company Adobe admitted that its system had been hacked and that data from nearly 3 million customers had been stolen. Now there are reports of ransomware attacks across companies in East London’s hi-tech cluster of businesses.

Currently, too many decisions relating to cyber-security rely on inadequate evidence, inconsistent data, deficient reporting and varying rules across networks and systems. This inconsistency on data is apparent in UK government. Two years ago the UK Cabinet Office published a study by Detica, which estimated that cyber-crime costs the UK economy £27bn per year. It gave a breakdown by business sector and type of crime. This type of data is critical for governments, businesses and technology companies to plan appropriate security responses. However, a 2012 study undertaken by Professor Ross Anderson and colleagues for the Ministry of Defence calculated that a more realistic estimate would be closer to £12bn, distributed in significantly different ways to the Detica claims. This would suggest a different pattern of appropriate responses.

Defence beyond borders
A report to which I contributed, Now for the Long Term calls for the creation of an information exchange - CyberEx - to start tackling these issues. It could be funded by governments and businesses with an interest in collecting and analysing data on cyber-attacks to inform their own decisions about cyber-security. Each could share their own information and coordinate with others on responses to international threats. CyberEx could identify weaknesses in the global system, flag up suspicious Internet traffic and malicious software and help countries and businesses develop technical standards for their cyber-security efforts.

It could seek to minimise common vulnerabilities that enable the theft of sensitive information and the distribution of spam through systems, and work closely with international and domestic agencies to prevent common system attacks. The platform could also provide a useful mechanism for stakeholders to work together on responses to collective concerns, such as privacy protection. By providing an accessible, open platform for information exchange, CyberEx could help governments, businesses and individuals to better understand common threat patterns, identify preventative measures and minimise future attacks.

But you are only as strong as your weakest link, so CyberEx would also need to help developing countries improve their cyber infrastructure. For example, Professor Anderson’s MoD study concluded that significant numbers of “stranded traveller” scams and Advance Fee Frauds originate in West Africa, particularly Nigeria.

We are at the start of conversations with interested parties on the potential for CyberEx, so the details of how and where the exchange would be hosted are still to be worked out. The report’s recommendation is a starting point but it is an important one. It could move us closer to using an exchange platform to counter common but high-risk cyber threats. It is a conversation that must continue if we are to meet the challenges posed by increased societal dependence on information infrastructures.

Ian Brown receives funding from the UK Research Councils (currently EPSRC), the European Commission, and BT. He is on the advisory councils of the Open Rights Group, Privacy International and the Foundation for Information Policy Research.

This article was originally published at The Conversation. Read the original article.

The Conversation

We can't fight cyber-crime by ourselves. (Photo: Getty)
Warren K Leffler at Wikimedia Commons
Show Hide image

"She wore a USB cord instead of a necklace": whatever happened to Cyberfeminism?

The movement was young, energetic, educated, and art school-heavy. Above all it was “positive”: both cyber-positive and sex-positive.

Sometime in the late 1990s, I met someone else called Joanna Walsh. The fact that this is also my name drew me to study her closely. We were about the same age. She worked in the tech side of the arts world, with which I was also connected via a loose network of zines, "comix" and journals. Instead of a necklace, she wore a USB cord. She knew how to program. She was a cyberfeminist. 

Cyberfeminism had been a word since 1991, coined separately by the British philosopher Sadie Plant (once profiled painfully in the Independent on Sunday as the “IT girl for the 21st Century”) who was then running the Cybernetic Culture Research Unit with fellow philosopher Nick Land, and by the Australian art collective VNS Matrix

In September 1997, the First Cyberfeminist International meet-up took palce in Germany, and the artist Cornelia Sollfrank writes that its members "agreed not to define the term" cyberfeminist, but to understand it through negative. As a result, the Old Boys Network, a cyerfeminist alliance founded at the event, wrote “100 Anti-Theses” in languages from Croatian to Indonesian. The theses defined cyberfeminism by what it is not: “cyberfeminisme n'est pas une pipe… cyberfeminism is not post-modern… cyberfeminismo no es rock'n’roll” - as a gap, a lack, but also posited this newly-available "cyber" space as a place into which bodies could be projected, and within which they could be remade.

Nineties cyberfeminism drew heavily on contemporary feminist postmodernist theory, including the work of Julia Kristeva and Luce Irigary. As with any radical movement concerned with identity politics, there was a tension between repurposing or remixing stereotypes and the near-impossible task of destroying them and creating new archetypes. The work of trans cyberfeminist Sandy Stone is indicative of much of the movement’s gender-fluid stance: the Old Boys Network's founding aim was to “contribute[s] to the critical discourse on new media, especially gender-specific aspects,” by members who self-select “if you call yourself a woman.” 

"A Cyberfeminist Manifesto for the 21st Century” by VNS Matrix.

As Sadie Plant explains in her book Zeros and Ones—and as Elena Ferrante demonstrates through her (anti?) heroine Lila in the Neapolitan novels, who is an early coder — computing was once considered “women’s work’”. Like Plant, MIT Professor and digital theorist Sherry Turkle described women as digital natives, particularly suited to its “bricolage” methods. The VNS Matrix art collective, by contrast, saw women as biological infiltrators of “Big Daddy Mainframe”. 

Like other strands of 1990s feminism, whether they were prefixed with “Riot” or “Spice”, Cyberfeminism was “girl”-oriented. Zines were called gURL, and Geek Girl, and in 1995 Linda Dement made a “Cyberflesh Girlmonster”. The movement was young, energetic, educated, and art school-heavy. Above all it was “positive”: both “cyber-positive” and “sex-positive”. Cyberfeminism’s enthusiasm, its refusal to self-define, could be exhausting, but is it exhausted? The OBN's calendar takes us up to 2003, the function feminism timeline to 2005. In 2012 a reassessment of the movement titled Cyberfeminism 2.0, was published. What happened in the interim?

What happened is, we all became users. The internet is so embedded in our lives as to make the prefix “cyber” tautologous as “road traffic” or “free gift”, but use of a medium implies neither expertise or control. Not only have women become notoriously scarce in programming, but, as technology becomes more complex, everyone is losing access to the basic means of production. JR Carpenter, a digital artist who continues to make “handmade” web pages, expands on Lori Emerson’s 2014 Reading Writing Interfaces: From the Digital to the Bookbound:

“‘The iPad works because users can’t know how it works.’ Reading the web on an iPhone, iPad, or similar device, readers do not have the option of viewing the page source. The iPad provides consumers with access to materials created by others, but cannot easily be used as a tool in the handcrafting of new materials.”

As internet consumers we are all feminised, invited to complete ourselves through purchase: “The boundary between empowerment/subjectivity/agency and market-driven formation of self, which in fact has never been clear, becomes more nebulous,” wrote Radhika Gajjala’s and Yeon Ju Oh in their introduction to Cyberfeminism 2.0. “I’d rather be a cyborg than a goddess,” declared Donna Haraway in her Cyborg Manifesto, published in 1991, Cyberfeminism’s year zero. But who are our cyborgs now? Default-female Siri and her cohort of servers with a smile? The internet’s “Mechanical Turks’”, mostly women in low-pay jobs whose hand-input is disguised as technology? 

The net can be an echo chamber of reinforced thought as, from Twitter to porn sites, users seek out communities that reflect their offline opinions. “Networked knowledge,” wrote David Weinberger  in a recent essay in the LARB, “is inextricable from its social context,” and can even offer a new, improved platform for offline prejudice. In April, the Guardian catalogued what everyone already knew: that’s it’s primarily their women (followed by non-white) correspondents whose work attracts trolling, abuse and threats.

An unusual feature of Cyberfeminism was how quickly it began to bemoan its own demise. Gashgirl/Doll Yoko/Francesca da Rimini of VNS Matrix wrote as early as 1997:

“after 6 years of surfen sibapussy g-slime as one of the vns matrix pussy posse i don't feel particularly inspired to comment anymore on cyberfeminism/s [if u dont have nothing new to say don't repeat yrself]… cept to say that as far as i rememba things vns matrix never *seriously* wanted to rule the world ..or women to dominate the net...necessarily.... .. but, as artists, we were serious bout usin strategies like irony 'n inversion of cultural stereotypes to raise some of the many issues around women and technology.”

As such, though the internet has been of inestimable benefit as a platform and network for feminist activists (at least those who can access the equipment), “online feminism” is not absolutely identifiable with Cyberfeminism. 

Like Ginger, Posh, Baby, Sporty and Scary, cyberfeminism never did "tell you what I want, what I really really want" but, during a brief window of blue-sky thinking as to what the net could be, artist Cornelia Sollfrank writes that “simply attaching the happy 'cyber' hype to the term feminism in the early 90s opened up immense potential. The synonym for an unreflective, euphoric understanding of new technologies, which 'cyber' definitely is, breathed new life into the debates around gender and feminism.”

Now, Cyberfeminism remains live because rejection of definition is its founding feature. Many 90s cyberfeminist groups and artists are still practicing, including Subrosa, Studio XX, and forums on OBN and elsewhere remain active. Members of the CCRU and VNS Matrix can be found working in academia and the arts, and contemporary theorists include Professor Radhika Gajjala who writes particularly on "subaltern" and south Asian "Cyberselves".“Cyberfeminism does not express itself in single, individual approaches but in the differences and spaces in between,” writes Sollfrank. “All continue to write the story.”

But now, when I use Google to search for “Joanna Walsh”, even in conjunction with institutions with which we were both linked, the only name I find is my own. 

This piece is part of our themed Internet Histories week. See the rest of the stories here