Nations can no longer afford to go it alone on cyber-security

Cyber-crime knows know borders, so nor should our defences.

Senior representatives from more than 90 governments met in Seoul recently to discuss cyber-space, including cyber-security and cyber-crime. It was the third in a series of international conferences that has followed a push from the UK government to bring a more international perspective to discussions about how to keep cyber-space open while addressing threats.

Cyber-crime does not operate in a world confined by national borders so an international response is our only option. We need to cooperate to protect devices and information infrastructures from malicious entities seeking to steal secrets, deny access to critical services and exploit our identities to commit crimes.

Vulnerable businesses
There is much work to be done. Weaknesses in infrastructures, policy and operations leave us vulnerable and threats to businesses and individuals are frequent and damaging. For example, a sophisticated malicious software recently infected a PC at a small British bakery, then managed to bypass all of the business’s online banking security software and steal £20,000. There is no end to the news of malware, viruses and spam that affect online accounts and home computers.

Recent research indicates that four in five of the UK’s largest quoted companies are unprepared for cyber attacks. The widely reported threats to systems within finance and banking are an uneasy reminder of our vulnerability – and a key priority of the Bank of England and other financial regulators. Even those companies that you might expect to see outsmarting cyber-criminals are not immune. Just a few weeks ago software company Adobe admitted that its system had been hacked and that data from nearly 3 million customers had been stolen. Now there are reports of ransomware attacks across companies in East London’s hi-tech cluster of businesses.

Currently, too many decisions relating to cyber-security rely on inadequate evidence, inconsistent data, deficient reporting and varying rules across networks and systems. This inconsistency on data is apparent in UK government. Two years ago the UK Cabinet Office published a study by Detica, which estimated that cyber-crime costs the UK economy £27bn per year. It gave a breakdown by business sector and type of crime. This type of data is critical for governments, businesses and technology companies to plan appropriate security responses. However, a 2012 study undertaken by Professor Ross Anderson and colleagues for the Ministry of Defence calculated that a more realistic estimate would be closer to £12bn, distributed in significantly different ways to the Detica claims. This would suggest a different pattern of appropriate responses.

Defence beyond borders
A report to which I contributed, Now for the Long Term calls for the creation of an information exchange - CyberEx - to start tackling these issues. It could be funded by governments and businesses with an interest in collecting and analysing data on cyber-attacks to inform their own decisions about cyber-security. Each could share their own information and coordinate with others on responses to international threats. CyberEx could identify weaknesses in the global system, flag up suspicious Internet traffic and malicious software and help countries and businesses develop technical standards for their cyber-security efforts.

It could seek to minimise common vulnerabilities that enable the theft of sensitive information and the distribution of spam through systems, and work closely with international and domestic agencies to prevent common system attacks. The platform could also provide a useful mechanism for stakeholders to work together on responses to collective concerns, such as privacy protection. By providing an accessible, open platform for information exchange, CyberEx could help governments, businesses and individuals to better understand common threat patterns, identify preventative measures and minimise future attacks.

But you are only as strong as your weakest link, so CyberEx would also need to help developing countries improve their cyber infrastructure. For example, Professor Anderson’s MoD study concluded that significant numbers of “stranded traveller” scams and Advance Fee Frauds originate in West Africa, particularly Nigeria.

We are at the start of conversations with interested parties on the potential for CyberEx, so the details of how and where the exchange would be hosted are still to be worked out. The report’s recommendation is a starting point but it is an important one. It could move us closer to using an exchange platform to counter common but high-risk cyber threats. It is a conversation that must continue if we are to meet the challenges posed by increased societal dependence on information infrastructures.

Ian Brown receives funding from the UK Research Councils (currently EPSRC), the European Commission, and BT. He is on the advisory councils of the Open Rights Group, Privacy International and the Foundation for Information Policy Research.

This article was originally published at The Conversation. Read the original article.

The Conversation

We can't fight cyber-crime by ourselves. (Photo: Getty)
Show Hide image

Why are online jokes funnier without punctuation and capital letters?

Academics and social media users weigh in on Twitter’s most unexplained phenomenon. 

The first person to notice it did so in 2010. “Sometimes I think a twitter joke is funnier if you omit punctuation,” tweeted @zacharylittle on 2 April. He was a pioneer. It took two years for anyone else to express the same thought, but they did so in droves. “I like not using punctuation like commas on twitter because its somehow funnier lol,” said @chxrliesheen, sans apostrophe. “I never use punctuation on twitter and tumblr I just think its funnier ok,” exclaimed @julieamarch. From then until now, people have been constantly questioning the phenomenon, but there are still no answers.

Why exactly are Twitter jokes funnier when they have grammatical errors, discard punctuation, lack capital letters, or are misspelled?

“There is a frisson, or sense of pleasure, from playfulness in language,” Dr Deborah Tannen, a professor of linguistics at Georgetown University, tells me over email – in which she demonstrates some of this playfulness herself. “writing wihtout caps, proper punctation, and leaving misspellings uncorrected also feels like private communication, like whispered kjokes, and therefore has the same potential thrill.”

Dr Hugh Rabagliati, a Chancellor's Fellow at the School of Philosophy, Psychology, and Language Sciences at the University of Edinburgh, warns me that most of his knowledge on the subject comes from “spending too much time on Twitter, rather than any obvious academic work”. It is true that research into the area is lacking – books about “internet language” get outdated quickly, and seem to focus on email and chatrooms, rather than more modern social media. “The misspellings [on Twitter] are often beautifully calibrated, like a very subtle malapropism, and the grammar errors are designed to make familiar material feel out of kilter,” he says.

Sometimes humour is found when grandiose sentiments are contrasted with train-wreck grammar, he argues, whereas other times the language can be exclusionary and people share it to prove they “get” the joke.

Perhaps the most famous Twitter user who has mastered the technique of the misspelled tweet is Jonathan Sun. Sun has gained 168,000 followers posing as an “aliebn confuesed abot humamn lamgauge”, and is part of what is known as “weird Twitter”, a subset of the site where humour is surreal and often bolstered by misspellings, a lack of punctuation, and grammatical errors. But while “weird Twitter” takes it to the extreme, many other arguably “normal” Twitter users will uncap the start of their Tweets or the word “I”.

“i’m not really sure why but i’ve been going out of my way to un-cap for ages,” one anonymous Twitter user told me via a direct message on the site. “i recognise that it is a stupid waste of time, ive had partners mock me for it.” Possibly, they theorise, they do this because they used to edit copy as part of their job. “it could be a reaction to that, to be completely armchair psychology about it.”

Naomi Baron, a professor of linguistics at American University and author of Words Onscreen: The Fate of Reading in a Digital World reinforces this point. She argues that language users are always looking for ways to distinguish their voices and express emotion. “A bevy of authors – from the poet e.e. cummings to social media scholar danah boyd – have further personalised their identity by eschewing the normal capitalisations in their names,” she says. “When it comes to social networking sites such as Twitter, lack of capital letters lends a tone of informality that makes the messages feel more speech-like.”

It’s hard to admit that you’re deliberately making mistakes in order to look offhand, as you are essentially revealing you try-very-hard-to-look-like-you’re-not-trying-at-all. But Rebecca Reid, a 25-year-old journalist, admits this is why she used to uncap her tweets. “Honestly I literally thought it made me look cooler,” she says. “I saw my sister doing it, and she's a couple of years younger and very trendy, so I thought it was just what we were doing. So I copied her. This is so tragic from me. And after a while I realised that it wasn't making me seem edgy, it was making it seem like the shift button on my key board was broken.”

It is true that informality is important in written messages, as a 2015 study revealed that ending text messages with a full stop was perceived to be insincere, most likely because it is seen as a sign of aggression. Twitter jokes that are written similarly formally – with full stops and capital letters – might also seem insincere, or be less inviting or inclusive than those with deliberate mistakes, run-on sentences, or five-too-many exclamation marks.

“There's also a phenomenon that linguists have only started discussing in the last decade, called ‘Eggcorns’,” says Rabagliati. “Here the speaker has learned a misanalysed locution. The phenomenon is named from the case of a woman who had, all her life, misheard the word acorn as ‘eggcorn’. ‘To all intensive purposes’ is a similar error. These mistakes play on our fear that our knowledge of language might not be as robust as we want to believe – think about all those words that you've read, but never heard aloud. Plus, the errors are fun because they demand some backwards reasoning to reconstruct.” 

More academic research is needed for a final answer on the phenomenon, but one thing is certain. If uncapitalising things on Twitter is cool, writing an 800-word article about it certainly isn't. 

Amelia Tait is a technology and digital culture writer at the New Statesman.