Any views expressed within media held on this service are those of the contributors, should not be taken as approved or endorsed by the University, and do not necessarily reflect the views of the University in respect of any particular issue.
Crime, technology and society by Angus Bancroft
 
Malware production through bricolage and scalar threats

Malware production through bricolage and scalar threats

We are well into the era of advanced, generation 2.0 types of malware. Adware, ransomware, cryptocurrency miners and others use social engineering and complex value chains with multiple functions being coordinated through them. Threats to industrial control systems, other backbone processes, and threats that use the internet of things remove the human from the victim loop. Malware is created through bricolage, the assembly of an object from mismatched things.

In September 2010, a new computer worm was isolated which appeared to attack industrial control systems produced by Siemens, the German industrial combine. It was unusual in that it targeted a very specific set of systems, those used to control gas centrifuges, devices for separating out nuclear material and enriching uranium; and its mode of spread, which used USB thumb drives. Though not unique that suggests a specific kind of target and aim. It was clearly designed to infiltrate secure systems that are airgapped. It was designed by US and Israel military intelligence to attack the Iranian nuclear programme. It had some effect, though limited and probably not commensurate with the expenditure of time and one shot security holes employed. The process of development used a patchwork of existing vulnerabilities. It used shared vulnerabilities identified and developed by specialised groups such as the Equation group within the NSA.  

Stuxnent is an example of a nonscalar threat. By design the worm does little outwith its target environment other than spread itself. A significant feature of modern cyber threats is how they work at scale. Stemming from a thoughtful email from one of my students about the imagery of crime in a Europol report, I noticed that the imagery used for serious crimes is often depersonalised and draws on the language of viral, industrial capitalism.  It characterises serious criminal activity in this large scale, industrialised, highly productive terms.

They often crimes that are low severity individually and hence tend to be unreported but have an impact at scale which is what makes them hard to prosecute. This focus on a scalar threat is a recurring one in many documents now such as Mills, Skodbo and Blyth (2013) which explicitly tackles this. To me we are facing two challenges: first, tools and exploitation modes are designed to scale up and down depending on opportunity. Second, distributed delivery means interventions tend to end up punching fog. The scalar affordances of the technology and the labour structure allow for effective and resilient threat industries such as ransomware to emerge and make them difficult to guard against. The ability to scale down as well as scale up is significant for the organised crime group’s degree of resilience to disruption.

Mills H, Skodbo S and Blyth P (2013) Understanding organised crime: estimating the scale and the social and economic costs. London: Home Office.

css.php

Report this page

To report inappropriate content on this page, please use the form below. Upon receiving your report, we will be in touch as per the Take Down Policy of the service.

Please note that personal data collected through this form is used and stored for the purposes of processing this report and communication with you.

If you are unable to report a concern about content via this form please contact the Service Owner.

Please enter an email address you wish to be contacted on. Please describe the unacceptable content in sufficient detail to allow us to locate it, and why you consider it to be unacceptable.
By submitting this report, you accept that it is accurate and that fraudulent or nuisance complaints may result in action by the University.

  Cancel