|
Sort Order |
|
|
|
Items / Page
|
|
|
|
|
|
|
Srl | Item |
1 |
ID:
171964
|
|
|
Summary/Abstract |
The hacker is the epitome of a cybersecurity threat and the embodied misuse of the Internet. However, in recent years, notions of hacking have begun to change. Blurred boundaries mark the term, best expressed in its overlap with “security researcher.” This article draws on a 3.5-year research project on the hacker community and applies an international political sociology framework to uncover routines of rationalization. Interviews with IT and cybersecurity industry experts expose accepted identities, practices, and behaviors of hackers, which allows for the construction of in-group and out-group members in the IT and cybersecurity field. Additionally, the empirical findings are used to propose a conceptual framework (the Möbius strip) to situate the moral valence of hackers on a flexible model. Thus, the article provides insight into the ontological and normative complexities that define the study of hackers, as well as the perception of IT and cybersecurity professionals.
|
|
|
|
|
|
|
|
|
|
2 |
ID:
171965
|
|
|
Summary/Abstract |
This is an article about how cybersecurity gets “made,” with a focus on the role of commercial computer security firms in generating knowledge in matters of international cybersecurity. The argument is two-fold. Firstly, malware may be an intangible artefact in some ways, but its success and its interpretation as malware is deeply interwoven in social, technical, and material alliances. Secondly, a materialist-minded examination of Symantec’s Stuxnet reports will demonstrate the politically situated nature of how cybersecurity expertise emerges. The article finds that Symantec’s work was not a-political or neutrally-technical: Their experts made profoundly political choices in their analyses. By showing the processes that go into making cybersecurity, the article contributes to a widening and deepening of debates about what is at stake in cybersecurity knowledge and practices.
|
|
|
|
|
|
|
|
|
|
3 |
ID:
171962
|
|
|
Summary/Abstract |
Public attributions of cyber incidents by governments and private industry have become prevalent in recent years. This article argues that they display a skewed version of cyber conflict for several operational and structural reasons, including political, commercial, and legal constraints. In addition, public attribution of cyber incidents takes place in a heavily contested information environment, creating fractured narratives of a shared past. The article uses three cyber incidents (Sony Pictures, DNC, and NotPetya) to show how actors cope with this contested information environment and proposes a changed role of academia to address some of the problems that emerge. To become competent in contesting public attribution discourses, universities would have to work more across physical, disciplinary, and academic boundaries. The main implications for democracies are to be more transparent about how attribution is performed, enable other civilian actors to study cyber conflict, and thereby broaden the discourse on cybersecurity politics.
|
|
|
|
|
|
|
|
|
|
4 |
ID:
171960
|
|
|
Summary/Abstract |
In the last decade, cyber incidents have become more expensive, more disruptive, and in many cases more political, with a new body of theoretically informed research emerging in parallel. This article provides the intellectual history to situate this literature in its broader evolutionary context. After identifying and discussing six drivers from the fields of technology, politics, and science that have been influential in the evolution of cyber security politics and how it is studied, we describe three historically contingent clusters of research. Using the same driving factors to look into the future of research on cyber security politics, we conclude that it is a vibrant and diverse biotope that is benefitting from its interdisciplinarity, its relevance for policy, and its cognizance of the interplay between technological possibilities and political choices of state actors.
|
|
|
|
|
|
|
|
|
|
5 |
ID:
171963
|
|
|
Summary/Abstract |
Cybersecurity experts foster a perception of cybersecurity as a gloomy underworld in which the good guys must resort to unconventional tactics to keep at bay a motley group of threats to the digital safety of unsuspecting individuals, businesses, and governments. This article takes this framing seriously, drawing on film studies scholarship that identifies certain aesthetic themes as associated with moral ambiguity in noir films. This article introduces the term “cyber-noir” to describe the incorporation of noir elements in cybersecurity expert discourses. It argues that the concept of cyber-noir helps explain the persistence of practices that blur legal, moral, and professional lines between legitimate and malicious activity in cyberspace. Consequently, changing cybersecurity requires not only institutional and technological measures, but also a re-constitution of cybersecurity identities themselves.
|
|
|
|
|
|
|
|
|
|
6 |
ID:
171961
|
|
|
Summary/Abstract |
By implementing novel intelligence techniques in cyberspace, security and intelligence agencies have become major actors in the cybersecurity landscape. As they no longer just passively gather information for their governments but conduct both defense and offense operations in cyberspace, they signal international actors that their conduct is at least tolerable, even if not officially acceptable. Thereby, the intelligence agencies generate norms for the rest of the international community. Yet, they remain under the international regulation radar for being sub-state entities. Consequently, the main argument of this article is the following: To prevent the hollowing-out of cyber regulation efforts, the norm-setting role of intelligence actors should be taken into account when designing cyber norms.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|