Category Archives: Gibson

Contesting “Cyber” – Introduction and Part I

By Max Smeets and James Shires. More info about the series here

Introduction

Over the last few decades there has been a proliferation of the term “cyber”, and commensurate levels of inconsistency. This series argues that the inconsistent application of the prefix “cyber” stems not only from confusion, as some scholars and policymakers have proposed, but also from contest. Our goal of this series is not to resolve conceptual disputes, but instead to understand how and why contests occur, and whether, once the lines along which contests occur are identified, resolution is possible.

As the prefix “cyber” has rarely been used alone, we place the concept of cyberspace at the centre of analysis, for two reasons. First, it is considered to be the “elemental” concept in the field, and demarcates the boundaries of relevant technical and social activity through an intuitive geographical metaphor. Second, selecting the concept “cyberspace” for analysis can be considered a least-likely (or least-obvious) study of contest. The attachment of the prefix “cyber” to various nouns has left cyber-related concepts with a variety of underlying normative connotations. On the one side, some concepts describe a clear activity or state of affairs, which are prima facie undesirable, like “cyber warfare” or “cyber threat”. On the other side, various concepts reflect a more positive degree of attractiveness—“cyber democracy” is a good example of this. The obvious normative aspects of these terms to which the cyber prefix is attached make these likely sites for contest, whereas “cyberspace” is seemingly more neutral. We suggest instead that it is the ominous calm at the heart of the storm, providing an excellent case in which to study the tension regarding the prefix more broadly.

Over the next six days, we will publish a series of blog post that show that cyberspace is contested in a number of ways: through its change in connotations from opportunity to threat; through the existence of substantive and implied definitions, with different rhetorical functions; and through competing understandings of the key historical exemplar for cyberspace: that of ARPANET. We therefore note that the prospects for agreement regarding cyberspace are low. Overall, this presents the choice of what we term, following Hirschman, an ‘exit’ rather than ‘voice’ strategy, to use other concepts instead. An initial post in this series was published last Friday at Slate’s Future Tense and can be found here.

PART 1. Cyber: not just a confused but also a contested concept.

Since the early 1990s the prefix “cyber” has become widespread. As often noted, its use stretches back to Norbert Wiener’s coinage of “cybernetics” from its Greek equivalent in the 1940s. It is similarly canonical to cite novelist William Gibson as creating the “ur” metaphor for this prefix in the early 1980s by combining it with “space”. Almost three decades later in an interview with The A.V. Club, Gibson argued that “‘cyberspace’ as a term is sort of over. It’s over in the way that after a certain time, people stopped using the prefix ‘-electro’ to make things cool, because everything was electrical. ‘Electro’ was all over the early twentieth century, and now it’s gone. I think ‘cyber’ is sort of the same way”.

In contrast to Gibson’s prediction, a simple automated content analysis using Google Trends indicates that the popularity of the prefix “cyber” has remained stable (with a spike in November each year for “cyber Monday”). There are ever more applications of this prefix, to words such as crime, law, cafe, hate, bullying, attack, war, vandalism, politics, dating, security, and power. Today, more people enter the search term “cyber” into Google than the term “democracy” or “terrorist”. Needless to say, the term “cyber” has also gained in prominence in academia and policymaking.

The proliferation of this prefix has, inevitably, led to substantial inconsistencies in its use. On one level, these contradictions may stem from simple confusion. As Michael Hayden, former director of the CIA and NSA, remarked: “rarely has something been so important and so talked about with less clarity and apparent understanding than this phenomenon.” Scholars and policy-makers, among others, are not always consistent in their own usage of cyber-related concepts, and they sometimes reinterpret the definitions employed by others, especially when given a liberal dose of cross-disciplinary fertilization.

Many hold that such disagreement is primarily caused by the apparently abstruse and multifaceted nature of the phenomenon. For example, in a Foreign Policy article, Stephen Walt notes that “the whole issue is highly esoteric—you really need to know a great deal about computer networks, software, encryption, etc., to know how serious the danger might be,” concluding that “here are lots of different problems being lumped under a single banner, whether the label is ‘cyber-terror’ or ‘cyber-war’. If this is the case, more research can iron out the lack of clarity surrounding this relatively young concept, and then we can get to the one and only “meaning of the cyber revolution,” as Lucas Kello emphasizes in his recent book (and earlier article). However, in this article series we argue that the inconsistent application of the prefix “cyber” stems not only from confusion, but also from contestation.

In other words, the roots of disagreement are deeper than a mere struggle to absorb the collective knowledge of another discipline, but stem from underlying normative disagreements.

Understanding the nature and extent of this contestation of “cyber” is important for both policy-making and academic research. For policy-makers, the promise of what Joseph Nye Jr. calls “rules of the road” in cyberspace is much diminished if the very domain itself remains in question (also see the UK government strategy). Constructing effective international cyber-governance becomes more difficult—although not impossible—if the scope of what to be governed is fundamentally disputed.

For academics, if the roots of disagreement are deeper, then faith in a unified understanding of the cyber-issue is utopic; and further investigation of why and how broader political disputes are translated into problems with this proliferating prefix is urgently required.

Here we will explore what it means when we talk about cyber, and address the nature of contestation from various angles.

This article was originally posted @NewAmerica

The Word Cyber Now Means Everything—and Nothing At All

By James Shires and Max Smeets

In early October, at the launch of Stanford’s Global Digital Policy Incubator, Secretary Hillary Clinton said, “We need to get serious on cybersecurity.”

It’s hard to argue with the sentiment, but what does it actually mean? Is she suggesting that companies should invest in data breach insurance? That governments should build new weapons? That police should have better decryption tools? That tech companies should write safer code, especially for critical infrastructure? That international differences in internet governance must be resolved? That individual citizens should review their online behavior? Or all of the above?

The problem is in the word cyber. At first, the word’s flexibility was a good thing—it helped raise awareness and offered an accessible gateway to discussing all kinds of security. But it has now become an obstacle to articulating credible solutions.

The term cyber has been around for decades, stretching back to MIT mathematician Norbert Wiener’s coinage of cybernetics in the 1940s. Wiener borrowed the ancient Greek adjective ‘kubernētikós’, meaning governing,piloting, or skilled in steering, to describe then futuristic idea that one day we would have a self-regulating computing system, solely running on information feedback. In the 1980s, novelist William Gibson married the prefix to space, creating the term so ubiquitous today. Since then, cyber has been used by anarchists and policymakers, scholars and laymen, artists and spies. It has been attached to concepts ranging from warfare to shopping, and it can denote opportunity as well as threat.

Yet, cyber is, in a way, empty: It acts like a sponge for meaning, soaking up whatever content is nearby. Gibson described this nicely in an interview with the Paris Review: “The first thing I did was to sit down with a yellow pad and a Sharpie and start scribbling—infospace, dataspace. I think I got cyberspace on the third try, and I thought, oh, that’s a really weird word. I liked the way it felt in the mouth—I thought it sounded like it meant something while still being essentially hollow.”

The hollow aesthetic captured by Gibson—the peculiar position of being both intuitively meaningful and a self-consciously strange word—is part of the appeal of cyber. The prefix is popular, and growing in use, not despite its hollowness, which is bemoaned by many, but because of it.

Thomas Rid, in his book Rise of the Machines, shows how various narratives have accompanied the prefix cyber since World War II, all of which cross boundaries between technology and society, between science and culture, and between the impetus created by war and security and more benign visions.

As Rid explains in the preface, the cyber idea is “self-adapting, ever expanding its scope and reach, unpredictable, yet threatening, yet seductive, full of promise and hope, and always escaping into the future.” In short, it is a sponge—but one that fails to clean up the conceptual problems of its terrain.

We can see this clearly in recent events. With new information seeping in on an almost daily basis about the Russian meddling in the 2016 elections, the cyber sponge has been absorbing everything related to disinformation campaigns, information warfare, social media bots, and election hacking.

Clinton’s talk demonstrates all of this. “In the 21st century, war will increasingly be fought in cyberspace. As Americans we need to approach this new threat with focus and resolve. Our security, physical or otherwise can’t be taken for granted,” she said. She went on to discuss the various new “weapons of choice” coming from “the highest bowels of the Kremlin”: email releases, probing voting systems, the industrialization of fake news, targeted use of Facebook ads, and more.

She isn’t wrong about these things, but speaking about them in this manner mashes them together with previous uses of the term in relation to militarized cyber operations, critical infrastructure attacks, DDoS attacks against Estonia and Georgia, and Stuxnet. In this case, the cyber label doesn’t improve our understanding of this influence. Instead, the generic term flattens the terrain by conflating the potential hacking of critical infrastructure systems and the buying of advertisements by foreign nations. This incorrectly implies similarities in response, suggesting that we can handle all of these things in a similar manner. But ensuring that the industrial control systems of a power plant will not be accessed by a malicious actor requires a very different set of actions than curbing the spread of fake news. Labeling both actions as cyber encourages the inappropriate transplant of policies and technologies across these issues.

Finally, cyber also masks significant political and organizational hurdles. Clinton speaks about “the need for public and private cooperation,” but this cooperation takes very different forms for critical infrastructure and social media, not to mention questions of state and commercial offensive actions—yet all fall ostensibly under the rubric of cybersecurity.

We’ve wrung all the utility we can out of the cybersecurity sponge. To address the “serious and urgent challenges” of our time, we need to acknowledge that they are indeed challenges plural—not one single, monolithic domain.

This article was first published @ Slate Future Tense.  Future Tense is a partnership of Slate, New America, and Arizona State University.