In the midst of logistical supply lines disrupted, soaring inflation affecting economies, the harrowing reality of biodiversity loss intensified by climate catastrophe, and looming political upheavals, we can paint a picture of our contemporary conjuncture confronting its own systemic fragility.
This fragility is partially buffered by landscapes becoming transformed to incorporate and manifest a logic of containment that features network and logistical architectures that include security zones, corridors, hubs, and gateways. Containment within the ever morphing topologies of networks deploys cloud computing security, antivirus software, DDOS mitigation Data Loss Prevention and honeypots that are designed to prevent or mitigate the fallout of ceaseless malicious activity that maneuvers its way through nodes, hubs, and critical chokepoints. It is the sobering reality that such prevention or eradication of threats is decisively impossible, pointing to the conceptual overlap between our globalized networks and their need to operationally resemble the properties and functions of an immune system.
Testifying to what has been identified as a ‘Viral Capitalism’(Parikka, 2016), mutant strands of perturbation and uncertainty are reinforced through the invention of new accidents and the discovery of novel risks that strike against the seeming stable ramparts of nation-state borders, monitored and surveillance networks that enmesh biological, social, political, and network systems in our present configuration. The monstrous appetite of a viral capitalism becomes bent upon appropriating or ingesting the potential of an Outside or what may be ‘uncommodifiable’, which in turn becomes an engine for its continual reinvention, matching any potential danger or fear with continuously evolving resolutions. (Parikka, 2016)
We can shed light on the parallels between biological immune systems and the increasingly sophisticated networks and logic of defense that arise on both the biological and cyber-network fronts. Biological immune systems consist of an innate immune system and an adaptive immune system. The first line of defense against the penetration of physical barriers in the body musters the innate immune system, which does not provide long-lasting immunity. Likewise, within network security, or cybersecurity, our skin wards off external threats to our body, which is similar to a firewall, functioning as a barrier that sits between a private internal network and the public Internet. If the pathogen eludes the innate immune system, the adaptive immune system becomes activated, which in turn creates a crafted and tailored response to the pathogen.
Critically, the adaptive immune system possesses capacities for learning, memory, and pattern recognition that rely on T lymphocytes that are effectively programmed to recognize and respond to antigens. When B and T cells are activated, they begin to proliferate, and some of their progeny become memory cells with a long lifespan. This conduct is imitated by a cyber Immune System that identifies cyber threats through pattern recognition, and has adaptive and memory capabilities. (Wlodarczak, 2017) With the necessity of security networks requiring threat identification and detection capabilities, we can also consider how these capabilities can be simulated and tested “to discover unknown attacks ahead of time, network security architecture should allow viruses and attack strategies to mutate and evolve automatically.” (Q et al. 2021)
The incessant threat of attacks and defensive strategies that mutate and evolve automatically on the cyber-front arguably becomes a defining impulse of War-Machines. Drawing from the work of Gilles Deleuze & Felix Guattari’s tome on nomadology A Thousand Plateaus: Capitalism and Schizophrenia, their conception of War-Machines becomes an index to capture the contemporary dynamics of network, logistical security actors, and ever-evolving formations of para-state actors that are incubating the attack vectors upon global informational chokepoints. Critically, their term departs from applications of the term ‘War Machine’ which have become synonymous with the globalized barbaric military industrial complex, which is an assemblage of state militaries, private military contractors, state lobbyists, and intelligence agencies, that are channeled towards colonial, imperial, or geoeconomic aims. Rather, the gridded, linear, metric, and rigid fixities that constitute the State confront the shapeshifting dynamics and deterritorializing tendencies of ‘packs,’ ‘nomads,’ ‘guerrillas,’ and ‘artisans’ that drive the motor of the War-Machine.
War-Machines operate through Smooth Space, traversing through the desert and the steppes—spaces that are free from codifications that are tied up with the striating features of the polis. Thus, these packs, nomads, guerrillas, and artisans in their potent ability for weapon-crafting and metallurgy, can serve as active forms of resistance or lines of flight that lead to the dismemberment of the state or the capacity to elude its capture. In turn, there is a continuing negotiation and conflict between resistance and the possibility of being seized or appropriated by states, which attests to the fact that war machines established by social formations can ‘take over’ the state apparatus. It is precisely this threat of absorbing or appropriating the War-Machine by the state that carries the intrinsic risk that it will “reimpart a war machine that takes charge of the aim, appropriates the States, and assumes increasingly wider political functions.” (Deleuze & Guattari, 1978)
This conception of a potential compromise of political functions underscores how within the context of clandestine state-affiliated hacker groups, notably Israel’s Intelligence Unit 8200 or North Korea’s Unit 180 the conjugation of potential war-machines and the escalation of cyberwarfare, as Jussi Parikka observes, spills into the infrastructural fabric of our everyday life and civilian sector. Parikka characterizes what he observes as an ‘Operational Art’ that epitomises the modus operandi of cyberwarfare, which in turn blurs the line between ‘Operations Other than War’ or ‘Operations Other than security’, or more succinctly put, the infiltration into civilian and non-military life that has become more palpable. (Parikka, 2021) This is particularly salient along the lines of state and para-state actors carrying out a significant volume of attacks on industrial control systems, notably SCADA (supervisory control and data acquisition), Programmable Logic Controllers and Distributed Control Systems that are tasked with monitoring processes and controlling physical devices linked to pumps, valves, motors, and sensors.
We can point to the pioneering feat of Stuxnet unleashed in 2011—that was the first known computer virus crafted to attack an industrial control system, specifically the Siemens model S7 PLC which has been attributed to the shadowy state-sponsored Israeli Intelligence Unit 8200. With the assistance of the NSA and CIA, they devised an elaborate and byzantine method that effectively targeted Iran’s Natanz Uranium Enrichment Facility that consisted of infecting personal computers running Siemens Step7 PLC programming software on Microsoft Windows operating systems. Therefore, users who installed the software removed their respective security gates, allowing any PLC program associated with a PLC, to be misled by the PLC code presented on their screen, evading detection and spreading the infection. Thus, Stuxnet has been understood as a ‘man in the middle’ attack, where the ‘man’ in this respect is the infected Step7 application that would automatically change the PLC code the user tried to transfer to the PLC. Effectively, the PLC code modification was tailored to their strategic plan to assault centrifuges at the nuclear power plant by adjusting their rotor speed and manipulating the control valves in an effort to overstress the centrifugal rotors and trigger eventual failures. (Kuphaldt, 2022)
With waves of attacks targeting infrastructure and compromising power grids, nuclear reactors, and wind farms, we can also notice an increasing tendency in the usage of malware that has begun to imitate the logic of ‘software as a service,’ attesting to a mutant strain of commercializing disaster. Here, ‘software as a service’ is symptomatic of a form of rentier capitalism, which accelerates a break from a world of permanent personal possession or ownership of items, property, and intellectual property and compels users to utilise software that is licensed on a subscription basis and centrally hosted.
Concurrent with this shift, we can observe the increased adoption of the ‘software as a service’ model, where the operationalisation of MaaS and Raas(Malware or Ransomware as-a-service) is based on malware developers renting out ransomware or malware and its control infrastructure to other cybercriminals, allowing them to launch cyberattacks using pre-written codes. One of the most infamous strains of malware, DuckLogs, has adopted the guise of a legitimate digital firm offering web-based services, a sophisticated dashboard, tiered subscriptions, newsletters, and Telegram Channels. The number of malicious activities engineered consists of malware encompassing stealers, keylogging, clippers( hijacks cryptocurrency transactions) and remote access, where stolen data is siphoned from a victim’s computer back to its internal command and control server. Intriguingly, subscribers have the ability to personalize and construct their own malware binary, which can affect how to conduct vector attacks and how difficult and robust, recovery solutions can be implemented for targeted individuals.
Whether nation-state affiliated or not, the solidification of ransomware cartels has begun to make its mark, where stealth gangs including Twisted Spider (creators of Maze and Egregor ransomware), Viking Spider (creators of the Ragnar Locker ransomware), Wizard Spider (creators of Conti and Ryuk ransomware), and Lockbit Gang have coalesced to coordinate attacks and data leaks, by sharing tactics, command and control infrastructure, and sharing/ posting victim data. (Zohreh@digitalsilk.com, 2022) Also, many events show that MaaS is a way for nation-states and transnational criminal organizations to make money. Reports have followed the trail of the North Korea’s Lazarus Group exploiting the notorious Trickbot’s MaaS to conduct effective assaults, including a famous heist targeting the Bangladesh Central Bank, resulting in losses of $81 million out of an attempted transfer of $1 billion. (Ilascu, 2021)
Operational Art & Speculative Communities
We can extend and transplant Parikka’s remarks regarding Operational Art and malware into the arena and nexus of social media, investee activism, and reputational warfare, whereby the dynamics of network reputational accumulation become a source or site of malicious activity or is analogous to the logic of malware. We can start with theorist Michel Feher who has highlighted how the endemic condition of accreditation and indebtedness has become pervasive in our world, where the role of investors, shareholders, bondholders, and hedge fund managers has significantly reshaped the landscape of global markets over the past several decades. (Feher, 2018) Therefore, we are all susceptible to the issue of accreditation and indebtedness, whether we are a company seeking funds from shareholders, an indebted sovereign body seeking bondholders, or a vulnerable individual seeking social benefits.
Here, investee activism refers to a complex network of local activists and investee shareholders who hold stake or equity in these companies and have the ability to sabotage or impede the execution and flow of credit, for example, to gas, oil, or energy projects or the construction of projects that can negatively impact indigenous territory. Feher highlights the recent Defund DAPL (Dakota Access Pipeline) campaign that centered around targeting the consortium of 15 banks that were funding the project, particularly by major banking institutions ABN AMRO, ING, BayernLB and Nordea, which compelled several of them to relent and withdraw from the project.
Nonetheless, Feher sketches the implications that penetrate deeper than the tactics of investee activism and the mounting struggles to undermine the stranglehold of financial institutions. He draws our attention to the intertwining of social, private, political, and financial domains and how we are converted into adopting risky and speculative attitudes, which feed into what has been termed as a ‘speculative imagination’. This imagination influences our potential to protect ourselves from future unpredictability and failed promises regarding job security, property ownership, as well as personal and collective wellbeing. (Komporozos-Athanasiou, 2022) Tuning into the role of social media in shaping and penetrating the volatility of the financial landscape, we can also point to a number of guerrilla campaigns that can weaponize tweets via the circulation of videos, hashtags, threads on Reddit boards to trigger the formation of temporary swarms that can, for instance, engage in short-selling markets and bankrupt hedge funds, as was infamously demonstrated by the GameStop episode.
In addition, we have observed the catastrophic loss of billions of dollars owing to impersonator profiles and tweets, which occurred specifically in the debate surrounding Elon Musk’s announcement and implementation of a new paid verification program. An impersonation or phony account of American pharmaceutical giant Eli Lilly and Company proclaiming “We are happy to announce insulin is now free” caused a huge reduction in Eli Lilly’s stock price, which contributed to the loss of billions of dollars by other corporations. (Dellatto, 2022) Here, the added effect of conversations about pharmaceutical firms and the reasons why insulin, a drug paid with public funds, must be prohibitively expensive and inaccessible to many became a subject of heated debate.
Further incidents also spawned massive drops in stock prices through the infamous tweets of Elon Musk or Donald Trump’s notorious incident that helped to tank the aircraft manufacturer Boeing and shares of stock to a meagre 2 dollars after news reports over a complaint about its excess costs for its line of Air Force One Planes. This phenomenon, along with a plethora of comparable situations, relates to Emily Rosamond’s definition of ‘Reputational Volatility’ and the growing paradigm of Reputational Warfare that is staged and conducted on social media. (Rosamond,2020) Reputational Volatility and its genealogy emerge from the widespread use of online reputation management systems, which laid the groundwork for an all-too-common “trustworthiness” metric that evaluates the speed of delivery, the quality of a product, and the legitimacy of the vendor.
In fact, this logic, especially when implemented through systems employing stars or percentage points, gives an index that reflects a measure of the sellers’ potential volatility. Volatility can be measured based on the calculated reliability of the seller based on tallied posted reviews that share customer satisfactions or dissatisfactions, as well as interactions if disagreements arose regarding the quality of the service or product, and the possibility of refund policies that are indicative of any possible deviation from a standard of excellence.
Hopping over to a focus on social networks, volatility is performed and choreographed in relation to social networks, in which Reddit, Facebook, and Twitter threads, users, and comments are assigned a “reputation rating” and “reputation power.” As the network is constantly calibrated and re-weighted, scores are given to all users and their posts. These scores show how much influence each user has within the network. Yet, in a strange twist, volatility becomes a currency here, engendering a paradoxical situation. On the one hand, it can increase the number of new users joining a social network, but it can also displace and negatively affect existing influencers and their topological position, especially with the phenomenon of online shaming, which can spark a whirlwind of criticism, deplatforming, and loss of brand recognition.
In this context, the number of users coordinating an attack campaign in an effort to ‘deplatform’, ‘cancel’, or damage the reputation of individuals or organizations unlocks the potential for swarms of users to be channeled towards tactical interventions that can disrupt the cultural-social-political landscape that is now inextricably intertwined with network power. (Rosamond, 2020) To further scope in on the political implications, Rosamond cites notorious message boards such as 4chan and 8chan, as well as troll-farms that have evolved into swarm intelligences and undertook disinformation campaigns to influence voters in the 2016 and 2020 US Elections. In the run-up to the 2020 presidential election, we can also highlight how Troll Farms based in Macedonia and Kosovo, which had tenuous ties to Russia’s Internet Research Agency, ran the most popular pages that catered to Christian and Black Americans and reached up to 140 million Americans per month. (Hao, 2021)
We can also consider how formations of guerrilla campaigns with a combination of botnets or swarms of users or the combination of the two, converge on engineering possibly contingent, unforeseen events, which becomes consonant with endorsing the ‘unknown preemptively’ as a tactical strategy. It is this strategy that is symptomatic of the aforementioned logic of speculation that renders and tangles billions of individuals within an unbreakable knot of ‘precarity’, un/underemployment, and debt that increasingly comes to fuel behaviors that become aligned with the financialised logic of risk-taking. Here, terms such as ‘Speculative Communities’ highlights how the colonisation of financial logic also produces means to ‘counter-speculate’ against what appears to be a future already mortgaged to its cancellation, exemplified along the likes of movements ranging from France’s Gilets Jaunes, the Tea Party, the Occupy Movements, and to a degree GameStop as well as the thriving space of Web3 and DAOs that arguably come to embrace “uncertainty as a condition of possibility.” (Komporozos-Athanasiou, 2022)
With social networks and platforms as battlegrounds for shaping the socio-political landscape, the insatiable need for fresh techniques or permutations of strategy to be deployed to wage war effectively against global financial markets, companies, and political campaigns becomes a marketable force. This becomes particularly animated along the front of the explosion in synthetic media that further complements already extant techniques such as market manipulation, payment fraud, vishing, impersonations, brand damage, reputational damage, and botnets.
The infamous use of Generative Adversarial Networks has become synonymous with the unauthorized fabrication and distribution of pornographic photographs and films, which compromises victims’ and their dignity, honor, and reputation. Nonetheless, we can briefly sketch how the further harnessing and development of synthetic media tools such as Generative Adversarial Networks, AutoEncoders, Diffusion Models, and Multimodal Vision & Language models that are bound to also nourish what has also been articulated by Komporozos-Athanasiou as ‘Real Fakes.’ (Komporozos-Athanasiou, 2021) It is within the erosion of consensus reality in conjunction with gamified conspiracy plots and synthetic media that perhaps hatches open ways to cultivate forms of mythmaking or collective myths that not only aim to further unmask systemic oppression, but also spawn more meaningfully distorted realities that serve as toolkits or escape pods from our withering present and future.
What becomes the resources and tactics at disposal already portend a future populated by AI influencers, i.e. Lil Miquela, a self-described 19-year-old robot living in LA. or MetaHuman, which works as a robust character generator that enables the creation of any realistic person from scratch, and increasingly customisable multi-modal models that will operate in a similar fashion to infrastructure as a service. The employment of synthetic media tools and their rippling effects have been felt, especially with a deep fake voice that cloned a director’s voice to orchestrate the transfer of over 35 million dollars from a bank in the U.A.E. to several accounts in American banks. (Brewster, 2021) Returning to Jussi Parikka’s conception of Operational Art, we can pluck out the consideration of how worlds can become secreted through the way to “turn situations into artifice, that is turning them into programmable sets of possibilities, inventions of accidents as technological innovations.” (Parikka, 2021) Ultimately, with an expanding arsenal of synthetic media tools, malware as a subscription service, combined with a logic of contagion, new situations or worlds can be impregnated or turned to your advantage with a click or an automated scripting of a click.
Brewster, T. (2022, November 9). Fraudsters cloned company director’s voice in $35 million bank heist, police find . Forbes. Retrieved January 11, 2023, from https://www.forbes.com/sites/thomasbrewster/2021/10/14/huge-bank-fraud-uses-deep-fake-voice-tech-to-steal-millions/?sh=1f5a12117559
Dellatto, M. (2022, November 11). Eli Lilly clarifies it’s not offering free insulin after tweet from fake verified account-as Chaos unfolds on Twitter. Forbes. Retrieved January 11, 2023, from https://www.forbes.com/sites/marisadellatto/2022/11/10/eli-lilly-clarifies-its-not-offering-free-insulin-after-tweet-from-fake-verified-account-as-chaos-unfolds-on-twitter/?sh=3773180851a3
Deleuze, G., Guattari Félix, & Massumi, B. (2013). A Thousand Plateaus: Capitalism and Schizophrenia. Bloomsbury.
Feher, M., & Elliott, G. (2018). Rated agency investee politics in a speculative age. Zone Books.
Hao, K. (2021, September 16th). Troll Farms reached 140 million Americans a month on Facebook before 2020 election, Internal Report shows. MIT Technology Review. Retrieved January 13, 2023, from https://www.technologyreview.com/2021/09/16/1035851/facebook-troll-farms-report-us-2020-election/
Ilascu, I. (2021, August 18). Lazarus hackers use TrickBot to infect high-end victims. BleepingComputer. Retrieved January 13, 2023, from https://www.bleepingcomputer.com/news/security/lazarus-hackers-use-trickbot-to-infect-high-end-victims/
Kuphaldt, T. R. (n.d.). Chapter 17 – cyber-security in industrial measurement and control systems: Automation textbook. Control. Retrieved January 11, 2023, from https://control.com/textbook/instrumentation-cyber-security/
Komporozos-Athanasiou, A. (2022). Speculative communities: Living with uncertainty in a financialized World. The University of Chicago Press.
Komporozos-Athanasiou, A. (2021, December 17). WINNING IN THE REAL FAKE. Arts of the Working Class. Retrieved January 11, 2023, from https://artsoftheworkingclass.org/text/winning-in-the-real-fake
Parikka, J. (2016). Digital Contagions: A media archaeology of computer viruses. Amazon. Retrieved January 11, 2023, from https://www.amazon.com/Digital-Contagions-Archaeology-Computer-Formations/dp/0820488372
Parikka, J. (2021, August 12). Malware as operational art: On the IF/then of geopolitics and tricksters . Operational Images. Retrieved January 11, 2023, from https://operationalimages.cz/2021/08/12/malware-as-operational-art-on-the-if-then-of-geopolitics-and-tricksters/
Rosamond, E. (2020). From Reputation Capital to Reputation Warfare: Online Ratings, Trolling, and the Logic of Volatility. Theory, Culture & Society, 37(2), 105–129. https://doi.org/10.1177/0263276419872530
Rossiter, N. (2017). Software, infrastructure, Labor: A media theory of Logistical Nightmares. Routledge Taylor & Francis Group.
Q. Yu et al. (2020) “An Immunology-Inspired Network Security Architecture,” in IEEE Wireless Communications, vol. 27, no. 5, pp. 168-173, October 2020, doi: 10.1109/MWC.001.2000046.
Wlodarczak, Peter. (2017). Cyber Immunity – A Bio-Inspired Cyber Defense System. 199-208. 10.1007/978-3-319-56154-7_19.
Zohreh@digitalsilk.com. (2022, October 4). Ransom mafia – analysis of the world’s first ransomware cartel. Analyst1. Retrieved February 20, 2023, from https://analyst1.com/ransom-mafia-analysis-of-the-worlds-first-ransomware-cartel/
Leave a Reply