Avoiding the shock of the new – a historical perspective on state cyber operations. Neil Ashdown

When was the first cyberattack?

Your answer to that question might depend on how you define the term ‘cyberattack’.

It also might depend on how far you think the public record is complete in this area.

It was this knotty tangle of conceptual disputes, secrets, and mysteries that participants sought to address at a recent workshop organised by the University of Warwick: ‘Cyberattacks and covert strategies in perspective: the long history of the future’.

The workshop brought together academics from intelligence studies and history, cybersecurity and cyber conflict studies, and security studies more broadly. Among other themes, the panels at the event examined the early roots of state cyber operations, focusing primarily on the US and the UK.

As the workshop organisers noted, it is important that academics looking at cyber operations not succumb to the ‘shock of the new’. The means of a state cyber espionage operation may be new, but espionage, deception, and subversion are all very old. The history of state cyber operations is largely one of intelligence organisations adapting their long-established methods to the digital environment. For that reason, many of the apparently intrinsic characteristics of cyber operations might better be understood as characteristics of intelligence operations and subversion.

Yet at the same time, when it comes to digital technologies and cyber operations, the technical details really matter. There are important differences between historical intelligence activities – even ones targeting precursors of the modern Internet, such as telegraph networks – and what is possible in the cyber domain. Teasing out these differences requires an appreciation of the technical details.

Several participants remarked positively on the size of the Royal Holloway contingent at the workshop. Many of the Royal Holloway group participate in the UDG – a reading group that looks at the connections between cyber, intelligence, and security – and we appreciated the chance to discuss these issues with experts from different fields.

It was great to see that those experts associated the Royal Holloway name with excellence in information security. Yet at the same time, I think the other participants were pleasantly surprised to see that our group also contained people working on geopolitics, international security, and intelligence studies. This really speaks to the value proposition of the CDT as an interdisciplinary group.

The linguistic challenges of talking about ‘cyber’ often lead to situations where people are talking past each other, using the same words for different concepts – or vice versa. And in this area, we tend to get caught up in the tyranny of current events – ‘have you seen the latest attack/paper/announcement?’

As such, it was a real pleasure to attend an event where people took the time to really listen to each other, and where we had the luxury of thinking about these important issues in their longer historical context.

We’d like to thank the organisers and we look forward to the next similar event!

--

If you’d like to know more about the event, are interested in the history of intelligence and cyber, or would like to participate in the UDG discussion group, please get in touch at neil.ashdown.2019@live.rhul.ac.uk



Comments

Post a Comment

Popular posts from this blog

Post-PhD thoughts on the Cyber Security field: Amy Ertan, 2017 CDT Cohort, now Cyber and Hybrid Policy Officer at NATO HQ in Brussels.

It has been just over a year since I successfully completed my viva – a milestone that initially felt both terrifying and insurmountable when I first joined the CDT. Now, I have the privilege of reflecting on my PhD journey and how its opportunities have shaped my present. I also wish to inspire curious students to embrace the full potential of the CDT and similar programs.   When I first came across the CDT application form, I initially envisioned transforming from a disillusioned city worker into a technical cyber security wizard, focusing on governance or incident response – as those were the only cyber security functions I was familiar with at the time. Very quickly, the CDT taught me that cyber security encompasses a vast and comprehensive range of approaches, offering me a holistic perspective on the field. Supported by the CDT, I engaged with exciting research and practitioner communities to learn about security governance, feminist and critical approaches, geography, the philos
Read more

Remote working and Cyber Security: Georgia Crossland and Amy Ertan

Image
Introducing the project The shift to remote working represents a huge shift for employees and organisations alike, introducing significant implications for cyber security. Amy Ertan and Georgia Crossland are currently working on a research project, in collaboration with the Research Institute for Sociotechnical Cyber Security (RISCS) and funded by the UK National Cyber Security Centre (NCSC), on the impact of remote working on cyber security and wellbeing. This blog post will give an overview of a section of this project, how remote working impacts cyber security. In response to COVID-19, in March 2020, organisations across the world made the rapid shift away from physical office working to remote working, wherever possible. This shift has had a significant impact across many aspects of organisations. This blog post will offer a high-level overview of how the cyber threat landscape was impacted for many organisations and may further change organisational cyber resilience. Remote workin
Read more

New Publication: Remote Working and (In)Security?: Amy Ertan

Image
A recent research report by CDT researchers Amy Ertan and Georgia Crossland has been published with the Research Institute for Sociotechnical Cyber Security (RISCS). The report examines ‘The Impact of Pandemic-Driven Remote Working on Employee Wellbeing, the Psychological Contract and Cyber Security’, with research carried out through a series of interviews with senior cyber security colleagues between January and April 2021. The full report can be found on the RISCS website: New publication: Remote Working and (In)Security | RISCS. Context In the UK and around the world, the impact of COVID-19 represented a total shift away from what was considered ‘normal living’. One aspect of this change was the rapid transition to remote working as people were encouraged to work from home and limit contact with others as far as possible through repeated lockdown conditions. Fellow CDT colleague Georgia Crossland and I were curious to explore how remote working has impacted the experiences - and se
Read more