Overview

Cybersecurity is, by definition[1] , the protection of internet connected systems and devices. However, it is often colloquially defined more broadly to encompass all aspects of virtual interactions throughout international security issues. Additionally, with the advancement of internet-based technologies in daily lives, the reality of cybersecurity issues is becoming more prevalent throughout society and diverse areas of national and international security.  Cybersecurity, however, is a complex field and it is necessary to provide a base with common understanding and definitions. Therefore, Unit 1 of the WIIS Cybersecurity & Technology Study Guide will provide basic information about the history and evolution of cybersecurity in order to set the stage for more complex theoretical and technological aspects of the field.

Note from the Team

One of the complexities of cybersecurity is the broadness of its reach, it levels the security playing field in a unique way by tying individual human security directly to massive systems level security.  It cannot be constrained by the definitions given to us by traditional security policy and international relations, it does not fit into the binaries we are comfortable with, we can’t pin it down as a soft or hard power, it can be wielded by states and by individuals. The first question we had with this project was where does all this come from? We wanted to understand the history of the internet and cyber-technology. Kids born in the late 90s grew up watching tapes on big boxy television, but as young adults they can their entertainment over the internet on a tiny, slim rectangle that they can carry in their pockets, make calls from and locate themselves and their families 400 miles away. This may be our norm, but this is incredible! The breakneck development of the field and its related technologies poses security challenges at an individual to a global level.

Questions for Critical Thinking

  • How will the risks and benefits of new technologies be communicated to the public?
  • Where does the responsibility lie for ethical use of new technologies in the cyber realm? With those who develop, disseminate, or use?
  • How has the creation and evolution of this field led to discriminatory practices?
  • Is there a place for intersectional feminism in the cyber realm?
  • Given the relatively rapid pace of advancements in this field, what do you think the next five years will look like? The next ten?
  • What do policy decisions regarding cybersecurity look like? Can the field be regulated in the same way as traditional security fields? How could they be managed differently.

Questions for Further Research: Gender Component

Thus far there is little gender analysis of the field. There have been some reports linking a gendered analysis to cybersecurity, such as the one done by Women’s International League for Peace and Freedom[1] in April 2020, and other resources such as The International Journal of Gender, Science and Technology[2] which publishes pieces on gendered analysis of cyber.

On the other hand, efforts to add women to leadership and technical positions in cyber and tech fields are much more common. For example, UNIDIR has a program on gender and cyber diplomacy[3] that is mainly focused on promoting women’s leadership, and many articles and research done on gender in the field focus on the number of women in the field.[4]

Unfortunately what we found is that besides a few articles and reports, most of the efforts undertaken to promote gender in cybersecurity or tech has been a focus on promoting women’s leadership in the field. While this is, of course, a welcome effort, the fact remains that gender perspectives throughout the history of cybersecurity and gender analysis of current cyber efforts are lacking. This means there is less focus on the evolution of cyber-technologies and the role gender dynamics have to play, nor on the repercussions of neglecting to include gender in the creation of so many cybersecurity mechanisms, practices, and efforts.

Keywords

Algorithm: "a step-by-step procedure for solving a problem or accomplishing some end"

Artificial intelligence: "a branch of computer science dealing with the simulation of intelligent behavior in computers pr the capability of a machine to imitate intelligent human behavior"

Big Data: "The growth in data collection associated with scientific phenomena, business operations, and government activities (e.g., marketing, quality control, statistical auditing, forecasting, etc.) has been remarkable over the past decade. This growth is due, in part, to technology now capable of capturing lots of data at a high rate, such as information- sensing mobile devices, cameras, radio-frequency identification (RFID) readers, and wireless sensor networks. In fact, the term “Big Data” is now commonly used by companies to describe this wealth of information."

Cloud: "A technology that allows us to access our files and/or services through the internet from anywhere in the world. Technically speaking, it’s a collection of computers with large storage capabilities that remotely serve requests."

Coding: "The symbolic arrangement of data or instructions in a computer program or the set of such instructions."

Computer: "A programmable electronic device designed to accept data, perform prescribed mathematical and logical operations at high speed, and display the results of these operations. Mainframes, desktop and laptop computers, tablets, and smartphones are some of the different types of computers."

Computer Science:  "Computer Science is the study of computers and computational systems. Unlike electrical and computer engineers, computer scientists deal mostly with software and software systems; this includes their theory, design, development, and application. Principal areas of study within Computer Science include artificial intelligence, computer systems and networks, security, database systems, human computer interaction, vision and graphics, numerical analysis, programming languages, software engineering, bioinformatics and theory of computing. Although knowing how to program is essential to the study of computer science, it is only one element of the field. Computer scientists design and analyze algorithms to solve programs and study the performance of computer hardware and software. The problems that computer scientists encounter range from the abstract-- determining what problems can be solved with computers and the complexity of the algorithms that solve them – to the tangible – designing applications that perform well on handheld devices, that are easy to use, and that uphold security measures."

Cybersecurity: "Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyber-threats. The practice is used by individuals and enterprises to protect against unauthorized access to data centers and other computerized systems."

Cybertechnology: Cybertechnology is a hybrid term to refer to anything within the cybersphere or on a physical device like a computer.

Dark Web: The dark web is the smallest part of the internet. The dark web is "hidden" from normal search engines and is only accessible through using a Tor, or an anonymous browsing aid which hides the users IP address. The dark web is encrypted and allows users to browse anonymously. Sites on the dark web are not searchable. In order to access these sites, the user needs to know the destination URL. Because the dark web is anonymous, it has become a hub for illegal activity including drug and arms trafficking

Data Science: Data science, in its most basic terms, can be defined as obtaining insights and information, really anything of value, out of data.

Deep Web: The deep web makes up the largest part of the internet and includes all sites that are not accessible through search engines. The deep webs includes things like password protected email accounts. The deep web contains a majority of harmless/benign sites.

Domain: "A group of computers, printers and devices that are interconnected and governed as a whole. For example, your computer is usually part of a domain at your workplace."

Encryption: "Encryption is a process which protects a personal data by making sure that it is only available when a "key" has been entered."

End User: "The person who uses a product or service."

Hacking: "The process through which an unauthorized user gains access to a device or account."

Hardware: "Hardware refers to the physical components of a computer. Computer hardware can refer to everything from a laptop battery to the motherboard to the webcam; it is any physical component of a computer"

Internet: "An electronic communications network that connects computer networks and organizational computer facilities around the world —used with the except when being used attributively"

Internet Technology: "Computer Internet technology refers to devices, software, hardware and transmission protocols used to connect computers together in order to receive or send data from one computer to another within a small network or as part of a small network within a larger network, such as the Internet."

Internet of Things: "The internet of things refers to anything connected to the internet. Many of devices connected to the internet communicate with each other and collect data."

Malware: "Malware is intrusive software that is designed to damage and destroy computers and computer systems. Malware is a contraction for “malicious software.” Examples of common malware includes viruses, worms, Trojan viruses, spyware, adware, and ransomware."

Phishing: "A technique used by hackers to obtain sensitive information. For example, using hand-crafted email messages designed to trick people into divulging personal or confidential data such as passwords and bank account information."

Programming: "The process or writing and creating computer program, or functions which are designed to complete a task."

Ransomware: "Ransomware is a type of hacking which encrypts a users files and does not allow the user to access the data in these files. Typically, the hacker will ask for some sort of payment in exchange for de-encryption, hence the name ransomware."

Social Engineering: "A technique used to manipulate and deceive people to gain sensitive and private information. Scams based on social engineering are built around how people think and act. So, once a hacker understands what motivates a person’s actions, they can usually retrieve exactly what they’re looking for – like financial data and passwords."

Software: "A set of programs that tell a computer to perform a task. These instructions are compiled into a package that users can install and use. For example, Microsoft Office is an application software."

Surface Web: This is the part of the web that is easily accessible and includes sites like Google and Bing and is accessible through mainstream search engines. The "surface web" makes up the smallest percentage of all sites on the internet.

Tor Browser/Onion Browsing: "The Onion Router (TOR) was created in 1995 by the US Naval Research Laboratory. When Tor was created, the goal was to allow encrypted messaging, especially for government communication. However, Tor browsers are used primarily to access the dark web."

Virtual Private Network (VPN): A VPN is a tool which lets you encrypt your browser data and gives you the ability to browse the web online. When you're connected to the internet, you have an IP address which is a unique set of numbers used to identify you. A VPN hides your IP address allowing anonymous internet usage.

World Wide Web: "A part of the Internet accessed through a graphical user interface and containing documents often connected by hyperlinks"