CyberWars: The On-line Empire Strikes Back

When is the last time you saw a group of liberal activists join hands with conservatives? In the real world, partisanship is a commodity that pays high dividends. In the cybersphere however, the highest dividends are paid when ideologies melt away and activists join hands to defeat a a common enemy. Recently the U.S. Government has been designated the biggest enemy. 

In 2012 hundreds of thousands of Internet activists coalesced to form a global resistance to the Stop Online Piracy Act (SOPA). The act was hailed by politicians as a way to fight piracy, but the regulations and punishments for something as inconsequential as downloading a song were so severe and so draconian it led many to believe its passage would destroy the free Internet. The on-line resistance to SOPA was so intense the bill was shelved as was it’s sister, PIPA, also a regulation heavy bill. The success of the anti-SOPA/PIPA movement had never been seen  before and opened the door for a new wave of activism.

After SOPA’s defeat it was thought to be unlikely  a similar cause would ever rise again. Then came the Snowden revelations. Terabytes of information exposing the United State’s mass surveillance programs set the cybersphere afire. Edward Snowden’s “David & Goliath” style story, combined with the near daily scream worthy revelations were a perfect combination for a new cyber rebellion. The chance was not wasted. 

February 11th, 2014 was titled “The Day we Fight Back.” The date was chosen to commemorate the suicide of prolific down-loader Aaron Swartz. The goal of the 2/11/14 action to was two-fold; show the U.S. government that the Internet will no longer support mass surveillance and two, encourage people to support to the “USA FREEDOM ACT.” The USFA is hailed as a codified curtailing of the NSA and mass surveillance. As the day wore on, rumors of fight back operations spread through the Internet. Several on-line services displayed a unique banner (like the one above) indicating their support for fight back. Within the cyber rumorsphere there were whispers of DDOS attacks and phone re-routing although at this point they remain rumors.

It will take several weeks and possibly months to know the full impact of fight back. It is likely businesses and/or government offices will refuse to release DDOS information until several weeks have passed. Either way, the sheer amount of participants will give supporters enough leeway to pronounce the day a success. In any case, the rise of on-line activism continues and the crescendo shows no sign of slowing.

Analyze this; 2.5

“On a scale of one to five, which number represents thermonuclear war and which represents peace? The answer is simple; it depends on the value of one.”

This question is an oversimplified explanation of quantitative analysis. Every action has a numeric value and when those values are taken together, massaged with an algorithm, and plotted on a graph they tell you everything you need to know. Ask yourself this however, is that really true? Can quantitative analysis really tell you what you need to know in each discipline? Perhaps in finances, traffic accidents, and poker games the answer is yes, but when it comes to real world risk analysis, numbers are as useful as elven magic.

Before you click away in an angry huff, consider this: You’ve been asked to analyze the risk of recidivism of a convicted felon who is about to be released from prison. When you look through his criminal history you see he committed two armed robberies, six shoplifts, and four assaults over a three year period. He spent the last seven years in prison. Based on that information what is his risk of recidivism?

Odds are if you presented those facts to a criminal intelligence analyst or a police detective you would be told the risk is high. They would assign a numerical value to each crime, add them up, use some crazy algorithm and tell you this person is going to be a problem. If you went strictly by the numbers, then yes, this ex-con will more than likely offend again. If you step outside of the number parameters however, you encounter the reality of the assessment which is, the ex-con is a human being.

Saying the convict is human is not social commentary, it’s a fact that requires a different method for cataloging. Enter qualitative analysis. Based on the person’s history there is cause to believe he may re-offend, however there are several variables at play. For example, what were the socio-economic conditions of the subject prior to incarceration? Has the person found religion while in prison? What conditions will greet the subject upon his release? What factors that were present seven years ago will still be present upon release? All of these questions are extremely important when analyzing the risk of recidivism or any risk involving human beings. If you don’t believe me, ask yourself this; what number value should be associated with anomalous human behavior?

The challenges facing an analyst converted to the world of qualitative analysis is knowing which questions to ask and where they rank in the final risk analysis. Each situation demands a new grouping of questions, however over time, the analyst will recognize core questions asked in each analysis. This is why risk analysis on people require more than one analyst and should go through a rigorous vetting process with other equally skilled analysts. After all, we are mapping human behavior and can’t exclude the possibility of personal bias.

It is time we train our law enforcement risk analysts and investigators to use a qualitative system. It will be a change, and challenges lie ahead, but as we encounter the growing need for threat intelligence, predictive analysis, and efficient forecasting we need to focus on the reason for the analysis; evaluating possibility. Numbers alone won’t do the trick.