Anti-social networking: crowdsourcing and the cyber defence of national critical infrastructures

Johnson, C. W. (2014) Anti-social networking: crowdsourcing and the cyber defence of national critical infrastructures. Ergonomics, 57(3), pp. 1-15. (doi: 10.1080/00140139.2013.812749)

Full text not currently available from Enlighten.

Publisher's URL: http://dx.doi.org/10.1080/00140139.2013.812749

Abstract

We identify four roles that social networking plays in the ‘attribution problem’, which obscures whether or not cyber-attacks were state-sponsored. First, social networks motivate individuals to participate in Distributed Denial of Service attacks by providing malware and identifying potential targets. Second, attackers use an individual's social network to focus attacks, through spear phishing. Recipients are more likely to open infected attachments when they come from a trusted source. Third, social networking infrastructures create disposable architectures to coordinate attacks through command and control servers. The ubiquitous nature of these architectures makes it difficult to determine who owns and operates the servers. Finally, governments recruit anti-social criminal networks to launch attacks on third-party infrastructures using botnets. The closing sections identify a roadmap to increase resilience against the ‘dark side’ of social networking.

Item Type:Articles
Status:Published
Refereed:Yes
Glasgow Author(s) Enlighten ID:Johnson, Professor Chris
Authors: Johnson, C. W.
College/School:College of Science and Engineering > School of Computing Science
Journal Name:Ergonomics
Publisher:Taylor & Francis
ISSN:0014-0139
ISSN (Online):1366-5847

University Staff: Request a correction | Enlighten Editors: Update this record