Euro Security Watch with Mathew J. Schwartz

Cyber Insurance , Cybercrime , Cyberwarfare / Nation-State Attacks

Exploring the Forgotten Roots of 'Cyber'

Cyber Always Points to the Future, But It Has a Past
Exploring the Forgotten Roots of 'Cyber'
Tesla has dubbed its forthcoming electric pickup truck "Cybertruck."

One day when all of this pandemic craziness is over, maybe you'll drive your Tesla Cybertruck on Cyber Monday to your cybersecurity job. Of course, your business will be backed by a cyber insurance policy as a fallback in the event of a devastating cyberattack. Or if you're working for a government cybersecurity center, maybe you'll even be safeguarding cyberspace against cyber espionage agents - who do cybercrime in their spare time - and the looming threat of cyberwar, while binging over the weekend on your favorite episodes of "CSI: Cyber." Or cyber whatever.

See Also: Cybersecurity workforce development: A Public/Private Partnership that enhances cybersecurity while giving hands-on SOC experience to students

We seem to keep entering the era of ever more "cyber." Since we're truly through the looking glass on this one, it begs this "Alice in Wonderland" question: Do we say what we mean - or mean what we say - when we use the word cyber?

"What does 'cyber' even mean? And where does it come from?" writes Thomas Rid in "Rise of the Machines," his book-length quest to unravel cyber's origin story.

Everyone from military officers and spies, to bankers, hackers and scholars "all slapped the prefix 'cyber' in front of something else ... to make it sound more techy, more edgy, more timely, more compelling - and sometimes more ironic," writes Rid, who's a professor of political science at Johns Hopkins University.

Cyber has cachet. Cyber inevitably seems to always be pointing to the future. But as Rid writes in his book, "the future of machines has a past," and cyber has long stood not just for a future, Utopian merging of humans and machines, but a potential dystopia as well.

On the good side exists the potential offered by cyborg-like technologies that might one day, for example, enable humans with spinal injuries to walk again. Such technology may even facilitate the human colonization of Mars.

For a view of the flip side, however, take the "Matrix's" rendering of a postapocalyptic hellhole in which humans have been made to unthinkingly serve machines.

Technology is Life

The question stands: What is cyber? "We know it is a lazy sobriquet" beloved by marketing departments and business types seeking budget for a project, currently vying with "artificial intelligence and machine learning" as must-have buzzwords, says Colin Williams, who formerly served as a director of UK-based government contractor SBL - Software Box Limited.

Williams, who's currently researching the history of cybernetics at Oxford University, says that we continually remake our society with technology - and bar some potential efforts by neo-Luddites, there's no going back.

"Like it or loathe it, it's existential: We absolutely, fundamentally rely on technology for our existence," he tells me.

At the same time, there's been a dangerous disconnect between understanding how our current technological environment is a natural consequence of so many things that have come before, including not just technology but also social change and our moral, ethical, political and philosophical fabric, he says.

For example, "when we talk about driverless, autonomous vehicles and we start to talk about driverless carriages, we're in the realm of classic Benthamite 19th-century utilitarianism," he says.

In other words, we've been here before, just under a different name. Or in the case of "cyber," in fact, the same name, since it was first coined in 1948 as "cybernetics" by Norbert Wiener, who defined the word as "the scientific study of control and communication in the animal and the machine."

Despite the current prevalence in society to flail about, seemingly uncontrollably, in the face of today's awesome technology, and for people to claim that no one, truly, could have predicted the internet of things or the all-electric Tesla Cybertruck - set to be built soon at a factory in Austin, Texas - in fact there's been a natural evolution, not just in science but popular culture, preceding where we are today.

And if there is one constant, it's simply that everything always changes. "We've inherited an idea from the 19th century about stability and permanence, and it's wrong," Williams says.

Always Subject to Change

At the same time, the word cyber arguably points to what is inherently leading-edge and subject to change. Entering the world of cybersecurity today, for example, "you're leaving the reality of what you know, for a fantasy world you know nothing about," Amanda Rousseau, an offensive security engineer at Facebook, said in a keynote speech at last year's Black Hat Europe conference in London.

Amanda Rousseau delivers the opening keynote at Black Hat Europe 2019. (Photograph: Mathew Schwartz)

But in some cases, the "future is now" cachet afforded by the term appears to have already outstayed its welcome.

Rid, for example, recently tweeted that he finds "increasingly counterproductive" the term "cyberattack."

He's not the only one. In 2017, the Associated Press style guide used by numerous news organizations recommended retiring the "routinely overused" - and thus increasingly meaningless - word for all but the most egregious of onslaughts. What qualifies? Think "computer operations" that result in "physical damage or significant and wide-ranging disruption."

Despite such entreaties, the word still gets overused in news story headline after headline.

"We've inherited an idea from the 19th century about stability and permanence, and it's wrong"
—Colin Williams

Another candidate for a "cyber" paring is cybercrime, says Raj Samani, chief scientist at security firm McAfee.

"We shouldn't use the word cybercrime anymore, because whether it's digitally enabled or digitally dependent crime - whatever it is - modern crime now uses computers. So get over it, right? It is just crime," he tells me. "Whether you use USB sticks or whether you use a gun, you're still robbing a bank."

Witness: The World's First Cyberattack

When it comes to seeing cyber as not being a new concept, Rid and Williams are no outliers. Indeed, writing in The Economist's "1843 Magazine," Tom Standage recounts what was arguably the world's first cyberattack, which involved hiding messages sent via "the world's first national data network."

Sounds like a story that's been ripped from the headlines, right? But the network in question was a mechanical telegraph system built in France in the 1790s. In 1832, this so-called semaphore telegraph system was targeted by two brothers named Blanc, who bribed an official to communicate stock market movements to them. These communications got hidden in regular messages by using a prearranged character, followed by a backspace character, which instructed the telegraph operator to ignore it when transcribing a message.

Even so, "this extra character could be seen by another accomplice: a former telegraph operator who observed the telegraph tower outside Bordeaux with a telescope, and then passed on the news to the Blancs," Standage writes.

View of the semaphore telegraph system invented by the Chappe brothers in France, which used three rotating arms or panels that could be configured in 200 different positions to relay information (Source: Musée de La Poste)

"The scam was only uncovered in 1836, when the crooked operator in Tours fell ill and revealed all to a friend, who he hoped would take his place," Standage reports. "The Blanc brothers were put on trial, though they could not be convicted because there was no law against misuse of data networks."

So not only did the Blanc brothers manage a clever subversion of the mechanical telegraph system, they also in effect hacked the legal system by doing something that had never been envisioned.

Hacking systems and data? Plus ça change, plus c'est la même chose. The more things change, the more they stay the same.

Only now, of course, we have added cyber.

About the Author

Mathew J. Schwartz

Mathew J. Schwartz

Executive Editor, DataBreachToday & Europe, ISMG

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.