A common theme in our 21st century is the amplification of enabling technologies. In the optical fiber world, for example, it is increasing the distances between amplifying repeaters through the use of erbium-doped fiber. In the cloud computing world, it is increasing the total amount of computation available to users to accomplish goals more quickly. A good example is the use of massive numbers of processors to index the World Wide Web, enabling users to find information in fractions of a second that would otherwise be buried forever in exabytes of data. In the machine learning world, amplification arises through training of deep neural networks with massive numbers of examples allowing the trained network to discriminate among and classify an endless array of samples. The power of social networking is evidenced by the amplifying effect of these services to spur collaboration and coordinated action. Some neural networks amplify our individual capacity to understand languages we don’t speak through automatic translation.
The Internet itself is an amplifier of voices that might otherwise remain unheard. Its very existence is evidence of the amplifying effect of network collaboration in the form of network interconnection, often accomplished through Internet exchange points (IXPs). The “network effect” noted by Robert Metcalfe claims that the amplification grows proportionally to the square of the number of users.
These examples of amplification explain the power and popularity of so many online services. It must be observed, however, that not all amplification is beneficial. Network denial of service attacks are amplified by the hijacking of millions of Internet-enabled devices, such as laptops, webcams and other programmable devices. Malware is propagated by means of compromised network servers. Spam email is generated and propagated by so-called bots. Misinformation and disinformation is propagated and repeated through the use of the same tools that enable beneficial collaboration.
One of the enduring conundrums of our digital age is abuse of the empowering technologies that amplify human capacity for action. It is precisely this dilemma that we must face and solve if we are to harvest the benefits of an expanding technological universe, while defending society from its harmful potential. Technical steps can be taken to increase the resistance of software to various attacks. All of the following can contribute to improved resistance to cyber-attacks: more secure operating systems, stronger application of cryptographic authentication, replacement of passwords with better, two-factor authentication and new computer hardware with hardware-reinforcement of software security measures.
The human element cannot be forgotten in this campaign. We must exercise more discipline in the use of our technology, and software and hardware providers must make it easier for us to achieve that end. Secure configuration should be straightforward. Two-factor authentication should impose little friction. Access control to our important information should be easy to set up and maintain. Software systems should be vigilant against attack and warn us about unusual or suspicious activity. Credit card companies have become very adept at monitoring our transactions and drawing attention to those that are unusual. Although that sometimes can be annoying, it can also prevent serious loss.
Just as we teach children to look both ways before crossing the street, we should all learn to be careful in our use of computer technology. We should learn early on that these systems are not guaranteed to be safe, so we should be mindful of potential hazards. Urgent emails from people we don’t know should be looked upon with some suspicion. “Click NOW!” should be a red flag. When I receive emails ostensibly from a known friend asking for money or some other risky action, I forward it back to the apparent source, asking: “Did you send this?” and warning, “Don’t click on anything!” This has the double benefit of potentially warning my friend that their email account may have been compromised and also often gets the answer: “That wasn’t me!” Moreover, when we encounter strong claims of one kind or another, we can remind ourselves to ask: “Where does this claim come from?” and “Is there any corroborating evidence?” We can ask ourselves: “What might be motivating the claims or calls to action?” and “Are these consistent with my beliefs?” That is a form of critical thinking that would serve us well in today’s (mis)information rich online environment. It should be apparent from this account that there are many hands that can be put to work, including our own, to improve resistance to harmful abuses of cyber-amplification. As we enter the third decade of the 21st century, what better time to fortify ourselves against its man-made hazards?