Attack vectors

Vulnerability of digital systems

Vulnerability of digital systems#

The gears of the 21st century are digital. Practically every area of life is accompanied by digital services, whether we use them directly or they perform their services in the background. Guaranteeing the proper functioning of digital components and infrastructures is a significant challenge.

Digital systems represent interesting points of attack, depending on their nature and degree of usage.

Attacking targets

Attacking targets#

Essential criteria whether a system is subject to a rather high or low attack load.

  1. Nature and extent of the profit achieved by a successful attack
  2. Maximum possible number of participants that can be affected by a successful attack.

Malicious business models

Malicious business models#

Digital services designed to interact with the social fabric promise participants a simplified exchange of information and continuous interaction.

The business models cast in such technologies have an extremely widespread effect and capture the majority of all people who use a digital device. Relevant business models are developed by companies, which quantify people and their surrounding social structure more and more precisely.

By using such services, the participant hands over practically the whole spectrum of privacy to the operator.

Comparing the actions of a criminal attacker, whose goal is the manipulation of a digital system, with the actions of a digital corporation and the business models applied, it is almost impossible to differentiate between the two groupings.

An essential element that has long been used by attackers can be summarised under the term social engineering.

The attacker does not only use a technical weak point of an existing system but also pretends to have an identity to gain secret information for the access to the system.

The strategy for monetization formulated in a business model to implement the use of advertisement content uses similar methods used by attackers in the field of social engineering. The objective is to allocate a clear profile to a user in order to supply the user with targeted advertising content in a follow-up process.

Once in this vicious circle, there is no turning back.

Why a neutralizing effect of (digital) technology is necessary, exemplified by

Why a neutralizing effect of (digital) technology is necessary, exemplified by#

Resume - Sean Parker, Co-Founder of Facebook

Resume - Sean Parker, Co-Founder of Facebook#

To respect the relevance of this problem, which can be described as "considerable", a summary is given. In a recent statement, Sean Parker, co-founder of Facebook, has published the following statement.

At Facebook, the thinking has always been how to get people to devote as much time and attention as possible to the website.

Behavioural change due to the regular dopamine boost

Behavioural change due to the regular dopamine boost#

This means we have to give people a little dopamine boost now and then; this happens when someone likes things from you or comments on a photo.

It's a feedback loop based on people's desire for social acknowledgment.

(...) We have exploited a weak spot in human psychology.

The creators, me and Mark (Zuckerberg) and Kevin Systrom (Instagram) knew that. And we did it anyway." In the early years, it was not yet foreseeable how big the influence of a network of two billion people would be on society. Parker assumes that Facebook nowadays influences the relationships between society and people. To the negative. At this point, a comment on the opinion is omitted. Parker's statement should be both proven and self-explanatory due to his role and experience with the world's largest social media provider, Facebook.

Similarities and requirements

Similarities and requirements#

In the field of digital security, several technical procedures have been established which allow the neutralization of malicious software-based components such as viruses, spyware, malware, and ransomware.

The safeguarding of the functional security of digital systems and infrastructures is not possible without the use of crucial components of digital security.

In our view, a comparable urgency can be attributed to the thematic field of the targeted distribution of false information with a significant widespread effect, since the integrity of human action and decision-making abilities is disturbed.

Despite such similarities and relevance, there are practically no tools that accompany the user in the consumption of digital content.