Abstract
Cyber attacks and crime have risen exponentially in the past decade. The global reliance on technology to store data, perform daily tasks, and function as a society has enticed malicious hackers to exploit these often weak systems and their vulnerabilities. One such entity that is constantly under attack from adversaries is the United States Air Force. The majority of their equipment relies on digital systems and transmissions in order to function which makes them vulnerable to cyber attacks from adversaries. Specifically, their equipment can be jammed via certain radar waves that are sent to disrupt their signals. To address this problem, I created a way to be able to identify the difference between normal, everyday radio-waves that are harmless to defense systems and the malicious adversarial radio-waves being sent by potential adversaries to disrupt communications. I did this through a combination of computer programs and data analysis in order to sort, compile, and display data to make this distinction. It is important to consider the human and social dimensions of this because the U.S. government is tasked with defending its citizens and if they cannot properly do that, then there can be serious consequences.
From an STS perspective, we can analyze the broader question, how have past cyberattacks affected how different social groups use and interact with software technology today? I used the social construction of technology theory to analyze this question by determining how different social groups have affected how our software is developed currently. To conduct this research, I used four different case studies of real cyber attacks and analyzed the attack, consequences, and impact on society. In this, I learned that the motivating factors behind the majority of cyberattacks were money, data, and geopolitical factors. I found that users of the technologies targeted in the attack were mostly to blame for the attack due to their poor online safety practices. Software developers may have been able to write more secure code for some of these attacks, but in the end the users bore the responsibility. In response to the attacks, there was very little governmental initiative. With the exception of a few laws and regulations that were passed, the government did not enforce sweeping legislation following the attacks. Throughout the research, I found that there was very little information being shared publicly about how the attack occurred from a technical standpoint. Without this information, software developers are not able to properly respond and learn from an attack on another company or institution. Greater emphasis on online safety training for users as well as more transparency following attacks will help to mitigate future attacks. Using this information, we can decipher where we have failed in the past and use these lessons to better secure our future. Together, both the technical project and STS research have real implications. They provide both an analysis of what we have done in the past to solve the problem of cyber security and an example of what we are doing currently. This can give us an insight into what we can do in the future by looking at our current technology and learning from our past mistakes in order to create a safer and more secure future.
