Attack Surfaces in Society

10 Feb, 2025

In cybersecurity we talk about attack surfaces, which are different avenues in which vunlerabilities in systems can be exploited. There are a couple of different attack surfaces such as

physical attack surfaces, which are physical machines such as servers, computers and USBs
digital attack surfaces, which are software, ports, or points of entry
social engineering attack surfaces, which is asking someone for their password or other methods of getting information for malicious purposes

These show different parts of the same system (an IT-system) which can be attacked from different points. Some systems are more physically robust but have poor training of its employees who can easily be lured to give out information. Eventually someone would find a point of entry through some old unforeseen code as we saw in the Shellshock bug back in 2014. If I want access to a system these are generally the routes to go. In any case, we have these different ways of maliciously gaining control of, or attacking a system.

In political science these are not terms that we usually think about. But recently I’ve thought about how, with a little tinkering of the metaphor, we could start thinking about attack surfaces in society too. In particular, my main thought was to look at different surfaces of what makes up a society and how, if possible, one could attack them. I have thought that a logical starting point could be these surfaces:

Informational
Economic
Logistical
Judicial
Physical
Energy
Cultural
Medical
Geographic
Digital

And,

Ecological

Some might think that there are repeats here such as geographic and ecological or physical and medical, but I will try to distinguish and justify the categories as much as I can. The idea that society is home to many different cooperating systems is not new and pretty foundational in systems theory and cybernetics. But I thought that I could try to be a little creative and go about this my way. Let’s think like someone who would want to pentest these systems and go through the different systems and describe what makes them up and how we can go about trying to break them. I want to try to understand what makes some of these systems work and how one could subvert this in different ways in order to understand what vectors of attack one could postulate. Maybe this turns out to be a major dudd, but I hope that we can learn how some of these systems are supposed to work and what we can do to prepare ourselves in our own societies for eventual attacks on these systems.

It should go without saying that the following is my interpretation of these systems. Since I am not an informations expert lawyer who paints and does medicine and economics as a hobby, I will of course be naturally stunted by the fact that I cannot learn and do everything. I don’t want to step on anyones toes and if you have an interjection or objection to what I produce I would love to hear your constructive criticism. The fun aspect of this is going to be to learn about the general sphere of these and not get to bogged down into finer details. Instead of learning about the intricacies of neoexpressionism, we will look at what culture does and how it disseminates attitude and affect. Instead of digging into 1920’s case law, we will try to figure out how judicial systems work and what presuppositions it holds. I want to think generally and resist granularity for now. Pentesting (or attacking) is about finding granular details in particular surfaces and exploiting them. But in order to delve deeper you first need to understand some fundamentals about computers, networks, the web, interaction, and the logic which underpins it all.

A last note about systems before you move on. As stated previously, systems can often intermingle or be closely related without being the same system. Despite this, most systems have this weird tendency to show unexpected results from small differences in input. So, small inputs can produce large outputs. If you are familiar with Conway’s Game of Life you know what I am talking about. There are certain patterns which produce exponential results or even infinite growth. While an illness cannot reproduce itself infinitely (since there is a finite amount of living creatures), it can grow incredibly quickly from very modest start points. The right person being infected at wrong time can wreck havoc on an urban center or even put the world in to lockdown. Understanding attack surfaces is about trying to understand generally how different systems influence us and other systems. So, while I discuss systems independently from eachother, they are very much dependent on eachother and will frequently overlap.

With this said, let us start this non-comprehensive journey with systems and talk about a persons interaction with systems.

.dash

Interacting with Systems →

Comments

#attacksurface