Η συντριπτική πλειονότητα των αναφορών που δημοσιεύονται από τον κλάδο της ασφάλειας στον κυβερνοχώρο επικεντρώνονται σε θέματα κατασκοπείας και κρατικών attacks, ignoring the threats to civil society and creating a distorted view of the real landscape of cyber threats.
This of course affects policymakers and academic work.
In an article that published in the Journal of Technology Technology & Politics, a team of academics made up of some of the biggest names in cybersecurity and the internet, analyzed 700 cyber security reports published over the last decade, between 2009 and 2019.
"The reports we collected came from two types of sources: first, from commercial threat intelligence vendors (629 reports) and second, from independent research centers (71 reports)," the academics said.
In addition, the team looked at data from AccessNow, a digital rights advocacy team, to understand the real digital threats, as reported by the end users themselves.
The research team - made up of prominent names in the field of cyber security such as Lennart Maschmeyer, Ronald J. DeibertAnd Jon R. Lindsay - found that only 82 of the 629 trade reports of attacks (13%) also concerned civilians.
Of those 82, only 22 reports were a threat to civil society at the heart of their investigations, while the remaining 607 commercial reports focused on cybercrime gangs and government agencies (APTs).
In contrast, most reports published by independent research centers focused on threats to civil society.
Maschmeyer, Deibert and Lindsay believe this is due to the fact that reports from cyber security companies serve to advertise the threat of more profits.
"Commercial reporting is driven by specific business interests that determine what will be reported and what will not," said the research trio.
Cyber security companies - chasing large corporate clients and government contracts - focus primarily on cybercrime investigation, financial espionage and critical infrastructure sabotage. But they are unaware of the threats to individuals, minorities or civil society as a whole.
"High-level threats to high-profile victims take precedence over reports, while threats against civil society, which do not have the resources to pay for high-level cyber defense, tend to be neglected or completely excluded," the research team said. .
"This situation is a failure market as it leaves those who need more accurate information about threats – vulnerable actors in civil society – less informed.”
We know that cyber security companies are behind most cyber security reports. The research trio states that this current situation produces "a systematic bias in reporting" which is likely to "affect the perception of both policy makers and the researchers themselves". Finally, it can affect government policies, national defense strategies and academic work in the long run.
The best example of this theory, researchers published in June, is presidential elections of the US in 2016.
The US cyber security services cracked down on her through social media campaigns targeting civil society.
“This Russian influence campaign targeting civil society has caught most scholars and policymakers asleep. It did not correspond with the models of prevailing threats and thus focused on guarding infrastructure from the large scale of digital espionage," said Maschmeyer, Deibert and Lindsay.