Penetrating Real-Time Threat Behaviour: Cyber Analytics and the Pen Tester

Penetrating Real-Time Threat Behaviour: Cyber Analytics and the Pen Tester

It’s the wild, wild, west out there in cyberspace, except the feral camels[1] that once roamed Texas are the hackers, and they’re roaming beyond borders and through firewalls on the daily.

At present, cyber threat intelligence gathering is a mish-mash of intrusion detection system logs, port scans, IP addresses, information sharing platforms, Twitter feeds and traditional write-ups. There is no one consistent language used across these platforms to refer to attacks, techniques or procedures and there’s no one single source of data. Much like post-truth America, you’ve got to look in all the right places to piece together the whole story and even then it’s hard to know if you’ve put the puzzle together the way it was intended. What this means is while there’s massive complexity when trying to understand the path an attacker has taken, it also means that there’s huge potential when it comes to leveraging the data or bits (pun intended) of evidence a hacker leaves behind.

Information Gathering and the Penetration Tester

Penetration testers, who are my focus here, do much of their work when it comes to figuring out attack paths and new ways to penetrate, based on historical data or tried and true ways to compromise a system or application. They might listen to a few podcasts, keep an eye on social media, follow a hacking news website and sign up to a mailing list, but all of this is hugely labour intensive and no one person has the hours in the day to keep on top of, let alone be well versed in, all the latest attacks. The dream, of course, is to have a program or Artificial Intelligence learn the tactics, techniques and procedures of hackers out in the wild, bring it all back into a nice table where all the data is the same data type, turn into a visualisation with a gorgeous dashboard and then teach the team new attacks on the fly as they happen in real-time. This, dream, as wondrous as it sounds, is hanging above the Magic Faraway Tree and yet to be written down and sold as a four set gold embossed collection. What we do have, and I’m focusing here on open source data and software, are many tools and data sets that can bring us just that little bit closer to a rousing monologue that could change the history of how we prevent cyber-attacks in the future.

Big Data Big Complexity

For data analysts, one of the problems with data on the internet is that it comes in many forms, with many definitions and no one universal dictionary to look-up in order to know for sure what a word or a phrase means. Structured Threat Information Expression[2] or STIX, which created by the United States Department of Homeland Security) and is used here in Australia by our own Cyber Security Centre, was created to address this issue. It’s useful in order to try and start standardising the way we talk about cyber threat intelligence so that we are all in fact, having the same conversation, in the same language. Some platforms, like MISP[3] which is a Malware Information Sharing Platform created by Christophe Vandeplas who was working for the Belgian Defence Department at the time, allows users to export the Indicators of Compromise (IOC) that they and others share on the platform in the STIX format. This actively aids the development of a threat intelligence language so that we may use it to talk back to one another and share with the various systems we all use. MISP itself is an interesting platform with the public instance of it boasting more than 1000 organisational users from the across the globe, including the big players like Google, Apple, and our own Federal Police. It’s great at gathering threat feeds that are readily usable for other machines to digest but like every feed I’ve found to date, it tells only one part of the story of an attack or attempted attack. To tell the whole story, human research, interpretation and reasoning is needed, along with further data and frameworks in order to be able to map or make sense, of what actually happened blow by blow. Therefore, mapping attacks is where MITRE’s ATT&CK Framework comes in. ATT&CK describes why an action was performed and the technique used to do it, which is often missing in publicly released reports or write-ups that gloss over the specifics of an attack. MITRE have even produced a STIX version of ATT&CK so you can output the data in a standardised format.

So Many Data Types So Little Time

Using a common language is not the only challenge when it comes to data mining threat intel because when you’re out in the wild looking for feeds that deliver indicators of compromise or information, not all data is created equal. You’ll find XML, JSON, JavaScript, images and if you’re lucky, APIs to query data in a more programmatic way. At this point you’ll need a good grasp of either Python or R to make HTTP requests to get the data like you would if you’re looking up a regular web address, and then you’ll sometimes find purpose built libraries which are often built in Python. So depending on your language preference, R for beauty and simplicity or Python for a more smash and grab approach, both are good to have in your tool belt. Once you’ve pulled the data from various feeds and platforms, you’ll then notice that you’ll have to transform it into something much easier to work with, than JSON key-value pairs which is where data frames come in. Each data set will have particular information that doesn’t always match information in other data sets so cleaning the data is a crucial activity too. After this, you’ll then need to push it to an unstructured database of your choice. Then and only then, can the magic happen. The magic being a genius, yet simple way to collate masses of data and turn it into easy to digest threat intel, served with a side of sweet visualisation and predictive analytics in the making.

The future of cyber analytics is now and I am excitedly working towards making the internet a more hospitable place. I would love to hear from you if you are too.

[1] https://www.history.com/news/10-things-you-didnt-know-about-the-old-west

[2] https://oasis-open.github.io/cti-documentation/

[3] https://www.misp-project.org/index.html

Originally published by the Australian Cyber Security Magazine.

W0m3nWh0HackM3lb0urn3: Monthly Ethical Hacking Sessions

W0m3nWh0HackM3lb0urn3 is a safe space for women who are keen to learn to ethically hack. We are a community of women identified hackers who support each other to increase our skills and hack all the (legal) things. Why? There’s a worldwide shortage of skilled cyber...

Lesbian Desire Across The Ages: From Insane To Cult Hero

Cast your mind across everything you know about lesbians in history. In particular, Australian history. You might be able to name one or two lesbians, bisexuals or queer women from the 1900s, if you’re in the know. Otherwise, it’s a pretty bleak and sparse canvas,...

The era of Lesbian Bed Death is over, long live Lesbian Fuck Eye

The era of Lesbian Bed Death is over, long live Lesbian Fuck Eye

Sex is an art. And one that lesbians in particular have apparently, according to myth, taken a few decades to get their heads and legs around. Let alone actually in their beds. Today however, lesbian women have more orgasms, better sex and sex that lasts longer than their heterosexual female counterparts. And they’ve also mastered Lesbian Fuck Eye.

Lesbian Fuck Eye is an extension of what Cheryl Nicholas calls the Gaydar gaze, but it’s not only a gaze of sexual identity recognition. It’s an eye that embodies sexual desire and identity in one fell swoop. Simon Baron-Cohen has identified the language of the eyes and discovered that the eyes alone can convey mental states, like desire, in the same way that a whole facial expression can. Don’t I know it. And if you’re queer you know Lesbian Fuck Eye too.

Despite these enactments of desire, there is a myth that still clings to lesbian sex: that of the dreaded Lesbian Bed Death, or, the idea that lesbians shack up and then stop having sex, that sexual desire is completely absent from lesbian relationships.

The exact origins of the term Lesbian Bed Death are debated and refuted, but whatever its beginnings, the cultural stigma of LBD remains. There are slews of articles on the topic – usually written in the hushed tones of a lower case whisper, that graduate to a blaring upper case acronym.

The term Lesbian Bed Death is often attributed to sociologists Philip Blumstein and Pepper Schwartz, as a result of their 1983 study American Couples: Money, Work. But they never actually uttered those three words. What they did find was that lesbians had sex far less frequently than their gay male or heterosexual counterparts.

Blumstein and Schwartz’s research showed that in the first two years of a lesbian relationship, 43% of lesbians were having sex between one and three times a week, and the rest were doing it even less often. Compare this to 67% of gay men who were having sex three or more times a week and 61% for heterosexual couples, and you can clearly see the origins of this idea that lesbian desire dies in bed.

The stats get increasingly dire for lesbian desire as the years pass, with almost half of lesbians surveyed having sex less than once a month by the 10 year mark compared to 33%, of gay men, 15% of married couples and 7% of heterosexual couples living together.

Orgasm isn’t mentioned, not even in the index of their book. Pretty prudish really, even for the 80s.

Fast forward to 2014 and a new study (again, it’s American) focuses away from sex as an act and hones in on frequency of orgasm. The research found that lesbian women orgasm 74.7% of the time while heterosexual women orgasm 61.6% of the time, and bisexual women 58% of the time. Heterosexual men reign at 85.5%, gay men follow closely behind at 84.7%, and bisexual men lag behind at 77.6%. It appears that lesbian desire has come out of a death bed and into a bed laced with fuck eye. Add to this a 2009 study by Holmberg and Blair that found lesbians had higher sexual desire than men and women in heterosexual relationships, and it’s well and truly time to cut the cultural baggage of LBD.

 

The lesbian in popular culture is the always ready, sexually fluid, object of desire just waiting for a big cock to turn her straight. Think Chasing Amy, Gigli, The Kids Are All Right. Or else she’s dying in bed, presumably from boredom with her girlfriend and her devotion to the kitty-litter tray.

The lesbian, we are told, suffers not only from LBD but also the other mythical experience, made popular in the early 2000s by Showtime’s The L Word: the lesbian urge to merge. This is the idea that two women couldn’t possibly maintain sexual attraction for each other because they are two women, and instead all women in relationships want to do is to become one. Like a bad Spice Girls song.

But the studies show we’re desiring more and orgasming more – so what the actual fuck is going on with all the pop cultural LBD bullshit?

The answer: the still prevalent pathologisation of female desire as a lack, something that will fade, some thing that is so fragile and so potent all at once that only using the ominous word ‘death’ can do it justice.

 

But in reality, LFE is everywhere. It’s the glance you give a woman on the street, loaded with desire and the knowing that says, I see you, you see me. Yes, I feel you.

It’s the gaze that dares to last longer than a glimpse. The held gaze often goes hand in hand with short fingernails, and comes with a smirk. A rush of desire originating somewhere in the realm of the cunt region, with a throb of a clit, or an organ you don’t wish to identify or name.

It’s a much needed code that developed out of the heteronormativity that pervades daily life. A neckerchief of recognition and desire, without the need for one at all. It starts on the streets and finds its way to the dance floor, but it’s most ubiquitous in the bedroom, across dinner tables or purposely scotch guarded couches. It is the embodied history of a lust that had to claw its way from the private realm of the bedroom to the public domain of the eye. An eye that is not only able to be recognised for its desire, but its sexual identity and sexuality.

Screw Lesbian Bed Death. Lesbian Fuck Eye is the new [orange and] black.

Originally published by Archer Magazine.

Kneel

I’ve knelt down and opened my mouth to check the heart beat of many women it lives there louder than the organ that sustains us but only this time have I opened my heart wider than my legs and said   I love you for the way you make my eyes widen before our lips have a...

Lesbian Desire Across The Ages: From Insane To Cult Hero

Cast your mind across everything you know about lesbians in history. In particular, Australian history. You might be able to name one or two lesbians, bisexuals or queer women from the 1900s, if you’re in the know. Otherwise, it’s a pretty bleak and sparse canvas,...

WTAF is IoT?

WTAF is IoT?

From space, to transport, to the design of cities, IoT is the latest acronym to sweep the cyber landscape.

IoT is short for Internet of Things and was coined by Kevin Ashton in 1999.  IoT is any device, be it your phone, laptop or Raspberry Pi that is connected to the internet. And so these devices come to be known as ‘things’, especially as more things like light globes, fridges, watches, TVs and vending machines are internet enabled. Depending on your position, this is either great for business or terrible for the human proclivity towards laziness because who wouldn’t want to turn their lights off from the comfort of bed right?

Business and government are particularly keen on the Internet of Things and what it can potentially do in terms of increased productivity, efficiency and citizen engagement. But the take home from many of the sessions at Melbourne’s recent IoT Festival was that many people have no idea what IoT is or how it can impact them in positive ways.

——

Traffic lights that are IoT enabled can send data back to traffic controllers (both real life and digital) who can then increase or decrease stopping signals depending on traffic flow and therefore make our roads less congested and more efficient. Goodbye bumper to bumper (I can dream).

A water company in South Korea was fitted out with IoT devices by local Mount Waverly team Freestyle Technology. What this meant from a social good perspective is that when their devices that were fitted to local houses detected zero water usage, a social worker was then called out to check whether the resident was in distress. This is in addition to the usual ways you could imagine IoT and smart water working. These range from detecting leaks with much greater speed, creating alerts if there are failures along the pipeline, tracking worker locations to minimising down time because the whole system is delivered in real-time and able to be visualised and understood remotely.

Japanese smoking rooms are also a great example of IoT enabled things. The devices in these rooms can detect how many people are in the room and increase or decrease the ventilation required which resulted in a 30% increase in energy savings for companies who use them.

Gelato companies have partnered with uber so their clients can literally track how far away their sugar hit is. Farmers have taken up the call with water monitors that are IoT enabled. These devices send farmers a message if their livestock’s water is low and save them from dehydration and potential loss of income from sick animals. Coca-cola envision a day in the not too distant future where drones drop off coke via your GPS location so you could be sipping coke while you wait for your pizza delivery in the park on a Sunday arvo, which is already has IoT written all over it.

In Queensland, the government developed an open data policy and provided an app called Breathe Easy which measures air pollution & water quality so residents can decide where they’d like to live based on environmental concerns.

The word on the street is that people are hungry for tech and IoT enabled devices are the latest way to get satiated. But with all the data being collected already and an estimated 75 billion devices predicted to be online by 2020, the kinds of data being collected is also crucial so we don’t end up with systems and languages and devices that don’t talk back to one another. Standardisation is key when thinking about where to from here as are guidelines around the security of IoT devices from the code used to create the interface to the person or people on the other end. Many of the security issues that we already face with devices such as our laptops and phones are exactly the same. From insecure code, users with insecure passwords and people all along the supply-chain without sufficient knowledge of what it is to be secure and what it all means on a day-to-day way when you engage in risky behaviour. The answer as always is education. Another key take home from the conference is the ability to tell stories about how and why these things are important to the people that use them. STEAM or Science, Technology, Engineering, Arts and Maths majors will come into their own in this space and are why there are ever louder calls for people with communications skills to enter the IT industry.

There are no current accepted standards when it comes to the IoT. What there is, however, are Australian guidelines which outline the importance of embedding security in IoT devices and therefore code from the ground up, rather than as an afterthought which is often the case. Data security is also crucial, especially with the recent global attacks and the proliferation of highly sensitive data connected to IoT devices like health records. Additionally, monitoring of devices is important to enable vulnerabilities are identified before they become a beacon for hackers and of course, ongoing compliance and risk assessment as landscapes, software, users and hacks change and evolve, often on a daily basis.

IoT is here and chances are, you’re already a node in the network.

Mad, criminal or straight: Female desire in film and TV

  When it comes to representations of lesbians in film and television, sometimes they're there, mostly they’re not. And if they are, they're mostly confined to cells. The lesbian in popular culture is usually mad, criminal or she’s really, actually, heterosexual....

Penetrating Real-Time Threat Behaviour: Cyber Analytics and the Pen Tester

It’s the wild, wild, west out there in cyberspace, except the feral camels[1] that once roamed Texas are the hackers, and they’re roaming beyond borders and through firewalls on the daily. At present, cyber threat intelligence gathering is a mish-mash of intrusion...

Gender Inequality in the IT Sector and Why it’s Bad for Business and Society

Gender Inequality in the IT Sector and Why it’s Bad for Business and Society

This piece focuses on diversity from a gender perspective. It recognises that the term diversity encompasses many more social categories than gender, such as, race, nationality and sexuality. However, the piece limits its discussion to gender, and specifically, to women’s participation in the IT workplace. It explores the social and cultural history of women’s participation in the workforce, the current gender pay gap and how this influences women’s participation in the IT workplace in particular. Furthermore, it explores ways to increase diversity in the IT workplace and why this is important from not only a social equality perspective but financial and economic perspective.

As Sonja Bernhardt notes, women in technology have been present across history (Bernhardt 2014, p. 1). The first computer programmer, Ada Lovelace, was a woman, as was Grace Hopper, who created the first compiler in 1952 (Bernhardt 2014, p. 2). These names have become increasingly well known due to the push to recognise female erasure from history and write women back into the pages of history. Yet it is the pervasive “social and cultural contexts” (Bernhardt 2014, p. 1) that act as “barriers against” (Bernhardt 2014, p. 1) women which not only hinder but also suppress female involvement (Bernhardt 2014, p. 1). What Bernhardt is addressing, is at once, the historical oppression of women in regards to access to education and their concomitant exclusion from traditionally male dominated fields, in this case, anything considered technical.

In Australia, we currently have a gender pay gap, that is, the gap between what men and women are paid for doing the same job. PriceWaterHouseCoopers Annual Women in Work Index (2016), which combines key indicators of female economic empowerment into a single comparable index for 33 OECD countries, found that Australia has continued to fall in the rankings as other countries have improved, falling back to pre-2007 performance in 20th place. Women are paid $83 for every $100 her male counterpart earns on average across the OECD (PricewaterhouseCoopers 2016, p. 3). Women who report being underemployed and unable to find more hours is also a significant issue with more than half a million women, or nearly a quarter of all part-time workers (PricewaterhouseCoopers 2016, p. 3) falling into this category. As the Workplace for Gender Equality Agency in Australia state, “women represent one half of the global population—they deserve equal access to health, education, earning power and political representation” (2016, pp. 1-2). In an ideal world, diversity in the IT workplace would be representative of women holding one half of IT positions and being paid the same wage for the same job.

In Australian IT workplaces in 2011, only 25 per cent of employed Information technology qualified workforce aged 15 years and over were female (Professionals Australia 2015, p. 4). This lack of gender equity is also found at Universities where the “gender gap in computing is getting worse” in both the United States (Accenture Research & Girls Who Code 2016, p. 2) and Australia. In Australia, domestic female enrolments in computing have declined” (Vivian 2015). While, in the U.S., the gap is not just low, it is lower than female participation in computer science majors in the 1980s. Statistically, in 1984, 37% of computer science majors were women, today, only 18% are (Accenture Research & Girls Who Code 2016, p. 3).

The aforementioned 2016 report by Accenture and Girls Who Code, found that universal access to computer science risks re-enforcing the prevailing gender imbalance in IT, and that exposure alone is “insufficient to increase the proportion of girls pursuing computer science” (Accenture Research & Girls Who Code 2016, p. 3). What they are highlighting is that the gender stereotypes around what kind of people study and then pursue careers in IT are so powerful that new ways of representing what IT is and how it can appeal specifically to girls and women need to be constructed. They suggest that the key to improving women’s participation rates are a three-fold education program which focuses on, “sparking the interest of girls in junior high school, sustaining their commitment in high school where early gains are often lost, and inspiring college undergraduates by reframing computer curriculums” (Accenture Research & Girls Who Code 2016, p. 3). They give an example of reframing curriculum with the University of California Berkeley, who renamed their ‘Introduction to Symbolic Programming’ course to, ‘Beauty and the Joy of Computing.’ This change of name resulted in women outnumbering men among the course attendees for the first time in 20 years (Accenture Research & Girls Who Code 2016, p. 14).

Societal representations of who does IT are critical, especially in younger women because if women and all categories of people for that matter, cannot see representations of themselves on TV and in the media at large, how can they aspire to become what they do not see? For example, in 2015, only 17% of the top grossing films had a female lead (Geena Davis Institute on Gender in Media 2016). A further breakdown of this data to explore women’s representation in STEM fields, found between 2006 and 2011, women made up only 16.3% of characters in family films and 21.1% of characters in prime-time TV show’s (Smith et al. 2013) which is an improvement, and on par with women currently working in the sector.

Outside of the pursuit of equality being a reason to cultivate diversity in the IT workplace, there are also economic reasons to cultivate gender diversity. The 2016 Australian business case for gender equality report highlights that, workplace gender equality is associated with, improved national productivity and economic growth, increased organisational performance, enhanced ability of companies to attract talent and retain employees, and enhanced organisational reputation (Workplace Gender Equality Agency, p. 1). Goldman Sachs & JBWere calculated that the rise in female employment since 1974 has boosted Australian economic activity by 22% and that a 6% increase in the female participation rate would boost the level of GDP by 11% (Workplace Gender Equality Agency 2016, p. 2). In a similar vein, the Grattan Institute estimates that increased access to childcare and tax benefits would act as incentives for women to enter the workforce and increase the size of the economy by $25 billion annually (Workplace Gender Equality Agency 2016, p. 2). Thus, showcasing that there are also distinctively economic reasons for increasing workplace diversity.

Further to this, the business case for gender equality report found that, “more gender balanced teams are better in promoting an environment where innovation can flourish compared to teams of one particular gender” (Workplace Gender Equality Agency 2016, p. 3). In an increasingly global world, innovation is crucial to remaining competitive both locally and internationally. This recognition has prompted an effort to get more women on company boards both in Australia and globally. A report by MSCI found that, companies who had strong female leadership generated a return on equity of 10.1% per year versus 7.4% for those without (MSCI 2015, p. 4). Interestingly though, a 2014 global survey of 21,980 firms headquartered in 91 countries, found that the presence of female CEOs has no noticeable effect on firm performance (Noland, Moran & Kotschwar 2016, p. 3) unless there are women in positions of power throughout the organisation, and not just one lone woman at the top. This survey also found that a transition from no female leaders to 30 per cent representation is associated with a 15 per cent increase in the net revenue margin (Noland, Moran & Kotschwar 2016, p. 16). Thus, highlighting the importance of gender diverse workplaces when it comes to creating innovation and overall performance.

However, this research is critiqued by Sonja Bernhardt, who argues that theories about a leaky pipeline (Bernhardt 2014, p. 75), in other words, women not having access to positions of power across organisations, and the idea that once women reach a critical mass things will change, are outdated. Bernhardt, highlights that “if 30% is the critical mass figure for women in ICT professions, then it is close to being reached in user support and operation technician occupations, and there should be evidence of culture change in these occupations” (Bernhardt 2014, p. 75). This culture change, as I have discussed has not occurred. As a result, she argues that these theories “ought to be cast aside” (Bernhardt 2014, p. 85) and we should instead focus on what individuals want. Despite this assertion, and the merit of an individual approach, I suggest we cannot simply separate the individual from the larger cultural and social contexts that they exist within, especially when it comes to gender diversity and the context of an IT workplace.

Accenture’s Getting to Equal 2017 report reminds us that “that today’s female university students in developed markets could be the first generation in history to see the gender pay gap close in their professional lifetimes” (Accenture 2017, p. 2). To ensure this happens however, they must makes strategic choices and learn more digital skills (Accenture 2017, p. 2). In addition to this, businesses, governments and academia must also provide crucial support. The report identifies three powerful equalisers to closing the pay gap and the IT workplace is integral to addressing the issue. These are the cultivation of digital literacy, having a career strategy and having opportunities to be immersed in tech and therefore advance their careers as quickly as men (Accenture 2017, p. 3).

As this report has shown, gender diversity in the IT workplace is undoubtedly a current challenge facing IT professionals and the nation at large. However, multiple solutions and strategies to meet the challenge head on are at hand. These include, targeted curriculum, female role models, deconstructing gender stereotypes around men and women’s work and opportunities for women to become more digitally literate. After all, if IT workplaces are equally appealing to men and women, organisations have access to a larger pool of talent (Workplace Gender Equality Agency 2016) and the individual, organisation and economy all benefit.

Reference List

Accenture 2017, Getting to Equal 2017: Closing the Gender Pay Gap, Accenture, New York.

Accenture Research & Girls Who Code 2016, Cracking the Gender Code, Accenture, New York.

Bernhardt, S 2014, Women in IT in the New Social Era: A Critical Evidence-Based Review of Gender Inequality and the Potential for Change, Advances in human and social aspects of technology (AHSAT) book series, Hershey.

Geena Davis Institute on Gender in Media 2016, ‘The Reel Truth: Women Aren’t Seen or Heard’, viewed 24 March 2017, <https://seejane.org/research-informs-empowers/data/>.

MSCI 2015, Women on Boards, MSCI, New York.

Noland, M, Moran, T & Kotschwar, B 2016, Is Gender Diversity Profitable? Evidence from a Global Survey, Peterson Institute for International Economics, Washington.

PricewaterhouseCoopers 2016, International Women’s Day PwC’s Women in Work Index, PricewaterhouseCoopers, Sydney.

Professionals Australia 2015, Women in STEM position paper, Professionals Australia, Melbourne.

Smith, SL, Choueiti, M, Prescott, A & Pieper, K 2013, ‘Gender Roles & Occupations: A Look at Character Attributes and Job-Related  Aspirations in Film and Television’, viewed 25 March 2017, <https://seejane.org/wp-content/uploads/key-findings-gender-roles-2013.pdf>.

Vivian, R 2015, A Look at IT and Engineering Enrolments in Australia, The University of Adelaide, viewed 24 March 2017, <https://blogs.adelaide.edu.au/cser/2015/07/03/a-look-at-it-and-engineering-enrolments-in-australia/>.

Workplace Gender Equality Agency 2016, The business case for gender equality, Workplace Gender Equality Agency, Sydney.

Inside Google South Korea as a Google Women Techmakers Scholar

Utter the words, ‘I’m going to Google’ and a collective awe spreads across faces like seeing your favourite singer on stage for the very first time. Google has undoubtedly reached rock star status in the collective consciousness of almost anyone who has ever had the...

WTAF is IoT?

From space, to transport, to the design of cities, IoT is the latest acronym to sweep the cyber landscape. IoT is short for Internet of Things and was coined by Kevin Ashton in 1999.  IoT is any device, be it your phone, laptop or Raspberry Pi that is connected to the...

Online harassment of LGBTI people: A Crime by Any Other Name

Online harassment of LGBTI people: A Crime by Any Other Name

Policymakers need to commit funding to studying online harassment of LGBTI people and how to respond to it.

The Internet was once considered the domain of the unreal, a kind of pseudo-utopia where anything goes and anything can be said or posted, at least for young, middle-class, white heterosexual men. Yet just as society at large is called to acknowledge the ways in which privilege operates to silence all those who are not born white, into upwardly-mobile families, gendered male and also heterosexual, so too must the online world be called to acknowledge the ways in which it operates as a breeding ground for inequity and abuse.

A recent study by La Trobe University’s Dr Bianca Fileborn found that street harassment of lesbian, gay, bisexual, transgender and intersex (LGBTI) people is alarmingly high. We know homophobia lives on the streets, in our workplaces, and in our political debates over marriage equality. What we really don’t know is whether this kind of harassment extends to the online worlds many of us only leave to sleep.

A huge percentage of the LGBTI population are active online. In the US, according to a 2013 survey of LGBTI people conducted by the PEW Research centre, 80 per cent of LGBTI respondents participate in social networking sites, such as Facebook or Twitter, compared to just 58 per cent of the general public. For me and many others in the LGBTI community, the Internet serves as a place of connection in a world that is so often hostile to particular manifestations of desire. Whether it’s for dates, information, or merely feeling seen, the net offers a space that can foster social inclusion. But, like all things, there is a flip side to this experience.

Increasing attention has been focused on digital abuse and cyberbullying, particularly around young people. The experiences of adult LGBTI people, however, have been scarcely studied, particularly in Australia. Here’s what we do know.

In 2011 MTV and the Associated Press surveyed 1,986 people between the ages of 14 and 24 in the United States. They found that that 51 per cent of lesbian, gay and bisexual people were frequently discriminated online, second only to overweight people. The most prevalent slurs were “that’s so gay” (65 per cent), “slut” (55 per cent) and “fag” (53 per cent). It’s a reminder that classroom barbs seep into the digital worlds we inhabit with seeming ease.

A year later in 2012, Queensland University of Technology surveyed 528 first year Australian university students. The study found that non-heterosexual men were more likely to be cyber-bullied than non-heterosexual women. Interestingly though, the experiences of heterosexual and non-heterosexuals online regarding abuse was actually very similar. The study’s authors reminded us that the impact of cyberbullying may outweigh the effects of traditional bullying due to the limitless audience and ability for comments, pictures and videos to go viral and therefore never have an end, either in time or location.

Perhaps the most well-known case of cyberbullying against a member of the LGBTI community is that of 18-year-old Rutgers university student, Tyler Clementi. Clementi’s roommate captured him having sex with another man by secretly using his webcam without his consent. Dharun Ravi went on Twitter to announce Clementi was “making out with a dude” which he watched with a friend and then live streamed to his 150 twitter followers. A day later Clementi committed suicide in what the media called cyberbullying but what the US courts declined to label as a hate crime. Academic Jessica S Henry calls it bias-based cyberbullying, citing anecdotal evidence that in the month of September 2010 alone, the same month that Clementi committed suicide, at least nine other men also committed suicide after being harassed online because of their sexuality.

In 2015, UK’s Stonewall found that 5 per cent of LGBT adults and 23 per cent of LGBT pupils reported that they had been the target of homophobic abuse or behaviour online in the past year. This research prompted the UK Government to launch a website to help victims of online abuse.

Closer to home, Amy Middleton and her team at Archer Magazine were recently the subject of online abuse. Archer is pitched at telling the stories of the LGBTI community in Australia that mainstream media doesn’t address and does it so well they won a UN Human Rights Media Award. But still they were attacked by a prominent blogger for their appearance, work, bios,  and identities.

More recently, Melbourne’s LGBTI community radio station JOY 94.9 FM received a bomb threat via email. I was recently told via twitter that I need God to turn me away from my “animalistic and evil lust.”

We know harassment and marginalisation leads to increased risk of mental health problems including drug and alcohol misuse, reduced social participation, economic disengagement, even suicide. This affects every single one of us, LGBTI-identified or not.

What is needed is a specific Australian response, but in order to create it, we need more research. Not $7.5 million dollars proposed as part of the plebiscite for advertising against the push for marriage equality that will further marginalise LGBTI people, but dollars to create a safer Australia, no matter one’s desire or gender identity.

This response needs to include research into current statistics so we know the breadth of the problem, analysis of existing responses like the website the UK funded as a result of addressing their online harassment issue, assessing whether such an approach worked and whether it would work in Australia, as well as involving police, policymakers, organisations and community members so a collaborative approach is employed.

If you or someone that you know is feeling overwhelmed or is affected by sexuality or gender-identity harassment, support is available. Call QLife: 1800 184 527 or visit www.qlife.org.au, KidsHelpLine: 1800 55 1800 (for teens and young adults), or Beyond Blue (24/7): 1300 22 4636.


Brigitte Lewis

This piece was first published at Policy Forum, Asia and the Pacific’s platform for public policy analysis and opinion. Read the original here: http://www.policyforum.net/a-crime-by-any-other-name/#republish

Inside Google South Korea as a Google Women Techmakers Scholar

Utter the words, ‘I’m going to Google’ and a collective awe spreads across faces like seeing your favourite singer on stage for the very first time. Google has undoubtedly reached rock star status in the collective consciousness of almost anyone who has ever had the...

The era of Lesbian Bed Death is over, long live Lesbian Fuck Eye

Sex is an art. And one that lesbians in particular have apparently, according to myth, taken a few decades to get their heads and legs around. Let alone actually in their beds. Today however, lesbian women have more orgasms, better sex and sex that lasts longer than...