Today’s New York Times has a fascinating article on a new report by Mandiant, a U.S.-based computer security firm, linking an increasing percentage of the world’s computer hacking efforts to the Chinese military.
There’s a lot of eye-opening material in the article, but I want to focus on something that’s discussed a lot in the article, but not really analyzed: Mandiant’s methodology. For many, the power of the internet is in how it (supposedly) transcends space, allowing, for instance, a People’s Liberation Army agent in Shanghai to peer inside a computer in Chicago. However, what’s striking about Mandiant’s methodology for uncovering the hacking is that it’s almost entirely geographical. Most of Mandiant’s evidence is based on the large number of attacks that can be traced back to IP addresses that are registered in the neighbourhood of Datong Road on the outskirts of Shanghai, where the PLA’s Unit 61398 is based. Even the supporting evidence – e.g. a memo calling for the building to be provided with increased fibre optic capacity — ultimately connects to the internet’s geography.
It’s almost a cliché among geographers to note that geography still matters, notwithstanding rhetoric about globalization, the end of geography, and the “flattening” of the world (of course Thomas Friedman is everyone’s favourite straw man here). And there’s no shortage of scholarship that stresses how the internet serves as much to reproduce differentiations between places as it serves to transcend these divisions (for geographers’ contributions, see, for instance, work by people like Matt Zook, Martin Dodge, and Rob Kitchin) . But still it’s important to recall that the level of mapping between the geography of the internet and the geography of the underlying world is not arbitrary. After all, as I’ve explored in Managing the Infosphere, the IP system did not have to be so directly related to geographic places, and nowhere was it required that (some) internet addresses end with two-letter codes that connect them with specific countries. Decisions to establish the internet (and more broadly, the world of electronic communications) in this manner reflect how these networks have always been designed with an eye toward developing bounded territories as well as toward transcending those boundaries, a dual function that reflects (and reproduces) underlying dialectics in geographical political economy.
To date, however, most work on security vulnerabilities in the network has focused on the connections. Intuitively, it certainly makes sense that opportunities for breaching networks would occur when data and infrastructure cross boundaries, not in their emplacement. And yet, the methodology behind the Mandiant report reveals that one area where hackers face a challenge is in the mundane fact that for the internet (or, for that matter, agents of industrial espionage) to be everywhere they must also be somewhere.
– Phil S.