A HEURISTIC FOR EMERGENT NETWORK THREATS
The COVID-19 pandemic has starkly highlighted our need to better understand and respond to emergent threats that can rapidly spread through networks. From biological attacks to misinformation campaigns, these complex threats demand swift, effective action. But how can we categorize and respond to such diverse challenges? This article introduces a heuristic framework for classifying emergent network threats, offering a practical tool for emergency responders, policymakers, and security analysts.
Our framework categorizes threats into seven types: Time-critical, Early-Warning and Response Systems, Containable, Enders, Dragon Kings, Black Elephants, and Black Swans. Each type is characterized by its eradicability (how easily it can be neutralized) and its evolution over time. This classification provides a nuanced understanding of the diverse challenges we face in our interconnected world.
Time-critical threats can be effectively addressed only within a specific, often short, time frame. These threats require immediate attention and swift action to prevent them from evolving into more severe forms. Early-Warning and Response Systems can be eradicated if detected and addressed early. The effectiveness of these systems often determines whether a threat can be contained or if it will escalate. Containable threats can be managed even at mature stages through targeted interventions. These threats are often manageable through policy interventions, network control measures, or other targeted strategies.
Enders represent the most severe category in our framework. These are non-stoppable threats where damage is limited only by the threat’s intrinsic features. Once an Ender threat begins, it is extremely difficult or impossible to halt its progression. Dragon Kings, also known as “Grey Swans,” are predictable early with sophisticated systems. These threats can be anticipated and potentially mitigated if the right detection mechanisms are in place. Black Elephants are easily detectable threats that become non-eradicable at mature stages. These are often obvious in hindsight but challenging to address once they’ve fully developed. Finally, Black Swans are characterized by retrospective, but not prospective, predictability. These events are often rationalized in hindsight but were not anticipated before their occurrence.
One of the biggest risks in threat management is misdiagnosing the type of threat we face. This can lead to ineffective resource allocation and failed containment efforts. Understanding the distinct characteristics of each threat type is crucial for implementing appropriate response strategies.
Consider how this framework applies to real-world scenarios. In the case of pandemics, understanding transmission rates, incubation periods, and population densities is crucial to identify whether we’re dealing with a Time-critical threat or an Early-Warning and Response System type. For sociopolitical polarization, tracking early warning signs like increased hate speech and echo chambers can help determine if we’re facing a potential Dragon King or a slowly evolving Black Elephant. In cybersecurity, developing a comprehensive understanding of vulnerabilities, threat actors, and attack vectors is essential for distinguishing between Containable threats and potential Enders.
The framework also has implications for how we approach threat mitigation. It suggests that in some cases, redesigning the network structure of the system being secured may be more effective than investing in complex early-warning systems. For instance, it may be less burdensome to alter the nature of a threat (making it Containable) than to invest large resources in sophisticated early-warning systems for a potential Dragon King type of threat.
By focusing on the time-criticality of threats and their potential trajectories, we can design more efficient strategies for threat mitigation. This approach enables us to develop more targeted response strategies, allocate resources more effectively, and make better-informed decisions about when and how to intervene.
As we face increasingly complex challenges in our interconnected world, this heuristic framework offers a structured approach to understanding and addressing emergent network threats. By categorizing threats based on their characteristics and potential trajectories, we provide a valuable tool for analysts, policymakers, and security professionals. The future of crisis management lies in our ability to quickly and accurately identify the nature of emerging threats and respond accordingly.
How might this framework change your approach to risk management in your field?
References
Pickard, Galen, et al. “Time-critical social mobilization.” Science (2011).
Rutherford, Alex, et al. “Limits of social mobilization.” Proceedings of the National Academy of Sciences (2013).
Wein, Lawrence M., David L. Craft, and Edward H. Kaplan. “Emergency response to an anthrax attack.” Proceedings of the National Academy of Sciences (2003).
Taleb, Nassim Nicholas. The black swan: The impact of the highly improbable. Random House, 2007.
Sornette, Didier. “Dragon-kings, black swans and the prediction of crises.” arXiv (2009).
Kauffman, Stuart A. “Origins of order in evolution: self-organization and selection.” Springer, 1992.
Bak, Per, Chao Tang, and Kurt Wiesenfeld. “Self-organized criticality.” Physical Review A (1988).
Liu, Yang-Yu, and Albert-László Barabási. “Control principles of complex systems.” Reviews of Modern Physics (2016).
Carlson, Jean M., and John Doyle. “Highly optimized tolerance: Robustness and design in complex systems.” Physical review letters (2000).
Bowman, David MJS, et al. “Fire in the Earth system.” Science (2009).
Cebrian, Manuel. “The past, present and future of digital contact tracing.” Nature Electronics (2021).
Kong, Quyu, et al. “Contact Tracing: Computational Bounds, Limitations and Implications.” arXiv (2021).
Pekar, Jonathan, et al. “Timing the SARS-CoV-2 index case in Hubei province.” Science (2021).
Shah, Chintan, et al. “Finding Patient Zero: Learning Contagion Source with Graph Neural Networks.” arXiv (2020).
Waniek, Marcin, et al. “Social Diffusion Sources Can Escape Detection.” arXiv (2021).
Scheffer, Marten, et al. “Early-warning signals for critical transitions.” Nature (2009).
Friedman, Thomas L. “Stampeding black elephants.” The New York Times (2014).
Madnick, Stuart. “How do you prepare for the unexpected cyber attack?.” SSRN (2020).
Axelrod, Robert, and Rumen Iliev. “Timing of cyber conflict.” Proceedings of the National Academy of Sciences (2014).
Johnson, Neil, et al. “Pattern in escalations in insurgent and terrorist activity.” Science (2011).
Bongard, Josh, Victor Zykov, and Hod Lipson. “Resilient machines through continuous self-modeling.” Science (2006).
Tero, Atsushi, et al. “Rules for biologically inspired adaptive network design.” Science (2010).
Kryvasheyeu, Yury, et al. “Rapid assessment of disaster damage using social media activity.” Science Advances (2016).
Helbing, Dirk, Illés Farkas, and Tamas Vicsek. “Simulating dynamical features of escape panic.” Nature (2000).
Mao, Andrew, et al. “An experimental study of team size and performance on a complex task.” PLOS ONE (2016).
Alfonseca, Manuel, et al. “Superintelligence cannot be contained: Lessons from Computability Theory.” Journal of Artificial Intelligence Research (2021).
Ord, Toby. The precipice: existential risk and the future of humanity. Hachette Books, 2020.
Perlroth, Nicole. This is how they tell me the world ends: The Cyberweapons Arms Race. Bloomsbury, 2021.
Flyvbjerg, Bent. “The law of regression to the tail: How to survive Covid-19, the climate crisis, and other disasters.” Environmental Science & Policy (2020).
Acknowledgments
Special thanks to Daniel Sax and Jürgen Rossbach for graphical design support, Jonathan Simons for editing support, and Albert Vazquez for key insights. I also want to acknowledge the contributions of OpenAI’s GPT-4, and Anthropic’s Claude, which provided valuable editorial assistance in the writing of this article.
