Originally written in 2023:
Amid disrupted supply chains, rising inflation, and accelerating biodiversity loss, political instability emerges less as an exception than as a symptom of a global system straining under the weight of its own fragility.
This fragility is partially buffered by landscapes reshaped to embody a logic of containment, where networked and logistical architectures – security zones, corridors, hubs, and gateways – guide and constrain flows. Within these shifting topologies, defensive measures work continuously to intercept and deflect threats, from malicious traffic to data breaches, forming a distributed apparatus that anticipates and mitigates disruption. Yet the sobering reality remains: no system can fully prevent or eradicate all threats, revealing a conceptual kinship between globalized networks and the adaptive, self-protective logics of an immune system.
Echoing Jussi Parikka’s (2016) notion of ‘viral capitalism,’ shifting currents of perturbation and uncertainty are amplified through the creation of new accidents and the emergence of novel risks, striking at the fragile fortifications of nation-state borders and the surveillance networks that stitch together biological, social, political, and digital systems. The appetite of viral capitalism turns toward appropriating – or absorbing – the potential of the Outside, that which resists commodification, transforming this resistance into a motor of continual reinvention, where each perceived threat or anxiety provokes correspondingly evolving resolutions (Parikka, 2016).
The interplay between threats and responses finds a strong parallel in biological immune systems and the sophisticated networks of defense emerging in cyberspace. In the body, the innate immune system forms the first line of defense, confronting invaders at physical barriers but providing no long-term immunity. Similarly, firewalls and initial protective measures in cybersecurity act as a barrier between private networks and the vast public Internet, screening threats before they penetrate deeper. When a pathogen – or a cyberattack – evades these first defenses, the adaptive system engages, crafting a precise, tailored response that neutralizes the threat, mirroring the dynamic, evolving logic of both biological and digital defenses.
For instance, the adaptive immune system exhibits learning, memory, and pattern-recognition capabilities, mediated by T lymphocytes that are programmed to detect and respond to specific antigens. Once activated, B and T cells proliferate, with a subset differentiating into long-lived memory cells. This dynamic mirrors the function of a cyber immune system, which similarly detects threats through pattern recognition while maintaining adaptive and memory-based responses (Wlodarczak, 2017). Given the necessity for security networks to detect and respond to threats, such systems can also be simulated and stress-tested – as Q et al. (2021) note, “to discover unknown attacks ahead of time, network security architecture should allow viruses and attack strategies to mutate and evolve automatically.”
The incessant threat of attacks and the continuously mutating defensive strategies on the cyber front can be read as a defining impulse of the war-machine. Drawing on Gilles Deleuze and Félix Guattari’s A Thousand Plateaus: Capitalism and Schizophrenia, the concept of the war-machine provides a lens for understanding the contemporary interplay of networks, logistical security infrastructures, and the shifting formations of para-state actors probing global informational chokepoints. Crucially, this conception diverges from the conventional association of the ‘war machine’ with the military–industrial complex – the state militaries, private contractors, lobbyists, and intelligence agencies oriented toward colonial, imperial, or geoeconomic ends. Instead, it illuminates the confrontation between the gridded, metric, and rigid structures of the State and the fluid, deterritorializing movements of packs, nomads, guerrillas, and artisans – the motor forces animating the war-machine’s ceaseless motion.
Moreover, these machinic assemblages have ranged from blacksmiths and guerrilla tacticians to now hobbyist hackers experimenting within online forums, open-source communities, and informal networks, where exploits circulate as playful disruption, tactical invention, or ephemeral sabotage. Yet the same capacities that sustain autonomy also render these groups vulnerable to capture: the drift from open-ended experimentation toward mercenary contracting, corporate security work, or direct enlistment into state apparatuses. This fragility highlights the persistent danger that social formations nurturing a war machine may ultimately be absorbed, producing “a war machine that takes charge of the aim, appropriates the States, and assumes increasingly wider political functions” (Deleuze & Guattari, 1978).
Once nomadic capacities are folded into state objectives, they function as captured war-machines, operating across the smooth space of global networks to breach the infrastructures of everyday life.
The compromise of political functions is stark in the operations of groups like the Lazarus Group, associated with North Korea, and Sandworm, linked to the Russian GRU. Their activities – from Lazarus’s WannaCry ransomware outbreak, which paralysed hospitals and businesses worldwide, to Sandworm’s attacks on Ukrainian power grids and the cascading disruption of NotPetya – exemplify what Parikka (2021) calls ‘Operational Art.’ In such cases, the line between war, security operations, and civilian life is effaced, as state and para-state actors target industrial control systems like SCADA, Programmable Logic Controllers, and Distributed Control Systems, compromising the pumps, valves, motors, and sensors essential to critical infrastructure.
This continuum of weaponized code finds a seminal example in Stuxnet, discovered in 2010 and widely recognized as the first computer worm deliberately designed to target an industrial control system. Attributed to a state-sponsored campaign involving Israel’s Unit 8200 alongside the U.S. NSA and CIA, Stuxnet targeted Iran’s Natanz uranium enrichment facility by infiltrating Windows computers running Siemens Step7 software. Acting as a sophisticated ‘man-in-the-middle,’ it intercepted legitimate commands, falsified readings to operators, and covertly altered PLC instructions to manipulate rotor speeds and control valves, causing mechanical failure while remaining undetected (Kuphaldt, 2022). In these instances, the abstract principles of war-machines – mobility, fluidity, and the capacity to operate across smooth spaces beyond direct human oversight – become tangible, translating theory into the material consequences of networked conflict.
:: Malware-as-a-Service ::
The material and operational consequences of these war-machine campaigns reveal how cyberattacks increasingly target the infrastructures sustaining modern life – from power grids and nuclear reactors to wind farms. Across these systems, malware often operates with a logic that mirrors ‘software as a service,’ transforming disruption itself into a commodifiable event. This signals a mutation in the logic of viral capitalism, where disasters are no longer accidental but are instead packaged, distributed, and monetized. In this framework, the familiar model of personal possession or ownership gives way to centrally hosted, subscription-based systems, where control and access replace ownership, and engagement becomes transactional rather than sovereign.
Alongside this shift, the rise of the ‘software as a service’ model has led to the operationalization of Malware as a Service (MaaS) and Ransomware as a Service (RaaS). Essentially, malware developers rent out ransomware or other malicious software, along with its control infrastructure, to cybercriminals, enabling them to launch attacks using pre-written code. One of the most notorious examples, DuckLogs, masquerades as a legitimate digital firm offering web-based services, featuring a sophisticated dashboard, tiered subscriptions, newsletters, and Telegram channels. The malware encompasses a range of malicious activities, including stealers, keyloggers, clippers (which hijack cryptocurrency transactions), and remote access tools, all of which siphon stolen data from a victim’s system to a remote command-and-control server. Notably, subscribers can customize and craft their own malware binaries, adjusting attack vectors and the complexity of recovery solutions, depending on the targeted individual or system.
Whether state-affiliated or not, the rise of ransomware cartels has left a significant mark on the cybercriminal landscape. Stealth gangs such as Twisted Spider (creators of Maze and Egregor ransomware), Viking Spider (creators of Ragnar Locker ransomware), Wizard Spider (creators of Conti and Ryuk ransomware), and Lockbit Gang have consolidated their operations, coordinating attacks and data leaks by sharing tactics, command-and-control infrastructure, and posting victim data (Zohreh@digitalsilk.com, 2022). Moreover, MaaS has increasingly become a vehicle for both nation-states and transnational criminal organizations to profit. Notably, North Korea’s Lazarus Group has exploited Trickbot’s MaaS model to carry out high-profile cyberattacks, including the infamous heist targeting Bangladesh’s Central Bank, which resulted in the theft of $81 million from an attempted transfer of $1 billion (Ilascu, 2021).
:: Operational Art & Speculative Communities ::
Building further on Parikka’s notion of Operational Art, the logic underpinning malware can be extended into social media, investee activism or politics, and reputational warfare. In this context, reputational networks function similarly to malware, spreading and targeting individuals or organizations, manipulating perceptions, and creating vulnerabilities. The work of Michel Feher (2018) has underscored how accreditation and indebtedness have become endemic conditions in contemporary society. Over the past few decades, the role of investors, shareholders, bondholders, and hedge fund managers has reshaped global financial landscapes, embedding a culture where financial stakes and reputational capital are inseparable. In this evolving landscape, all actors – whether companies seeking shareholder investments, indebted nations appealing to bondholders, or individuals navigating social benefits – are subject to the pervasive forces of accreditation and indebtedness, with their reputations becoming both a source of power and potential exploitation.
Feher traces what is known as investee activism, which refers to a complex network of local activists and investee shareholders who hold stakes or equity in companies and have the power to disrupt or impede the flow of capital – such as by targeting financing for projects like gas, oil, or energy developments, or construction projects that negatively affect indigenous territories. Feher highlights the recent Defund DAPL (Dakota Access Pipeline) campaign as a prime example, where activists targeted a consortium of 15 banks funding the project. The campaign focused particularly on major banking institutions such as ABN AMRO, ING, BayernLB, and Nordea, ultimately forcing several of these banks to withdraw their support for the project.
Feher’s analysis delves beyond the tactics of investee activism and the growing efforts to challenge the dominance of financial institutions. He draws attention to the deep intertwining of social, private, political, and financial realms, revealing how individuals are conditioned to adopt risky, speculative attitudes. These attitudes feed into what has been termed a ‘speculative imagination,’ which shapes our responses to future uncertainties, such as job insecurity, property ownership, and both personal and collective well-being (Komporozos-Athanasiou, 2022). Social media plays a pivotal role in this landscape, amplifying volatility by enabling guerrilla campaigns that weaponize tweets, videos, hashtags, and threads on platforms like Reddit. These digital swarms can disrupt markets – exemplified by the GameStop episode, where coordinated action led to short-selling attacks that significantly impacted hedge funds.
In addition, we have observed the catastrophic loss of billions of dollars owing to impersonator profiles and tweets, which occurred specifically in the debate surrounding Elon Musk’s announcement and implementation of a new paid verification program on Twitter. An impersonation or phony account of American pharmaceutical giant Eli Lilly and Company proclaiming “We are happy to announce insulin is now free” caused a huge reduction in Eli Lilly’s stock price, which contributed to the loss of billions of dollars by other corporations. (Dellatto, 2022) Here, the added effect of conversations about pharmaceutical firms and the reasons why insulin, a drug paid for with public funds, must be prohibitively expensive and inaccessible to many became a subject of heated debate.
Further incidents, such as the infamous tweets by Elon Musk and Donald Trump’s widely publicized comments, have led to massive drops in stock prices. Musk’s tweets have famously affected companies like Tesla, while Trump’s remarks, particularly about Boeing’s Air Force One project, drove the aircraft manufacturer’s stock price down to a meager $2 following reports of excessive costs. This phenomenon, along with similar instances, connects to Emily Rosamond’s concept of Reputational Volatility and the emerging paradigm of Reputational Warfare that is increasingly staged on social media (Rosamond, 2020). The genealogy of reputational volatility stems from the rise of online reputation management systems, which laid the foundation for the pervasive “trustworthiness” metrics that now assess delivery speed, product quality, and vendor legitimacy.
In fact, this logic, especially when implemented through systems employing stars or percentage points, gives an index that reflects a measure of the sellers’ potential volatility. Volatility can be measured based on the calculated reliability of the seller based on tallied posted reviews that share customer satisfactions or dissatisfactions, as well as interactions if disagreements arose regarding the quality of the service or product, and the possibility of refund policies that are indicative of any possible deviation from a standard of excellence.
Hopping over to a focus on social networks, volatility is performed and choreographed in relation to social networks, in which Reddit, Facebook, and Twitter threads, users, and comments are assigned a “reputation rating” and “reputation power.” As the network is constantly calibrated and reweighted, scores are given to all users and their posts. These scores show how much influence each user has within the network. Yet, in a strange twist, volatility becomes a currency here, engendering a paradoxical situation. On the one hand, it can increase the number of new users joining a social network, but it can also displace and negatively affect existing influencers and their topological position, especially with the phenomenon of online shaming, which can spark a whirlwind of criticism, deplatforming, and loss of brand recognition.
In this context, the growing number of users coordinating campaigns to ‘deplatform,’ ‘cancel,’ or damage the reputations of individuals and organizations demonstrates the potential for digital swarms to execute tactical interventions. These interventions disrupt the cultural, social, and political landscape, which has become inseparably linked to networked power (Rosamond, 2020). Expanding on the political implications, Rosamond highlights message boards such as 4chan and 8chan, alongside troll farms that have evolved into swarm intelligences, orchestrating disinformation campaigns aimed at influencing voters during the 2016 and 2020 U.S. Elections. Particularly in the lead-up to the 2020 election, troll farms based in Macedonia and Kosovo, with loose affiliations to Russia’s Internet Research Agency, ran some of the most popular pages targeting Christian and Black American communities, reaching up to 140 million Americans each month (Hao, 2021).
:: Guerrilla Volatility ::
Focusing on the formations of guerrilla campaigns, whether driven by botnets, swarms of users, or a combination of both, reveals how such tactics converge to engineer contingent, unforeseen events. This aligns with the strategic endorsement of what also been referred to as the ‘unknown preemptively’ as a tactical approach. Such a strategy is symptomatic of the speculative logic discussed earlier, which entangles billions of individuals in a web of ‘precarity,’ un/underemployment, and debt, behaviors increasingly aligned with the financialized logic of risk-taking. In this context, terms like ‘Speculative Communities’ illuminate how the colonization of financial logic has also created spaces to ‘counter-speculate’ against a future seemingly mortgaged to its cancellation. This is exemplified in movements such as France’s Gilets Jaunes, the U.S. Tea Party, Occupy, and, to some extent, the GameStop saga, as well as the emerging realms of Web3 and DAOs. These movements embrace “uncertainty as a condition of possibility” (Komporozos-Athanasiou, 2022).
Ultimately, social networks and platforms have become battlegrounds for shaping the socio-political landscape, where the insatiable demand for new strategies and tactics to wage war against global financial markets, corporations, and political campaigns has turned into a marketable force. This drive is especially fueled by the rise of synthetic media, which complements existing tactics like market manipulation, payment fraud, vishing, impersonations, brand and reputational damage, and botnets.
The infamous use of generative adversarial networks (GANs) has become closely associated with the unauthorized creation and distribution of pornographic images and videos, severely compromising the dignity, honor, and reputation of victims. However, a broader perspective can be offered on how the continued development of synthetic media tools – such as GANs, AutoEncoders, Diffusion Models, and Multimodal Vision & Language models – will likely contribute to what Komporozos-Athanasiou (2021) refers to as ‘Real Fakes.’ As consensus reality erodes, fueled by gamified conspiracy narratives and synthetic media, there may emerge new possibilities for mythmaking or the formation of collective myths. These myths, in turn, could serve not only to expose systemic oppression but also to create more meaningfully distorted realities – acting as toolkits or escape pods from our increasingly uncertain present and future.
The resources and tactics at our disposal already point toward a future populated by AI influencers and synthetic personas. Beyond Lil Miquela, the self-described 19-year-old robot living in LA, platforms such as MetaHuman and Ready Player Me allow creators to design entirely realistic humans, avatars, or hybrid characters from scratch. Multimodal generative models – capable of producing images, video, and audio in concert – further accelerate this trend, operating much like infrastructure-as-a-service for synthetic identities. The ripple effects of synthetic media tools are already tangible: a deepfake voice was used to impersonate a company director and orchestrate the transfer of over $35 million from a UAE bank to several American accounts (Brewster, 2021) – elsewhere, AI-generated social media profiles have been deployed to manipulate stock prices or influence political sentiment. Returning to Jussi Parikka’s concept of Operational Art, we see how worlds can be secreted by “turning situations into artifice,” transforming them into programmable sets of possibilities, or “inventions of accidents as technological innovations” (Parikka, 2021). With the growing arsenal of synthetic media tools, combined with malware-as-a-service and a logic of contagion, entire social, financial, and perceptual environments can be engineered and reshaped with the click of a button – or an automated script.
REFERENCES:
Brewster, T. (2022, November 9). Fraudsters cloned company director’s voice in $35 million bank heist, police find . Forbes. Retrieved January 11, 2023, from https://www.forbes.com/sites/thomasbrewster/2021/10/14/huge-bank-fraud-uses-deep-fake-voice-tech-to-steal-millions/?sh=1f5a12117559
Dellatto, M. (2022, November 11). Eli Lilly clarifies it’s not offering free insulin after tweet from fake verified account-as Chaos unfolds on Twitter. Forbes. Retrieved January 11, 2023, from https://www.forbes.com/sites/marisadellatto/2022/11/10/eli-lilly-clarifies-its-not-offering-free-insulin-after-tweet-from-fake-verified-account-as-chaos-unfolds-on-twitter/?sh=3773180851a3
Deleuze, G., Guattari Félix, & Massumi, B. (2013). A Thousand Plateaus: Capitalism and Schizophrenia. Bloomsbury.
Feher, M., & Elliott, G. (2018). Rated agency investee politics in a speculative age. Zone Books.
Hao, K. (2021, September 16th). Troll Farms reached 140 million Americans a month on Facebook before 2020 election, Internal Report shows. MIT Technology Review. Retrieved January 13, 2023, from https://www.technologyreview.com/2021/09/16/1035851/facebook-troll-farms-report-us-2020-election/
Ilascu, I. (2021, August 18). Lazarus hackers use TrickBot to infect high-end victims. BleepingComputer. Retrieved January 13, 2023, from https://www.bleepingcomputer.com/news/security/lazarus-hackers-use-trickbot-to-infect-high-end-victims/
Kuphaldt, T. R. (n.d.). Chapter 17 – cyber-security in industrial measurement and control systems: Automation textbook. Control. Retrieved January 11, 2023, from https://control.com/textbook/instrumentation-cyber-security/
Komporozos-Athanasiou, A. (2022). Speculative communities: Living with uncertainty in a financialized World. The University of Chicago Press.
Komporozos-Athanasiou, A. (2021, December 17). WINNING IN THE REAL FAKE. Arts of the Working Class. Retrieved January 11, 2023, from https://artsoftheworkingclass.org/text/winning-in-the-real-fake
Parikka, J. (2016). Digital Contagions: A media archaeology of computer viruses. Amazon. Retrieved January 11, 2023, from https://www.amazon.com/Digital-Contagions-Archaeology-Computer-Formations/dp/0820488372
Parikka, J. (2021, August 12). Malware as operational art: On the IF/then of geopolitics and tricksters . Operational Images. Retrieved January 11, 2023, from https://operationalimages.cz/2021/08/12/malware-as-operational-art-on-the-if-then-of-geopolitics-and-tricksters/
Rosamond, E. (2020). From Reputation Capital to Reputation Warfare: Online Ratings, Trolling, and the Logic of Volatility. Theory, Culture & Society, 37(2), 105–129. https://doi.org/10.1177/0263276419872530
Rossiter, N. (2017). Software, infrastructure, Labor: A media theory of Logistical Nightmares. Routledge Taylor & Francis Group.
Q. Yu et al. (2020) “An Immunology-Inspired Network Security Architecture,” in IEEE Wireless Communications, vol. 27, no. 5, pp. 168-173, October 2020, doi: 10.1109/MWC.001.2000046.
Wlodarczak, Peter. (2017). Cyber Immunity – A Bio-Inspired Cyber Defense System. 199-208. 10.1007/978-3-319-56154-7_19.
Zohreh@digitalsilk.com. (2022, October 4). Ransom mafia – analysis of the world’s first ransomware cartel. Analyst1. Retrieved February 20, 2023, from https://analyst1.com/ransom-mafia-analysis-of-the-worlds-first-ransomware-cartel/
:: DIFFRACTIONS :: 