Visualize the cyberattack to fight the cyberattack
Not all intelligence analysts wear plain suits and grim expressions.
At the IBM Design studios in Austin, Texas, a team of 30 designers are enthusiastically parsing malware threats, viruses, hacks and malicious IP addresses to visualize the veins of cyberattacks all over the world.
Led by former print graphic designer Liz Holz, IBM’s growing security-focused creative unit is comprised of UX (user experience) specialists, industrial designers, content writers, motion animators, illustrators, developers, and user researchers. Using a design process called “observe-reflect-make” and great data visualization, the team makes products used by some 10,000 law-enforcement agencies and private security firms in 133 countries.
In last week’s WannaCry malware attacks, for instance, a platform for sharing threat intelligence that designers shaped, called IBM X-Force Exchange, helped analyze the paths by which the virus was quickly spreading. Instead of poring through pages and pages of Excel reports, security researchers were able to take in the data, in visual form, at a glance and share information swiftly.
Here’s an example of a intelligence visualization that IBM shared with Quartz, illustrating the top 10 countries affected by a particular virus.
Visualization tools help analysts detect attacks faster, find historical patterns, and make better-informed decisions.
Here’s another IBM visualization, showing how a virus spreads via a network of infected computers, known as a botnet:
“We’re bringing another approach to the problem,” says Holz. Because visually-oriented designers have an aptitude for storytelling, they’re able to surface correlations and angles that traditional analysts might overlook, she explains. “We’re telling how it starts, where it hits, and who got hit the worst, all in one data visualization,” Holtz says of the botnet visualization above.
With the steady rise of hacking and cybercrime activity, fueled by the popularity of cheap but insecure internet-connected devices such as home surveillance cameras, these analysts can use as much help as they can. Most have to sift through 200,000 security alerts a day on average and track some 60,000 security blog posts published every month. The video below shows a daily summary of various cybersecurity breaches around the world.
Using design to deter cybercrime is a burgeoning specialization, explains Holz. While intelligence agencies like the CIA have in-house design departments that create peripheral briefing documents, it’s only recently that designershave been asked to collaborate with analysts to crack cybercrime incidents, using their unique tools and natural abilities for problem-solving. Holz says there are many opportunities for intrepid designers and visual thinkers who want to work in security.
What makes an ideal cybersecurity designer? “We look for people who are curious and want to solve complex problems—folks who are really interested in getting into the behavior behind things,” says Holz.
IBM’s work for the intelligence community is the high point of its design renaissance. Since 2012, the 105-year old technology company has aggressively invested in building a design-minded workforce, and has committed to train all IBM employees across departments how to think, work, and feel like designers.