Malware Ecologies: A Politics of Cybersecurity

Andrew Dwyer

Research output: Other contributionPhD thesis (not Bristol)


Computation, in popular imaginations, is at perennial risk of infection from the tools of nefarious hackers, commonly referred to as malware. Today, malware pervade and perform a crucial and constitutive role in the insecurities of contemporary life from financial transactions, to ‘critical national infrastructures’ – such as electricity, water, and transportation – to devices in our ‘smart’ homes and cities, and even to potential ‘cyberwar.’ Yet, critical security research has rarely turned its attention to malware. In contrast, I explore malware and their politics, situated and extended beyond, an (auto)ethnographic study of the malware analysis laboratory of the UK endpoint protection business, Sophos. I argue that malware are currently processed through a patho-logic that conflate organic and non-organic materialities, permitting analogies between biology and computation, and are generative of particular forms of security that relegate malware to the intent of their authors. I explore how endpoint protection businesses are imbibed with these logics in order to attend to how malware are analysed, detected, and curated beyond them. By drawing on my method of ‘becoming-analyst,’ I critically reflect on how malware become known, are responded to by ad hoc political groups, and can assist in rethinking the role of computational agency in geography, international relations, security studies, and beyond. I instead conceive of malware as performative political actors making limited choices in broader computational ecologies. I therefore advocate for an eco-logical repositioning of malware, where cyberspace is not simply a neutral domain; but is central to the formation of choice that gives space for malware to be political. With four cases – Conficker, Stuxnet, the Dukes, and WannaCry / (Not)Petya – I write new stories on how malware are encountered and dealt with in the twenty-first century. In doing so, I challenge contemporary discourses of cybersecurity to ask if conventional notions of who and what (per)form security are adequate, and how these are reconfigured through a radical 'more-than-human' politics, where malware are not just objects of security, but are active participants in its production and negotiation.
Original languageEnglish
PublisherThe University of Oxford
Publication statusPublished - 3 Oct 2019


Dive into the research topics of 'Malware Ecologies: A Politics of Cybersecurity'. Together they form a unique fingerprint.

Cite this