PhD Research

Malware Ecologies: A Politics of Cybersecurity

My research considers how we conceptualise malware and its relation to the human analysis, detection, and curation in different spaces. This is primarily through (auto)ethnographic work in a malware analysis laboratory, and drawing on several case study malware forms to explore how malware’s materiality and affects challenge conventional readings of politics. This brings together strands of thought from Amoore, Deleuze, Foucault, Guattari, Hayles, Parisi, and Serres among others into encounters with computer sciences, politics, international relations and geography. The thesis aims engages  with malware to challenge how cybersecurity is practised and rethink cyberspace as full of intensities and complication that question cartesian geographies.


Malicious software, oft abbreviated to malware, is affecting society at greater depth and frequency through our growing dependency on computing devices. To explore this form of maliciousness in our epoch, I conducted an (auto)ethnographic study of a malware analysis laboratory in a process of ‘becoming-analyst’. This enabled an exploration of three tenets of how we collectively comprehend malware: in its analysis, detection, and curation. This triad enables a tracing of technical process, human intuition, and malware’s impact on the world, whilst appreciating that this is always a partial knowledge. With the support of five case study forms (ConfickerDridexStuxnetthe Dukes, and WannaCry/(Not)Petya), I ask how societies encounter and understand threats presented by malicious software in the twenty-first century. I argue this requires a new way of thinking about malware. This moves away from more traditional imaginaries that see malware as a defined object moving within existing networks, or as a kind of disease or virus infecting computer systems, to thinking of malware as part of a much broader ecology. Thinking ecologically brings together everyday security practice, bureaucracy, emotion, government, software, analyst, air conditioning, and Twitter amongst others, showing that malware’s geographies extend far beyond the boundaries of what has previously been considered ‘virtual’ or ‘cyber’ space. This provides a platform to critique contemporary cybersecurity discourse to consider whether conventional notions of space and hence security are suitable, and in so doing, presenting malware ecologies as an alternative for cybersecurity theorisation.