Conflict in Cyber Space: Theoretical, Strategic and Legal Pespectives by Karsten Friis & Jens Ringsmose

Author:Karsten Friis & Jens Ringsmose [Friis, Karsten & Ringsmose, Jens]
Language: eng
Format: epub
Tags: Political Science, Security (National & International), Political Freedom, International Relations, General
ISBN: 9781317365426
Google: RxfeCwAAQBAJ
Goodreads: 29781800
Publisher: Routledge
Published: 2016-03-31T00:00:00+00:00

How states engage with and transform the market

Currently, no state openly highlights its involvement in the VEs market (Simonite 2013). Various reports though suggest that governments of the USA, Brazil, Russia, India, Malaysia, Singapore, Iran, North Korea, Israel and Britain are buyers of such vulnerabilities or their corresponding exploit-software (Perlroth and Sanger 2013; Greenberg 2012; Gallagher 2013). That market is increasingly being viewed as a growing industry where states can buy arms customized to their targets and for their purposes (Simonite 2013). While there are also private companies active in this business, the VE vendor is frequently also a single person: a “hacker” or security researcher. The problem with these vendors is that many will sell to the highest bidder independent of its reputation or proposed use, resulting in uncontrolled selling activities of potentially extremely harmful information and code. Furthermore, there is evidence pointing to the fact that some of these “hackers” or “security researchers” have more or less loose ties to organized (cyber) crime, making the state’s engagement with them indeed rather questionable (Radianti et al. 2009; Ablon et al. 2014).

Governmental agencies collaborate with many actors in a variety of market-places to procure VE-knowledge that is later used for both defensive and offensive purposes. It also has a growing and dedicated supply industry that, like in a gold rush, has quickly emerged and whose purpose is unequivocal: deliver exploits to governments. For example, VuPen openly stated14 on its website that it “provides government-grade exploits specifically designed for the Intelligence community and national security agencies to help them achieve their offensive cyber security and lawful intercept missions” (Simonite 2013). The American NSA reportedly has (had) a contract with VuPen for the provision of exploits (Fidler 2014: 48). Even large defense contractors are becoming increasingly active in this area, as the following statement of Peter Singer from the Brookings Institution maintains: “It’s a growing area of the defense business at the same time that the rest of the defense business is shrinking.” Singer further claims that these defense contractors “[…] have identified two growth areas: drones and cyber.” (Simonite 2013). On the one hand, the growing engagement of traditional military equipment providers is indicative of the fact that much money can be made. As a consequence, the market entry of more and more companies either means that black market procurement will be less necessary in the future, because the laws of supply and demand would dictate that prices of the commodity drop in case of greater supply. However, if governmental demand rises as more governments get involved in the trade, the direction of the price is unpredictable, but may well rise as demand rises more quickly than supply.

Moreover, even if fully institutionalized, the entry of many more security research companies is problematic for reasons of the market’s incapacity of guaranteeing exclusive rights of information—and mostly, for the increasingly uncontrollable risk of disaster resulting from a worldwide build-up of a cyber-arms arsenal. Adrien Desautels, owner of the Netragard IT security company, states

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.