Cyberweapon

Cyberweapons are commonly defined as malware agents employed for military, paramilitary, or intelligence objectives as part of a cyberattack. This includes computer viruses, trojans, spyware, and worms that can introduce malicious code into existing software, causing a computer to perform actions or processes unintended by its operator.

Characteristics

A cyberweapon is usually sponsored or employed by a state or non-state actor, meets an objective that would otherwise require espionage or the use of force, and is employed against specific targets. A cyberweapon performs an action that would normally require a soldier or spy, and which would be considered either illegal or an act of war if performed directly by a human agent of the sponsor during peacetime. Legal issues include violating the privacy of the target and the sovereignty of its host nation.[1] Example of such actions are surveillance, data theft and electronic or physical destruction. While a cyberweapon almost certainly results in either direct or indirect financial damages to the target group, direct financial gains for the sponsor are not a primary objective of this class of agent. Often cyberweapons are associated with causing physical or functional harm to the system which it attacks, despite being software.[2] However, there is no consensus on what officially constitutes a cyberweapon.[2]

Unlike malware used by script kiddies to organize botnets, where the ownership, physical location, and normal role of the machines attacked is largely irrelevant, cyberweapons show high selectivity in either or both of their employment and their operation. Before the attack, cyberweapons usually identify the target using different methods.[3] Likewise, malware employed by fraudsters for the theft of personal or financial information demonstrates lower selectivity and wider distribution.

Cyberweapons are dangerous for multiple reasons. They are typically difficult to track or defend against due to their lack of physical components.[2] Their anonymity allows them to hide in systems undetected until their attack is unleashed.[4] Many of these attacks exploit "zero days" (vulnerabilities in software that companies have zero days to fix).[4] They are also significantly cheaper to produce than cyber defenses to protect against them.[4] Oftentimes, cyberweapons from one force are obtained by an opposing force and are then repurposed to be used against the original force, as can be seen with the cyberweapons WannaCry[5] and NotPetya.[6]

While the term cyber weapon is frequently used by the press,[7][8] some articles avoid it, instead using terms such as "internet weapon", "hack", or "virus".[9] Mainstream researchers debate the requirements of the term while still referring to the employment of the agent as a "weapon",[10] and the software development community in particular uses the term more rarely.

Examples

The following malware agents generally meet the criteria above, have been formally referred to in this manner by industry security experts, or have been described this way in government or military statements:

History

Stuxnet was among the first and one of the most influential cyberweapons.[2][11] In 2010, it was launched by the United States and Israel to attack Iranian nuclear facilities.[11][12] Stuxnet is considered to be the first major cyberweapon.[11] Stuxnet was also the first time a nation used a cyberweapon to attack another nation.[13] Following the Stuxnet attacks, Iran used cyberweapons to target top American financial institutions, including the New York Stock Exchange.[14]

Stuxnet was subsequently followed by Duqu in 2011 and Flame in 2012.[11] Flame's complexity was unmatched at the time.[1] It used vulnerabilities in Microsoft Windows to spread.[3] It specifically targeted Iranian oil terminals.[7]

In 2017 data breaches showed that supposedly secure hacking tools used by government agencies can be obtained − and sometimes exposed − by third parties. Furthermore, it was reported that after losing control of such tools the government appears to leave "exploits open to be re-used by scammers, criminals, or anyone else − for any purpose".[15] Claudio Guarnieri, a technologist from Amnesty International states: "what we learn from the disclosures and leaks of the last months is that unknown vulnerabilities are maintained secret even after they've been clearly lost, and that is plain irresponsible and unacceptable".[15]

Also in that year WikiLeaks released the Vault 7 documents series that contain details of CIA exploits and tools with Julian Assange stating that they are working to "disarm" them before publication.[16][17] Disarmament of cyber weapons may come in the form of contacting respective software vendors with information of vulnerabilities in their products as well as potential help with or autonomous development (for open source software) of patches. The exploitation of hacking tools by third parties has particularly affected the United States National Security Agency (NSA). In 2016, information about NSA hacking tools was captured by a Chinese hacking group, ATP3, that allowed them to reverse engineer their own version of the tool. It was subsequently used against European and Asian nations, though the United States was not targeted.[18][19] Later that year, an anonymous group called the "Shadow Brokers" leaked what are widely believed to be NSA tools online.[19][20] These two groups are not known to be affiliated, and ATP3 had access to the tools at least a year before the Shadow Brokers leak.[19] The leaked tools were developed by the Equation Group, a cyberwarfare group with suspected ties to the NSA.[19]

Among the tools leaked by the Shadow Brokers was EternalBlue, which the NSA had used to exploit bugs in Microsoft Windows.[5] This prompted Microsoft to issue updates to guard against the tool.[8] When the Shadow Brokers publicly released EternalBlue, it was quickly used by North Korean and Russian hackers, who formed it into the ransomware WannaCry[5] and NotPetya,[6] respectively. NotPetya, which was initially launched in Ukraine but subsequently spread around the world, encrypted hard drives and forced users to pay a ransom fee for their data, despite never actually giving the data back.[6][9]

In September 2018, the United States Department of Defense officially confirmed that the United States uses cyberweapons to advance national interests.[14]

Potential Regulations

While there has been no full regulation of cyberweapons, possible systems of regulation have been proposed.[2] One system would have cyberweapons, when not being used by a state, subject to criminal law of the country and, when being used by a state, subject to international laws on warfare.[2] Most proposed systems rely on international law and enforcement to stop the inappropriate use of cyberweaponry.[2] Considering the novelty of the weapons, there has also been discussion about how previously existing laws, not designed with cyberweapons in mind, apply to them.[2]

See also

References

  1. ^ a b Downes, Cathy (2018). "Strategic Blind–Spots on Cyber Threats, Vectors and Campaigns". The Cyber Defense Review. 3 (1): 79–104. ISSN 2474-2120. JSTOR 26427378.
  2. ^ a b c d e f g h Stevens, Tim (2017-01-10). "Cyberweapons: an emerging global governance architecture". Palgrave Communications. 3 (1): 1–6. doi:10.1057/palcomms.2016.102. ISSN 2055-1045. S2CID 55150719.
  3. ^ a b "Cyber Weapon Target Analysis". 2014-05-26.
  4. ^ a b c Tepperman, Jonathan (2021-02-09). "The Most Serious Security Risk Facing the United States". The New York Times. ISSN 0362-4331. Retrieved 2022-05-05.
  5. ^ a b c Nakashima, Ellen; Timberg, Craig (2017-05-16). "NSA officials worried about the day its potent hacking tool would get loose. Then it did". The Washington Post. Retrieved 2022-05-09.
  6. ^ a b c Brandom, Russell (2017-06-27). "A new ransomware attack is hitting airlines, banks and utilities across Europe". The Verge. Retrieved 2022-05-09.
  7. ^ a b "Powerful 'Flame' Cyberweapon Torching Mideast Computers : Discovery News". News.discovery.com. 2012-05-30. Archived from the original on 2012-06-01. Retrieved 2012-12-07.
  8. ^ a b "Infosecurity – 2012: The Year Malware Went Nuclear". Infosecurity-magazine.com. 5 December 2012. Retrieved 2012-12-07.
  9. ^ a b Perlroth, Nicole (2012-05-28). "Virus Infects Computers Across Middle East - NYTimes.com". Iran: Bits.blogs.nytimes.com. Retrieved 2012-12-07.
  10. ^ "Infosecurity – Kaspersky looks at the wreckage of Wiper malware". Infosecurity-magazine.com. 2012-08-29. Retrieved 2012-12-07.
  11. ^ a b c d Farwell, James P.; Rohozinski, Rafal (2012-09-01). "The New Reality of Cyber War". Survival. 54 (4): 107–120. doi:10.1080/00396338.2012.709391. ISSN 0039-6338. S2CID 153574044.
  12. ^ Farwell, James P.; Rohozinski, Rafal (2011-02-01). "Stuxnet and the Future of Cyber War". Survival. 53 (1): 23–40. doi:10.1080/00396338.2011.555586. ISSN 0039-6338. S2CID 153709535.
  13. ^ Dooley, John F. (2018), Dooley, John F. (ed.), "Cyber Weapons and Cyber Warfare", History of Cryptography and Cryptanalysis: Codes, Ciphers, and Their Algorithms, History of Computing, Cham: Springer International Publishing, pp. 213–239, doi:10.1007/978-3-319-90443-6_13, ISBN 978-3-319-90443-6, retrieved 2022-05-05
  14. ^ a b "How Cyber Weapons Are Changing the Landscape of Modern Warfare". The New Yorker. 2019-07-18. Retrieved 2022-05-05.
  15. ^ a b Cox, Joseph (14 April 2017). "Your Government's Hacking Tools Are Not Safe". Motherboard. Retrieved 15 April 2017.
  16. ^ Fox-Brewster, Thomas. "Julian Assange: Wikileaks May Have Evidence CIA Spied On US Citizens". Forbes. Retrieved 15 April 2017.
  17. ^ "WikiLeaks vows to disclose CIA hacking tools; CIA to investigate". SearchSecurity. Retrieved 15 April 2017.
  18. ^ Perlroth, Nicole; Sanger, David E.; Shane, Scott (2019-05-06). "How Chinese Spies Got the N.S.A.'s Hacking Tools, and Used Them for Attacks". The New York Times. ISSN 0362-4331. Retrieved 2022-05-05.
  19. ^ a b c d Doffman, Zak. "China Set Traps To Capture Dangerous NSA Cyberattack Weapons: New Report". Forbes. Retrieved 2022-05-05.
  20. ^ Pagliery, Jose (2016-08-15). "Hacker claims to be selling stolen NSA spy tools". CNNMoney. Retrieved 2022-05-05.

Read other articles:

Disco Bear

Disco BearTokoh Happy Tree FriendsPenampilanperdanaStayin' AlivePemeranPeter HerrmanInformasiSpesiesBeruangJenis kelaminJantan Disco Bear adalah karakter fiksi pada serial kartun Happy Tree Friends. Ia adalah beruang emas yang suka menari disko. Beberapa fans mengira ia adalah singa karena rambut dan warnanya. Ia mengenakan pakaian gaya tahun 1970-an, termasuk jaket kuning. Ia biasanya membawa semua orang ke masalah ketika menari. Ia sering terlihat mencoba untuk membuat kagum karakter wanita...

 

Orders, decorations, and medals of the Malaysian states and federal territories

Malaysia federal award The orders, decorations, and medals of the Malaysian states and federal territories, in which each state and federal territory of Malaysia has devised a system of orders and awards to honour residents for actions or deeds that benefit their local community or state, are in turn subsumed within the Malaysian honours system. Each state sets their own rules and criteria on eligibility and also how each medal is awarded and presented. Most of the orders allow for the recipi...

 

آر. برينت تولى

آر. برينت تولى معلومات شخصية الميلاد 9 مارس 1943 (80 سنة)  تورونتو  مواطنة الولايات المتحدة[1][2][3]  عضو في الاتحاد الفلكي الدولي  الحياة العملية المدرسة الأم جامعة ميريلاند (الشهادة:دكتوراه في الفلسفة) (–1972)  المهنة فلكي[4][5]  اللغات الإنجليزية&...

Leontios

LeontiusΛεόντιοςSolidus emas dengan Leontios, menunjukkan simbol kekuasaan: mahkota, globus cruciger, dan akakia. Pada sisi belakangnya, salib ampuh di atas tiga undakan.Kaisar Kekaisaran BizantiumBerkuasa695–698PendahuluJustinian IIPenerusTiberius IIIInformasi pribadiKelahiran660IsauriaKematian15 Februari 706Konstantinopel Leontios (atau Leontius) (bahasa Yunani: Λεόντιος, bahasa Latin: Leontius Augustus) (meninggal 15 Februari 706)[1] adalah kaisar Bizantiu...

 

Christian Gómez

Argentine footballer For the footballer born 1999, see Christian Gómez (Venezuelan footballer). For other people, see Cristian Gómez. Christian Gómez Personal informationDate of birth (1974-11-07) 7 November 1974 (age 49)Place of birth Buenos Aires, ArgentinaHeight 5 ft 8 in (1.73 m)Position(s) MidfielderSenior career*Years Team Apps (Gls)1991–1997 Nueva Chicago 155 (46)1997–1999 Independiente 80 (12)2000 Argentinos Juniors 7 (0)2000–2002 Nueva Chicago 63 (14)2002...

 

Robert Wolter Mongisidi

Ini adalah nama patrilineal Minahasa, marganya adalah Mongisidi Robert Wolter Mongisidi Robert Wolter Mongisidi atau sering salah ditulis sebagai Robert Wolter Monginsidi[1] (14 Februari 1925 – 5 September 1949) adalah seorang pejuang kemerdekaan Indonesia sekaligus pahlawan nasional Indonesia. Biografi Robert Wolter Mongisidi dilahirkan di Malalayang (sekarang bagian dari Manado), anak ke-4 dari Petrus Mongisidi dan Lina Suawa pada tanggal 14 Februari 1925. Panggilan ...

Unie van Afrikaanse Staten

Unie van Afrikaanse Staten ←  ←  ←  1958 – 1963  → → → Kaart Algemene gegevens Talen FransEngels Religie(s) Islam Regering Regeringsvorm Confederatie De Unie van Afrikaanse Staten was een kortstondig bestaande unie van eerst twee en later drie Afrikaanse staten in West-Afrika, in de jaren 1960. Deze staten waren Ghana, Guinee-Conakry en Mali. De unie was politiek socialistisch en pan-Afrikaans, en werd geleid door de Afrikaanse revolutiona...

 

A Little Ain't Enough

Sampul A Little Ain't Enough adalah album ketiga David Lee Roth, diterbitkan pada 1991, mencapai status Gold pada 11 April 1991. Album ini direkam dengan gitaris Jason Becker yang didiagnosa dengan penyakit motor neurone disease seminggu setelah bergabung dengan band. Ia dapat menyelesaikan rekaman album ini, tetapi tidak dapat pergi tur karena tangannya lemah. Daftar lagu A Lil' Ain't Enough (Nevil, David Lee Roth) – 4:41 Shoot It (Bissonette, Nevil, Roth, Brett Tuggle) – 4:13 Lady Luck ...

 

Henry Clinton (British Army officer, born 1730)

British army officer and politician (1730–1795) General Clinton redirects here. For other uses, see General Clinton (disambiguation). SirHenry ClintonKBPortrait attributed to Andrea Soldi, painted circa 1762–1765Born(1730-04-16)16 April 1730Newfoundland, British North AmericaDied23 December 1795(1795-12-23) (aged 65)London, Great BritainAllegiance Great BritainService/branch British ArmyYears of service1751–1793RankGeneralCommands heldColonel, 12th Regiment of FootCommand...

Supermarket

Large format of grocery store For other uses, see Supermarket (disambiguation). Supermercado redirects here. For the 2 Skinnee J's album, see SuperMercado! The examples and perspective in this article may not represent a worldwide view of the subject. You may improve this article, discuss the issue on the talk page, or create a new article, as appropriate. (July 2019) (Learn how and when to remove this template message) BI-LO supermarket A supermarket is a self-service shop offering a wide va...

 

1575

Artikel ini tidak memiliki referensi atau sumber tepercaya sehingga isinya tidak bisa dipastikan. Tolong bantu perbaiki artikel ini dengan menambahkan referensi yang layak. Tulisan tanpa sumber dapat dipertanyakan dan dihapus sewaktu-waktu.Cari sumber: 1575 – berita · surat kabar · buku · cendekiawan · JSTOR 1575MileniumMilenium ke-2AbadAbad ke-15Abad ke-16 Abad ke-17Dasawarsa 1550-an1560-an1570-an1580-an1590-anTahun1572157315741575157615771578 Pe...

 

St Patrick's Church, Soho Square

Exterior of St Patrick's Church St Patrick's Church is a large Roman Catholic parish church in Soho Square, London. St Pat's (as it is informally known) was consecrated as a chapel in a building behind Carlisle House on 29 September 1792, one of the first Catholic buildings allowed in Great Britain after the Reformation. The present church building was built between 1891 and 1893, to designs by John Kelly of Leeds,[1] and replaced the earlier and smaller chapel built by Father Arthur ...

Los Intocables (serie de televisión)

En este artículo sobre televisión se detectaron varios problemas. Por favor, edítalo y/o discute los problemas en la discusión para mejorarlo: Necesita ser wikificado conforme a las convenciones de estilo de Wikipedia. Carece de fuentes o referencias que aparezcan en una fuente acreditada. Puedes avisar al redactor principal pegando lo siguiente en su página de discusión: {{sust:Aviso PA|Los Intocables (serie de televisión)|referencias|wikificar}} ~~~~ Los Intocable...

 

Новіцький Олексій Михайлович

Ця стаття є кандидатом на вилучення. Ознайомитися та долучитися до обговорення цієї номінації можна на сторінці Вікіпедія:Статті-кандидати на вилучення/21 серпня 2023. Доки воно триває, Ви можете працювати над покращенням цієї статті, але не прибирайте це повідомлення. Для ...

 

Carly Steel

British television presenter, actress and producer Carly SteelSteel in 2016Born (1987-08-21) August 21, 1987 (age 36)Lanark, United KingdomNationalityBritishKnown forEntertainment Tonight, The Insider, The Bold and the Beautiful, The Brits Are Coming Carly Steel is a British television presenter, actress and producer.[1] Steel hosts CBS's Entertainment Tonight, The Insider and TV Guide Network.[2] She has appeared in several feature films including Unstoppable and Mo...

The Ceremonies (novel)

The Ceremonies AuthorT. E. D. KleinAudio read byAdam SimsCountryUnited StatesLanguageEnglishGenreHorrorPublisherViking Adult, Bantam BooksPublication date1984Media typePrint (hardback, paperback), ebook, audiobookPages554 pagesISBN0670209821 First edition, hardback The Ceremonies is a novel by T. E. D. Klein published in 1984. The Ceremonies is an extension of Klein's earlier novella, The Events at Poroth's Farm, which he released in 1972.[1] Plot summary The novel open...

 

Pulinda

Ancient Indian tribe Pulinda during the post-Vedic period Pulinda (Sanskrit: Pulinda) was an ancient tribe of south-central South Asia whose existence is attested during the Iron Age. The Pulindas were a non-Indo-Aryan tribe.[1][2] Location During the later Vedic period, the Pulindas were living to the south-east of the Daśārṇas.[2] Though clearly associated with the Vindhyan region, the Pulindas are sometimes believed to have had multiple tribal branches that rang...

 

Washington Story

1952 film by Robert Pirosh Washington StoryTheatrical release posterDirected byRobert PiroshWritten byRobert PiroshProduced byDore ScharyStarringVan JohnsonPatricia NealLouis CalhernCinematographyJohn AltonEdited byJohn DurantMusic byConrad SalingerDistributed byMetro-Goldwyn-MayerRelease date July 1, 1952 (1952-07-01) Running time81 minutesCountryUnited StatesLanguageEnglishBudget$1,419,000[1]Box office$684,000[1] Washington Story is a 1952 American drama film ...

Candace Smith

American actress (born 1977) Candace SmithBornCandace Elizabeth Smith[1] (1977-02-01) February 1, 1977 (age 46)Dayton, Ohio, U.S.EducationChaminade Julienne High SchoolUniversity of Dayton (BA)Northwestern University (JD)Known forMiss Ohio USAEnd of WatchBeerfestTelevisionHawaii Five-0EntourageParentC. J. McLin (father)RelativesRhine McLin (half-sister)Mac McLin (grandfather)Websitewww.candacesmith.com Candace Elizabeth Smith (born February 1, 1977) is an American lawyer, ac...

 

The Mission Continues

American nonprofit organization The Mission ContinuesFoundedAugust 2007; 16 years ago (2007-08)TypeVeteran Service Organization, NonprofitHeadquartersSt. Louis, MOLocationSt. Louis, MissouriArea served NationwideMethodProfessional Development, Leadership DevelopmentPresidentMary Beth BruggemanChief Strategy OfficerSusan ThaxtonChief Marketing and Development OfficerJames GillenChief People OfficerLa Costa MooreBoard of directorsLen KortakaasWebsitewww.missioncontin...

 

Strategi Solo vs Squad di Free Fire: Cara Menang Mudah!