Controlling The Use Of Cyber Weapons

Cyberspace is being increasingly used in conflicts, which means that cyber arms control needs to be addressed as well. Now, recent analysis  by Helene Pleil and published by researchers from the Digital Society Institute at the ESMT Berlin business school, alongside colleagues from Technical University Darmstadt, has been published.

The research concludes that the main challenges for effective cyber security control are rapid technological progress, a lack of political will, and uniform definitions, as well as the dual use of cyber tools need serious review.

Pleil, and her colleagues conducted the research on challenges and obstacles facing the development of arms control measures in cyberspace. Their review, which includes interviews with subject matter experts, identifies key issues in developing robust cyber arms control measures and has identified the following problems:-

  • Lack of definitions:   The main challenge for establishing cyber arms control is the lack of clear, agreed-upon definitions of key terms like “cyber weapon.” If what you want to be controlled cannot be explicitly defined, it is much harder to agree on what would be controlled in an arms control treaty.
  • The dual-use dilemma:   Technological tools like a computer, USB stick, or software can be used both by civilians and the military. Since no clear line can be drawn between these different use scenarios, the products cannot be banned in fundamental terms for arms control.
  • Verification:   It is extremely challenging to find suitable verification mechanisms to establish arms control in cyberspace. While arms control agreements for traditional weapons could count weapons or ban an entire category, that isn’t possible for cyberweapons.
  • Technological progress:   The ongoing rapid changing of tools and technology for cyberattacks means that the development of new weapons outpaces regulatory efforts – the technology advances faster than the regulation can be discussed.
  • Role of the private sector:   The dual-use factor means that states do not have sole control over means that are used as weapons, but non-state actors also have ownership and operational rights in this domain. Therefore, the private sector has to be involved and committed to arms control to be effective.
  • Lack of political will:   Although political will is crucial for establishing arms control measures, states are reluctant to do so within cyberspace. Countries have differing interests in the strategic value of cyber tools and might not want to “miss out” on potential advantages.

The researchers conclude that traditional measures of arms and weapon control cannot be simply applied to cyber weapons. Instead, they suggest that new alternative and creative solutions be created, defining and sanctioning the uses of weapons, rather than the tool itself, would allow agreements to be reached and preserved, regardless of the pace of technological development.

ESMT Berlin     |     I-HIS     Image: Ideogram

You Might Also Read:

The Cyber Effect On Modern Warfare:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Iranian Hackers Attack US Water Supplies
Cyber Threats To British Elections »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

PortSwigger

PortSwigger

PortSwigger's Burp Suite is an integrated platform for performing security testing of web applications.

Adeptis Group

Adeptis Group

Adeptis are experts in cyber security recruitment, providing bespoke staffing solutions to safeguard your organisation against ever-changing cyber threats.

International Conference on Information Systems Security & Privacy (ICISSP)

International Conference on Information Systems Security & Privacy (ICISSP)

The ICISSP event is a meeting point for researchers and practitioners to address security and privacy challenges concerning information systems.

California Cybersecurity Institute (CCI) - Cal poly

California Cybersecurity Institute (CCI) - Cal poly

The CCI provides a hands-on research and learning environment to explore new cyber technologies and train and test tactics alongside law enforcement and cyberforensics experts.

Sqreen

Sqreen

Sqreen is a web application security monitoring and protection solution helping companies protect their apps and users from attacks.

Coalition

Coalition

Coalition combines comprehensive insurance and proprietary security tools to help businesses manage and mitigate cyber risk.

Zamna

Zamna

Zamna (formerly VChain Technology) is an award-winning software company building GDPR compliant identity platforms for the aviation industry.

Cyberport

Cyberport

Cyberport is focused on facilitating the growth of major technology trends such as FinTech and cybersecurity as well as the emerging technologies of AI, big data and blockchain.

Hyperwise Ventures

Hyperwise Ventures

Hyperwise Ventures lead seed investments in startups in the cyber security and enterprise software spaces.

Binary Security AS

Binary Security AS

Binary Security is a Norwegian information security consultancy company. We are specialists at application security, penetration testing and secure code reviews.

Senserva

Senserva

Senserva delivers a deep analysis for security user accounts and applications within the Microsoft cloud environment.

Clearnetwork

Clearnetwork

Clearnetwork specializes in managed cybersecurity solutions that enable both public and private organizations improve their security posture affordably.

Krista Software

Krista Software

Krista is an intelligent automation platform that combines iPaaS and Conversational AI to automate complete business processes across your teams and apps.

Kirk ISS

Kirk ISS

Kirk ISS are the leading provider of IT services in the Cayman Islands. We offer best-in class hardware, software, communications and cloud computing, all backed by professional services support.

Check Point Software Technologies

Check Point Software Technologies

Check Point Software Technologies is a leading provider of cyber security solutions to governments and corporate enterprises globally.

CyberAntix

CyberAntix

CyberAntix offers Premium CyberSecurity for your business using an advanced Security Operations Centre technology and process platform reinforced by a steadfast and expert SOC team.