Controlling The Use Of Cyber Weapons

Uploaded on 2024-04-29 in GOVERNMENT-Defence, FREE TO VIEW

Cyberspace is being increasingly used in conflicts, which means that cyber arms control needs to be addressed as well. Now, recent analysis  by Helene Pleil and published by researchers from the Digital Society Institute at the ESMT Berlin business school, alongside colleagues from Technical University Darmstadt, has been published.

The research concludes that the main challenges for effective cyber security control are rapid technological progress, a lack of political will, and uniform definitions, as well as the dual use of cyber tools need serious review.

Pleil, and her colleagues conducted the research on challenges and obstacles facing the development of arms control measures in cyberspace. Their review, which includes interviews with subject matter experts, identifies key issues in developing robust cyber arms control measures and has identified the following problems:-

  • Lack of definitions:   The main challenge for establishing cyber arms control is the lack of clear, agreed-upon definitions of key terms like “cyber weapon.” If what you want to be controlled cannot be explicitly defined, it is much harder to agree on what would be controlled in an arms control treaty.
  • The dual-use dilemma:   Technological tools like a computer, USB stick, or software can be used both by civilians and the military. Since no clear line can be drawn between these different use scenarios, the products cannot be banned in fundamental terms for arms control.
  • Verification:   It is extremely challenging to find suitable verification mechanisms to establish arms control in cyberspace. While arms control agreements for traditional weapons could count weapons or ban an entire category, that isn’t possible for cyberweapons.
  • Technological progress:   The ongoing rapid changing of tools and technology for cyberattacks means that the development of new weapons outpaces regulatory efforts – the technology advances faster than the regulation can be discussed.
  • Role of the private sector:   The dual-use factor means that states do not have sole control over means that are used as weapons, but non-state actors also have ownership and operational rights in this domain. Therefore, the private sector has to be involved and committed to arms control to be effective.
  • Lack of political will:   Although political will is crucial for establishing arms control measures, states are reluctant to do so within cyberspace. Countries have differing interests in the strategic value of cyber tools and might not want to “miss out” on potential advantages.

The researchers conclude that traditional measures of arms and weapon control cannot be simply applied to cyber weapons. Instead, they suggest that new alternative and creative solutions be created, defining and sanctioning the uses of weapons, rather than the tool itself, would allow agreements to be reached and preserved, regardless of the pace of technological development.

ESMT Berlin     |     I-HIS     Image: Ideogram

You Might Also Read:

The Cyber Effect On Modern Warfare:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Iranian Hackers Attack US Water Supplies
Cyber Threats To British Elections »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ASIS International

ASIS International

ASIS International is a global community of security practitioners with a role in the protection of assets - people, property, and/or information.

Trusted Knight

Trusted Knight

Trusted Knight is a leading provider of security software solutions focused on defeating newly developed malware and crimeware trojans.

AllegisCyber Capital

AllegisCyber Capital

AllegisCyber is an investment company with a focus on seed and early stage investing in cybersecurity and its applications in emerging technology markets.

Dual Layer IT Solutions

Dual Layer IT Solutions

Dual Layer offer a full range of IT Services and Solutions for businesses from IT infrastructure design to cloud/hosted solutions, cybersecurity, disaster recovery and IT training.

Founder Shield

Founder Shield

Founder Shield is a data driven insurance brokerage focused excusively on rapidly evolving high-growth companies.

Aujus Cybersecurity

Aujus Cybersecurity

Aujas is a pure-play cyber security services company with deep expertise in Identity and Access Management, Managed Security and Security Testing services.

PatrOwl

PatrOwl

Automate your SecOps with PatrOwl, and start defending your assets efficiently.

Scythe

Scythe

SCYTHE is a next generation red team platform for continuous and realistic enterprise risk assessments.

Tide Foundation

Tide Foundation

Tide's breakthrough multi-party-cryptography enables TRUE-zero-trust technology that unlocks cyber-herd immunity.

Deeper Network

Deeper Network

Deeper Network represents the world's first decentralized blockchain network for building a truly private, secure and fair Internet.

Noerr

Noerr

Noerr is one of the top European law firms with 500 professionals in Germany, Europe and the USA. We provide solutions to complex and sophisticated legal matters including cyber risks.

Sentra

Sentra

Sentra is focused on improving data security practices within the cloud, mitigating the risks of damaging data leaks by providing comprehensive visibility into critical data assets.

Flexxon

Flexxon

Flexxon is the industry leader to develop NAND flash storage devices. Our key focus is to innovate memory devices ensuring data security and reliability.

AArete

AArete

AArete is a global management and technology consulting firm specializing in strategic profitability improvement, digital transformation, and advisory services.

Carahsoft Technology Corp

Carahsoft Technology Corp

Carahsoft Technology is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets.

C2 Risk

C2 Risk

C2 Risk are focussed on risk analytics for information assurance, privacy and ESG (Environmental, Social, and Governance).