U.S. arms sales around the world have grown substantially in the past several years. In the past few weeks, multiple reports have come out in the media about U.S. arms sales for foreign governments. According to a Bloomberg report, Saudi Arabia, India, Australia, Egypt and South Korea are the top five weapons importers.

The latest deals are large, with one totaling more than $1 billion. There is nothing new or unusual about the U.S. selling weapons to our allies around the world and in some cases specific groups that are aligned with the nation's interests. But this time it is different. This time, the news generated a great deal of conversation and unlike previously, the topic of cyber weapons became a dominant subject.

There have been a number of articles and whitepapers that discuss the complexities of this topic. Many cyber weapons fall into the dual-use technology category. That makes control of this class of weapon much more difficult. What is the difference between a network/website capacity testing tool and a cyber weapon that overloads the targeted network/website? What is the difference between a cyber penetration tool and a cyber weapon that compromises its target? Virtually nothing, except for the motivation or intent of those using the technology.

Think about the massive infrastructure that is needed to design, construct and deliver a conventional weapon, and compare that to the infrastructure that is needed to construct and deliver a cyber weapon. Stop and think about just how difficult would it be to detect the illegal sale of a cyber weapon and its delivery outside of the country. Any free wireless network could be used, and if they use an encrypted email, it would be extremely unlikely for such a transaction to occur.

Now add the challenge of detecting they transaction on the dark web.

The going prices for zero-day vulnerabilities for high-value platforms like the smartphone can go for as high as $500,000. These are the raw materials needed for a cyber weapon — not the finished product. Some product vendors have matched the price of these valuable assets with current black market figures. 

The Department of Defense has a huge challenge when it comes to the cyber domain in general. Controlling the sale of cyber weapons is just another aspect of that challenge. One has to question whether measures put in place to control the export/flow of conventional weapons would be effective. No one really knows the total value of the cyber weapons trade, but it has to be a large number!

Share:
More In Net Defense Blogs