Cyberweapon

A cyberweapon is usually sponsored or employed by a state or non-state actor, meets an objective that would otherwise require espionage or the use of force, and is employed against specific targets. A cyberweapon performs an action that would normally require a soldier or spy, and which would be considered either illegal or an act of war if performed directly by a human agent of the sponsor during peacetime. Legal issues include violating the privacy of the target and the sovereignty of its host nation. Example of such actions are surveillance, data theft and electronic or physical destruction. While a cyberweapon almost certainly results in either direct or indirect financial damages to the target group, direct financial gains for the sponsor are not a primary objective of this class of agent. Often cyberweapons are associated with causing physical or functional harm to the system which it attacks, despite being software. However, there is no consensus on what officially constitutes a cyberweapon. Likewise, malware employed by fraudsters for the theft of personal or financial information demonstrates lower selectivity and wider distribution. Cyberweapons are dangerous for multiple reasons. They are typically difficult to track or defend against due to their lack of physical components. Many of these attacks exploit "zero days" (vulnerabilities in software that companies have zero days to fix). and NotPetya. While the term cyber weapon is frequently used by the press, some articles avoid it, instead using terms such as "internet weapon", "hack", or "virus". Mainstream researchers debate the requirements of the term while still referring to the employment of the agent as a "weapon", and the software development community in particular uses the term more rarely. == Examples ==

The following malware agents generally meet the criteria above, have been formally referred to in this manner by industry security experts, or have been described this way in government or military statements: • Duqu • Flame • Great Cannon • Mirai • Stuxnet • Wiper • Pegasus == History ==

Stuxnet was among the first and one of the most influential cyberweapons. In 2010, it was launched by the United States and Israel to attack Iranian nuclear facilities. Stuxnet is considered to be the first major cyberweapon. Following the Stuxnet attacks, Iran used cyberweapons to target top American financial institutions, including the New York Stock Exchange. Stuxnet was subsequently followed by Duqu in 2011 and Flame in 2012. Claudio Guarnieri, a technologist from Amnesty International states: "what we learn from the disclosures and leaks of the last months is that unknown vulnerabilities are maintained secret even after they've been clearly lost, and that is plain irresponsible and unacceptable". Disarmament of cyber weapons may come in the form of contacting respective software vendors with information of vulnerabilities in their products as well as potential help with or autonomous development (for open source software) of patches. The exploitation of hacking tools by third parties has particularly affected the United States National Security Agency (NSA). In 2016, information about NSA hacking tools was captured by a Chinese hacking group, ATP3, that allowed them to reverse engineer their own version of the tool. It was subsequently used against European and Asian nations, though the United States was not targeted. Later that year, an anonymous group called the "Shadow Brokers" leaked what are widely believed to be NSA tools online. These two groups are not known to be affiliated, and ATP3 had access to the tools at least a year before the Shadow Brokers leak. The leaked tools were developed by the Equation Group, a cyberwarfare group with suspected ties to the NSA. Among the tools leaked by the Shadow Brokers was EternalBlue, which the NSA had used to exploit bugs in Microsoft Windows. This prompted Microsoft to issue updates to guard against the tool. When the Shadow Brokers publicly released EternalBlue, it was quickly used by North Korean and Russian hackers, who formed it into the ransomware WannaCry and NotPetya, respectively. NotPetya, which was initially launched in Ukraine but subsequently spread around the world, encrypted hard drives and forced users to pay a ransom fee for their data, despite never actually giving the data back. In September 2018, the United States Department of Defense officially confirmed that the United States uses cyberweapons to advance national interests. == Potential Regulations ==

While there has been no full regulation of cyberweapons, possible systems of regulation have been proposed. One system would have cyberweapons, when not being used by a state, subject to criminal law of the country and, when being used by a state, subject to international laws on warfare. Most proposed systems rely on international law and enforcement to stop the inappropriate use of cyberweaponry. Considering the novelty of the weapons, there has also been discussion about how previously existing laws, not designed with cyberweapons in mind, apply to them. ==See also==