The cyber-arms industry are the markets and associated events surrounding the sale of software exploits,

zero-days A zero-day (also known as a 0-day) is a Vulnerability (computer security), vulnerability or security hole in a computer system unknown to its developers or anyone capable of mitigation, mitigating it. Until the vulnerability is remedied, threat act ...

cyberweapon Cyberweapons are commonly defined as malware agents employed for military, paramilitary, or intelligence objectives as part of a cyberattack. This includes computer viruses, trojans, spyware, and worms that can introduce malicious code into ex ...

ry,

surveillance Surveillance is the monitoring of behavior, many activities, or information for the purpose of information gathering, influencing, managing, or directing. This can include observation from a distance by means of electronic equipment, such as ...

technologies, and related tools for perpetrating cyberattacks. The term may extend to both

grey Grey (more frequent in British English) or gray (more frequent in American English) is an intermediate color between black and white. It is a neutral or achromatic color, meaning that it has no chroma. It is the color of a cloud-covered s ...

and

black Black is a color that results from the absence or complete absorption of visible light. It is an achromatic color, without chroma, like white and grey. It is often used symbolically or figuratively to represent darkness.Eva Heller, ''P ...

markets

online and offline In computer technology and telecommunications, online indicates a state of connectivity, and offline indicates a disconnected state. In modern terminology, this usually refers to an Internet connection, but (especially when expressed as "on li ...

. For many years, the burgeoning

dark web The dark web is the World Wide Web content that exists on darknets ( overlay networks) that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communica ...

market remained niche, available only to those in-the-know or well-funded. Since at least 2005, governments including the United States, United Kingdom, Russia, France, and Israel have been buying exploits from defence contractors and individual

hacker A hacker is a person skilled in information technology who achieves goals and solves problems by non-standard means. The term has become associated in popular culture with a security hackersomeone with knowledge of bug (computing), bugs or exp ...

s. This 'legitimate' market for zero-day exploits exists but is not well advertised or immediately accessible. Attempts to openly sell zero-day exploits to governments and security vendors to keep them off the black market have so far been unsuccessful.

Companies

Traditional arms producers and military services companies such as

BAE Systems BAE Systems plc is a British Multinational corporation, multinational Aerospace industry, aerospace, military technology, military and information security company, based in London. It is the largest manufacturer in Britain as of 2017. It is ...

EADS Airbus SE ( ; ; ; ) is a Pan-European aerospace corporation. The company's primary business is the design and manufacturing of commercial aircraft but it also has separate defence and space and helicopter divisions. Airbus has long been th ...

, Leonardo,

General Dynamics General Dynamics Corporation (GD) is an American publicly traded aerospace and defense corporation headquartered in Reston, Virginia. As of 2020, it was the fifth largest defense contractor in the world by arms sales and fifth largest in the Unit ...

Raytheon Raytheon is a business unit of RTX Corporation and is a major U.S. defense contractor and industrial corporation with manufacturing concentrations in weapons and military and commercial electronics. Founded in 1922, it merged in 2020 with Unite ...

, and

Thales Thales of Miletus ( ; ; ) was an Ancient Greek philosophy, Ancient Greek Pre-Socratic philosophy, pre-Socratic Philosophy, philosopher from Miletus in Ionia, Asia Minor. Thales was one of the Seven Sages of Greece, Seven Sages, founding figure ...

have all expanded into the

cybersecurity Computer security (also cybersecurity, digital security, or information technology (IT) security) is a subdiscipline within the field of information security. It consists of the protection of computer software, systems and networks from thr ...

markets. However, smaller software companies such as Blue Coat and Amesys have also become involved, often drawing attention for providing

and

censorship Censorship is the suppression of speech, public communication, or other information. This may be done on the basis that such material is considered objectionable, harmful, sensitive, or "inconvenient". Censorship can be conducted by governmen ...

technologies to the regimes of

Bashar al-Assad Bashar al-Assad (born 11September 1965) is a Syrian politician, military officer and former dictator Sources characterising Assad as a dictator: who served as the president of Syria from 2000 until fall of the Assad regime, his government ...

Syria Syria, officially the Syrian Arab Republic, is a country in West Asia located in the Eastern Mediterranean and the Levant. It borders the Mediterranean Sea to the west, Turkey to Syria–Turkey border, the north, Iraq to Iraq–Syria border, t ...

and

Muammar Gaddafi Muammar Muhammad Abu Minyar al-Gaddafi (20 October 2011) was a Libyan military officer, revolutionary, politician and political theorist who ruled Libya from 1969 until Killing of Muammar Gaddafi, his assassination by Libyan Anti-Gaddafi ...

Libya Libya, officially the State of Libya, is a country in the Maghreb region of North Africa. It borders the Mediterranean Sea to the north, Egypt to Egypt–Libya border, the east, Sudan to Libya–Sudan border, the southeast, Chad to Chad–L ...

. Suppliers of exploits to western governments include the

Massachusetts Massachusetts ( ; ), officially the Commonwealth of Massachusetts, is a U.S. state, state in the New England region of the Northeastern United States. It borders the Atlantic Ocean and the Gulf of Maine to its east, Connecticut and Rhode ...

firm Netragard. The trade show ISS World that runs every few months has been referred to as the 'international cyber arms bazaar' and the 'wiretappers ball' focuses on surveillance software for lawful interception. Some other cyberarms companies include Endgame, Inc., Gamma Group,

NSO Group NSO Group Technologies (NSO standing for Niv, Shalev and Omri, the names of the company's founders) is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance ...

, and Ability. Circles, a former surveillance business, merged with NSO Group in 2014. On 26 July 2017 Google researchers announced the discovery of new spyware they named "Lipizzan". According to Google, "Lipizzan's code contains references to a cyber arms company, Equus Technologies.".

On the Internet

The most popular Internet forums are generally in

Russian Russian(s) may refer to: *Russians (), an ethnic group of the East Slavic peoples, primarily living in Russia and neighboring countries *A citizen of Russia *Russian language, the most widely spoken of the Slavic languages *''The Russians'', a b ...

or Ukrainian and there are reports of English-only, Chinese-only, German-only, and Vietnamese-only sites, among others.

Phishing Phishing is a form of social engineering and a scam where attackers deceive people into revealing sensitive information or installing malware such as viruses, worms, adware, or ransomware. Phishing attacks have become increasingly sophisticate ...

, spear-phishing, and other social engineer campaigns are typically done in English, as a majority of potential victims know that language. India's

Central Bureau of Investigation The Central Bureau of Investigation (CBI) is the domestic crime investigating agency of India. It operates under the jurisdiction of the Ministry of Personnel, Public Grievances and Pensions. Originally set up to investigate bribery and gover ...

describe the proliferation of underground markets as 'widespread'. Colonel John Adams, head of the Marine Corps Intelligence Activity has expressed concerns these markets could allow cyberweaponry to fall into the hands of hostile governments which would otherwise lack the expertise to attack an advanced country's computer systems. Online, there is increasing uses of

encryption In Cryptography law, cryptography, encryption (more specifically, Code, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the inf ...

and privacy mechanisms such as off the record messaging and

cryptocurrencies A cryptocurrency (colloquially crypto) is a digital currency designed to work through a computer network that is not reliant on any central authority, such as a government or bank, to uphold or maintain it. Individual coin ownership records ...

. Since 2005 on

darknet market A darknet market is a commercial website on the dark web that operates via darknets such as Tor and I2P. They function primarily as black markets, selling or brokering transactions involving drugs, cyber-arms, weapons, counterfeit currency, ...

s and

black market A black market is a Secrecy, clandestine Market (economics), market or series of transactions that has some aspect of illegality, or is not compliant with an institutional set of rules. If the rule defines the set of goods and services who ...

s such as the 'Cyber Arms Bazaar' have had their prices dropping fast with the cost of cyberweaponry plummeting at least 90 percent.

Botnet A botnet is a group of Internet-connected devices, each of which runs one or more Internet bot, bots. Botnets can be used to perform distributed denial-of-service attack, distributed denial-of-service (DDoS) attacks, steal data, send Spamming, sp ...

s are increasingly rented out by cyber criminals as commodities for a variety of purposes. RDP shops offer cheap access to hacked computers. Recent research has indicated that countries will also begin to use

artificial intelligence Artificial intelligence (AI) is the capability of computer, computational systems to perform tasks typically associated with human intelligence, such as learning, reasoning, problem-solving, perception, and decision-making. It is a field of re ...

as a tool for national cyberdefense. AI is a new factor in the cyber arms industry, as it can be used for defense purposes. Therefore, academics urge that nations should establish regulations for the use of AI, similar to how there are regulations for other military industries.

Vendor responses

In recent years, many software firms have had success with

bug bounty program A bug bounty program is a deal offered by many websites, organizations, and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security vulnerabilities. If no fin ...

s, but in some cases such as with Vupen's Chrome exploit these will be rejected as below market value. Meanwhile, some vendors such as HP spent more than $7 million between 2005 and 2015 buying exploits for its own software. This behaviour has been criticised by head of the

United States Cyber Command United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integra ...

, General Keith Alexander. This criticism then is known as "building the black market".

Notable markets

* Cyber Arms Bazaar – a darknet market operating out of various

Eastern European Eastern Europe is a subregion of the European continent. As a largely ambiguous term, it has a wide range of geopolitical, geographical, ethnic, cultural and socio-economic connotations. Its eastern boundary is marked by the Ural Mountains, and ...

countries, trafficking crimeware and hacking tools that has run since at least the year 2000. Tom Kellermann, chief cybersecurity officer of

Trend Micro is an American-Japanese cyber security software company. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, and cloud ...

, estimates over 80 percent of financial sector

cyberattack A cyberattack (or cyber attack) occurs when there is an unauthorized action against computer infrastructure that compromises the confidentiality, integrity, or availability of its content. The rising dependence on increasingly complex and inte ...

s could be traced back to the bazaar, with retail cyberattacks not far behind. * Darkode * TheRealDeal

References

{{reflist Hacking (computer security) Cybercrime Darknet markets * Cyberpunk themes Cyber-arms companies Mass surveillance Software industry Industries (economics)

Companies

On the Internet

Vendor responses

Notable markets

See also

References