HOME

TheInfoList



Click Here for Items Related To - Cyberarms Firm
OR:
Cyberarms Firm on:   [Wikipedia]   [Google]   [Amazon]

The cyber-arms industry are the markets and associated events surrounding the sale of software exploits, zero-days, cyberweaponry, surveillance technologies, and related tools for perpetrating
cyberattacks A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricte ...
. The term may extend to both
grey Grey (more common in British English) or gray (more common in American English) is an intermediate color between black and white. It is a neutral or achromatic color, meaning literally that it is "without color", because it can be compos ...
and
black Black is a color which results from the absence or complete absorption of visible light. It is an achromatic color, without hue, like white and grey. It is often used symbolically or figuratively to represent darkness. Black and white ha ...
markets
online and offline In computer technology and telecommunications, online indicates a state of connectivity and offline indicates a disconnected state. In modern terminology, this usually refers to an Internet connection, but (especially when expressed "on line" o ...
. For many years, the burgeoning
dark web The dark web is the World Wide Web content that exists on '' darknets'': overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can commu ...
market remained niche, available only to those in-the-know or well funded. Since at least 2005, governments including the United States, United Kingdom, Russia, France, and Israel have been buying exploits from defence contractors and individual
hacker A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...
s. This 'legitimate' market for zero day exploits exists but is not well advertised or immediately accessible. Attempts to openly sell zero day exploits to governments and security vendors to keep them off the black market have so far been unsuccessful.


Companies

Traditional arms producers and military services companies such as BAE Systems,
EADS Airbus SE (; ; ; ) is a European multinational aerospace corporation. Airbus designs, manufactures and sells civil and military aerospace products worldwide and manufactures aircraft throughout the world. The company has three divisions: '' ...
, Leonardo,
General Dynamics General Dynamics Corporation (GD) is an American publicly traded, aerospace and defense corporation headquartered in Reston, Virginia. As of 2020, it was the fifth-largest defense contractor in the world by arms sales, and 5th largest in the Un ...
,
Raytheon Raytheon Technologies Corporation is an American multinational aerospace and defense conglomerate headquartered in Arlington, Virginia. It is one of the largest aerospace and defense manufacturers in the world by revenue and market capitaliz ...
, and
Thales Thales of Miletus ( ; grc-gre, Θαλῆς; ) was a Greek mathematician, astronomer, statesman, and pre-Socratic philosopher from Miletus in Ionia, Asia Minor. He was one of the Seven Sages of Greece. Many, most notably Aristotle, regard ...
have all expanded into the
cybersecurity Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, th ...
markets. However, smaller software companies such as Blue Coat and
Amesys Bull SAS (also known as Groupe Bull, Bull Information Systems, or simply Bull) is a French computer company headquartered in Les Clayes-sous-Bois, in the western suburbs of Paris. The company has also been known at various times as Bull General El ...
have also become involved, often drawing attention for providing surveillance and
censorship Censorship is the suppression of speech, public communication, or other information. This may be done on the basis that such material is considered objectionable, harmful, sensitive, or "inconvenient". Censorship can be conducted by governments ...
technologies to the regimes of Bashar al-Assad in Syria and
Muammar Gaddafi Muammar Muhammad Abu Minyar al-Gaddafi, . Due to the lack of standardization of transcribing written and regionally pronounced Arabic, Gaddafi's name has been romanized in various ways. A 1986 column by '' The Straight Dope'' lists 32 spelli ...
in
Libya Libya (; ar, ليبيا, Lībiyā), officially the State of Libya ( ar, دولة ليبيا, Dawlat Lībiyā), is a country in the Maghreb region in North Africa. It is bordered by the Mediterranean Sea to the north, Egypt to the east, Su ...
. Suppliers of exploits to western governments include the
Massachusetts Massachusetts (Massachusett language, Massachusett: ''Muhsachuweesut assachusett writing systems, məhswatʃəwiːsət'' English: , ), officially the Commonwealth of Massachusetts, is the most populous U.S. state, state in the New England ...
firm Netragard. The trade show ISS World that runs every few months has been referred to as the 'international cyber arms bazaar' and the 'wiretappers ball' focuses on surveillance software for
lawful interception Lawful interception (LI) refers to the facilities in telecommunications and telephone networks that allow law enforcement agencies with court orders or other legal authorization to selectively wiretap individual subscribers. Most countries requir ...
. Some other cyberarms companies include
Endgame, Inc. Endgame provides a cyber operations platform supporting the detection, exploitation, and mitigation of cyber-threats. Endgame was started by executives from ISS (Internet Security Systems). History Endgame was started in 2008 by Chris Roulan ...
, Gamma Group,
NSO Group NSO Group Technologies (NSO standing for Niv, Shalev and Omri, the names of the company's founders) is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance o ...
, Birmingham Cyber Arms LTD and Ability. Circles, a former surveillance business, merged with NSO Group in 2014. On 26 July 2017 Google researchers announced the discovery of new spyware they named "Lipizzan". According to Google, "Lipizzan's code contains references to a cyber arms company, Equus Technologies.".


On the Internet

The most popular
Internet forum An Internet forum, or message board, is an online discussion site where people can hold conversations in the form of posted messages. They differ from chat rooms in that messages are often longer than one line of text, and are at least tempora ...
s are generally in Russian or
Ukrainian Ukrainian may refer to: * Something of, from, or related to Ukraine * Something relating to Ukrainians, an East Slavic people from Eastern Europe * Something relating to demographics of Ukraine in terms of demography and population of Ukraine * Som ...
and there are reports of English-only, Chinese-only, German-only, and Vietnamese-only sites, among others.
Phishing Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious softwar ...
, spear-phishing, and other social engineer campaigns are typically done in English, as a majority of potential victims know that language. India's
Central Bureau of Investigation The Central Bureau of Investigation (CBI) is the premier investigating agency of India. It operates under the jurisdiction of the Ministry of Personnel, Public Grievances and Pensions. Originally set up to investigate bribery and governme ...
describe the proliferation of underground markets as 'widespread'. Colonel John Adams, head of the Marine Corps Intelligence Activity has expressed concerns these markets could allow cyberweapony to fall into the hands of hostile governments which would otherwise lack the expertise to attack an advanced country's computer systems. Online, there is increasing uses of
encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can dec ...
and privacy mechanisms such as
off the record messaging Off-the-Record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of AES symmetric-key algorithm with 128 bits key length, the Diffie–Hellman key exchange with 1536 b ...
and
cryptocurrencies A cryptocurrency, crypto-currency, or crypto is a digital currency designed to work as a medium of exchange through a computer network that is not reliant on any central authority, such as a government or bank, to uphold or maintain it. It ...
. Since 2005 on
darknet market A darknet market is a commercial website on the Dark Web, dark web that operates via darknets such as Tor (anonymity network), Tor or I2P. They function primarily as black markets, selling or brokering transactions involving Illegal drug trade, dru ...
s and
black market A black market, underground economy, or shadow economy is a clandestine market or series of transactions that has some aspect of illegality or is characterized by noncompliance with an institutional set of rules. If the rule defines the ...
s such as the 'Cyber Arms Bazaar' have had their prices dropping fast with the cost of cyberweaponry plummeting at least 90 percent.
Botnet A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its co ...
s are increasingly rented out by cyber criminals as commodities for a variety of purposes. RDP shops offer cheap access to hacked computers.


Vendor responses

In recent years, many software firms have had success with
bug bounty program A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabiliti ...
s, but in some cases such as with Vupen's
Chrome Chrome may refer to: Materials * Chrome plating, a process of surfacing with chromium * Chrome alum, a chemical used in mordanting and photographic film Computing * Google Chrome, a web browser developed by Google ** ChromeOS, a Google Chrome- ...
exploit these will be rejected as below market value. Meanwhile, some vendors such as HP spent more than $7 million between 2005 and 2015 buying exploits for its own software. This behaviour has been criticised by head of the
United States Cyber Command United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integr ...
, General Keith Alexander. This criticism then is known as "building the black market".


Notable markets

* Cyber Arms Bazaar – a darknet market operating out of various
Eastern European Eastern Europe is a subregion of the European continent. As a largely ambiguous term, it has a wide range of geopolitical, geographical, ethnic, cultural, and socio-economic connotations. The vast majority of the region is covered by Russia, whi ...
countries, trafficking crimeware and hacking tools that has run since at least the year 2000. Tom Kellermann, chief cybersecurity officer of
Trend Micro is an American-Japanese multinational cyber security software company with global headquarters in Tokyo, Japan and Irving, Texas, United State.Other regional headquarters and R&D centers are located around East Asia, Southeast Asia, Europe, an ...
, estimates over 80 percent of financial sector
cyberattack A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricted ...
s could be traced back to the bazaar, with retail cyberattacks not far behind. * Darkode * TheRealDeal


See also

*
Cybercrime A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing t ...
*
Cyberwarfare Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic war ...
* Cyberweapon * Market for zero-day exploits * Mass surveillance industry *
Vulnerabilities Equities Process The Vulnerabilities Equities Process (VEP) is a process used by the U.S. federal government to determine on a case-by-case basis how it should treat zero-day computer security vulnerabilities; whether to disclose them to the public to help impro ...


References

{{reflist Hacking (computer security) Cybercrime Darknet markets * Cyberpunk themes Cyber-arms companies Mass surveillance Software industry Industries (economics)