The cyber-arms industry are the

markets Market is a term used to describe concepts such as: * Market (economics), system in which parties engage in transactions according to supply and demand * Market economy *Marketplace, a physical marketplace or public market Geography *Märket, a ...

and associated events surrounding the sale of software exploits, zero-days, cyberweaponry,

surveillance Surveillance is the monitoring of behavior, many activities, or information for the purpose of information gathering, influencing, managing or directing. This can include observation from a distance by means of electronic equipment, such as c ...

technologies, and related tools for perpetrating

cyberattacks A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricted ...

. The term may extend to both

grey Grey (more common in British English) or gray (more common in American English) is an intermediate color between black and white. It is a neutral or achromatic color, meaning literally that it is "without color", because it can be composed o ...

and

black Black is a color which results from the absence or complete absorption of visible light. It is an achromatic color, without hue, like white and grey. It is often used symbolically or figuratively to represent darkness. Black and white have o ...

markets online and offline. For many years, the burgeoning

dark web The dark web is the World Wide Web content that exists on ''darknets'': overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can communi ...

market remained niche, available only to those in-the-know or well funded. Since at least 2005, governments including the United States, United Kingdom, Russia, France, and Israel have been buying exploits from defence contractors and individual hackers. This 'legitimate' market for zero day exploits exists but is not well advertised or immediately accessible. Attempts to openly sell zero day exploits to governments and security vendors to keep them off the black market have so far been unsuccessful.

Companies

Traditional arms producers and military services companies such as

BAE Systems BAE Systems plc (BAE) is a British multinational arms, security, and aerospace company based in London, England. It is the largest defence contractor in Europe, and ranked the seventh-largest in the world based on applicable 2021 revenues. ...

EADS Airbus SE (; ; ; ) is a European multinational aerospace corporation. Airbus designs, manufactures and sells civil and military aerospace products worldwide and manufactures aircraft throughout the world. The company has three divisions: '' ...

Leonardo Leonardo is a masculine given name, the Italian, Spanish, and Portuguese equivalent of the English, German, and Dutch name, Leonard Leonard or ''Leo'' is a common English masculine given name and a surname. The given name and surname originate ...

General Dynamics General Dynamics Corporation (GD) is an American publicly traded, aerospace and defense corporation headquartered in Reston, Virginia. As of 2020, it was the fifth-largest defense contractor in the world by arms sales, and 5th largest in the Uni ...

, Raytheon, and

Thales Thales of Miletus ( ; grc-gre, Θαλῆς; ) was a Greek mathematician, astronomer, statesman, and pre-Socratic philosopher from Miletus in Ionia, Asia Minor. He was one of the Seven Sages of Greece. Many, most notably Aristotle, regarded him ...

have all expanded into the cybersecurity markets. However, smaller software companies such as Blue Coat and

Amesys Bull SAS (also known as Groupe Bull, Bull Information Systems, or simply Bull) is a French computer company headquartered in Les Clayes-sous-Bois, in the western suburbs of Paris. The company has also been known at various times as Bull General El ...

have also become involved, often drawing attention for providing

and

censorship Censorship is the suppression of speech, public communication, or other information. This may be done on the basis that such material is considered objectionable, harmful, sensitive, or "inconvenient". Censorship can be conducted by governments ...

technologies to the regimes of

Bashar al-Assad Bashar Hafez al-Assad, ', Levantine pronunciation: ; (, born 11 September 1965) is a Syrian politician who is the 19th president of Syria, since 17 July 2000. In addition, he is the commander-in-chief of the Syrian Armed Forces and the ...

Syria Syria ( ar, سُورِيَا or سُورِيَة, translit=Sūriyā), officially the Syrian Arab Republic ( ar, الجمهورية العربية السورية, al-Jumhūrīyah al-ʻArabīyah as-Sūrīyah), is a Western Asian country loc ...

and

Muammar Gaddafi Muammar Muhammad Abu Minyar al-Gaddafi, . Due to the lack of standardization of transcribing written and regionally pronounced Arabic, Gaddafi's name has been romanized in various ways. A 1986 column by ''The Straight Dope'' lists 32 spellin ...

Libya Libya (; ar, ليبيا, Lībiyā), officially the State of Libya ( ar, دولة ليبيا, Dawlat Lībiyā), is a country in the Maghreb region in North Africa. It is bordered by the Mediterranean Sea to the north, Egypt to Egypt–Libya bo ...

. Suppliers of exploits to western governments include the

Massachusetts Massachusetts (Massachusett language, Massachusett: ''Muhsachuweesut assachusett writing systems, məhswatʃəwiːsət'' English: , ), officially the Commonwealth of Massachusetts, is the most populous U.S. state, state in the New England ...

firm Netragard. The trade show

ISS World The International Space Station (ISS) is the largest modular space station currently in low Earth orbit. It is a multinational collaborative project involving five participating space agencies: NASA (United States), Roscosmos (Russia), JAXA (J ...

that runs every few months has been referred to as the 'international cyber arms bazaar' and the 'wiretappers ball' focuses on surveillance software for

lawful interception Lawful interception (LI) refers to the facilities in telecommunications and telephone networks that allow law enforcement agencies with court orders or other legal authorization to selectively wiretap individual subscribers. Most countries require ...

. Some other cyberarms companies include

Endgame, Inc. Endgame provides a cyber operations platform supporting the detection, exploitation, and mitigation of cyber-threats. Endgame was started by executives from ISS (Internet Security Systems). History Endgame was started in 2008 by Chris Roulan ...

, Gamma Group,

NSO Group NSO Group Technologies (NSO standing for Niv, Shalev and Omri, the names of the company's founders) is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance o ...

, Birmingham Cyber Arms LTD and Ability. Circles, a former surveillance business, merged with NSO Group in 2014. On 26 July 2017 Google researchers announced the discovery of new spyware they named "Lipizzan". According to Google, "Lipizzan's code contains references to a cyber arms company, Equus Technologies.".

On the Internet

The most popular

Internet forum An Internet forum, or message board, is an online discussion site where people can hold conversations in the form of posted messages. They differ from chat rooms in that messages are often longer than one line of text, and are at least temporar ...

s are generally in Russian or

Ukrainian Ukrainian may refer to: * Something of, from, or related to Ukraine * Something relating to Ukrainians, an East Slavic people from Eastern Europe * Something relating to demographics of Ukraine in terms of demography and population of Ukraine * So ...

and there are reports of English-only, Chinese-only, German-only, and Vietnamese-only sites, among others. Phishing, spear-phishing, and other social engineer campaigns are typically done in English, as a majority of potential victims know that language. India's

Central Bureau of Investigation The Central Bureau of Investigation (CBI) is the premier investigating agency of India. It operates under the jurisdiction of the Ministry of Personnel, Public Grievances and Pensions. Originally set up to investigate bribery and governmen ...

describe the proliferation of underground markets as 'widespread'. Colonel John Adams, head of the

Marine Corps Intelligence Activity Marine Corps Intelligence is an element of the United States Intelligence Community. The Director of Intelligence supervises the Intelligence Department of HQMC and is responsible for policy, plans, programming, budgets, and staff supervision of ...

has expressed concerns these markets could allow cyberweapony to fall into the hands of hostile governments which would otherwise lack the expertise to attack an advanced country's computer systems. Online, there is increasing uses of

encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decip ...

and privacy mechanisms such as off the record messaging and

cryptocurrencies A cryptocurrency, crypto-currency, or crypto is a digital currency designed to work as a medium of exchange through a computer network that is not reliant on any central authority, such as a government or bank A bank is a financial i ...

. Since 2005 on

darknet market A darknet market is a commercial website on the dark web that operates via darknets such as Tor or I2P. They function primarily as black markets, selling or brokering transactions involving drugs, cyber-arms, weapons, counterfeit currency, stole ...

s and

black market A black market, underground economy, or shadow economy is a clandestine market or series of transactions that has some aspect of illegality or is characterized by noncompliance with an institutional set of rules. If the rule defines the se ...

s such as the 'Cyber Arms Bazaar' have had their prices dropping fast with the cost of cyberweaponry plummeting at least 90 percent. Botnets are increasingly rented out by

cyber criminals A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing the ...

as commodities for a variety of purposes. RDP shops offer cheap access to hacked computers.

Vendor responses

In recent years, many software firms have had success with bug bounty programs, but in some cases such as with Vupen's

Chrome Chrome may refer to: Materials * Chrome plating, a process of surfacing with chromium * Chrome alum, a chemical used in mordanting and photographic film Computing * Google Chrome, a web browser developed by Google ** ChromeOS, a Google Chrome- ...

exploit these will be rejected as below market value. Meanwhile, some vendors such as HP spent more than $7 million between 2005 and 2015 buying exploits for its own software. This behaviour has been criticised by head of the

United States Cyber Command United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integra ...

, General Keith Alexander. This criticism then is known as "building the black market".

Notable markets

* Cyber Arms Bazaar – a darknet market operating out of various Eastern European countries, trafficking

crimeware Crimeware is a class of malware designed specifically to automate cybercrime. Crimeware (as distinct from spyware and adware) is designed to perpetrate identity theft through social engineering or technical stealth in order to access a comput ...

and

hacking tools A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network. Hackers may be motivated by a multitude of reasons, such as profit, protest, information gathering, challenge ...

that has run since at least the year 2000. Tom Kellermann, chief cybersecurity officer of Trend Micro, estimates over 80 percent of financial sector

cyberattack A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricted ...

s could be traced back to the bazaar, with retail cyberattacks not far behind. *

Darkode dark0de, also known as Darkode, is a cybercrime forum and black marketplace described by Europol as "the most prolific English-speaking cybercriminal forum to date". This site which was launched in 2007, serves as a venue for the sale and trade ...

TheRealDeal TheRealDeal was a darknet website and a part of the cyber-arms industry reported to be selling code and zero-day software exploits. The creators claimed in an interview with DeepDotWeb that the site was founded in direct response to the number ...

References

{{reflist Hacking (computer security) Cybercrime Darknet markets * Cyberpunk themes Cyber-arms companies Mass surveillance Software industry Industries (economics)

Companies

On the Internet

Vendor responses

Notable markets

See also

References