The cyber-arms industry are the

markets Market is a term used to describe concepts such as: *Market (economics), system in which parties engage in transactions according to supply and demand *Market economy *Marketplace, a physical marketplace or public market Geography *Märket, an ...

and associated events surrounding the sale of software exploits, zero-days,

cyberweapon Cyberweapon is commonly defined as a malware agent employed for military, paramilitary, or intelligence objectives as part of a cyberattack. This includes computer viruses, trojans, spyware, and worms that can introduce corrupted code into existing ...

ry,

surveillance Surveillance is the monitoring of behavior, many activities, or information for the purpose of information gathering, influencing, managing or directing. This can include observation from a distance by means of electronic equipment, such as ...

technologies, and related tools for perpetrating

cyberattacks A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricted ...

. The term may extend to both

grey Grey (more common in British English) or gray (more common in American English) is an intermediate color between black and white. It is a neutral or achromatic color, meaning literally that it is "without color", because it can be compos ...

and

black Black is a color which results from the absence or complete absorption of visible light. It is an achromatic color, without hue, like white and grey. It is often used symbolically or figuratively to represent darkness. Black and white ha ...

markets

online and offline In computer technology and telecommunications, online indicates a state of connectivity and offline indicates a disconnected state. In modern terminology, this usually refers to an Internet connection, but (especially when expressed "on line" o ...

. For many years, the burgeoning

dark web The dark web is the World Wide Web content that exists on ''darknets'': overlay networks that use the Internet but require specific software, configurations, or authorization to access. Through the dark web, private computer networks can comm ...

market remained niche, available only to those in-the-know or well funded. Since at least 2005, governments including the United States, United Kingdom, Russia, France, and Israel have been buying exploits from defence contractors and individual

hacker A hacker is a person skilled in information technology who uses their technical knowledge to achieve a goal or overcome an obstacle, within a computerized system by non-standard means. Though the term ''hacker'' has become associated in popu ...

s. This 'legitimate' market for zero day exploits exists but is not well advertised or immediately accessible. Attempts to openly sell zero day exploits to governments and security vendors to keep them off the black market have so far been unsuccessful.

Companies

Traditional arms producers and military services companies such as

BAE Systems BAE Systems plc (BAE) is a British multinational arms, security, and aerospace company based in London, England. It is the largest defence contractor in Europe, and ranked the seventh-largest in the world based on applicable 2021 revenue ...

EADS Airbus SE (; ; ; ) is a European multinational aerospace corporation. Airbus designs, manufactures and sells civil and military aerospace products worldwide and manufactures aircraft throughout the world. The company has three divisions: '' ...

Leonardo Leonardo is a masculine given name, the Italian, Spanish, and Portuguese equivalent of the English, German, and Dutch name, Leonard. People Notable people with the name include: * Leonardo da Vinci (1452–1519), Italian Renaissance scientist ...

General Dynamics General Dynamics Corporation (GD) is an American publicly traded, aerospace and defense corporation headquartered in Reston, Virginia. As of 2020, it was the fifth-largest defense contractor in the world by arms sales, and 5th largest in the Uni ...

Raytheon Raytheon Technologies Corporation is an American multinational aerospace and defense conglomerate headquartered in Arlington, Virginia. It is one of the largest aerospace and defense manufacturers in the world by revenue and market capitali ...

, and

Thales Thales of Miletus ( ; grc-gre, Θαλῆς; ) was a Greek mathematician, astronomer, statesman, and pre-Socratic philosopher from Miletus in Ionia, Asia Minor. He was one of the Seven Sages of Greece. Many, most notably Aristotle, regarded ...

have all expanded into the

cybersecurity Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, t ...

markets. However, smaller software companies such as Blue Coat and

Amesys Bull SAS (also known as Groupe Bull, Bull Information Systems, or simply Bull) is a French computer company headquartered in Les Clayes-sous-Bois, in the western suburbs of Paris. The company has also been known at various times as Bull General El ...

have also become involved, often drawing attention for providing

and

censorship Censorship is the suppression of speech, public communication, or other information. This may be done on the basis that such material is considered objectionable, harmful, sensitive, or "inconvenient". Censorship can be conducted by governments ...

technologies to the regimes of

Bashar al-Assad Bashar Hafez al-Assad, ', Levantine pronunciation: ; (, born 11 September 1965) is a Syrian politician who is the 19th president of Syria, since 17 July 2000. In addition, he is the commander-in-chief of the Syrian Armed Forces and the ...

Syria Syria ( ar, سُورِيَا or سُورِيَة, translit=Sūriyā), officially the Syrian Arab Republic ( ar, الجمهورية العربية السورية, al-Jumhūrīyah al-ʻArabīyah as-Sūrīyah), is a Western Asian country loc ...

and

Muammar Gaddafi Muammar Muhammad Abu Minyar al-Gaddafi, . Due to the lack of standardization of transcribing written and regionally pronounced Arabic, Gaddafi's name has been romanized in various ways. A 1986 column by '' The Straight Dope'' lists 32 spellin ...

Libya Libya (; ar, ليبيا, Lībiyā), officially the State of Libya ( ar, دولة ليبيا, Dawlat Lībiyā), is a country in the Maghreb region in North Africa. It is bordered by the Mediterranean Sea to the north, Egypt to the east, Suda ...

. Suppliers of exploits to western governments include the

Massachusetts Massachusetts (Massachusett: ''Muhsachuweesut Massachusett_writing_systems.html" ;"title="nowiki/> məhswatʃəwiːsət.html" ;"title="Massachusett writing systems">məhswatʃəwiːsət">Massachusett writing systems">məhswatʃəwiːsət'' En ...

firm Netragard. The trade show ISS World that runs every few months has been referred to as the 'international cyber arms bazaar' and the 'wiretappers ball' focuses on surveillance software for

lawful interception Lawful interception (LI) refers to the facilities in telecommunications and telephone networks that allow law enforcement agencies with court orders or other legal authorization to selectively wiretap individual subscribers. Most countries requir ...

. Some other cyberarms companies include Endgame, Inc.,

Gamma Group Gamma Group is an Anglo-German technology company that sells surveillance software to governments and police forces around the world. The company has been strongly criticised by human rights organisations for selling its FinFisher software to u ...

, NSO Group, Birmingham Cyber Arms LTD and Ability. Circles, a former surveillance business, merged with NSO Group in 2014. On 26 July 2017 Google researchers announced the discovery of new spyware they named "Lipizzan". According to Google, "Lipizzan's code contains references to a cyber arms company, Equus Technologies.".

On the Internet

The most popular

Internet forum An Internet forum, or message board, is an online discussion site where people can hold conversations in the form of posted messages. They differ from chat rooms in that messages are often longer than one line of text, and are at least temporar ...

s are generally in

Russian Russian(s) refers to anything related to Russia, including: *Russians (, ''russkiye''), an ethnic group of the East Slavic peoples, primarily living in Russia and neighboring countries *Rossiyane (), Russian language term for all citizens and peo ...

or Ukrainian and there are reports of English-only, Chinese-only, German-only, and Vietnamese-only sites, among others.

Phishing Phishing is a type of social engineering where an attacker sends a fraudulent (e.g., spoofed, fake, or otherwise deceptive) message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious softwa ...

, spear-phishing, and other social engineer campaigns are typically done in English, as a majority of potential victims know that language. India's Central Bureau of Investigation describe the proliferation of underground markets as 'widespread'. Colonel John Adams, head of the

Marine Corps Intelligence Activity Marine Corps Intelligence is an element of the United States Intelligence Community. The Director of Intelligence supervises the Intelligence Department of HQMC and is responsible for policy, plans, programming, budgets, and staff supervision of ...

has expressed concerns these markets could allow cyberweapony to fall into the hands of hostile governments which would otherwise lack the expertise to attack an advanced country's computer systems. Online, there is increasing uses of

encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can de ...

and privacy mechanisms such as

off the record messaging Off-the-Record Messaging (OTR) is a cryptographic protocol that provides encryption for instant messaging conversations. OTR uses a combination of Advanced Encryption Standard, AES symmetric-key algorithm with 128 bits key length, the Diffie–Hell ...

and cryptocurrencies. Since 2005 on darknet markets and black markets such as the 'Cyber Arms Bazaar' have had their prices dropping fast with the cost of cyberweaponry plummeting at least 90 percent.

Botnet A botnet is a group of Internet-connected devices, each of which runs one or more bots. Botnets can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its conn ...

s are increasingly rented out by

cyber criminals A cybercrime is a crime that involves a computer or a computer network.Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi: Anderson Publishing. The computer may have been used in committing the ...

as commodities for a variety of purposes.

RDP shop An RDP shop is a website where access to hacked computers is sold to cybercriminals. The computers may be acquired via scanning the web for open Remote Desktop Protocol connections and brute-forcing passwords. High-value ransomware Ransomware ...

s offer cheap access to hacked computers.

Vendor responses

In recent years, many software firms have had success with

bug bounty program A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabiliti ...

s, but in some cases such as with Vupen's Chrome exploit these will be rejected as below market value. Meanwhile, some vendors such as HP spent more than $7 million between 2005 and 2015 buying exploits for its own software. This behaviour has been criticised by head of the

United States Cyber Command United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integr ...

, General Keith Alexander. This criticism then is known as "building the black market".

Notable markets

* Cyber Arms Bazaar – a darknet market operating out of various

Eastern European Eastern Europe is a subregion of the European continent. As a largely ambiguous term, it has a wide range of geopolitical, geographical, ethnic, cultural, and socio-economic connotations. The vast majority of the region is covered by Russia, whi ...

countries, trafficking crimeware and hacking tools that has run since at least the year 2000. Tom Kellermann, chief cybersecurity officer of

Trend Micro is an American-Japanese multinational cyber security software company with global headquarters in Tokyo, Japan and Irving, Texas, United State.Other regional headquarters and R&D centers are located around East Asia, Southeast Asia, Europe, and ...

, estimates over 80 percent of financial sector

cyberattack A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, or personal computer devices. An attacker is a person or process that attempts to access data, functions, or other restricte ...

s could be traced back to the bazaar, with retail cyberattacks not far behind. * Darkode *

TheRealDeal TheRealDeal was a darknet website and a part of the cyber-arms industry reported to be selling code and zero-day software exploits. The creators claimed in an interview with DeepDotWeb that the site was founded in direct response to the numb ...

References

{{reflist Hacking (computer security) Cybercrime Darknet markets * Cyberpunk themes Cyber-arms companies Mass surveillance Software industry Industries (economics)

Companies

On the Internet

Vendor responses

Notable markets

See also

References