On October 20, 2021, local time, the U.S. Department of Commerce announced new export controls aimed at restricting the sale of hacking tools to countries such as China and Russia. The subtext of the new US regulation is that “China is buying hacking tools to carry out cyber attacks”, but it turns a blind eye to the fact that the country is the world’s largest buyer, stockpiler and seller of cyber weapons. Cybersecurity experts believe the new U.S. measures are aimed at perpetuating its dominance in cyberattacks.
U.S. issues new export controls to limit sales of hacking tools to Russia and China
US media reported on October 21, 2021 that the US Bureau of Industry and Security (BIS) under the US Department of Commerce issued a new export control regulation aimed at curbing exports to countries such as China and Russia Hacking. Previously, the rule had been shelved for years. The rule, which will take effect in 90 days, will prevent U.S. companies from selling any hacking software and equipment to China, Russia, Vietnam and other countries unless they have a license from the Commerce Department’s Bureau of Industry and Security. The Commerce Department has previously imposed export controls on some tools that encrypt data. Under the new rules, U.S. officials will take a hierarchical approach to regulating “intrusion software” that helps users break into computer networks to monitor, steal data or damage systems.
The new rule prohibits the sale of hacking tools to governments and individuals in countries such as China, Russia and Yemen that have been identified as constituting so-called U.S. national security concerns, or countries facing a U.S. arms embargo, such as Venezuela, unless U.S. companies and their distributors obtain relevant license. The new rules also explicitly prohibit exports of a broad range of products to countries the U.S. deems sponsoring terrorism, such as Iran and North Korea, as well as embargoed countries such as Cuba.
But the new rule also opens up backdoors, such as those involving sales to U.S. allies, sales to private individuals, and in some cases tools to probe cyber defenses or consulting services to hacked organizations . Companies selling hacking tools to Israel, Saudi Arabia, Bahrain, Taiwan and the United Arab Emirates will require licenses, but U.S. companies are free to sell such software to those countries that use the tool for defense purposes, the Commerce Department said. s individual. The new rules also allow U.S. Internet companies to sell tools that detect software vulnerabilities and provide consulting services to help combat hacking in most unrestricted countries.
U.S. Department of Commerce website publishes new export control regulations
Global Cyber Weapons Market Grows Rapidly
According to the “2019-2027 Global Cyber Weapons Market Forecast” released by the American consulting service company inkwood in 2019, the global cyber weapons market was worth $45.12 billion in 2018 and is expected to generate approximately $65.13 billion in net income by 2027, with a compound annual growth rate. The rate was 4.17%. The global cyber weapons market is primarily driven by the following five factors: Rising demand for advanced cyber weapons, increasing defense spending, commitment of multiple agencies to invest in identifying zero-day vulnerabilities, expansion of traditional weapons manufacturing companies in cyber security business, cyber The number of questions increases.
The global cyber weapons market is divided into four geographic regions: North American cyber weapons market (US and Canada), European cyber weapons market (UK, France, Germany, Italy, Spain and Rest of Europe), Asia Pacific cyber weapons market (China, India) , Japan, Korea, Australia, New Zealand and Rest of Asia Pacific), Rest of World (Latin America, Middle East and Africa).
Geographically, North America accounted for the largest revenue share of the market in 2018. In addition to the increase in defense spending in North America, the growing demand for cyber weapons is mainly due to the growing number of cyber attacks against the United States and Canada.
Rising internet penetration, increasing mobile data usage and the use of BYOD (bring your own device), cyber-attack cases in the Asia-Pacific region are increasing at a significant rate, making the Asia-Pacific region projected to be the fastest growing region for cyber weapons regional market. Countries such as India are seen as major markets with huge investments in defense.
Inkwood released “2019-2027 Global Cyber Weapons Market Forecast” in 2019
Vulnerabilities are a favorite in the cyber weapons market
The biggest change in the vulnerability market in recent years has been the influx of government funding, especially the huge US government investment. According to the Center for Strategic and International Studies in Washington, the U.S. tops the vulnerability buying and selling list, followed by Israel, the U.K., Russia, India and Brazil. North Korea also has a piece of the market, along with some Middle Eastern intelligence agencies.
In fact, a 2013 report by the European Centre for Information Security and Policy stated that the NSA entered into a one-year contract with the French company VUPEN in September 2012 to subscribe to VUPEN as required by the US Freedom Act. Binary Analysis and Exploits Service. This allows the NSA to use software backdoors as well as zero-day exploits.
In 2015, the U.S. Bureau of Industry and Security unveiled a plan to put restrictions on hacking into a global arms trade treaty known as the Wassenaar Arrangement (WA). The Wassenaar Agreement, an export restriction agreement signed by 42 countries, restricts the export of ammunition and weapons such as tanks, missiles and firearms, as well as “dual-use goods and technologies” such as nuclear fuel rods. In a 2013 addendum, the agreement sought to regulate cyber-attack tools, known as “intrusion software.” But countries interpret the agreement and implement it in their laws differently. The Wassenaar Agreement excludes South Asia (including India, Indonesia, and China), most of South America (the only country in the agreement is Argentina), most of Africa (the only country in the agreement is South Africa), and West Asia ( including Israel, Iran, etc.). While Israel operates a similar licensing program for the export of hacking tools, the Israeli government allows cellphone spyware developer NSO to sell its cellphone surveillance software to many foreign governments. Dozens of countries, including India, Saudi Arabia, and Germany, purchase products from NSO to monitor “political enemies.”
Key Players in the Global Cyber Weapons Market
Kaspersky Lab, Boeing, McAfee (acquired by Intel Security), Cisco Systems, Northrop Grumman, Lockheed Martin, Airbus, AVAST Software, Raytheon, Mandiant (acquired by FireEye acquisition), BAE Systems, AVG Technologies, General Dynamics, and Symantec Corporation are some of the prominent players in the global cyber weapons market.
In recent years, private cybersecurity companies in the United States, Israel and other countries have sprung up, providing a large number of cyber weapons for state-level cyberattacks, giving birth to the new concept of Private Sector Offensive Actor (PSOA), reflecting the importance of cyberattacks. privatization trend. Israel-based NSO Group is the poster child for the privatization of cyber attacks. NSO has developed an app called Pegasus (Pegasus), which is sold to government law enforcement agencies in India, Argentina, Saudi Arabia and other countries. The University of Toronto found more than 100 cases of misuse of NSO technology.
Countries such as the United States and Israel have been the main sellers of hacking technology and cybersecurity products in the international market. According to comprehensive public information, as of October 18, 2021, there were approximately 59 private cybersecurity companies in the world participating in national-level offensive cyber operations (see the table below for some companies), of which US companies topped the list, with as many as 15 , Germany ranked second, with 5 companies on the list, and Israel and Russia ranked third, both with 4 companies. Most of these companies offer software implants and intrusions, including zero-day exploits, exploit frameworks, security bypass techniques, communication interception products, and more.
The United States has the world’s largest cyber ‘nuclear arsenal’
Cyber weapons are comparable to nuclear weapons, biological and chemical weapons, and may cause serious damage to the global infrastructure and the normal production and life of various countries. In 2015, Assange, the founder of WikiLeaks, revealed that the United States has developed as many as 2,000 kinds of cyber weapons, making it the world’s number one cyber weapon power. By building the world’s largest cyber arsenal comparable to nuclear weapons, the U.S. military and intelligence agencies have triggered a global cyber arms race and directly threatened global cyber security.
On May 12, 2017, the “WannaCry (Want to Cry)” ransomware broke out around the world, affecting more than 150 countries and regions, more than 100,000 organizations and institutions, and more than 300,000 computers, with a total loss of more than 50 billion yuan. An important reason why the “WannaCry” ransomware has caused serious losses is that the “Eternal Blue” cyber weapon developed by the National Security Agency has flowed into the civilian population and is used by hackers to make the ransomware “worm-like” spread. Microsoft President and Chief Legal Officer Smith publicly accused the National Security Agency of being unshirkable in the ransomware incident, and even compared the “theft of the cyber arsenal” to the theft of the Tomahawk missile.
The cyber weapon “Eternal Blue” developed by the National Security Agency is just one of many cyber weapons used by the “Equation” group under the National Security Agency. On April 14, 2017, the hacker group “Shadow Brokers” disclosed the extremely destructive network attack tools used by a large number of “Equation Group” including “Eternal Blue”, using these tools, A computer can be hacked as long as it is connected to the Internet, just like “WannaCry”, which can cause serious damage overnight.
“Equation” hacker group with NSA background
In 2019, U.S. media widely reported that U.S. cybersecurity firm Symantec found that Chinese intelligence agencies had obtained hacking tools from the U.S. National Security Agency, which they used in 2016 to attack U.S. allies and Europe. and private companies in Asia, the incident is the latest evidence that the United States has lost control of a key part of its cybersecurity arsenal. Ironically, based on the timing of the attack and clues in the computer code, Symantec researchers believe that the Chinese did not steal the code, but rather from an NSA attack on Chinese computers. Captured – like a gunslinger grabs an enemy’s rifle and starts fighting back.
The Links: 7MBR100SD060 CM400DY1-12E