DarkMatter appears to take a larger role, comparatively, in operational targeting and is tightly associated with key UAE intelligence agencies. DarkMatter is located in and operates under the jurisdiction of the United Arab Emirates (UAE), but originated in a collaboration with US contractors through Project Raven (under which former US intelligence operatives were recruited by the UAE for surveillance activities). ENFER (a cryptonym), is a contractor operating in the Russian Marketplace, which allegedly partakes in offensive operations under the direct instruction of the Russian Federal Security Service (FSB). NSO software has been connected to multiple human rights abuses, particularly against journalists covering and operating in the Middle East, and is, at the time of this report, the subject of a lawsuit by several leading US technology companies. NSO Group is an Israeli firm that offers services, including targeted surveillance software, to multiple government clients. They are also significant cases for policy-maker attention spanning back almost a decade. Together, their activities cover the full spectrum of OCC development described in five pillars below. These companies operate within a semi-regulated market, functioning openly and legally under the jurisdiction of their country of operation. AaaS products and services vary in form, but share foundations that can be categorized under five “pillars” of OCC: Vulnerability Research and Exploitation, Malware Payload Development, Technical Command and Control, Operational Management, and Training and Support.įramed along these pillars, the authors present three case studies (the NSO Group, ENFER, and DarkMatter) to illustrate the complexity of the overlapping activities within the self- and semi-regulated markets of the AaaS industry. These companies advertise their wares to myriad groups, mostly states, who would not otherwise be able to develop such capabilities themselves. This report profiles the “Access-as-a-Service” (AaaS) industry, a significant vector for the proliferation of OCC, as a means of both illustrating the character of this proliferation and investigating policies to counter it.ĪaaS firms offer various forms of “access” to target data or systems, and through these business practices are creating and selling OCC at an alarming rate. Thus, it is imperative that governments reevaluate their approach to countering the proliferation of OCC. Left unchecked, the continued proliferation of offensive capabilities could significantly damage the global economy, international security, and the values that the United States and its allies hold dear. Countering the spread of dangerous capabilities is not a new policy challenge, but its specific application to the cyber domain remains uncertain both in theory and in practice. As these capabilities become more prolific, their regulation through formal international norms and export controls is increasingly ineffective. The proliferation of offensive cyber capabilities (OCC)-the combination of tools vulnerabilities and skills, including technical, organizational, and individual capacities used to conduct offensive cyber operations-presents an expanding set of risks to states and challenges commitments to protect openness, security, and stability in cyberspace.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |