Countering cyber proliferation: Zeroing in on Access-as-a-Service Report by Winnona DeSombre, James Shires, JD Work, Robert Morgus, Patrick Howell O’Neill, Luca Allodi, and Trey Herr
Executive summary
The proliferation of offensive cyber capabilities (OCC) the combination of tools; vulnerabilities; and skills, including technical, organizational, and individual capacities used to conduct offensive cyber operations presents an expanding set of risks to states and challenges commitments to protect openness, security, and stability in cyberspace. As these capabilities become more prolific, their regulation through formal international norms and export controls is increasingly ineffective. Countering the spread of dangerous capabilities is not a new policy challenge, but its specific application to the cyber domain remains uncertain both in theory and in practice. Left unchecked, the contin
The Ultimate Guide to Zero-Day Attacks & Exploits Daily
Leave this field empty if you re human: (
Zero-Day Attacks Are Hard to Protect Against Because They Take Advantage of Previously Unknown Vulnerabilities – Learn All About Them and How to Minimize the Risks
It’s finally here – the vacation you’ve been planning has arrived and it’s time to hit the road. You lock your doors and head to the airport. But a few days later, while you’re gone, a burglar decides to check out your neighborhood. They come to your house and, to their delight, find that the lock on the back door is broken. You didn’t notice, but the bad guys did. They are thus able to steal your valuables before you have the chance to fix your door. Now, replace your house a piece of software and the broken lock with a vulnerability and you’re looking at how zero-day exploits work in the cybersecurity world.
A primer on the proliferation of offensive cyber capabilities Issue Brief by Winnona DeSombre, Michele Campobasso, Dr. Luca Allodi, Dr. James Shires, JD Work, Robert Morgus, Patrick Howell O’Neill, and Dr. Trey Herr
Executive summary
Offensive cyber capabilities run the gamut from sophisticated, long-term disruptions of physical infrastructure to malware used to target human rights journalists. As these capabilities continue to proliferate with increasing complexity and to new types of actors, the imperative to slow and counter their spread only strengthens. But to confront this growing menace, practitioners and policy makers must understand the processes and incentives behind it. The issue of cyber capability proliferation has often been presented as attempted export controls on intrusion software, creating a singular emphasis on malware components. This primer reframes the narrative o