The character of warfare has changed fundamentally over the last decade. In the past, it was essential for an adversary nation or insurgent to physically bring weapons to bear during combat. That requirement is no longer a necessity. In cyber operations, the only weapons that need to be used are bits and bytes. In this new era of warfare, logistics issues that often restrict and limit conventional warfare and weaponry are not impediments. This new weaponry moves at the speed of light, is available to every human on the planet, and can be as surgical as a scalpel or as devastating as a nuclear bomb.
Cyber attacks in various forms have become a global problem. Cyberweapons are low-cost, low-risk, highly effective, and easily deployable globally. This new class of weapons is within reach of many countries, extremist or terrorist groups, non-state actors, and even individuals. Cybercrime organizations are developing cyber weapons effectively. The use of
offensive Cyber operations by nation-states directly against another or by co-opting cybercriminals has blurred the line between spies and non-state malicious hackers. New entrants, both nation-states and non-state actors have unmatched espionage and surveillance capabilities with significant capabilities. They are often the forerunners for criminal financial gain,
Cyber Weapons destruction and disruption operations. Progressively, we see non-state actors including commercial entities, developing capabilities that were solely held by a handful of state actors.
The proliferation of cyber tools is lowering the barriers to entry. The ability to buy capabilities off the shelf, bridge gaps in capabilities, or build tailored tools ensures the complex undercurrents of the current cyber threat landscape will remain to challenge national security, the commercial sector, and civilians. The ability to buy cyber tools commercially permits state and
non-state actors to leapfrog from emerging threats to established threats quickly. There are no clear red lines that set expectations and implications for using cyber weapons by state and non-state actors. This is a relatively new area of warfare, the rules of engagement are still emerging and unclear.
Among the most notorious private actors is the Russian Business Network, commonly known as RBN, which started as an Internet service provider for child pornography, phishing spam, and malware distribution. It has specialized in personal identity theft for resale. RBN provides scripts and executables to make cyber weapons undetectable by anti-virus software. Every time a cyber weapon is generated, it looks different from the anti-virus engines, and it goes through often undetected. The modularisation of the delivery platforms and malicious instruction is a growing design in cyberweapons. Cyberweapons of RBN are very popular and powerful.
Intelligence Community and militaries worldwide have developed new tools for exploiting, subverting, degrading, and destroying adversaries’ informational assets. This category of capabilities is loosely described as ‘cyber weapons’. Cyberweapons are throwing serious challenges for the public and private sectors. Crucial issues include the dual-use nature of cyber weapons, attribution of cyber actions, use of cyber weapons as a force multiplier for traditional military operations, and unpredictability and potential for collateral damage.