Cybersecurity
Hack Global, Buy Local: The Inefficiencies of the Zero-Day Exploit Market
Why the market for zero-day exploits is less efficient and more local than you might think.
Max Smeets is a senior researcher at the Center for Security Studies (CSS) at ETH Zurich, director of the European Cyber Conflict Research Initiative, and author of “No Shortcuts: Why States Struggle to Develop a Military Cyber-Force”, published with Oxford University Press and Hurst in May 2022.
Subscribe to this Lawfare contributor via RSS.
Why the market for zero-day exploits is less efficient and more local than you might think.
The United Kingdom is aspiring to become a responsible democratic cyber power, but this is not without cost.
In March, the U.K. government published its Integrated Review of Security, Defence, Development and Foreign Policy, setting out the U.K.’s position as a “responsible democratic cyber power.” This is unique and useful for a few key reasons.
The Strauss Center at UT-Austin has published a report summarizing the dialogue at the “Transatlantic Dialogue on Military Cyber Operations,” which occurred in Amsterdam in August 2019.
In May 2008, the U.S. Department of Defense and the German Ministry of Defence signed a memorandum of understanding concerning “Cooperation on Information Assurance and Computer Network Defense.” Computer network defense (CND) refers to actions taken on computer networks to monitor and protect those networks. It is not the only memorandum the U.S. Department of Defense has signed with allies on cyber defense.
Much has been written about the fundamental changes in U.S. cyber strategy. U.S.
U.S. officials increasingly express old frustrations about the lack of standards for appropriate state behavior in cyberspace. As U.S.-China trade tensions soar, cybersecurity firms have reported that China is renewing its cyber-enabled economic espionage efforts against U.S. companies—if they ever ceased.