网络武器转让：意义、限制和影响

IF 2.2 2区社会学 Q1 INTERNATIONAL RELATIONS

Security Studies Pub Date : 2022-01-01 DOI:10.1080/09636412.2022.2041081

M. Smeets

{"title":"网络武器转让：意义、限制和影响","authors":"M. Smeets","doi":"10.1080/09636412.2022.2041081","DOIUrl":null,"url":null,"abstract":"Abstract What are the motivations and opportunities for arms transfer in the cyber realm? Although scholarship has failed to systematically address this question, having an accurate answer is crucial for understanding the operationalization of cyber commands and intelligence alliances, the functioning of the North Atlantic Treaty Organization in the twenty-first century, and the viability of cyber arms controls. First, this article introduces a new conceptual framework—the people-exploits-tools-infrastructure-organization (PETIO) framework—to understand the elements of an offensive cyber capability. Second, I explain how the incentives of cyber arms transfer differ across the different elements of the PETIO framework. Though exploits and tools can be effortlessly replicated, their transitory nature and potential for operational tracking means there is little incentive to actually transfer these assets. If any incentives exist for state-to-state transfer, it would be in facilitating other state actors to develop their own offensive capabilities—that is, by providing expertise, infrastructure, and organizational capacity to adapt and innovate—as this does not reduce the effectiveness of one’s own arsenal. Third, I argue that the incentives for transferring cyber effect capabilities are weaker compared to cyber espionage capabilities, and attribution dynamics add an additional layer of complexity to these transfer dynamics.","PeriodicalId":47478,"journal":{"name":"Security Studies","volume":"31 1","pages":"65 - 91"},"PeriodicalIF":2.2000,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Cyber Arms Transfer: Meaning, Limits, and Implications\",\"authors\":\"M. Smeets\",\"doi\":\"10.1080/09636412.2022.2041081\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract What are the motivations and opportunities for arms transfer in the cyber realm? Although scholarship has failed to systematically address this question, having an accurate answer is crucial for understanding the operationalization of cyber commands and intelligence alliances, the functioning of the North Atlantic Treaty Organization in the twenty-first century, and the viability of cyber arms controls. First, this article introduces a new conceptual framework—the people-exploits-tools-infrastructure-organization (PETIO) framework—to understand the elements of an offensive cyber capability. Second, I explain how the incentives of cyber arms transfer differ across the different elements of the PETIO framework. Though exploits and tools can be effortlessly replicated, their transitory nature and potential for operational tracking means there is little incentive to actually transfer these assets. If any incentives exist for state-to-state transfer, it would be in facilitating other state actors to develop their own offensive capabilities—that is, by providing expertise, infrastructure, and organizational capacity to adapt and innovate—as this does not reduce the effectiveness of one’s own arsenal. Third, I argue that the incentives for transferring cyber effect capabilities are weaker compared to cyber espionage capabilities, and attribution dynamics add an additional layer of complexity to these transfer dynamics.\",\"PeriodicalId\":47478,\"journal\":{\"name\":\"Security Studies\",\"volume\":\"31 1\",\"pages\":\"65 - 91\"},\"PeriodicalIF\":2.2000,\"publicationDate\":\"2022-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Security Studies\",\"FirstCategoryId\":\"90\",\"ListUrlMain\":\"https://doi.org/10.1080/09636412.2022.2041081\",\"RegionNum\":2,\"RegionCategory\":\"社会学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"INTERNATIONAL RELATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Security Studies","FirstCategoryId":"90","ListUrlMain":"https://doi.org/10.1080/09636412.2022.2041081","RegionNum":2,"RegionCategory":"社会学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"INTERNATIONAL RELATIONS","Score":null,"Total":0}

引用次数: 6

摘要

网络领域武器转让的动机和机会是什么?尽管学术界未能系统地解决这个问题，但有一个准确的答案对于理解网络指挥和情报联盟的运作、北大西洋公约组织在21世纪的运作以及网络军备控制的可行性至关重要。首先，本文引入了一个新的概念框架——人-利用-工具-基础设施-组织(PETIO)框架——来理解进攻性网络能力的要素。其次，我解释了网络武器转让的动机如何在PETIO框架的不同要素之间有所不同。尽管漏洞和工具可以毫不费力地复制，但它们的短暂性和操作跟踪的潜力意味着几乎没有动力真正转移这些资产。如果国与国之间的转移存在任何动机，那就是促进其他国家行为体发展自己的进攻能力——也就是说，通过提供专业知识、基础设施和组织能力来适应和创新——因为这不会降低自己武器库的有效性。第三，我认为，与网络间谍能力相比，转移网络效应能力的动机较弱，归因动态为这些转移动态增加了额外的复杂性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Cyber Arms Transfer: Meaning, Limits, and Implications

Abstract What are the motivations and opportunities for arms transfer in the cyber realm? Although scholarship has failed to systematically address this question, having an accurate answer is crucial for understanding the operationalization of cyber commands and intelligence alliances, the functioning of the North Atlantic Treaty Organization in the twenty-first century, and the viability of cyber arms controls. First, this article introduces a new conceptual framework—the people-exploits-tools-infrastructure-organization (PETIO) framework—to understand the elements of an offensive cyber capability. Second, I explain how the incentives of cyber arms transfer differ across the different elements of the PETIO framework. Though exploits and tools can be effortlessly replicated, their transitory nature and potential for operational tracking means there is little incentive to actually transfer these assets. If any incentives exist for state-to-state transfer, it would be in facilitating other state actors to develop their own offensive capabilities—that is, by providing expertise, infrastructure, and organizational capacity to adapt and innovate—as this does not reduce the effectiveness of one’s own arsenal. Third, I argue that the incentives for transferring cyber effect capabilities are weaker compared to cyber espionage capabilities, and attribution dynamics add an additional layer of complexity to these transfer dynamics.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Security Studies INTERNATIONAL RELATIONS-

CiteScore

2.70

自引率

16.70%

发文量

期刊介绍： Security Studies publishes innovative scholarly manuscripts that make a significant contribution – whether theoretical, empirical, or both – to our understanding of international security. Studies that do not emphasize the causes and consequences of war or the sources and conditions of peace fall outside the journal’s domain. Security Studies features articles that develop, test, and debate theories of international security – that is, articles that address an important research question, display innovation in research, contribute in a novel way to a body of knowledge, and (as appropriate) demonstrate theoretical development with state-of-the art use of appropriate methodological tools. While we encourage authors to discuss the policy implications of their work, articles that are primarily policy-oriented do not fit the journal’s mission. The journal publishes articles that challenge the conventional wisdom in the area of international security studies. Security Studies includes a wide range of topics ranging from nuclear proliferation and deterrence, civil-military relations, strategic culture, ethnic conflicts and their resolution, epidemics and national security, democracy and foreign-policy decision making, developments in qualitative and multi-method research, and the future of security studies.