Challenges in Monitoring Cyberarms Compliance

A cyberweapon can be as dangerous as any weapon. Fortunately, recent technology now provides some tools for cyberweapons control. Digital forensics can be done on computers seized during or after hostilities. Cyberweapons differ significantly from other software, especially during development, and recent advances in summarizing the contents of storage media can locate possible cyberweapons quickly. Use of cyberweapons can be distinguished in the usual malicious Internet traffic by being aimed at targets associated with political, social, and cultural issues that are often known in advance, and those targets can then be monitored. Cyberweapons are relatively unreliable compared to other kinds of weapons because they are susceptible to flaws in software; therefore, cyberweapons require considerable testing, preferably against live targets. Thus, international "cyberarms agreements" could provide for forensics on cyberweapons and usage monitoring. Agreements also encourage more responsible cyberweapons use by stipulating attribution and reversibility. The authors discuss the kinds of international agreements that are desirable, and examine the recent interest of the U.S. government in such agreements.