New paper: “Zero Progress on Zero Days: How the Last Ten Years Created the Modern Spyware Market“:
Abstract: Spyware makes surveillance simple. The last ten years have seen a global market emerge for ready-made software that lets governments surveil their citizens and foreign adversaries alike and to do so more easily than when such work required tradecraft. The last ten years have also been marked by stark failures to control spyware and its precursors and components. This Article accounts for and critiques these failures, providing a socio-technical history since 2014, particularly focusing on the conversation about trade in zero-day vulnerabilities and exploits. Second, this Article applies lessons from these failures to guide regulatory efforts going forward. While recognizing that controlling this trade is difficult, I argue countries should focus on building and strengthening multilateral coalitions of the willing, rather than on strong-arming existing multilateral institutions into working on the problem. Individually, countries should focus on export controls and other sanctions that target specific bad actors, rather than focusing on restricting particular technologies. Last, I continue to call for transparency as a key part of oversight of domestic governments’ use of spyware and related components.
More Stories
White House to Tackle AI-Generated Sexual Abuse Images
White House issues new voluntary commitments to combat image-based sexual abuse in AI Read More
Legacy Ivanti Cloud Service Appliance Being Exploited
CISA wants everyone—and government agencies in particular—to remove or upgrade an Ivanti Cloud Service Appliance (CSA) that is no longer...
Half of UK Firms Lack Basic Cybersecurity Skills
A new government report reveals that nearly half of UK businesses lack basic cybersecurity skills, while advanced skills like penetration...
Advanced Phishing Attacks Put X Accounts at Risk
SIM swapping and “adversary-in-the-middle” can bypass security for accounts on X (formerly Twitter) Read More
Apple to Drop Spyware Lawsuit Over Security Concerns
Apple filed a motion to drop its lawsuit against NSO Group, fears key elements of its cyber defensive measures could...
Tackling the Unique Cybersecurity Challenges of Online Learning Platforms
The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of...