Issues

Cybersecurity Internet National Security Technology & Innovation

Regions

China United States and Canada

Languages

Chinese English
About Related Content

All Content

In-Depth Research & Reports

Nov 8, 2021

Surveillance Technology at the Fair: Proliferation of Cyber Capabilities in International Arms Markets

By Winnona DeSombre, Lars Gjesvik, and Johann Ole Willers

Nation-state cyber capabilities are increasingly abiding by the “pay-to-play” model—both US/NATO allies and adversaries can purchase interception and intrusion technologies from private firms for intelligence and surveillance purposes. This paper analyzes active providers of interception/intrusion capabilities, as well as the primary arms fairs at which these players operate. The answers to these questions will allow policymakers to better understand the proliferation of cyber capabilities in the hands of irresponsible corporate actors that presents an urgent challenge to national and global security.

Arms Control Cybersecurity

Issue Brief

Mar 1, 2021

A primer on the proliferation of offensive cyber capabilities

By Winnona DeSombre, Michele Campobasso, Dr. Luca Allodi, Dr. James Shires, JD Work, Robert Morgus, Patrick Howell O’Neill, and Dr. Trey Herr

Offensive cyber capabilities run the gamut from sophisticated, long-term disruptions of physical infrastructure to malware used to target human rights journalists. As these capabilities continue to proliferate with increasing complexity and to new types of actors, the imperative to slow and counter their spread only strengthens.

Arms Control Conflict

Report

Mar 1, 2021

Countering cyber proliferation: Zeroing in on Access-as-a-Service

By Winnona DeSombre, James Shires, JD Work, Robert Morgus, Patrick Howell O’Neill, Luca Allodi, and Trey Herr

The proliferation of offensive cyber capabilities (OCC) presents an expanding set of risks to states and challenges commitments to protect openness, security, and stability in cyberspace. Access as a Service firms offer various forms of “access” to target data or systems, and through these business practices are creating and selling OCC at an alarming rate. It is imperative that governments reevaluate their approach to countering the proliferation of OCC.

Arms Control Cybersecurity

Winnona DeSombre Bernsen is nonresident fellow with the Cyber Statecraft Initiative, part of the Atlantic Council Tech Programs, and a Master of Public Policy/Juris Doctor candidate at Harvard Kennedy School and Georgetown Law.

She was formerly a security engineer at Google’s Threat Analysis Group, tracking targeted threats against Google users, and she is the founder of the offensive security conference DistrictCon, held in Washington DC. In recent years, Winnona has organized policy content at DEF CON and authored multiple pieces on offensive cyber capability proliferation.