The Role of Nation-States in Cyber Intrusion Proliferation: Insights from British Think Tanks
When it comes to the proliferation and abuse of offensive cyber tools and services, the behavior of nation-states plays a significant role. According to research conducted by the Royal United Services Institute for Defence and Security Studies (RUSI) and the Royal Institute of International Affairs (Chatham House), non-state proliferating factors (NPFs) and state permissive behaviors (SPBs) are to blame for the spread of commercial hacking tools.
The Impact of State-Permissive Factors
RUSI’s research identified various factors contributing to the proliferation of commercial hacking tools. Factors such as inadequate regulation, lack of transparency, and gaps in cyber-security education were highlighted as key issues. Additionally, state actors often deploy offensive-cyber firms to build diplomatic relationships, further fueling the misuse of cyber tools.
In response to these findings, the researchers proposed a list of recommendations for nation-states to address these permissive behaviors at both national and international levels.
Principles for State Approaches to Cyber Intrusion
In a separate study, Chatham House outlined principles aimed at improving global oversight of cyber intrusion tools. These principles include aligning approaches across markets, separating permissioned and unpermissioned cyber intrusion, and promoting the responsible use of cyber capabilities.
It is crucial to differentiate between legitimate and abusive usage of commercial cyber tools. By implementing these principles, nation-states can stimulate the market for responsible use while curbing illicit activities.
As the UN and other international bodies address cybersecurity issues, it is evident that the regulation of commercial cyber intrusion capabilities is a pressing concern. The insights provided by RUSI and Chatham House offer valuable guidance for policymakers and stakeholders in navigating this complex landscape.