At a talk last week, the head of US Cybercommand and the NSA Mike Rogers talked about the US buying cyberweapons from arms manufacturers.
"In the application of kinetic functionality — weapons — we go to the private sector and say, ‘Build this thing we call a [joint directed-attack munition], a [Tomahawk land-attack munition].’ Fill in the blank," he said.
"On the offensive side, to date, we have done almost all of our weapons development internally. And part of me goes — five to ten years from now is that a long-term sustainable model? Does that enable you to access fully the capabilities resident in the private sector? I’m still trying to work my way through that, intellectually."
Businesses already flog exploits, security vulnerability details, spyware, and similar stuff to US intelligence agencies, and Rogers is clearly considering stepping that trade up a notch.
Already, Third World countries are buying from cyberweapons arms manufacturers. My guess is that he’s right and the US will be doing that in the future, too.
Source: Schneier on Security @ February 27, 2017 at 01:35PM