US to renegotiate arms control rule for hacking tools

March 1, 2016 by Tami Abdollah

The Obama administration plans to renegotiate portions of an international arms control arrangement so it's simpler to export tools related to hacking and surveillance software, since those technologies are also used to secure computer networks, a lawmaker said Monday.

The rare reconsideration of a rule agreed to in 2013 by 41 countries is set to be included on a December agenda by the United States. It makes room to more precisely draft ways to control the spread of such hacking tools without the unintended negative consequences for national cybersecurity and research that industry groups and lawmakers have complained about for months.

As one of those 41 member countries of the 1996 Wassenaar Arrangement, which governs the highly technical world of export controls for arms and certain technologies, the United States agreed to restrict tools related to cyber "intrusion software" that could fall into the hands of repressive regimes.

On Monday, the co-chairman of the Congressional Cybersecurity Caucus, Rep. Jim Langevin, D-R.I., issued a statement revealing the administration's decision to ensure countries discuss the removal of language that would broadly sweep up research tools and technology used to create or otherwise support hacking and surveillance software.

"International cybersecurity policy is a new domain, and it is vital that we work together in order to protect our networks from the many threats they face," Langevin said, applauding the effort thus far.

The White House has said it supports making cyber intrusion tools available overseas for legitimate cybersecurity activities. The White House referred questions Monday to the State and Commerce departments, neither of which responded to requests for comment.

Efforts to come up with a workable U.S. rule have highlighted the difficulty of applying the export controls restricting physical items to a virtual world that relies on the free flow of information for network security. Many companies operate in multiple countries and routinely employ foreign nationals who test their own corporate networks across borders.

In May, the Commerce Department's Bureau of Industry and Security proposed denying the transfer of offensive tools—defined as software that uses "zero-day" exploits, or unpatched new vulnerabilities, and "rootkit" abilities that allow a person administrator-level access to a system.

But in the cyber world, testing a network often requires determining first how to exploit it and attempting to do so.

Explore further: US to rework arms control rule on exporting hacker tools

Related Stories

US to rework arms control rule on exporting hacker tools

February 2, 2016

The U.S. government is rewriting a proposal under arms control rules from 20 years ago to make it simpler to export tools related to hacking and surveillance software since they are also used to secure computer networks.

Obama administration plans new high-level cyber official

February 9, 2016

The Obama administration is creating a new high-level federal official to coordinate cybersecurity across civilian agencies and to work with military and intelligence counterparts, as part of its 2017 budget proposal announced ...

Congress passes long-stalled cybersecurity bill

December 18, 2015

Congress on Friday passed legislation to fight cyber threats, pushing the measure through by tucking it into a sprawling government funding bill, after earlier failed attempts.

Recommended for you

Microsoft aims at Apple with high-end PCs, 3D software

October 26, 2016

Microsoft launched a new consumer offensive Wednesday, unveiling a high-end computer that challenges the Apple iMac along with an updated Windows operating system that showcases three-dimensional content and "mixed reality."

Making it easier to collaborate on code

October 26, 2016

Git is an open-source system with a polarizing reputation among programmers. It's a powerful tool to help developers track changes to code, but many view it as prohibitively difficult to use.

Dutch unveil giant vacuum to clean outside air

October 25, 2016

Dutch inventors Tuesday unveiled what they called the world's first giant outside air vacuum cleaner—a large purifying system intended to filter out toxic tiny particles from the atmosphere surrounding the machine.


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.