US to renegotiate arms control rule for hacking tools

March 1, 2016 by Tami Abdollah

The Obama administration plans to renegotiate portions of an international arms control arrangement so it's simpler to export tools related to hacking and surveillance software, since those technologies are also used to secure computer networks, a lawmaker said Monday.

The rare reconsideration of a rule agreed to in 2013 by 41 countries is set to be included on a December agenda by the United States. It makes room to more precisely draft ways to control the spread of such hacking tools without the unintended negative consequences for national cybersecurity and research that industry groups and lawmakers have complained about for months.

As one of those 41 member countries of the 1996 Wassenaar Arrangement, which governs the highly technical world of export controls for arms and certain technologies, the United States agreed to restrict tools related to cyber "intrusion software" that could fall into the hands of repressive regimes.

On Monday, the co-chairman of the Congressional Cybersecurity Caucus, Rep. Jim Langevin, D-R.I., issued a statement revealing the administration's decision to ensure countries discuss the removal of language that would broadly sweep up research tools and technology used to create or otherwise support hacking and surveillance software.

"International cybersecurity policy is a new domain, and it is vital that we work together in order to protect our networks from the many threats they face," Langevin said, applauding the effort thus far.

The White House has said it supports making cyber intrusion tools available overseas for legitimate cybersecurity activities. The White House referred questions Monday to the State and Commerce departments, neither of which responded to requests for comment.

Efforts to come up with a workable U.S. rule have highlighted the difficulty of applying the export controls restricting physical items to a virtual world that relies on the free flow of information for network security. Many companies operate in multiple countries and routinely employ foreign nationals who test their own corporate networks across borders.

In May, the Commerce Department's Bureau of Industry and Security proposed denying the transfer of offensive tools—defined as software that uses "zero-day" exploits, or unpatched new vulnerabilities, and "rootkit" abilities that allow a person administrator-level access to a system.

But in the cyber world, testing a network often requires determining first how to exploit it and attempting to do so.

Explore further: US to rework arms control rule on exporting hacker tools

Related Stories

US to rework arms control rule on exporting hacker tools

February 2, 2016

The U.S. government is rewriting a proposal under arms control rules from 20 years ago to make it simpler to export tools related to hacking and surveillance software since they are also used to secure computer networks.

Obama administration plans new high-level cyber official

February 9, 2016

The Obama administration is creating a new high-level federal official to coordinate cybersecurity across civilian agencies and to work with military and intelligence counterparts, as part of its 2017 budget proposal announced ...

Congress passes long-stalled cybersecurity bill

December 18, 2015

Congress on Friday passed legislation to fight cyber threats, pushing the measure through by tucking it into a sprawling government funding bill, after earlier failed attempts.

Recommended for you

Forget oil, Russia goes crazy for cryptocurrency

August 16, 2017

Standing in a warehouse in a Moscow suburb, Dmitry Marinichev tries to speak over the deafening hum of hundreds of computers stacked on shelves hard at work mining for crypto money.

Researchers clarify mystery about proposed battery material

August 15, 2017

Battery researchers agree that one of the most promising possibilities for future battery technology is the lithium-air (or lithium-oxygen) battery, which could provide three times as much power for a given weight as today's ...

Signs of distracted driving—pounding heart, sweaty nose

August 15, 2017

Distracted driving—texting or absent-mindedness—claims thousands of lives a year. Researchers from the University of Houston and the Texas A&M Transportation Institute have produced an extensive dataset examining how ...


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.