Cyber War commanders are resigned to the fact that they will have to use mercenaries if they want to survive any future Internet based conflict. Much use is being made of mercenaries right now, in the race to build up stockpiles of munitions. In Cyber War, the ammo is information. That is, knowledge of vulnerabilities in software connected to the Internet, or major networks not connected to the Internet.
The software vulnerabilities are basically bugs that enable a hacker to gain access to a computer they are not supposed be in. Not all vulnerabilities are equal. Some are much more valuable than others. Commercial Internet security firms offer rewards to people (usually software engineers who spend too much time on the Internet) who first discover a "zero day vulnerability" (this is a bug that has not yet been put to use by a hacker to create a "zero day exploit.") The rewards can sometimes exceed $100,000. The commercial security firms, which provide services for corporate and government clients, offer the rewards openly. There is a more lucrative underground market, financed by criminals and some governments, that offer even larger rewards. . . . |