Publication

This analysis proposes a method of conceptualizing cyberweapons with an aim to help policymakers and practitioners improve their responses to cyber incidents. More specifically, this method moves beyond technical, abstract or legal definitions of cyberweapons, and instead focuses on two conditions: the intent of an actor using the cyberweapon and its impact. The paper additionally 1) provides an empirical grounding for this set of conditions by applying it to a series of well-known and documented cyber incidents; and 2) explores three core trends identified in this empirical exercise.