{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,9]],"date-time":"2026-04-09T02:37:09Z","timestamp":1775702229531,"version":"3.50.1"},"reference-count":46,"publisher":"IGI Global","issue":"1","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012,1,1]]},"abstract":"<p>Throughout history, mankind has developed and employed novel weapons and countermeasures. Both offensive and defensive weapon systems are limited by the laws of nature. Consequently, military concepts and doctrines were designed by implicitly taking into account those limitations. The digital age has introduced a new class of weaponry that poses an initial challenge to the common understanding of conflict and warfare due to their different characteristics: cyber weapons. This article explores the crucial differences between the conventional weapon and cyber weapon domains, starting a debate as to what extent classical concepts and doctrines are applicable to cyberspace and cyber conflict. The authors propose a definition of cyber weapons being an instrument consisting primarily of data and knowledge, presenting them in the form of prepared and executed computer codes on or a sequence of user interactions with a vulnerable system. The authors describe a vulnerability-based model for cyber weapons and for cyber defence. This model is then applied to describe the relationship between cyber-capable actors (e.g. States). The proposed model clarifies important implications for cyber coalition-building and disarmament. Furthermore, it presents a general solution for the problem of the destruction of cyber weapons, i.e., in the context of cyber arms control.<\/p>","DOI":"10.4018\/ijcwt.2012010102","type":"journal-article","created":{"date-parts":[[2013,3,21]],"date-time":"2013-03-21T22:01:20Z","timestamp":1363903280000},"page":"14-26","source":"Crossref","is-referenced-by-count":8,"title":["A Vulnerability-Based Model of Cyber Weapons and its Implications for Cyber Conflict"],"prefix":"10.4018","volume":"2","author":[{"given":"Christian","family":"Czosseck","sequence":"first","affiliation":[{"name":"Estonian Business School, Tallinn, Estonia"}]},{"given":"Karlis","family":"Podins","sequence":"additional","affiliation":[{"name":"Tallinn University of Technology, Tallinn, Estonia"}]}],"member":"2432","reference":[{"key":"ijcwt.2012010102-0","year":"2011","journal-title":"Websites downed by Russian poll hack"},{"key":"ijcwt.2012010102-1","unstructured":"Arimatsu, L. (2012). A treaty for governing cyber-weapons: Potential benefits and practical limitations. In C. Czosseck, K. Ziolkowski, & R. Ottis (Eds.), Proceedings of the 2012 4th International Conference on Cyber Conflicts (pp. 91\u2013109). Tallinn: CCD COE Publications."},{"key":"ijcwt.2012010102-2","doi-asserted-by":"crossref","unstructured":"Cahill, T., & Rozinov, K. (2003). Cyber warfare peacekeeping. Assurance Workshop, 2003.","DOI":"10.1109\/SMCSIA.2003.1232407"},{"key":"ijcwt.2012010102-3","unstructured":"Council of Europe. (2001). Convention on cybercrime. Retrieved January 1, 2012, from http:\/\/conventions.coe.int\/treaty\/en\/treaties\/html\/185.htm"},{"key":"ijcwt.2012010102-4","unstructured":"Deibert, R., Manchanda, A., Rohozinski, R., Villeneuve, N., & Walton, G. (2009). Tracking ghostnet: Investigating a cyber espionage network. Information Warfare Monitor, Munk Centre, JR02-2009, March (Vol. 29, p. 53)."},{"key":"ijcwt.2012010102-5","unstructured":"Denning, D. E. (2001). Activism, hacktivism, and cyberterrorism: the internet as a tool for influencing foreign policy. Networks and Netwars: The future of Terror, Crime, And Militancy, 239\u2013288."},{"key":"ijcwt.2012010102-6","unstructured":"DrPeering International. (2011). Who are the Tier 1 ISPs? Retrieved February 10, 2013, from http:\/\/drpeering.net\/FAQ\/Who-are-the-Tier-1-ISPs.php"},{"key":"ijcwt.2012010102-7","doi-asserted-by":"publisher","DOI":"10.1080\/19393550802036631"},{"issue":"1","key":"ijcwt.2012010102-8","first-page":"121","article-title":"Battling botnets and online mobs: Estonia\u2019s defense efforts during the internet war.","volume":"9","author":"G.Evron","year":"2008","journal-title":"Georgetown Journal of International Affairs"},{"key":"ijcwt.2012010102-9","author":"N.Falliere","year":"2010","journal-title":"W32.Stuxnet dossier. Symantec security response"},{"key":"ijcwt.2012010102-10","first-page":"183","article-title":"A brief examination of media coverage of cyberattacks (2007-Present)","author":"C.Farivar","year":"2009","journal-title":"The virtual battlefield: Perspectives on cyber warfare"},{"key":"ijcwt.2012010102-11","unstructured":"Fisher, D. (2010). Inside the aurora (Google Attack) malware. threatpost. Retrieved October 24, 2012, from http:\/\/threatpost.com\/en_us\/blogs\/inside-aurora-google-attack-malware-011910"},{"key":"ijcwt.2012010102-12","unstructured":"Gjelten, T. (2010). Debating cyber disarmament. World Affairs. Retrieved March 1, 2012, from http:\/\/www.worldaffairsjournal.org\/article\/shadow-wars-debating-cyber-disarmament"},{"key":"ijcwt.2012010102-13","unstructured":"Herold, R. (2007). DHS exploding generator shows dire need for better computer security. Retrieved August 17, 2010, from http:\/\/www.realtime-itcompliance.com\/information_security\/2007\/09\/dhs_exploding_generator_shows.htm"},{"key":"ijcwt.2012010102-14","unstructured":"Human Rights Watch. (2006). Race to the bottom - corporate complicity in Chinese internet censorship. Human Rights Watch, 18(8 (C))."},{"key":"ijcwt.2012010102-15","author":"J.Hunker","year":"2008","journal-title":"Role and challenges for sufficient cyber-attack attribution"},{"key":"ijcwt.2012010102-16","unstructured":"Jellenc, E. (2012). Explaining politico-strategic cyber security\u202f: The feasibility of applying arms race theory. In E. Filiol & R. Erra (Eds.), Proceedings of the 11th European Conference on Information Warfare and Security (pp. 151\u2013162). Laval."},{"key":"ijcwt.2012010102-17","unstructured":"Jewell, M. (2007). T.J. Maxx theft believed largest hack ever. NBC News. Retrieved February 10, 2013, from http:\/\/www.nbcnews.com\/id\/17871485\/ns\/technology_and_science-security\/t\/tj-maxx-theft-believed-largest-hack-ever\/#.URe3b6WyEpQ"},{"issue":"May","key":"ijcwt.2012010102-18","first-page":"1427","article-title":"Hacking into international humanitarian law\u202f: The principles of distinction and neutrality in the Age of Cyber Warfare.","author":"J. T. G.Kelsey","year":"2008","journal-title":"Michigan Law Review"},{"key":"ijcwt.2012010102-19","first-page":"60","article-title":"Georgia\u2019 s cyber left hook.","author":"S. W.Korns","year":"2009","journal-title":"WORLD (Oakland, Calif.)"},{"key":"ijcwt.2012010102-20","unstructured":"Landler, M., & Markoff, J. (2007, May 28). In Estonia, what may be the first war in cyberspace. The New York Times."},{"key":"ijcwt.2012010102-21","unstructured":"Langner, R. (2011). Keynote speech on Stuxnet @ ICCC 2011. Tallinn: CCD COE Publications. Retrieved January 1, 2012, from http:\/\/www.ccdcoe.org\/280.html"},{"key":"ijcwt.2012010102-22","unstructured":"Lemay, A., Fernandeza, J. M., & Knight, S. (2010). Pinprick attacks, a lesser included case? In C. Czosseck & K. Podins (Eds.), Proceedings of the Conference on Cyber Conflict (pp. 183 \u2013 194). Tallinn: CCD COE Publications."},{"key":"ijcwt.2012010102-23","unstructured":"Lorents, P., & Ottis, R. (2010). Knowledge based framework for cyber weapons and conflict. In C. Czosseck & K. Podins (Eds.), Proceedings of the Conference on Cyber Conflict (pp. 129 \u2013 142). Tallinn: CCD COE Publications."},{"key":"ijcwt.2012010102-24","unstructured":"McGee, J. (2011). NATO and cyber defence. Retrieved July 9, 2012, from http:\/\/www.nato-pa.int\/default.asp?SHORTCUT=1782"},{"key":"ijcwt.2012010102-25","unstructured":"McLaughlin, V. (2012). Anonymous: What do we have to fear from hacktivism, the lulz, and the hive mind? Unpublished Bachelor Thesis, University of Virginia."},{"key":"ijcwt.2012010102-26","unstructured":"Mell, P., Scarfone, K., & Romanosky, S. (2007). A complete guide to the common vulnerability scoring system version 2.0. FIRST-Forum of Incident Response and Security Teams (pp. 1\u201323)."},{"key":"ijcwt.2012010102-27","unstructured":"Microsoft. (2009). Microsoft collaborates with industry to disrupt conficker worm. Retrieved January 3, 2012, from http:\/\/www.microsoft.com\/presspass\/press\/2009\/feb09\/02-12confickerpr.mspx"},{"key":"ijcwt.2012010102-28","author":"C.Miller","year":"2010","journal-title":"Kim Jong-il and me: How to build a cyber army to attack the U.S"},{"key":"ijcwt.2012010102-29","doi-asserted-by":"crossref","unstructured":"Moore, T., Friedman, A., & Procaccia, A. D. (2010). Would a\u2019cyber warrior'protect us: exploring trade-offs between attack and defense of information systems. In Proceedings of the 2010 Workshop on New Security Paradigms (pp. 85\u201394). ACM.","DOI":"10.1145\/1900546.1900559"},{"key":"ijcwt.2012010102-30","unstructured":"Moscaritolo, A. (2011). RSA confirms Lockheed hack linked to SecurID breach - SC Magazine. SC Magazine. Retrieved October 24, 2012, from http:\/\/www.scmagazine.com\/rsa-confirms-lockheed-hack-linked-to-securid-breach\/article\/204744\/"},{"key":"ijcwt.2012010102-31","unstructured":"NATO. (2010). Strategic concept for the defence and security of the members of the NATO. Retrieved December 30, 2010, from http:\/\/www.nato.int\/cps\/en\/natolive\/official_texts_68580.htm"},{"key":"ijcwt.2012010102-32","first-page":"163","article-title":"Politically motivated denial of service attacks","author":"J.Nazario","year":"2009","journal-title":"The virtual battlefield: Perspectives on cyber warfare"},{"key":"ijcwt.2012010102-33","unstructured":"Oiaga, M. (2010). Windows blue screens of death after patch for 17-year old vulnerability is applied. Retrieved August 17, 2010, from http:\/\/news.softpedia.com\/news\/Windows-Blue-Screens-of-Death-after-Patch-for-17-Year-Old-Vulnerability-Is-Applied-134808.shtml"},{"key":"ijcwt.2012010102-34","unstructured":"Ottis, R. (2008). Analysis of the 2007 cyber attacks against Estonia from the information warfare perspective. In Proceedings of the 7th European Conference on Information Warfare (p. 163). Academic Conferences Limited."},{"key":"ijcwt.2012010102-35","unstructured":"Ottis, R., & Lorents, P. (2010). Cyberspace: Definition and implications. In Proceedings of the 5th International Conference on Information Warfare and Security (pp. 267\u2013270). Academic Publishing Limited."},{"key":"ijcwt.2012010102-36","article-title":"Belarus in the context of European cyber security","author":"F.Pavlyuchenko","year":"2009","journal-title":"The virtual battlefield: Perspectives on cyber warfare"},{"key":"ijcwt.2012010102-37","unstructured":"Perlroth, N. (2012, October 23). Cyberattack on Saudi oil firm disquiets U.S. NYTimes.com."},{"key":"ijcwt.2012010102-38","unstructured":"Podins, K., & Czosseck, C. (2012). A vulnerability-based model of cyber weapons and its implications for cyber conflict. In E. Filiol & R. Erra (Eds.), Proceedings of the 11th European Conference on Information Warfare and Security (pp. 198\u2013205). Laval."},{"key":"ijcwt.2012010102-39","unstructured":"Polska, C. E. R. T. (2012). An anomaly in the \u03bctorrent network. Retrieved February 10, 2013, from http:\/\/www.cert.pl\/news\/5365\/langswitch_lang\/en"},{"key":"ijcwt.2012010102-40","author":"A.Pras","year":"2010","journal-title":"Attacks by \u201cAnonymous\u201d WikiLeaks proponents not Anonymous"},{"issue":"3","key":"ijcwt.2012010102-41","first-page":"15","article-title":"War crimes from cyber-weapons.","volume":"6","author":"N. C.Rowe","year":"2007","journal-title":"Journal of Information Warfare"},{"key":"ijcwt.2012010102-42","unstructured":"Security, D. O. H. (2010). National vulnerability database (NVD) search vulnerabilities. Retrieved August 17, 2010, from http:\/\/web.nvd.nist.gov\/view\/vuln\/search?execution=e2s1"},{"key":"ijcwt.2012010102-43","first-page":"3","article-title":"Cyber wars: A paradigm shift from means to ends","volume":"Vol. 34","author":"A.Sharma","year":"2009","journal-title":"The virtual battlefield: Perspectives on cyber warfare"},{"key":"ijcwt.2012010102-44","first-page":"118","article-title":"What analogies can tell us about the future of cybersecurity","author":"D.Sulek","year":"2009","journal-title":"The virtual battlefield: Perspectives on cyber warfare"},{"key":"ijcwt.2012010102-45","doi-asserted-by":"crossref","unstructured":"Ziolkowski, K. (2010). Computer network operations and the law of armed conflict. Military Law and the Law of War Review, (49), 47\u201394.","DOI":"10.4337\/mllwr.2010.1-2.04"}],"container-title":["International Journal of Cyber Warfare and Terrorism"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=75762","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,6,30]],"date-time":"2023-06-30T12:19:17Z","timestamp":1688127557000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/ijcwt.2012010102"}},"subtitle":[""],"short-title":[],"issued":{"date-parts":[[2012,1,1]]},"references-count":46,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2012,1]]}},"URL":"https:\/\/doi.org\/10.4018\/ijcwt.2012010102","relation":{},"ISSN":["1947-3435","1947-3443"],"issn-type":[{"value":"1947-3435","type":"print"},{"value":"1947-3443","type":"electronic"}],"subject":[],"published":{"date-parts":[[2012,1,1]]}}}