The growing trade in exploits of software security has become a “market in digital weapons,” leaving people in the U.S. and abroad vulnerable to cyberattack, said Christopher Soghoian, principal technologist and senior policy analyst at the ACLU, in an Oct. 24 talk at Harvard Law School.

“The entire industry, while it’s been in existence hasn’t received much sunlight,” said Soghoian, arguing that many regulators and policymakers do not even understand that the market exists. (Soghoian said that his talk, which was co-sponsored by the Berkman Center for Internet and Society and the Journal of Law and Technology, only reflected his views and not those of the ACLU.)

Software security exploits are flaws in computer code that allow access into some aspect of software or hardware. These flaws can enable cyberattacks, as in the recent case of Stuxnet, where the U.S. and Israel reportedly set a computer worm on several Iranian organizations.

Read the rest of the story on the Harvard Law School website.