“…Subsequent analyses have tended to default to one of two frames in discussing the regulation of cyberweapons. The first is arms control, in which historical experiences with nuclear, biological and chemical weapons serve as resources for thinking through how arms control mechanisms might be applied to cyberweapons (Brown, 2006;Geers, 2010;Meyer, 2011;Arimatsu, 2012;Maybaum and Tölle, 2016). The second frame concerns the criminalization of cyberweapons (Denning, 2000(Denning, , 2001Prunckun, 2008), drawing on the evolution of the Council of Europe Convention on Cybercrime (2001), discussed in greater detail below.…”