Publicly Attributing Cyber Attacks: A Framework
OPEN ACCESS
Author / Producer
Date
2023
Publication Type
Journal Article
ETH Bibliography
yes
Citations
Altmetric
OPEN ACCESS
Data
Abstract
When should states publicly attribute cyber intrusions? Whilst this is a question governments increasingly grapple with, academia has hardly helped in providing answers. This article by CSS Florian Egloff and Max Smeets describes the stages of public attribution and provides a Public Attribution Framework designed to explain, guide, and improve decision making of public attribution by states. This article asserts that public attribution is a highly complex process which requires trade-offs of multiple considerations. Effective public attribution not only needs a clear understanding of the attributed cyber operation and the cyber threat actor, but also of the broader geopolitical environment, allied positions and activities, and the legal context. Nevertheless, public attribution can also carry risks. This article proposes that public attribution can only be successful if there is a consistent goal, whilst the avenues for potential negative counter effects are assessed on a case-by-case basis.
Permanent link
Publication status
published
External links
Editor
Book title
Journal / series
Volume
46 (3)
Pages / Article No.
502 - 533
Publisher
Taylor & Francis
Event
Edition / version
Methods
Software
Geographic location
Date collected
Date created
Subject
Public attribution; attribution; cyber operations; cyber intrusions; deterrence; norms; intelligence
Organisational unit
03515 - Wenger, Andreas / Wenger, Andreas