Publicly attributing cyber attacks: a framework

17Citations
Citations of this article
68Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

When should states publicly attribute cyber intrusions? Whilst this is a question governments increasingly grapple with, academia has hardly helped in providing answers. This article describes the stages of public attribution and provides a Public Attribution Framework designed to explain, guide, and improve decision making of public attribution by states. Our general argument is that public attribution is a highly complex process which requires trade-offs of multiple considerations. Effective public attribution not only necessitates a clear understanding of the attributed cyber operation and the cyber threat actor, but also the broader geopolitical environment, allied positions and activities, and the legal context. This also implies that more public attribution is not always better. Public attribution carries significant risks, which are often badly understood. We propose the decision maker’s attitude towards public attribution should be one of ‘strategic, coordinated pragmatism’. Public attribution–as part of a strategy–can only be successful if there is a consistent goal, whilst the avenues for potential negative counter effects are assessed on a case-by-case basis.

Cite

CITATION STYLE

APA

Egloff, F. J., & Smeets, M. (2021). Publicly attributing cyber attacks: a framework. Journal of Strategic Studies. https://doi.org/10.1080/01402390.2021.1895117

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free