Extending the ‘Attribution Problem’: Why Who-Based Attribution Is Insufficient to Deterring Cyberattacks

Abstract:

Current scholarship explains the shortcomings of cyber deterrence through the difficulty involved in proving who launched an attack—what scholars refer to as the ‘attribution problem’. This paper identifies an additional intelligence-centric impediment to cyber deterrence. Cyberattacks yield effects in a manner that is indirect, while offensive cyber operations are multi-stage and multipurpose. These characteristics complicate analytic judgments about the culpability of the attacker, whereas deterrence requires that states retaliate with measures which are timely, clear, and proportionate. The paper uses three cases studies—the 2016 Russian election interference campaign, WannaCry, and NotPetya—to illustrate how the indirectness and ambiguity of cyberattacks and offensive cyber operations obscure the motivations, goals, and culpability of the attacker. It concludes that these characteristics discourage states from adopting punishment-based deterrence strategies because they lengthen the temporal and epistemological requirements of attribution analysis.


AUTHORS

Photo of John Sakellariadis

2021-2022 Fulbright U.S. Student Research Grantee
Athens, Greece

John Sakellariadis is a 2021-2022 Fulbright U.S. Student Research Grantee. During the grant period, he will be conducting research on the dynamics driving the surge in ransomware attacks. Prior to the grant, John worked as a reporter and research analyst. He has written for Slate, The Record, National Review, SupChina, and Global Americans, and he has forthcoming academic essays in the Journal of Cold War History and the Journal of Information Warfare. John holds a Bachelor’s degree in History & Literature from Harvard University and a Master’s degree in International Affairs from Columbia University.

Journal of Information Warfare

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

Quick Links

View the latest issue of JIW.

Latest Edition

Purchase a subscription to JIW.

Subscribe

Keywords

A

AI
APT

C

C2
C2S
CDX
CIA
CIP
CPS

D

DNS
DoD
DoS

I

IA
ICS

M

P

PDA

S

SOA

X

XRY

Quill Logo

The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.

SUBSCRIBE NOW

Get in touch

Registered Agent and Mailing Address

  • Journal of Information Warfare
  •  ArmisteadTEC
  • Dr Leigh Armistead, President
  • 1624 Wakefield Drive
  • Virginia Beach, VA 23455

 757.510.4574

 JIW@ArmisteadTec.com