Stateless Attribution : Toward International Accountability in Cyberspace

Abstract

The attribution of a malicious cyber incident consists of identifying the responsible party behind the activity. A cyber attribution finding is a necessary prerequisite for holding actors accountable for malicious activity. Recently, several cyber incidents with geopolitical implications and the attribution findings associated with those incidents have received high-profile press coverage. Many segments of the general public disputed and questioned the credibility of the declared attributions. In this report, we review the state of cyber attribution and we consider alternative mechanisms for producing standardized and transparent attribution that may overcome concerns about credibility. In particular, this exploratory work considers the value of an independent, global organization whose mission consists of investigating and publicly attributing major cyber attacks.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2017
Accession Number
AD1085780

Entities

People

  • Benjamin Boudreaux
  • Cordaye Ogletree
  • Geoffrey Mcgovern
  • Jair Aguirre
  • John Ii S. Davis
  • Jonathan W. Welburn
  • Michael S. Chase

Organizations

  • RAND Corporation

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Cyberattacks
  • Cybersecurity
  • Cyberspace Operations
  • Department Of Homeland Security
  • Geography
  • Information Systems
  • Intelligence Community (United States)
  • Intergovernmental Organizations
  • International Law
  • International Organizations
  • International Relations
  • National Politics
  • National Security
  • Network Protocols
  • Personnel Management
  • Public Policy
  • Social Media

Readers

  • Economics
  • European Security and Defence Policy (ESDP).
  • Political Violence and Terrorism Studies.

Technology Areas

  • Cyber
  • Cyber - Legality in Cyberspace