Attribution and Secrecy in Cyberspace

Between 2014 and 2015, hackers repeatedly broke into the U.S. Office of Personnel Management (OPM), stealing personal and biometric data for millions of federal employees. Several years earlier, Stuxnet wreaked havoc on centrifuges at the Natanz nuclear enrichment lab in Iran. Last year, numerous organizations and companies, including the New York Times, Twitter, Facebook, and the U.S. Army were victims of cyber attacks carried out by the Syrian Electronic Army. Each time, the perpetrators had slightly different modus operandi: China denied any involvement in the OPM attacks; current and former officials in the United States, acting under the condition of anonymity, acknowledged responsibility for Stuxnet; and the Syrian Electronic Army brazenly advertised complicity by branding compromised websites with their personal logo.

Variation in credit-claiming behavior poses a puzzle for the so-called attribution problem in cyberspace, which depicts a world where the victims of cyber attacks must utilize an array of complex yet imperfect tools to identify their adversaries. If some actors willingly claim credit for an operation, however, the attribution "problem" ceases to be a problem at all. We propose a framework that can help explain this variation, shedding light on the tactics and strategies of different actors in cyberspace....

Continue reading: http://warontherocks.com/2016/03/attribution-and-secrecy-in-cyberspace/