Attribution by Indictment

8 Pages Posted: 7 Feb 2019 Last revised: 19 Mar 2019

See all articles by Chimène Keitner

Chimène Keitner

University of California Davis School of Law

Date Written: January 9, 2019


The challenges of attributing malicious cyber activity — that is, identifying its authors and provenance with a sufficient degree of certainty — are well documented. This essay focuses on a phenomenon that I call “attribution by indictment.” Since 2014, the United States has issued more than a dozen indictments that implicate four foreign states in malicious cyber activity: China, Iran, Russia, and North Korea. Ten of these indictments were issued in 2018, suggesting that this practice is likely to continue and even intensify in the near term. Attribution by indictment uses domestic criminal law, enforced transnationally, to define and enforce certain norms of state behavior in cyberspace. This essay analyzes the U.S. practice of attribution by indictment as a response to malicious cyber activity.

Keywords: cyber, attribution, hacking

Suggested Citation

Keitner, Chimène, Attribution by Indictment (January 9, 2019). UC Hastings Research Paper No. 316, Available at SSRN: or

Chimène Keitner (Contact Author)

University of California Davis School of Law ( email )

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics