Decentralized Cyberattack Attribution
113 Am. J. Int'l L. Unbound 213 (2019).
5 Pages Posted: 16 Apr 2019 Last revised: 26 Jun 2019
Date Written: December 15, 2018
Attribution of state-sponsored cyberattacks can be difficult, but the significant uptick in public attributions in recent years has proven that attribution is far from impossible. After several years of only sporadic attributions, Western governments in 2017 began publicly attributing cyberattacks to other governments more frequently and in a more coordinated fashion. But more consistent over the past several years have been public attributions by non-governmental actors, including companies, a non-profit, and an academic institute.
Although not without risks, these non-governmental attributions have an important role to play in the cybersecurity ecosystem. They are often faster and more detailed than governmental attributions, and they sometimes fill gaps, bringing clarity about cyberattacks that governments, for various reasons, may choose not to attribute.
Companies and think tanks have recently proposed centralizing attribution of state-sponsored cyberattacks in a new international entity. But the current system of public-private attributions, decentralized and messy though it is, has some underappreciated virtues — ones that counsel in favor of preserving a multiplicity of attributors even alongside a possible future attribution entity.
Keywords: cyber, cybersecurity, cyberattack, attribution
Suggested Citation: Suggested Citation