When your business, your defence ministry or your PC is hacked, how do you know who did it, given the limitless range of possible culprits? This book explores the complexities of attribution
Attribution - tracing those responsible for a cyber attack - is of primary importance when classifying it as a criminal act, an act of war, or an act of terrorism. Three assumptions dominate current thinking: attribution is a technical problem; it is unsolvable; and it is unique. Approaching attribution as a problem forces us to consider it either as solved or unsolved. Yet attribution is far more nuanced, and is best approached as a process in constant flux, driven by judicial and political pressures. In the criminal context, courts must assess the guilt of criminals, mainly based on technical evidence. In the national security context, decision-makers must analyse unreliable and mainly non-technical information in order to identify an enemy of the state. Attribution in both contexts is p
