Advanced search
Publication Cover
Contemporary Security Policy Volume 41, 2020 - Issue 1: Special issue: Cyber Security Politics
Submit an article Journal homepage
10,283
Views
30
CrossRef citations to date
0
Altmetric
Articles

Contested public attributions of cyber incidents and the role of academia

Florian J. EgloffCenter for Security Studies, ETH Zürich, Zürich, Switzerland;Centre for Technology & Global Affairs, Department of Politics and International Relations, University of Oxford, Oxford, UKCorrespondence[email protected]
ORCID Iconhttps://orcid.org/0000-0002-0290-667X
ORCID Icon
Pages 55-81 | Published online: 12 Oct 2019

References list

  • Alperovitch, D. (2014, December 19). How should the U.S. government respond to North Korea’s attack on Sony? PBS News Hour Web page. Retrieved from https://perma.cc/VD29-FA4K
  • Baum, M. A., & Groeling, T. (2010). Reality asserts itself: Public opinion on Iraq and the elasticity of reality. International Organization, 64, 443–479. doi: 10.1017/S0020818310000172
  • Bennet, B. W. (2014, December 11). Did North Korea Hack Sony? The RAND Blog. Retrieved from https://perma.cc/8GAW-7246
  • Bennett, W. L., Lawrence, R. G., & Livingston, S. (2006). None dare call it torture: Indexing and the limits of press independence in the Abu Ghraib Scandal. Journal of Communication, 56, 467–485. doi: 10.1111/j.1460-2466.2006.00296.x
  • Bennett, W. L., Lawrence, R. G., & Livingston, S. (2007). When the press fails: Political power and the news media from Iraq to Katrina. Chicago, IL: University of Chicago Press.
  • Best, E. (2019, March 20). Leaker, Liar, Hacker, Hoaxer: The Russian contractor who infiltrated anonymous. Emma Best Blog. Retrieved from https://perma.cc/NM3P-NQNM
  • Biddle, S. (2014, December 31). Researcher: Sony hack was likely an inside job by a woman named “Lena”. Gawker Web page. Retrieved from https://perma.cc/FME5-QN2X
  • Boebert, W. E. (2010). A survey of challenges in attribution. In N. R. Council (Ed.), Proceedings of a workshop on deterring cyberattacks: Informing strategies and developing options for U.S. Policy (pp. 41–52). Washington, DC: The National Academies Press.
  • Brewster, T. (2017, July 3). NotPetya Ransomware Hackers ‘Took Down Ukraine Power Grid’. Forbes Web page. Retrieved from https://perma.cc/T9ED-4MRF
  • Center for Security Studies. (n.d.). The Politics of Public Attribution. Center for Security Studies Webpage. Retrieved from https://perma.cc/2CU3-T3YH
  • Cherepanov, A. (2017, June 30). TeleBots are back: Supply-chain attacks against Ukraine. Welivesecurity Web page. Retrieved from https://perma.cc/97MG-N9PR
  • Clark, D. D., & Landau, S. (2010). Untangling attribution. In N. R. Council (Ed.), Proceedings of a workshop on deterring cyberattacks: Informing strategies and developing options for U.S. Policy (pp. 25–40). Washington, DC: The National Academies Press.
  • Collier, K. (2018, September 7). The indictment of North Korea for the Sony hack shows how cybersecurity has evolved. BuzzFeed News Web page. Retrieved from https://perma.cc/64PB-46R4
  • Comey, J. B. (2015, January). Addressing the Cyber Security Threat. Remarks delivered at the International Conference on Cyber Security at Fordham University, New York City, NY.
  • Cormac, R., & Aldrich, R. J. (2018). Grey is the new black: Covert action and implausible deniability. International Affairs, 94, 477–494. doi: 10.1093/ia/iiy067
  • Deibert, R. J. (2017, January 4). The DHS/FBI Report on Russian hacking was a predictable failure. JustSecurity. Retrieved from https://perma.cc/XSL2-4FFZ
  • Demchak, C. C., & Shavitt, Y. (2018). China’s maxim – leave no access point unexploited: The hidden story of China Telecom’s BGP Hijacking. Military Cyber Affairs, 3(1), 1–9. doi: 10.5038/2378-0789.3.1.1050
  • Dryzek, J. (2002). Deliberative democracy and beyond: Liberals, critics, contestations. Oxford: Oxford University Press.
  • Dunn Cavelty, M. (2008). Cyber-security and threat politics: U.S. Efforts to secure the information Age. London: Routledge.
  • Dunn Cavelty, M., & Egloff, F. J. (2019). The politics of cybersecurity: Balancing different roles of the state. St Antony’s International Review, 15(1), 37–57.
  • Egan, B. J. (2017). International Law and stability in cyberspace. Berkeley Journal of International Law, 35, 169–180. doi: 10.15779/Z38CC0TT2C
  • Egloff, F. J. (2017). Cybersecurity and the age of privateering. In G. Perkovich, & A. Levite (Eds.), Understanding cyberconflict: Fourteen analogies (pp. 231–247). Washington, DC: Georgetown University Press.
  • Egloff, F. J. (2018). Cybersecurity and non-state actors: A historical analogy with mercantile companies, privateers, and pirates (Doctoral dissertation). University of Oxford, Oxford.
  • Egloff, F. J., & Wenger, A. (2019). Public attribution of cyber incidents. CSS Analyses in Security Policy, 244, 1–4. doi: 10.3929/ethz-b-000340841
  • Eichensehr, K. E. (2019). Decentralized Cyberattack attribution. AJIL Unbound, 113, 213–217. doi: 10.1017/aju.2019.33
  • Eichensehr, K. E. (forthcoming 2020). The Law & politics of Cyberattack attribution. UCLA Law Review, 67.
  • FBI. (2014, December 19). Update on Sony investigation. Press Release Web page FBI. Retrieved from https://perma.cc/Z745-YR3S
  • Feinstein, D., & Schiff, A. (2016, September 22). Feinstein, Schiff statement on Russian hacking. Senator Dianne Feinstein’s Web page. Retrieved from https://perma.cc/DF4G-44EN
  • Finnemore, M., & Hollis, D. B. (2017). Constructing norms for global cybersecurity. American Journal of International Law, 110, 425–479. doi: 10.1017/S0002930000016894
  • Finnemore, M., & Hollis, D. B. (2019). Beyond naming and shaming: Accusations and international Law in cybersecurity. Temple University Legal Studies Research Paper, 14, 1–31.
  • FoxNews Sunday. (2016, December 11). Chris Wallace Hosts FoxNews Sunday. Interview with President-Elect Donald Trump. YouTube Web page. Retrieved from https://www.youtube.com/watch?v=MKWt6D0V6yk
  • Gallagher, S. (2014, December 8). Sony pictures attackers demand: ‘Stop the Terrorist Film!’. ars Technica Web page. Retrieved from https://perma.cc/T2BL-QVRD
  • Gioe, D. V. (2018). Cyber operations and useful fools: The approach of Russian hybrid intelligence. Intelligence and National Security, 33(7), 1–20. doi: 10.1080/02684527.2018.1479345
  • GovCERT.ch. (2016). APT Case Ruag – Technical Report. MELANI: GovCERT Publication Online. Retrieved from https://perma.cc/2XKP-4FAX
  • Graham, R. (2014, December 19). The FBI’s North Korea evidence is nonsense. Errata Security Blog. Retrieved from https://perma.cc/F2ZV-JZXP
  • Grindal, K., Kuerbis, B., Badiei, F., & Mueller, M. (2018). Is it time to institutionalize cyber-attribution? Georgia Tech Online Publication. Retrieved from https://perma.cc/6AZ8-LLVB
  • Guitton, C. (2014). Achieving attribution (Doctoral dissertation). King’s College London, London.
  • Kaspersky Blog. (2017, June 30). From BlackEnergy to ExPetr. Kaspersky Blog. Retrieved from https://perma.cc/W7L5-8K22
  • KCNAWatch. (2014, December 7). Spokesman of policy Department of NDC Blasts S. Korean authorities’ false rumor about DPRK. KCNAWatch. Retrieved from https://perma.cc/52LQ-A9NQ
  • Keeley, B. L. (1999). Of conspiracy theories. Journal of Philosophy, 96(3), 109–126. doi: 10.2307/2564659
  • Kello, L. (2013). The meaning of the cyber revolution: Perils to theory and statecraft. International Security, 38(2), 7–40. doi: 10.1162/ISEC_a_00138
  • Kopan, T. (2016a, June 21). DNC hack: What you need to know. CNN Web page. Retrieved from https://perma.cc/WR76-QQQF
  • Kopan, T. (2016b, September 28). Is Trump right? Could a 400-pound couch potato have hacked the DNC? CNN Web page. Retrieved from https://perma.cc/ZWV3-LTRN
  • Krebs, B. (2014, December 23). The case for N. Korea’s role in Sony hack. Krebs on Security Blog. Retrieved from https://perma.cc/Z96T-ZVAP
  • Lawrence, P. (2017, August 9). A new report raises big questions about last year’s DNC hack. The Nation Web page. Retrieved from https://perma.cc/53HA-H4LE
  • Lindsay, J. R. (2015). Tipping the scales: The attribution problem and the feasibility of deterrence against cyberattack. Journal of Cybersecurity, 1, 53–67. doi: 10.1093/cybsec/tyv003
  • Lukashevich, A. (2014, December 25). Briefing by Foreign Ministry Spokesman Alexander Lukashevich, 25 December 2014. The Ministry of Foreign Affairs of the Russian Federation Web page. Retrieved from https://perma.cc/7DBQ-4XDS
  • Lupovici, A. (2016). The “attribution problem” and the social construction of “violence”: Taking cyber deterrence literature a step forward. International Studies Perspectives, 17, 322–342. doi: 10.1111/insp.12082
  • Marchese, D. (2018). In conversation: Seth Rogen. New York (Vulture). Retrieved from https://perma.cc/ZG9W-K6BY
  • Maschmeyer, L. (2019). Blind spots – Tracking targeted threats to civil society in reporting by the Infosec industry. Tech & Policy Initiative, Working Paper Series, 1(2), 58–90.
  • Miller, G., Nakashima, E., & Entous, A. (2017, June 23). Obama’s secret struggle to punish Russia for Putin’s Election Assault. The Washington Post Web page. Retrieved from https://perma.cc/PAS9-RBS8
  • Morgan, P. M. (2010). Applicability of traditional deterrence concepts and theory to the cyber realm. In N. R. Council (Ed.), Proceedings of a Workshop on deterring cyberattacks: Informing strategies and developing options for U.S. Policy (pp. 55–76). Washington, DC: The National Academies Press.
  • Mueller, RS, III. (2019). Report on the investigation into Russian interference in the 2016 presidential election (2 vols). Washington, DC: U.S. Department of Justice.
  • Muirhead, R., & Rosenblum, N. L. (2019). A lot of people Are saying: the new conspiracism and the assault on democracy. Princeton, NJ: Princeton University Press.
  • Nakashima, E. (2016, June 20). Cyber researchers confirm Russian government hack of Democratic National Committee. The Washington Post Web page. Retrieved from https://perma.cc/5D48-N2UM
  • Nincic, M. (2003). Information warfare and democratic accountability. Contemporary Security Policy, 24, 140–160. doi: 10.1080/13523260312331271849
  • Nothaft, H., Pamment, J., Agardh-Twetman, H., & Fjällhed, A. (2018). Information influence in Western democracies: A model of systemic vulnerabilities. In C. Bjola, & J. Pamment (Eds.), Countering online propaganda and extremism: The dark side of digital diplomacy (pp. 352–366). London: Routledge.
  • Nye, J. S. (2017). Deterrence and dissuasion in cyberspace. International Security, 41(3), 44–71. doi: 10.1162/ISEC_a_00266
  • Obama, B. H. (2014, December 19). Remarks by the President in year-end press conference [Transcript]. Obama White House Web page. Retrieved from https://perma.cc/AQ6V-MEXN
  • Office of the Coordinator for Cyber Issues. (2018, May 31). Recommendations to the President on deterring adversaries and better protecting the American people from cyber threats. Publication U.S. Department of State Web page. Retrieved from https://perma.cc/A8UG-QEXN
  • Office of the Director of National Intelligence (ODNI). (2017). Background to “Assessing Russian activities and intentions in recent US elections”: The analytic process and cyber incident attribution. U.S. Office of the Director of National Intelligence Publication. Retrieved from https://perma.cc/29XQ-UYQM
  • Office of the Director of National Intelligence (ODNI). (2018). “A guide to cyber attribution”. U.S. Office of the Director of National Intelligence Publication. Retrieved from https://perma.cc/9UJL-72BG
  • Pearson, J. (2015, February 4). Infamous hacker ‘Yama Tough’ says Russians hacked Sony. Motherboard Web page. Retrieved from https://perma.cc/F4HW-XH79
  • Perera, D. (2014, December 16). DHS: No credible threat to Sony movie launch. Politico Web page. Retrieved from https://perma.cc/RTU6-JYZZ
  • Poznansky, M., & Perkoski, E. (2018). Rethinking secrecy in cyberspace: The politics of voluntary attribution. Journal of Global Security Studies, 3, 402–416. doi: 10.1093/jogss/ogy022
  • Ramsay, G., & Robertshaw, S. (2018). Weaponising news: RT, sputnik and targeted disinformation. London: King’s College London.
  • Rid, T. (2016a, July 25). All signs point to Russia being behind the DNC hack. Motherboard Web page. Retrieved from https://perma.cc/L322-ZWWK
  • Rid, T. (2016b, October 20). How Russia pulled off the biggest election hack in U.S. History, Esquire Web page. Retrieved from https://perma.cc/SCQ4-PL67
  • Rid, T. (2017). Disinformation: A primer in Russian active measures and influence campaigns. U.S. Senate Select Committee on Intelligence Web page. Retrieved from https://perma.cc/3FA6-22XWPL67
  • Rid, T., & Buchanan, B. (2015). Attributing cyber attacks. Journal of Strategic Studies, 38, 4–37. doi: 10.1080/01402390.2014.977382
  • Rogers, M. (2014a, December 21). Why I *still* don’t think it’s likely that North Korea hacked Sony. Marc’s Security Ramblings Blog. Retrieved from https://perma.cc/DG6Z-2ZE9
  • Rogers, M. (2014b, December 24). Fooled again. No, North Korea didn’t hack Sony. Daily Beast Web page. Retrieved from https://perma.cc/SH3W-K5MB
  • RT. (2016, June 16). ‘Guccifer 2.0’ releases hacked DNC docs revealing mega donors, Clinton collusion. RT Web page. Retrieved from https://perma.cc/ADD5-E77W
  • Russian Embassy in the USA [RusEmbUSA]. (2018, February 15). #Peskov on allegations that pin NotPetya cyber attack on @Russia: We categorically reject such accusations, we consider them unsubstantiated, groundless. This is nothing more than the continuation of the Russophobic campaign lacking any evidence 7/2017 → http://tass.com/politics/955000. Twitter Post. Retrieved from https://perma.cc/MNK5-JTZP
  • Satter, R. (2019, January 26). Undercover agents target cybersecurity watchdog. Associated Press Web page. Retrieved from https://perma.cc/L3SL-4M2V
  • SBU. (2017, July 1). SBU establishes involvement of the RF special services into Petya. A virus-extorter attack. SBU Web page. Retrieved from https://perma.cc/HE27-EQBD
  • Schneier, B. (2014, December 24). Did North Korea Really Attack Sony?. Schneier on Security Blog. Retrieved from https://perma.cc/Y43F-B92L
  • Schulzke, M. (2018). The politics of attributing blame for cyberattacks and the costs of uncertainty. Perspectives on Politics, 16, 954–968. doi: 10.1017/S153759271800110X
  • Seal, M. (2015, February 4). An exclusive look at Sony’s hacking saga. vanity fair web page. Retrieved from https://perma.cc/9ZKF-BJDF
  • SecureWorks. (2016, June 16). Russian threat group targets Clinton campaign. SecureWorks Blog. Retrieved from https://perma.cc/HWQ7-MPDF
  • Shahani, A. (2014, December 26). Doubts persist on U.S. claim of North Korean role in Sony hack. NPR Web page. Retrieved from https://perma.cc/FN56-7EK2
  • Solomon, H. (2018, 18 May). RightsCon report: Universities should form cyber attribution network. IT World Canada Web page. Retrieved from https://perma.cc/226K-LL4E
  • Stevens, C. (2020). Assembling cybersecurity: The politics and materiality of technical malware reports and the case of Stuxnet. Contemporary Security Policy, 41, 129–152. doi: 10.1080/13523260.2019.1675258
  • Stone, D. A. (1989). Causal stories and the formation of policy agendas. Political Science Quarterly, 104, 281–300. doi: 10.2307/2151585
  • Taia Global. (2014, December 24). Taia global linguists establish nationality of Sony hackers as Russian, not Korean. Webarchive Web page. Retrieved from https://perma.cc/YT3M-RPER
  • Taia Global. (2015). The Sony Breach: From Russia, No Love. Webarchive Web page. Retrieved from https://perma.cc/WG8R-ZCJM
  • ThreatConnect. (2016, June 17). Rebooting Watergate: Tapping into the Democratic National Committee. ThreatConnect Web page. Retrieved from https://perma.cc/7WLC-8ZN3
  • United Kingdom of Great Britain and Northern Ireland, Foreign and Commonwealth Office. (n.d.). UK’s approach to the attribution of cyber incidents. Personal copy.
  • United States Department of Homeland Security & Director of National Intelligence. (2016, October 7). Joint Statement from the Department of Homeland Security and Office of the Director of National Intelligence on Election Security. Homeland Security Web page. Retrieved from https://perma.cc/L5UT-QX6X
  • United States Department of Homeland Security & Federal Bureau of Investigations. (2014, December 24). November 2014 Cyber Intrusion on USPER I and Related Threats. First Look Media Web page. Retrieved from https://perma.cc/X6YN-XY26
  • United States of America v. Netyksho et al., No. 1:18-cr-215. (2018). United States District Court, Western District of Washington. Retrieved from https://perma.cc/V6CP-LJMB
  • United States of America v. Park Jin Hyok, No. MJ18-1479. (2018). United States District Court, Central District of California. Retrieved from https://perma.cc/SQA4-DUXR
  • United States Office of the Inspector General. (2018, June). A review of various actions by the Federal Bureau of Investigation and Department of Justice in Advance of the 2016 Election. U.S. Department of Justice Publication. Retrieved from https://perma.cc/8EVS-P9BF
  • Valeriano, B., & Maness, R. C. (2014). The dynamics of cyber conflict between rival antagonists, 2001–11. Journal of Peace Research, 51, 347–360. doi: 10.1177/0022343313518940
  • Visschers, V. H., & Siegrist, M. (2008). Exploring the triangular relationship between trust, affect, and risk perception: A review of the literature. Risk Management, 10(3), 156–167. doi: 10.1057/rm.2008.1
  • Weaver, N. (2014, December 18). Why it’s possible North Korea was behind the Sony hack. Mashable Web page. Retrieved from https://perma.cc/F3BD-TSZE
  • White House. (2014, December 18). Press briefing by the Press Secretary Josh Earnest. Obama White House Web page. Retrieved from https://perma.cc/JS4N-JTYL
  • Wright, J. (2018, May 23). Cyber and International Law in the 21st century. Gov.UK Web page. Retrieved from https://perma.cc/UTT9-NKPB
  • Zetter, K. (2014, December 17). The evidence that North Korea hacked Sony is flimsy. Wired Web page. Retrieved from https://perma.cc/JMG6-FQA4
  • Zetter, K. (2015, January 8). Critics say new evidence linking North Korea to the Sony hack is still flimsy. Wired Web page. Retrieved from https://perma.cc/F8W2-ZLA

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.