2020
DOI: 10.1093/ejil/chaa057
|View full text |Cite
|
Sign up to set email alerts
|

Cyber Attribution: Technical and Legal Approaches and Challenges

Abstract: Considering the role of attribution in the law of state responsibility, this article examines the technical and international law methodologies and determinants used when attributing malicious cyber activities falling below the use-of-force threshold to a state, and identifies the challenges that arise which lead to responsibility gaps. The article goes on to discuss a number of proposals that aim to improve the effectiveness of the attribution process and also close some of the existing responsibility gaps. T… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

1
8
0

Year Published

2020
2020
2024
2024

Publication Types

Select...
7
2

Relationship

0
9

Authors

Journals

citations
Cited by 15 publications
(9 citation statements)
references
References 4 publications
1
8
0
Order By: Relevance
“…To overcome this problem, part of the literature promotes attribution by non-State actors, 44 while other commentators support the setting up of a centralised international attribution mechanism, 45 though difficult to implement in the short run, 46 or propose a revision of the attribution determinants as stated by Article 8 of the International Law Commission (ILC) Draft Articles. 47 This kind of solution is in line with other proposals to internationalise the process of attribution, as those made by Microsoft 48 and RAND. 49 Hence, any of the mentioned ways forward entail the development of new rules of international law on this topic.…”
Section: A) Attribution: Rules and Problemssupporting
confidence: 72%
“…To overcome this problem, part of the literature promotes attribution by non-State actors, 44 while other commentators support the setting up of a centralised international attribution mechanism, 45 though difficult to implement in the short run, 46 or propose a revision of the attribution determinants as stated by Article 8 of the International Law Commission (ILC) Draft Articles. 47 This kind of solution is in line with other proposals to internationalise the process of attribution, as those made by Microsoft 48 and RAND. 49 Hence, any of the mentioned ways forward entail the development of new rules of international law on this topic.…”
Section: A) Attribution: Rules and Problemssupporting
confidence: 72%
“…Attribution is the key to legal proceedings, as without it there are far fewer ways to achieve accountability for individuals or nation states [24]. Attribution of cyber attacks is what legitimizes counter-action by a nation-state [19].…”
Section: Previous Work On Attributionmentioning
confidence: 99%
“…[26] Legal standards for attributions do not take into account the subtle relationships between state and non-state actors, and the commonality of state actors' hiding behind the veil of non-state actors' actions for plausible deniability. [24] Some claim that the only successful attribution approach is one that is holistic and interdisciplinary. Thus, an official law of attribution should be in place, with proper forum, adjudication, and key procedural rules to evaluate potential perpetrators [27].…”
Section: Previous Work On Attributionmentioning
confidence: 99%
“…Cybercrime continues unabatedly and is unlikely to cease. Simply put, cybercrime is too simple to conduct, too profitable to achieve more in less effort and time, and there are too few chances to get caught and get punished [1]. The most technologically adept information technology or tech businesses are on par with high-end cybercriminals in terms of sophistication, and both have embraced latest and sophisticated technologies like cloud computing, artificial intelligence, software-as-a-service, and encryption rapidly [2] [3].…”
Section: Introductionmentioning
confidence: 99%