Tipping the scales: the attribution problem and the feasibility of deterrence against cyberattack

Lindsay, Jon R.

doi:10.1093/cybsec/tyv003

Cited by 75 publications

(45 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…There are significant challenges in assessing possible threats and in keeping such assessments accurate, given advances in technologies and in their uses, such as the evolving "dark net" (Fachkha & Debbabi, 2016;Lacson & Jones, 2016), and the growing offensive capabilities of a few countries and of groups of individuals, including terrorists (Liff, 2012;Lindsay, 2015), plus a great many everyday cybercriminals (Akamai, 2016;Cisco, 2017). South Africa has been the country most often attacked in Africa (Wolfpack, 2013;TMG Digital, 2016;Van Heerden, Von Soms, & Mooi, 2016), with an estimated cost in 2014 of ZAR5.8 billion (Fripp, 2014).…”

Section: Governance Of Cybersecurity -The Case Of South Africamentioning

confidence: 99%

Governance of Cybersecurity - The Case of South Africa

Sutherland¹

2017

Afr. j. inf. commun. (Online)

View full text Add to dashboard Cite

Cybersecurity is a growing concern for governments, with the push for universal access to the Internet, the increasing ubiquity of social networks and the growing reliance on digital government service, and given a growing range of threats from foreign powers, terrorists and criminals. These complex issues span all government ministries, their agencies and contractors, plus provincial and municipal government, and require the state to create legal frameworks and agencies to protect data and offer advice to businesses and citizens, plus ensuring a sufficient supply of skilled technicians and engineers. In the case of South Africa, its government responded in 2015 with a National Cybersecurity Policy Framework (NCPF), with implementation led by the Ministry of State Security. The Protection of Personal Information (POPI) Act of 2013 created the Information Regulator to ensure data privacy. The POPI regime is only being implemented slowly and has overly wide exemptions for national security. South Africa lags behind advanced economies in cybersecurity legislation, in government coordination, in engagement with business and citizens, and in the supply of skilled labour. Delays have meant it lacks the experiences obtained in faster moving countries, and the improvements they have made to their policies and, especially, implementation. Parliament has neither pressed the government for faster action nor explored areas where powers might have been taken that infringe human rights.

show abstract

Section: Governance Of Cybersecurity -The Case Of South Africamentioning

confidence: 99%

Governance of Cybersecurity - The Case of South Africa

Sutherland¹

2017

Afr. j. inf. commun. (Online)

View full text Add to dashboard Cite

show abstract

“…Attribution from an economic perspective was studied by ref. 33, concluding that deterrence is effective for high-value targets and that denial and defense are a wiser investment for lower-value targets. This work provides a formal model that includes both technical and nontechnical aspects of cyber attribution.…”

Section: Significancementioning

confidence: 99%

Strategic aspects of cyberattack, attribution, and blame

Edwards

Furnas

Forrest

et al. 2017

Proc. Natl. Acad. Sci. U.S.A.

View full text Add to dashboard Cite

Cyber conflict is now a common and potentially dangerous occurrence. The target typically faces a strategic choice based on its ability to attribute the attack to a specific perpetrator and whether it has a viable punishment at its disposal. We present a game-theoretic model, in which the best strategic choice for the victim depends on the vulnerability of the attacker, the knowledge level of the victim, payoffs for different outcomes, and the beliefs of each player about their opponent. The resulting blame game allows analysis of four policy-relevant questions: the conditions under which peace (i.e., no attacks) is stable, when attacks should be tolerated, the consequences of asymmetric technical attribution capabilities, and when a mischievous third party or an accident can undermine peace. Numerous historical examples illustrate how the theory applies to cases of cyber or kinetic conflict involving the United States,

show abstract

“…First, as Sheldon observes, Battacks in cyberspace occur at great speed…putting defenses under immense pressure, as an attacker has to be successful only once, whereas the defender has to be successful all of the time^ (Sheldon 2011, 98). Second, the prospect of launching attacks with relative anonymity (and therefore impunity) lowers the expected cost of offensive strategies in cyberspace (see Sheldon 2011, 98;Lindsay 2015). Third, physical distance is relatively inconsequential in the virtual world.…”

Section: The Cult Of the (Cyber) Offensivementioning

confidence: 99%

“…An important aspect of an effective ICWC would therefore be to institute some form of collective mechanism to facilitate faster and more reliable attribution of cyberattacks. As already discussed, whereas pessimism has long reigned regarding attribution in cyberspace, many experts now take the view that-given adequate time and resources-reliable attribution of cyber-attacks is generally possible, at least when it comes to large-scale attacks against critical infrastructure (for an insightful discussion, see Lindsay 2015). Nevertheless, reliable attribution is both time consuming and costly.…”

Section: Collective Attributionmentioning

confidence: 99%

Why the World Needs an International Cyberwar Convention

Eilstrup-Sangiovanni

2017

Philos. Technol.

View full text Add to dashboard Cite

States' capacity for using modern information and communication technology to inflict grave harm on enemies has been amply demonstrated in recent years, with many countries reporting large-scale cyberattacks against their military defense systems, water supply, and other critical infrastructure. Currently, no agreed-upon international rules or norms exist to govern international conflict in cyberspace. Many governments prefer to keep it that way. They argue that difficulties of verifiability and challenges posed by rapid technological change rule out agreement on an international cyber convention. Instead, they prefer to rely on informal cooperation and strategic deterrence to limit direct conflict. In this article, I seek to rebut some of the main objections to seeking an international convention on the use of cyber weapons. While there are significant obstacles to achieving effective arms control in the cyber domain, historical experience from other areas of international arms control suggests that none of these obstacles are insurmountable. Furthermore, while most critics of cyberarms control assume that cyberspace favors offensive strategies, closer inspection reveals the dominance of cyber-defensive strategies. This in turn improves prospects for striking an effective international agreement on cyberarms control.

show abstract

Tipping the scales: the attribution problem and the feasibility of deterrence against cyberattack

Cited by 75 publications

References 46 publications

Governance of Cybersecurity - The Case of South Africa

Governance of Cybersecurity - The Case of South Africa

Strategic aspects of cyberattack, attribution, and blame

Why the World Needs an International Cyberwar Convention

Contact Info

Product

Resources

About