Public attributions of cyber incidents by governments and private industry have become prevalent in recent years. This article argues that they display a skewed version of cyber conflict for several operational and structural reasons, including political, commercial, and legal constraints. In addition, public attribution of cyber incidents takes place in a heavily contested information environment, creating fractured narratives of a shared past. The article uses three cyber incidents (Sony Pictures, DNC, and NotPetya) to show how actors cope with this contested information environment and proposes a changed role of academia to address some of the problems that emerge. To become competent in contesting public attribution discourses, universities would have to work more across physical, disciplinary, and academic boundaries. The main implications for democracies are to be more transparent about how attribution is performed, enable other civilian actors to study cyber conflict, and thereby broaden the discourse on cybersecurity politics.
Attribution is central to the debate on how to respond to cyber intrusions. The policy challenge is increasingly moving from identifying who is behind a cyber intrusion to finding the adequate policy response, including whether to publicly attribute. The article examines the use of public attribution as a political strategy for attaining specific political effects beyond the dyadic attacker–victim relationship, including shaping the operational and normative environment of cyber operations, with the potential to exert an independent deterrent effect. My analysis unfolds in three parts. The first part introduces two core concepts—sense-making and meaning-making—to capture different parts of the attribution process. I then introduce a theoretical understanding of public attribution drawing on the literature on revealing covert activity and argue that public attribution can serve the function of defining a particular interaction order, i.e. shape the rules of the ‘game’. In part two and three I discuss two empirical examples of both concepts. I bring to the fore three observations: First, some states have shifted their policy responses from dealing with individual cyber intrusions to responding in a broader political framework of relations with a specific adversary leading to campaign-like responses. Second, the political decision whether to attribute publicly is not only a signal to the adversary, but also aims at shaping the future political and normative operational environment. Third, such norm shaping has the potential to exert an independent—though limited—deterrent effect, particularly on potential adversaries. The analysis demonstrates the importance of the meaning-making process to understanding the politics of attribution and the rewards of theoretically integrating it into the politics of secrecy and exposure of covert activities of states.
What does the global telecommunications company Huawei, a hacking-for-hire outfit in India, and Russian cyber criminals have in common? They all share a special relationship to the state, which significantly shapes the politics of cyber(in-)security. The relationships between these actors and states are complex and constantly evolving, yet not well understood. Semi-State Actors in Cybersecurity provides an insightful theoretical and empirical analysis of the political challenges raised through the interaction between such semi-state actors and states. The book uses a historical analogy to pirates, privateers, and mercantile companies to uncover the political constitution and interaction of cybercrime, state-sponsored hackers, and large technology companies. Drawing on historical archival sources and innovative theory, it identifies the parallels between today’s cyber(in-)security and the historical quest for gold and glory on the high seas during the 16th–19th centuries. The book explains what the co-presence of semi-state actors means for national and international security and shows that the proximity to the state in these relationships is a key determinant of cyber(in-)security. Through so doing, it clarifies how semi-state actors were historically and contemporarily linked to understandings of statehood, sovereignty, and the legitimacy of the state. Semi-State Actors in Cybersecurity offers insights with regard to the political use of state proximity by attackers and defenders, state collaboration with cyber criminals, and the cooperative and conflictive relations of large technology companies to the state. This offers a fresh perspective for understanding the international politics of cyber(in-)security.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.