Assessing Attribution and Credible Deterrence in Cyberspace
DOI:
https://doi.org/10.61732/bj.v3i1.87Keywords:
Deterrence, Cyberspace, Attribution, Cyber SecurityAbstract
This study examines the issues that states face in discerning actors within the realm of cyberspace, characterizing these challenges as akin to navigating the unregulated landscape. Lack of an effective attribution mechanism and a credible deterrence framework have significantly contributed to the volatility in cyber domain in contemporary times. This paper argues that states often accuse their adversaries of orchestrating cyber-attacks against them, yet they frequently fail to provide substantial evidence because actors behind attacks in cyberspace leverage the inherent anonymity of cyberspace to evade accountability, complicating the process of attribution even further. In addition, this study also underscores the importance of establishing an effective mechanism of deterrence in cyberspace to dissuade the attacking actors from engaging in malicious cyber activities. In line with this, this paper looks at the cyber space activities through novel perspective of no biasness, without subjectivity and tends to offer the answers of why attribution is problem, is there any possible solution to it in practice. Therefore, this study aims to highlight the ways to attribute the cyber-attacks and highlight the challenges to attribution, especially in the current scenario of states sponsoring indirectly cyber-attacks against many other states by outsourcing their aggressive designs in cyberspace to non-state actors.
Downloads
References
Fiona S. Cunningham, "Accommodative Signaling in Cyberspace and the Role of Risk." Security Studies 31, no. 4 (2022): 764-771.
Reuters, Five killed in Iran during protests over death in custody - rights group.September 20, 2022. Available at: https://www.reuters.com/world/middle-east/iranian-police-calls-death-mahsa-amini-an-unfortunate-incident-fars-2022-09-19/
Heather Kelly, CNN. 83 Million Facebook accounts are fakes and dupes.https://edition.cnn.com/2012/08/02/tech/social-media/facebook-fakeaccounts/index.html
Charles L. Glaser. Deterrence of Cyber Attacks and U.S. National Security Report GW-CSPRI-2011-5 June 1, 2011.
Tughral Yamin. Cyberspace Management in Pakistan In Governance and Management Review (GMR) Vol.3, No. 1, January-June 2018.
Eric F. Mejia. Act and Actor Attribution in Cyberspace: A Proposed Analytic Framework. Strategic Studies Quarterly, Vol. 8, No. 1 (SPRING 2014).
Akbar Khan, "Deterrence and the Problem of Attribution in Cyberspace: An Analysis of Vulnerabilities and Options for Pakistan." BTTN Journal 1, no. 2 (2022): 1-19; Ayaz Hussain Abbasi. Pakistan Needs A Cyber Army To Counter Emerging Risks. The Friday Times January 2022.
Dennis Broeders, Els De Busser, and Patryk Pawlak. "Three tales of attribution in cyberspace: Criminal law, international law and policy debates." The Hague Program for Cyber Norms Policy Brief (2020).
Hunt R, Zeadally S. Network forensics: an analysis of techniques, tools, and trends. Computer 2012; 45(12):37–43.
Evgeni Moyakine, "Pulling the strings in cyberspace: Legal attribution of cyber operations based on state control." In Closing the Gap 2022: Responsibility in Cyberspace: Narratives and Practice, pp. 200-218. Publications Office of the European Union, 2023.
BBC 2014, Target data theft affected 70 million customers, for details see, (https://www.bbc.com/news/technology-25681013.
Attribution in Cyberspace: Tecniques and legal Implications:SCN-SI-o88 https://www.researchgate.net/publication/301705275_Attribution_in_cyberspace_techniques_and_legal_implica tions_SCN-SI-088
Carr C, Reith M, Gunsch G. An examination of digital forensic models. International Journal of Digital Evidence 2002; 1(3):1–12.
Josh Fruhlinger Stuxnet explained: The first known cyberweapon; Aug 31, 2022. Available at: https://www.csoonline.com/article/562691/stuxnetexplained-the-first-known-cyberweapon.html.
Irani D, Balduzzi M, Balzarotti D, Kirda E, Pu C. Reverse social engineering attacks in online social networks. In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer: Berlin Heidelberg, 2011.
Layton R, Watters P. Indirect Attribution in Cyberspace Handbook of Research on Digital Crime. IGI Global, 2014
Hunt R, Zeadally S. Network forensics: an analysis of techniques, tools, and trends. Computer 2012; 45(12): 36–43.
Irani D, Balduzzi M, Balzarotti D, Kirda E, Pu C. Reverse social engineering attacks in online social networks. In Detection of Intrusions and Malware, and Vulnerability Assessment. Springer: Berlin Heidelberg, 2011.
Layton R, Watters P. Indirect Attribution in Cyberspace Handbook of Research on Digital Crime. IGI Global, 2014.
Angelyn Flowers, Jawwad Shamsi Attribution in Cyberspace: Techniques and legal Implications: SCN-SI-o88.
Anushka Kaushik. Attribution in Cyberspace: Beyond the “Whodunit”. Published in Globsec May 2018.
Ahmad Khan. Addressing Cyber Vulnerabilities through Deterrence. Vol. 11 No. 1 (2022): Journal of Contemporary Studies Vol Xi, No 1, Summer 2022, NDU Islamabad
Reith M, Carr C, Gunsch G. An examination of digital forensic models. International Journal of Digital Evidence 2002; 1(3): 1–12.
BBC Report. Target Data Theft affected 7- Million customers.https://www.bbc.com/news/ technology-25681013.
Boebert W. A survey of challenges in attribution. In US National Academy of Sciences. Proceedings of a Workshop on Deterring Cyber Attacks: Informing Strategies and Developing Options for U.S. Policy, 2010; 41-54.
Lupovici, Amir. "Deterrence through inflicting costs: Between deterrence by punishment and deterrence by denial." International Studies Review 25, no. 3 (2023): viad036.
Borghard, Erica D., and Shawn W. Lonergan. "Deterrence by denial in cyberspace." Journal of Strategic Studies 46, no. 3 (2023): 534-569.
Lonergan, Erica D., and Jacquelyn Schneider. "The Power of Beliefs in US Cyber Strategy: The Evolving Role of Deterrence, Norms, and Escalation." Journal of Cybersecurity 9, no. 1 (2023): tyad006.
Timothy M. McKenzie Colonel, USAF. Is Cyber Deterrence Possible? CPP–4 Air University Press Air Force Research Institute Maxwell Air Force Base, Alabama, January 2017.
William Banks. Cyber Attribution and State Responsibility. Published by the Stockton Center for International Law in Volume 97 of 2021.
Erica and Lonergan. “Deterrence by denial in cyberspace.” (2023)
Smith Iii, Frank L. "Integrating deterrence into defence science and technology cooperation." (2023).
Mickelberg K, Pollard N, Schive L. US cybercrime: rising risks, reduced readiness key findings from the 2014 US State of Cybercrime Survey. US Secret Service, National Threat Assessment Center. Pricewaterhousecoopers, 2014.
Mariarosaria Taddeo. How to deter in Cyberspace. Article published in strategic Analysis June-July 2018 Journal of Hybrid CoE.
Published
How to Cite
Issue
Section
License
Copyright (c) 2024 Muhammad Imtiaz Sabir
This work is licensed under a Creative Commons Attribution 4.0 International License.
All articles are permanently available online to the public without restrictions or subscription fees. All articles are free to be used, cited, and distributed, on condition that appropriate acknowledgement is included. Authors are the copyright holders of their original contributions. The published article is simultaneously licensed under a Creative Commons (CC) Attribution License. “A CC license is used when an author wants to give people the right to share, use, and build upon a work that they have created” Wikipedia.
The BTTN Journal is an International, Open Access, and Peer-Reviewed Research Journal published by Balochistan Think Tank Network and licensed under CC BY 4.0.