The Problem with Proxies

When it comes to cyber attacks, one of the biggest problems is correctly determining who, exactly, is attacking you. This is called attribution, and it is extremely difficult, since many sophisticated actors are capable of obscuring or destroying evidence as to who they are. The difficulty of attribution is compounded by the use of proxies to conduct operations. In the arena of international affairs, a proxy is a group that is separate from a state government, but takes actions on its behalf. Some proxies are little more than thinly veiled organs of a state’s security apparatus, while others are completely separate and autonomous organizations that function almost like contractors.

Regardless of how independent they are from the state that utilizes their services, all proxies provide the same basic advantage: clouding the true identity of the attacker. When a proxy conducts a cyber attack on behalf of a government, it is incredibly difficult to definitively link the attack to the government that commissioned it.  Additionally, according to Rob Dannenberg, former head of security at Goldman Sachs, “the cyber proxy approach has many advantages, including plausible deniability, relatively low cost, little chance of political blowback, very little legal recourse for the target or victim, and the opportunity for a state actor to reinforce and exercise relationships with non-state actors that could be of use in a future conflict.”

“The Cipher Brief has become the most popular outlet for former intelligence officers; no media outlet is even a close second to The Cipher Brief in terms of the number of articles published by formers.” —Sept. 2018, Studies in Intelligence, Vol. 62

Access all of The Cipher Brief’s national security-focused expert insight by becoming a Cipher Brief Subscriber+ Member.

Subscriber+

Categorized as:Tech/CyberTagged with:

Related Articles

Search

Close