National Security is Everyone's Business

April 29th, 2024 | 3:47 AM ET

Menu

Attribution Beyond Reasonable Doubt

Posted: January 11th, 2017

By Justin Harvey

Justin Harvey is a cyber defense expert who specializes in endpoint detection and response, defense against cyberespionage, incident response and threat intelligence. He is currently managing director and global lead for Accenture Security's Incident Response Practice. Before joining Accenture, Harvey was Chief Security Officer of Fidelis Cybersecurity and the former Vice President at FireEye/Mandiant.

With news of nation-states allegedly attacking companies, political institutions, and world governments, it is important to know how attribution works in cybersecurity. For the unfamiliar, attribution is the process investigators and intelligence workers use to tie responsibility of an event or action to a person, group, or country.

Unless there is physical forensic evidence showing that an individual or a group of individuals was on a computer at the exact time an organization was compromised, you cannot definitively attribute the attack. This is one of the reasons that “attacking or hacking back” on a corporate-level does not fly in the industry.

“The Cipher Brief has become the most popular outlet for former intelligence officers; no media outlet is even a close second to The Cipher Brief in terms of the number of articles published by formers.” —Sept. 2018, Studies in Intelligence, Vol. 62

Access all of The Cipher Brief’s national security-focused expert insight by becoming a Cipher Brief Subscriber+ Member.

Categorized as:InternationalTagged with:Attribution Cyber Warfare Cybersecurity

Related Articles

How Safe Would We Be Without Section 702?

SUBSCRIBER+EXCLUSIVE INTERVIEW — A provision of the Foreign Intelligence Surveillance Act that has generated controversy around fears of the potential for abuse has proven to be crucial […] More

June 1st, 2023

How the Middle East Conflict Leads Back to US National Security

In the Biden Administration’s highest-level face-to-face visit, Secretary of State Antony Blinken is traveling to the Middle East to seize momentum created by last week’s […] More

May 24th, 2021 by Norman T. Roule

Intelligence Sharing in a Complicated World: The Future of Five Eyes

In the midst of World War II, facing multiple threats in a complicated series of engagements around the world, the US and the UK entered […] More

May 11th, 2021 by The Cipher Brief

Afghanistan: How Six Good Reasons Can Still Lead to a Bad Decision

Cipher Brief Expert Tim Willasey-Wilsey served for over 27 years in the British Foreign and Commonwealth Office where his focus was on South Asia and […] More

April 19th, 2021 by Tim Willasey-Wilsey

Report: An Analysis of Bitcoin’s Use in Illicit Finance

As Bitcoin and other cryptocurrencies rise to record levels ahead of the direct offering of crypto exchange Coinbase, former Acting CIA Director Michael Morell is […] More

April 13th, 2021 by Michael J. Morell

Where Are Six Years of War in Yemen Going?

EXPERT ANALYSIS — At a time when western officials are focusing their attention toward national security threats posed by China, the war in Yemen is […] More

March 29th, 2021 by Norman T. Roule

For general inquiries please email [email protected] X Facebook YouTube LinkedIn Instagram

Search

Close