The attribution dividend: protecting critical infrastructure from cyber attacks

Abstract

International law and voluntary norms have not effectively prevented state, proxy, or other criminals from malicious and harmful behaviour in cyberspace. Geopolitical confrontation and tension beyond cyberspace with major threat actors have largely exhausted sanctions. Faced with threats that prove difficult to deter, the European Union (EU), its Member States, and international partners need to refocus their atten­tion on creating friction for malicious activity and increasing the costs of adversary operations. Through their contributions to resilience, forensic capabilities and inter­national cooperation on technical investigations offer practical opportunities to blunt the tools of adversaries. By coordinating technical, political, and legal attribution at the EU level, Member States could reinforce a victim-oriented approach to cyber diplomacy. (author's abstract)