Strategic Publicity: Understanding U.S. Government Cyber Attribution

Introductions will start at 1:50pm. Each presentation will be 20 minutes with a 10 minute discussion.

* Please note all CISAC events are scheduled using the Pacific Time Zone.

Register in advance for this webinar: https://stanford.zoom.us/webinar/register/WN_Uoa_Nef3RAu1JAfPRDTg2A

About the Event: When and under what circumstances does the US government publicly attribute state-backed cyber intrusions? Over the past decade, the US government has become increasingly willing to publicly attribute the state adversaries behind cyber incidents. Yet the timing of public attribution appears to vary significantly. Much of the existing work on public attribution of cyber incidents is theoretical – examining when states should publicly attribute – without providing a systematic study of the circumstances in which it actually takes place. This thesis seeks to fill this gap by compiling a data set of every public attribution by the U.S. government to another state from 2010-2021, in addition to data on timing. My analysis suggests that the U.S. government is not a unitary actor; instead, public attribution operates through four distinct channels – technical alerts, criminal charges, and official and unofficial policy statements. Bilateral relations between the U.S. and adversary state, U.S. domestic politics, and attribution by private sector entities have no systematic effect on the timing of public attribution. Moreover, case studies of public attribution for Iran’s Operation Ababil and Russia’s Dragonfly 2.0 campaign demonstrate that organizational factors matter more than the public discourse would suggest. As the government pursues whole-of-government strategies of “persistent engagement” and “defend forward,” this thesis suggests that policymakers must think systematically across government about when and under what circumstances to publicly attribute cyber incidents to other states.

About the Speaker: June is a senior studying International Relations and minoring in Computer Science. Her course of study has focused on cyber policy and international law, inspired by her experiences at the Atlantic Council’s Cyber Statecraft Initiative and State Department. Her thesis extends these interests, by examining the US government's approach to public attribution in cyberspace.