Publication details
Stuxnet vs WannaCry and Albania: The Cyber-Attribution on Trial
| Authors | |
|---|---|
| Year of publication | 2023 |
| Type | Appeared in Conference without Proceedings |
| MU Faculty or unit | |
| Citation | |
| Description | In the intricate world of cyberspace, cyber-attribution, specifically the procedure of linking cyberattacks, the activities of non-state actors (e.g., hacker groups) and states’ orders and control remains one of the foremost challenges for modern international law. The procedure itself is a complex combination of technical, forensic and intelligence analyses with legal, strategical, geopolitical, and diplomatic requirements and aspects, fundamentally complicated due to the anonymous and often highly sophisticated nature of state-sponsored cyber-attacks. However, despite these challenges, we have witnessed an increase in the public attributions of cyber-attacks (let it be the attribution of WhisperGate and other Russian malicious cyber activities against Ukraine, WannaCry or the highly destructive cyber-attack against the Albanian Government). But what about Stuxnet? Strikingly, despite its far-reaching implications, the most famous cyber-operation remains officially unattributed. Therefore, in my talk, I shall delve deeper into the procedure of the cyber-attribution of the selected cyber-attacks and analyse and compare the relevant (and publicly available) details to try and identify the emerging state practice in the context of state responsibility and attribution standards. I shall also address the key considerations such as the technical evidence, geopolitical dynamics, intelligence-sharing mechanisms and international cooperation using the Egloff-Smeets Framework for public cyber-attributions. |
| Related projects: |