Abstract
This article explores how cyber attribution is performed in the UK
and addresses current barriers to identifying deceptive actors. Through
interviews with UK-based experts in cyber attribution, this article explores
how false flag operations can be identified, in an arena where the technical
evidence may be deliberately falsified to implicate third parties. Four
methods of implementing non-technical evidence were identified through
the interviews: interdisciplinary teams; training technical colleagues on
political context; information-sharing platforms; and outsourcing.
Interdisciplinary conversations are required to combine the visions of
professionals within cyber intelligence and attribution, and to work towards
a best-practice approach to false flag attribution.
and addresses current barriers to identifying deceptive actors. Through
interviews with UK-based experts in cyber attribution, this article explores
how false flag operations can be identified, in an arena where the technical
evidence may be deliberately falsified to implicate third parties. Four
methods of implementing non-technical evidence were identified through
the interviews: interdisciplinary teams; training technical colleagues on
political context; information-sharing platforms; and outsourcing.
Interdisciplinary conversations are required to combine the visions of
professionals within cyber intelligence and attribution, and to work towards
a best-practice approach to false flag attribution.
Original language | English |
---|---|
Article number | 2 |
Pages (from-to) | 13-27 |
Journal | Strife Journal |
Issue number | 14 |
Publication status | Published - 14 Dec 2020 |
Keywords
- cyber attribution
- Cyberwarfare
- cyberattacks
- advanced persistent threats
- deception
- false flag attacks
- national security