Geeks for your information Security Security Vendors Kaspersky Kaspersky Security Blog v
The complexities of public attribution
The complexities of public attribution
harlan4096 Offline
MalWare Zoo Team
*******
Posts: 15,937
Threads: 10,175
Thanks Received: 9,307 in 7,453 posts
Thanks Given: 10,238
Joined: 12 September 18
#1
15 April 19, 07:31
Quote:
[Image: complexity-of-public-attribution-featured.jpg]

Over the past couple of years, we have seen an emerging trend from nation-states, or a consortium of nations publicly attributing cyberattacks to a particular adversary. In the game of spies spying on spies, it has become a game of whodunnit that can have repercussions in the real world.

Now, you may have read about APT actors on this blog or seen reports from our colleagues in the cybersecurity space in the past, but that work came from security researchers — and security researchers tend to avoid doing specific public attribution and will instead talk about clues such as the language the attackers speak, target location, and indicators of compromise (IOCs). They may even give APTs names like Fancy Bear, Equation, Desert Falcons or APT27, which may (or may not) contain hints about the characteristics of the threats.

Their actions may annoy those responsible, but this is not, say, the United Kingdom pointing a direct finger at Israel or the United States holding a press conference with indictments against members of clandestine services in Russia. As I said, there are consequences to such attribution — but as they say, all is fair in love and war.

Earlier in the month, during the Security Analyst Summit, Florian Egloff of the center for Security Studies discussed this topic during the SAS Unplugged session of the conference.

Egloff wasted no time getting into the real-world consequences of these public outings or shaming from governments around the world, which have ranged recently from sanctions to the expulsion of diplomats. The past few years have seen cybersecurity emerge as a key focal point of foreign policy. This area ranges from building out stronger investment to attribution and prevention and potentially adding public attribution to incident response.

These responses include some actions that are meant to deal direct harm to an adversary. Some actions could include offensive measures or burning a toolkit of a nation-state attacker by sharing samples with Virus Total.

This threat-response evolution continues, and in the past year, we have seen nations publicly name an actor in conjunction with one another and with policies that have taken center stage. So, what does the future hold?
Continue Reading
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Android Security Bulletin—March 2026
Android Security B...harlan4096 — 11:13
Qualcomm unveils Wi-Fi 8 chip designed t...
Qualcomm has commi...harlan4096 — 11:10
Adobe Acrobat Reader DC 2025.001.21265
Adobe Acrobat Read...harlan4096 — 11:07
uBOLite 2026.301.2014 (already released ...
uBOLite 2026.301.2...harlan4096 — 11:06
NVIDIA GeForce Game Ready 595.71 driver
Highlights  Gam...harlan4096 — 11:05

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
avatar (44)gapedDow
avatar (38)snorydar
avatar (43)Hectorvot
avatar (51)knowhanPluts
avatar (39)Williamengiz
avatar (46)qaqapeti
avatar (44)battsourIonix
avatar (43)CedricSek
avatar (39)chasRex
avatar (43)slavrProck
avatar (45)Tyesharaike
avatar (49)TomeRerla
avatar (45)walllMIZ
avatar (41)oconyho
avatar (33)uteluxix
avatar (47)piafcflene
avatar (39)Matthewkah
avatar (51)tersfargum
avatar (50)alfreExept
avatar (38)Charlesfibre
avatar (42)napasvem
avatar (44)diploJeoca
avatar (38)francisnj3
avatar (43)artmaGoork
avatar (45)tukraNax
avatar (41)RichardCisee
avatar (40)ebenofit
avatar (38)ykazawu
avatar (41)ARYsahulatbazar

[-]
Online Staff
There are no staff members currently online.

>