Cybersecurity

Attribution is key to holding cyber criminals accountable 

As Russian cyber threats continue to evolve amid the war in Ukraine, cyber experts are urging NATO to take authoritative steps to combat state-sponsored hackers, including attributing the actors behind the attacks.

Merle Maigre, a senior fellow at the Center for European Policy Analysis, said that NATO should “deny covertness by attribution” and hold malicious cyber actors accountable for their criminal actions. 

“I think NATO should persuade its opponents that they cannot be clandestine in the cyber operations,” Maigre said. 

“Attribution is a good way to make clear to malicious actors that their actions will be seen and will be addressed,” she added. 

Maigre made her remarks on Thursday during a virtual roundtable discussion hosted by The German Marshall Fund. The discussion revolved around Maigre’s policy brief on NATO’s role in global cyber security


In her brief, Maigre explains that attribution is critical to calling out criminal behavior and making it clear that there will be consequences for their actions. 

“With attribution, policymakers show that they know what is happening in these networks and can investigate incidents,” Maigre said in her brief.

She also explained that up until recently, governments were not publicly releasing details on cyber incidents. In 2018, however, several Western nations started disclosing cyberattacks, indicating a shift towards transparency. 

“Greater public knowledge of cyberattacks heightens awareness of cyber conflicts and leads to greater public acceptance of cyber countermeasures,” Maigre added in her brief. 

Some NATO members including the U.S. and the European Union (E.U.) have started attributing recent cyberattacks aimed at Ukraine to nation-state threat actors like Russia. 

Earlier this month, the U.S. and the E.U. condemned Russia for its criminal cyber behavior and confirmed that it was behind a cyberattack that targeted Ukraine’s satellite network in late February. 

The European Union said that the attack on the satellite took place an hour before the invasion, causing significant communication outages and disrupting several public authorities and businesses.

While the U.S. and the E.U. have vowed to take countermeasures to prevent Russian cyber aggression against Ukraine, a Russian diplomat recently accused Western democracies of “building a cyber totalitarianism” against his country.

Vassily Nebenzia, a Russian representative to the United Nations (U.N.), alleged that the West is being one-sided and trying to shut down Russia’s “alternative views.”

Nebenzia, who spoke on Monday at a U.N. Security Council briefing, also demanded that the West “demilitarize information space,” adding that Russia will respond back to any cyberattacks targeting his country.

During the roundtable discussion, Maigre added that effectively attributing a cyber attack to a nation-state threat actor requires that NATO members have credible evidence to support their claims.

“I firmly believe that attribution is only as good as the information that the allies are willing to share,” she said. 

The event follows a meeting held last week in Brussels where senior cyber coordinators met to discuss the cyber threat landscape following Russia’s invasion of Ukraine.