Despite the increasing number of public attributions, few analysts have looked at how public attribution fits within the larger toolbox of statecraft. In a recently published article, I lay out what public attribution is, how we can explain it using the intelligence studies literature, and for what purposes it is employed (for more, you can also read this longer policy analysis [PDF] on the subject). In this shorter piece, I argue that public attribution serves different functions in the short, medium, and long-term.
In a recent article in Contemporary Security Policy, Florian J. Egloff reflects on the contested nature of public attributions of cyber incidents and what role academia could take up.
In the last five years, public attribution of cyber incidents has gone from an incredibly rare event to a regular occurrence. Just in October 2018, the UK’s National Cyber Security Centre publicized its assessment of cyber activities conducted by the Russian military intelligence service (also known by its old acronym, the GRU). Clearly, publicizing activities that other political actors like to keep secret is a political act – but what kind of political act is it and what happens when a government publicly attributes?