State Responsibility in the Cyber Age: The Course towards Indirect Evidence
The problem of attributing responsibility for cyber-attacks is almost as old as cyberspace itself, yet it remains one of the most troublesome issues of that domain. It is often impossible to uncover direct evidence that would reveal the identities of the attackers. Investigators must therefore rely on other, more indirect avenues of proof. The aim of this exploratory study is to develop a basic categorisation of indirect evidence that can be used to attribute state responsibility for cyber-attacks in international relations. To do so, the article works with international legal concepts but transposes them into the analysis of international relations. The categorization of indirect proof is based on the Russian-Georgian conflict of 2008, which provides one of the richest arrays of this kind of evidence. The analysis identifies four kinds of indirect evidence: level of coordination, level of preparedness, state relations with the national hacker community, and state conception of cyber-security.
This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License.
Mezinárodní vztahy / Czech Journal of International Relations publishes under Creative Commons Attribution-NoDerivatives 4.0. Authors retain copyright and grant the journal right of first publication. Anyone is allowed to use, share, copy, distribute, or display the work with an acknowledgement of the work's authorship and initial publication in this journal. The journal allows others to copy, distribute and display only original copies of our publications.