Mon. Jan 17th, 2022
    en flag
    nl flag
    et flag
    fi flag
    fr flag
    de flag
    he flag
    ja flag
    lv flag
    pl flag
    pt flag
    ru flag
    es flag

    Content Assessment: Considering Attribution of Cyber Operations: A Tallinn Paper

    Information - 95%
    Insight - 100%
    Relevance - 90%
    Objectivity - 90%
    Authority - 95%



    A short percentage-based assessment of the qualitative benefit of the post highlighting the recent Tallinn Paper on the attribution of cyber operations.

    Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

    To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.

    Educational Paper* by Garrett Derian-Toth, Ryan Walsh, Alexandra Sergueeva, Edward Kim, Alivia Coon, Hilda Hadan  and Jared Stancombe

    Backgrounder: The NATO CCDCOE’s Tallinn Papers are designed to inform strategic dialogue regarding cyber security within the Alliance and beyond. They address cyber security from a multidisciplinary perspective by examining a wide range of issues, including cyber threat assessment, domestic and international legal dilemmas, governance matters, assignment of roles and responsibilities for the cyber domain, the militarization of cyberspace, and technical. Focusing on the most pressing cyber security debates, the Tallinn Papers aim to support the creation of a legal and policy architecture that is responsive to the peculiar challenges of cyberspace. With their future-looking approach, they seek to raise awareness and to provoke the critical thinking that is required for well-informed decision-making on the political and strategic levels.

    Opportunities for Public and Private Attribution of Cyber Operations


    State-sponsored cyber-attacks have altered the playing field of international conflict and espionage because these operations often fall below the established threshold of response and regularly target private infrastructure. This has created difficulties for victim nations and their private sector entities regarding how to attribute a state-sponsored offensive cyber operation and what role each party should play in the attribution process. More broadly, the attribution of state-sponsored offensive cyber operations affects more than just cybersecurity. Rather, there is a relationship between attribution of offensive cyber operations and international relations where attribution is used for purposes such as reinforcing rules in cyberspace and imposing costs on malicious actors. Offensive cyber operations and attributions are used to shape a state’s global policy and posture and can reflect generations of conflicts, allegiances and intelligence-sharing networks. This paper gives an overview of the motivations, tools, techniques, procedures and alliances of attribution of state-sponsored offensive cyber operations. For the purposes of this article, attribution is defined as creating a body of evidence or a claim publicly linking a state to an offensive cyber operation. Along the way, the limitations of attribution, the general legal framework, norms regarding attribution and alternatives to attribution are examined. Our research reveals a fragmentation among actors regarding attitudes towards attribution and information sharing. We have also identified factors that reflect positive outcomes for attribution, including developing cyber norms, increasing the role of private sector actors and evolving laws that actively prevent cyber interference. Our findings are supported by a dataset that tracks state-sponsored offensive cyber operation attribution.

    Complete Paper: Opportunities for Public and Private Attribution for Cyber Operations – Mouseover to Scroll 

    Tallinn Papers Attribution 18082021

    Read the original paper.

    Reference: Derian-Toth, G., Walsh, R., Sergueeva, A., Kim, E., Coon, A., Hadan, H. and Stancombe, J., 2021. Opportunities for Public and Private Attribution of Cyber Operations. Tallinn Papers. [online] NATO CCDCOE. Available at: <> [Accessed 19 August 2021].

    *Shared with permission as an educational paper for non-commercial use in accordance with NATO CCDCOE disclaimer terms.

    Additional Reading

    Source: ComplexDiscovery


    Have a Request?

    If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

    ComplexDiscovery is an online publication that highlights cyber, data, and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data, and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

    ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data, and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.

    A Warning from the FTC: Remediate Log4j Security Vulnerability

    When vulnerabilities are discovered and exploited, it risks a loss or...

    A New Financial Ecosystem? NIST Draft Report on Cybersecurity for Open Banking

    This new draft report from NIST on Open Banking describes a...

    DAM Ransomware! A Detection, Avoidance, and Mitigation (DAM) Framework for Ransomware

    Ransomware attacks have emerged as a major cybersecurity threat wherein user...

    Assessment and Advice: ENISA Update on Log4j Vulnerability

    On December 9th, information about a critical unauthenticated Remote Code Execution...

    eDiscovery Mergers, Acquisitions, and Investments in 2021

    Since beginning to track the number of publicly highlighted merger, acquisition,...

    eDiscovery Mergers, Acquisitions, and Investments in Q4 2021

    From Consilio and Epiq to Driven and Innovative Discovery, the following...

    Empire Technologies Risk Management Group Acquires GoldMind

    According to Kenya Parrish-Dixon, General Counsel and COO at ETRM Group,...

    Mitratech Acquires Continuity

    According to Mitratech CEO Mike Williams, “We are excited to expand...

    Trusting the Process? 2021 eDiscovery Processing Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    The Year in Review? 2021 eDiscovery Review Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    A 2021 Look at eDiscovery Collection: Task, Spend, and Cost Data Points

    Based on the complexity of cybersecurity, information governance, and legal discovery,...

    An eDiscovery Market Size Mashup: 2021-2026 Worldwide Software and Services Overview

    From market retraction in 2020 to resurgence in 2021, the worldwide...

    Five Great Reads on Cyber, Data, and Legal Discovery for December 2021

    From CISA cybersecurity guidance to mastering megamatters, the December 2021 edition...

    Five Great Reads on Cyber, Data, and Legal Discovery for November 2021

    From worldwide eDiscovery market sizing and discovery intelligence to cybersecurity playbooks...

    Five Great Reads on Cyber, Data, and Legal Discovery for October 2021

    From artificial intelligence and predictive coding to eDiscovery business confidence and...

    Five Great Reads on Cyber, Data, and Legal Discovery for September 2021

    From countering ransomware to predictive coding and packaged services, the September...

    Transfers in Order? eDiscovery Operational Metrics in the Winter of 2022

    In the winter of 2021, 43 eDiscovery Business Confidence Survey participants...

    A View from the Top? Winter 2022 eDiscovery Business Confidence Survey Results

    Since January 2016, 2,649 individual responses to twenty-five quarterly eDiscovery Business...

    Common Cents? An Aggregate Overview of Seven Semi-Annual eDiscovery Pricing Surveys

    The anonymized aggregate results from seven semi-annual surveys highlight eDiscovery pricing...

    Alternative Reality? Winter 2022 eDiscovery Pricing Survey Results

    Based on the complexity of data and legal discovery, it is...