Thu. Dec 7th, 2023

Content Assessment: Considering Attribution of Cyber Operations: A Tallinn Paper

Information - 95%
Insight - 100%
Relevance - 90%
Objectivity - 90%
Authority - 95%



A short percentage-based assessment of the qualitative benefit of the post highlighting the recent Tallinn Paper on the attribution of cyber operations.

Editor’s Note: From time to time, ComplexDiscovery highlights publicly available or privately purchasable announcements, content updates, and research from cyber, data, and legal discovery providers, research organizations, and ComplexDiscovery community members. While ComplexDiscovery regularly highlights this information, it does not assume any responsibility for content assertions.

To submit recommendations for consideration and inclusion in ComplexDiscovery’s cyber, data, and legal discovery-centric service, product, or research announcements, contact us today.

Educational Paper* by Garrett Derian-Toth, Ryan Walsh, Alexandra Sergueeva, Edward Kim, Alivia Coon, Hilda Hadan  and Jared Stancombe

Backgrounder: The NATO CCDCOE’s Tallinn Papers are designed to inform strategic dialogue regarding cyber security within the Alliance and beyond. They address cyber security from a multidisciplinary perspective by examining a wide range of issues, including cyber threat assessment, domestic and international legal dilemmas, governance matters, assignment of roles and responsibilities for the cyber domain, the militarization of cyberspace, and technical. Focusing on the most pressing cyber security debates, the Tallinn Papers aim to support the creation of a legal and policy architecture that is responsive to the peculiar challenges of cyberspace. With their future-looking approach, they seek to raise awareness and to provoke the critical thinking that is required for well-informed decision-making on the political and strategic levels.

Opportunities for Public and Private Attribution of Cyber Operations


State-sponsored cyber-attacks have altered the playing field of international conflict and espionage because these operations often fall below the established threshold of response and regularly target private infrastructure. This has created difficulties for victim nations and their private sector entities regarding how to attribute a state-sponsored offensive cyber operation and what role each party should play in the attribution process. More broadly, the attribution of state-sponsored offensive cyber operations affects more than just cybersecurity. Rather, there is a relationship between attribution of offensive cyber operations and international relations where attribution is used for purposes such as reinforcing rules in cyberspace and imposing costs on malicious actors. Offensive cyber operations and attributions are used to shape a state’s global policy and posture and can reflect generations of conflicts, allegiances and intelligence-sharing networks. This paper gives an overview of the motivations, tools, techniques, procedures and alliances of attribution of state-sponsored offensive cyber operations. For the purposes of this article, attribution is defined as creating a body of evidence or a claim publicly linking a state to an offensive cyber operation. Along the way, the limitations of attribution, the general legal framework, norms regarding attribution and alternatives to attribution are examined. Our research reveals a fragmentation among actors regarding attitudes towards attribution and information sharing. We have also identified factors that reflect positive outcomes for attribution, including developing cyber norms, increasing the role of private sector actors and evolving laws that actively prevent cyber interference. Our findings are supported by a dataset that tracks state-sponsored offensive cyber operation attribution.

Complete Paper: Opportunities for Public and Private Attribution for Cyber Operations – Mouseover to Scroll 

Tallinn Papers Attribution 18082021

Read the original paper.

Reference: Derian-Toth, G., Walsh, R., Sergueeva, A., Kim, E., Coon, A., Hadan, H. and Stancombe, J., 2021. Opportunities for Public and Private Attribution of Cyber Operations. Tallinn Papers. [online] NATO CCDCOE. Available at: <> [Accessed 19 August 2021].

*Shared with permission as an educational paper for non-commercial use in accordance with NATO CCDCOE disclaimer terms.

Additional Reading

Source: ComplexDiscovery


Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude 2, Midjourney, and DALL-E3, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.


Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery is a distinguished digital publication that delivers journalistic insights into cybersecurity, information governance, and eDiscovery developments and technologies. It adeptly navigates the intersection of these sectors with international business and current affairs, transforming relevant developments into informational news stories. This unique editorial approach enables professionals to gain a broader perspective on the intricacies of the digital landscape for informed strategic decision-making.

Incorporated in Estonia, a nation celebrated for its digital innovation, ComplexDiscovery OÜ adheres to the most rigorous standards of journalistic integrity. The publication diligently analyzes global trends, assesses technological breakthroughs, and offers in-depth appraisals of services involving electronically stored information. By contextualizing complex legal technology issues within the broader narrative of worldwide commerce and current events, ComplexDiscovery provides its readership with indispensable insights and a nuanced understanding of the eDiscovery industry.