VOSTOUPAL, Jakub. Stuxnet vs WannaCry and Albania: The Cyber-Attribution on Trial. In Cyberspace 2023. 2023.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name Stuxnet vs WannaCry and Albania: The Cyber-Attribution on Trial
Authors VOSTOUPAL, Jakub.
Edition Cyberspace 2023, 2023.
Other information
Original language English
Type of outcome Presentations at conferences
Field of Study 50500 5.5 Law
Country of publisher Czech Republic
Confidentiality degree is not subject to a state or trade secret
WWW Program konference
Organization unit Faculty of Law
Keywords (in Czech) Kybernetická obrana, Kybernetická bezpečnost, Přičitatelnost, Mezinárodní obyčeje
Keywords in English Cybersecurity, Cyberdefence, Attribution, International Customary Law
Tags kybernetická bezpečnost, kybernetická obrana, kybernetické útoky, odpovědnost státu, Přičitatelnost
Tags International impact, Reviewed
Changed by Changed by: Mgr. Jakub Vostoupal, učo 434784. Changed: 1/12/2023 13:50.
Abstract
In the intricate world of cyberspace, cyber-attribution, specifically the procedure of linking cyberattacks, the activities of non-state actors (e.g., hacker groups) and states’ orders and control remains one of the foremost challenges for modern international law. The procedure itself is a complex combination of technical, forensic and intelligence analyses with legal, strategical, geopolitical, and diplomatic requirements and aspects, fundamentally complicated due to the anonymous and often highly sophisticated nature of state-sponsored cyber-attacks. However, despite these challenges, we have witnessed an increase in the public attributions of cyber-attacks (let it be the attribution of WhisperGate and other Russian malicious cyber activities against Ukraine, WannaCry or the highly destructive cyber-attack against the Albanian Government). But what about Stuxnet? Strikingly, despite its far-reaching implications, the most famous cyber-operation remains officially unattributed. Therefore, in my talk, I shall delve deeper into the procedure of the cyber-attribution of the selected cyber-attacks and analyse and compare the relevant (and publicly available) details to try and identify the emerging state practice in the context of state responsibility and attribution standards. I shall also address the key considerations such as the technical evidence, geopolitical dynamics, intelligence-sharing mechanisms and international cooperation using the Egloff-Smeets Framework for public cyber-attributions.
Links
MUNI/A/1293/2022, interní kód MUName: Právo a technologie XI
Investor: Masaryk University
PrintDisplayed: 30/7/2024 14:22