Abstract
Abstract International discussions on establishing and implementing norms for behavior in cyberspace have spanned over two decades. However, differences in what constitutes ‘acceptable conduct’ have hindered progress in forming these norms. In recent years, Western countries have adopted a strategy to signal what is considered unacceptable behavior by publicly attributing cyberattacks and intrusions. I argue that this act of official public attribution serves as a practice for countries to express their disapproval of inappropriate cyberspace behavior and condemnation and can cumulatively shape international practices, holding the attacking state accountable. I explore this by (1) analyzing new data from the European Repository of Cyber Incidents, which shows patterns of official public attributions for the years 2000–2023, providing exploratory directions and trends, and (2) examining the Iranian cyberattack against Albania in 2022 and its subsequent official public attributions as an illustrative case study. I demonstrate how repeated instances of official public attribution can contribute to the development of a common practice that signals dissatisfaction of a specific behavior. As state-sponsored cyberattacks and intrusions are on the rise, this practice could have an accumulative effect.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callSimilar Papers
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
