ABSTRACT
Attribution in the context of cyber warfare presents unique difficulties that are not apparent in other conventional means and methods of armed conflict. Several factors contribute to the difficulty of cyber warfare attribution, including searching for cyber weapons is harder, cyber weapons do not require physical proximity; and cyber weapons technology is very similar to cyber espionage technology. These difficulties in attribution make cyber weapons appealing for many countries, and suggest that the increasing use of such weapons by nation states. One approach to attribution is to examine the artefacts left in a computer or digital device that is the victim of a cyber-attack. Another approach to attribution is to examine network traffic to see where an attack is coming from. The large scale and effectiveness of the cyber-attack often provides opportunities for tracing and analysis that are not possible with common criminal cyber-attacks that we see more regularly on the Internet.
