Alliance attribution of global cyber attacks
The spring of 2017 saw two global outbreaks of malware attacks, known as WannaCry and NotPetya, which caused damages on an unprecedented economic scale and in unprecedented areas in the targeted societies. By February 2018, about eight months after the attacks an international consensus and a global coalition had emerged to attribute the two attacks to North Korea and Russia, respectively. In European Union Council politics the attacks coincided with a new Union-wide boost to cyber security, including the approval of the so-called Cyber Diplomacy Toolbox that should allow for joint attribution and response to cyber attacks by the member states. How to deal with such attacks in the future, how to attribute the acts to actors, and what countermeasures exactly the EU could employ were some of the central questions asked in Brussels and the other 27 capitals. The aim of this chapter is to explore whether these parallel developments to respond to cyber attacks in a coalition setting have worked and deterred the offenders. What will be the possible implications of the willingness of nations to attribute cyber attacks publicly? Will this be the new normality and to what end, or are we now living in the times before a cyber storm?