The Absence of Truth

Commentary from the free weekly Dow Jones Cybersecurity Newsletter

Russia is the new China. At least in terms of cyber attacks. The Democratic Party hack, the ‘Guccifer 2.0’ leaks, the auction of National Security Agency tools, the compromise of anti-doping agency WADA and the attack against the New York Times’s Moscow bureau. But is Russia really behind all (or any) of these attacks and what does it mean?

It can be hard to draw meaningful conclusions amid vague details, conflicting theories and boundless speculation. When cybersecurity professionals struggle to stay on top of things, how can we expect senior executives and corporate risk owners to make the right connections? Confusion reigns.

The Russians are (and always were) active, capable threat actors whose intentions are hard to predict. An unknown actor, possibly the Russian state, has had access to US offensive exploits since at least 2013 and it is hard to imagine they were not used. Regardless of whether it was the Russians in this case, it is not unimaginable that it could have been.

Attribution is an assessment, not fact, and is regularly based on very limited information. While interesting, it rarely helps organizations defend their networks and only really benefits the cybersecurity company publicizing the incident. Without corroboration from a separate source, attribution cannot be trusted and few commercial intelligence or incident response providers are well-placed to deliver this. Blaming foreign states for cyber attacks is best left to government and should even then be treated with caution.

Taking the responsibility for attribution out of the hands of cybersecurity and response companies allows them to maintain impartiality and reduces the risk of them being seen as a tool of any particular government. The stakes are too high and attribution can have unexpected consequences — just ask the Democrats.

**This article was originally published as part of the Dow Jones Cybersecurity Newsletter, a weekly digest of news with commentary and analysis. View the full newsletter at http://eepurl.com/ccYP5z and sign up for free at http://eepurl.com/b2BOdT**