Why the US shouldn’t publish proof of attribution

I know people want to see more attribution evidence of the recent Russian cyber attacks, but there are good reasons not to publicize the data.

The intelligence community does attribution using very sensitive sources and methods, such as SIGINT and HUMINT. Even remotely hinting that these sources exist makes it almost certain that they will be discovered and rendered useless by those being monitored. In the case of HUMINT, this can mean putting lives in danger.

Replacing lost monitoring ability with new sources and methods usually costs millions of dollars and takes anywhere from a few months to a few years. In some cases, the same level of access is never regained.

The intelligence community would go dark on important targets, leaving top decision makers without the information they need. We can’t afford gaps like this due to the breadth and severity of current threats, especially after the damage already done by Snowden.

We also can’t blindly trust our government, and we should continue to ask questions. But when it comes to attribution and similar analysis that relies on sensitive sources, protecting national security will be always be a higher priority. It would be far more damaging to publicize the evidence.

Government oversight will have to come in a different form. Maybe sharing classified evidence with a panel of elected officials would help? Could we trust them to evaluate something this technical? I’m not convinced.

Perhaps an important next step is for the various agencies and departments to work on regaining the public’s trust. Easier said than done, I know.