Book Review: 'Inside the Enemy's Computer: Identifying Cyber-Attackers' by Clement Guitton [open pdf - 544KB]
From the Document: "Expanding cyber-domain conflicts challenge modern strategists to create definitive attribution standards for who did what to whom, especially in developing national policy. Attribution's importance was illustrated during Russia's 2017 notPetya ransomware attack against the Ukraine, where Mondelez International's European retail services suffered over $100M in collateral information technology damages. Subsequently, Mondelez filed an insurance claim with their policy holder, Zurich International. However, U.S. and NATO public declarations attributed the NotPetya attack to the Russian state rather than the proxy group who launched the attack. Allowing Zurich to declare state sponsorship created a non-payable policy exclusion, leaving the issue yet to be legally settled. Attribution's rising importance across the global cyber commons makes Clement Guitton's comprehensive analysis in 'Inside the Enemy's Computer: Identifying Cyber-Attackers' vital to all readers and expertise areas. Beginning with an analysis of attribution constraints, the book moves rapidly to explore processes rather than individual, event-based problems. Guitton's attribution framework emphasizes differing criminal and national security approaches such as detailing, expert judgement, evidentiary standards, corporate privatization, timeliness, and plausible deniability."
2020 by the author(s). Posted here with permission. Documents are for personal use only and not for commercial profit. See document for full rights information.
Homeland Security Affairs Journal: http://www.hsaj.org/
Homeland Security Affairs (April 2020), v.16, article 2