Defend Forward and Attribution
When a state seeks to respond to a cyberattack, must it first attribute the attack to the perpetrator responsible? The US policy of “Defend Forward” and “Persistent Engagement” in cyberspace raises the stakes of this attribution question as a matter of both international and domestic law. This chapter explores the international and US domestic laws governing cyberattack attribution. It argues that common across international and US law is the fact that cyberattack attribution serves as both a potential source of empowerment and a potential constraint on governmental action. In both systems, attribution of a cyberattack to another state bolsters the US executive branch’s authority to respond, and conversely, the absence of attribution can place the executive on less certain legal footing.