美国政府的公共归属:对网络空间外交和规范的影响

IF 3.1 Q1 PUBLIC ADMINISTRATION

Policy Design and Practice Pub Date : 2023-04-03 DOI:10.1080/25741292.2023.2199964

H. Lee

{"title":"美国政府的公共归属:对网络空间外交和规范的影响","authors":"H. Lee","doi":"10.1080/25741292.2023.2199964","DOIUrl":null,"url":null,"abstract":"Abstract In recent years, states have publicly assigned responsibility for cyber incidents to state adversaries with increasing frequency. While emerging scholarship provides insight into the strategic rationale for public cyber attribution, the literature lacks a rigorous understanding of when and under what circumstances states publicly attribute cyber incidents in practice. This paper seeks to address this gap by providing an empirical study of public cyber attribution by the US government from 2010–2020. Based on an original dataset, I find that US government actors publicly attribute cyber incidents through four distinct “channels”–criminal, technical, official policy, and unofficial policy. The purpose, timing, and state subject of attribution appear to vary consistently by channel, while organizational interests and channel-specific factors shape the context in which public attribution takes place. The lack of a unified approach creates challenges for US diplomacy—as adversaries may misperceive attributions as reflecting a whole-of-government agenda—and informs the normative environment of cyber operations in ways potentially unanticipated by individual agencies.","PeriodicalId":20397,"journal":{"name":"Policy Design and Practice","volume":null,"pages":null},"PeriodicalIF":3.1000,"publicationDate":"2023-04-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Public attribution in the US government: implications for diplomacy and norms in cyberspace\",\"authors\":\"H. Lee\",\"doi\":\"10.1080/25741292.2023.2199964\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Abstract In recent years, states have publicly assigned responsibility for cyber incidents to state adversaries with increasing frequency. While emerging scholarship provides insight into the strategic rationale for public cyber attribution, the literature lacks a rigorous understanding of when and under what circumstances states publicly attribute cyber incidents in practice. This paper seeks to address this gap by providing an empirical study of public cyber attribution by the US government from 2010–2020. Based on an original dataset, I find that US government actors publicly attribute cyber incidents through four distinct “channels”–criminal, technical, official policy, and unofficial policy. The purpose, timing, and state subject of attribution appear to vary consistently by channel, while organizational interests and channel-specific factors shape the context in which public attribution takes place. The lack of a unified approach creates challenges for US diplomacy—as adversaries may misperceive attributions as reflecting a whole-of-government agenda—and informs the normative environment of cyber operations in ways potentially unanticipated by individual agencies.\",\"PeriodicalId\":20397,\"journal\":{\"name\":\"Policy Design and Practice\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":3.1000,\"publicationDate\":\"2023-04-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Policy Design and Practice\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1080/25741292.2023.2199964\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"PUBLIC ADMINISTRATION\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Policy Design and Practice","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/25741292.2023.2199964","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"PUBLIC ADMINISTRATION","Score":null,"Total":0}

引用次数: 0

摘要

摘要近年来，国家越来越频繁地将网络事件的责任公开分配给国家对手。虽然新兴的学术界深入了解了公共网络归因的战略理由，但文献缺乏对国家在实践中何时以及在何种情况下公开归因网络事件的严格理解。本文试图通过提供美国政府2010-2020年公共网络归因的实证研究来解决这一差距。基于原始数据集，我发现美国政府行为体通过四个不同的“渠道”公开归因于网络事件——犯罪、技术、官方政策和非官方政策。归因的目的、时间和状态主体似乎因渠道而异，而组织利益和渠道特定因素决定了公共归因发生的背景。缺乏统一的方法给美国外交带来了挑战，因为对手可能会错误地将归因视为反映了整个政府议程，并以个别机构可能无法预料的方式为网络行动的规范环境提供信息。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Public attribution in the US government: implications for diplomacy and norms in cyberspace

Abstract In recent years, states have publicly assigned responsibility for cyber incidents to state adversaries with increasing frequency. While emerging scholarship provides insight into the strategic rationale for public cyber attribution, the literature lacks a rigorous understanding of when and under what circumstances states publicly attribute cyber incidents in practice. This paper seeks to address this gap by providing an empirical study of public cyber attribution by the US government from 2010–2020. Based on an original dataset, I find that US government actors publicly attribute cyber incidents through four distinct “channels”–criminal, technical, official policy, and unofficial policy. The purpose, timing, and state subject of attribution appear to vary consistently by channel, while organizational interests and channel-specific factors shape the context in which public attribution takes place. The lack of a unified approach creates challenges for US diplomacy—as adversaries may misperceive attributions as reflecting a whole-of-government agenda—and informs the normative environment of cyber operations in ways potentially unanticipated by individual agencies.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Policy Design and Practice PUBLIC ADMINISTRATION-

CiteScore

10.30

自引率

4.30%

发文量

审稿时长

13 weeks

期刊介绍：