Anonymous, the shadowy hactivist group, may have just declared war on the United States. This raises questions: How would we know, and what does this really mean? The always troubling question for cyber-warriors is “attribution”—do you really know whom you are fighting?
Sorting out evil actors online is difficult, but it can be done. Computer forensics (the science and technology of tracking down malicious online actors) has advanced every bit as much as the enemy’s ability to write new malware. After all, major malicious actors like GhostNet and RBN in the end were uncovered not by governments or intelligence services, but by the investigative efforts of private groups and individuals using modest resources and commercially available software.
In another example of online attribution, the U.S. Cyber Consequences Unit, an independent research institute, conducted an analysis of the Russian attacks on Georgia. The U.S.-CCU concluded that the cyber strikes were done by nongovernment entities with the assistance of organized crime and with foreknowledge of the war and encouragement from the Russian government. It constructed all its analysis using caches from websites and Internet service providers (ISPs).
Cyber forensics, whether performed by governments, netizens, or nongovernmental agencies, is not the only tool available to track down cyber enemies. A range of information-gathering tools, from open source intelligence to old-fashioned spies, can be used to hunt down malicious actors—just like any other threat.
Anyone declaring war online should never believe that if they do something online they can be assured of getting away with it. If you do something bad, likely as not, serious people—if they seriously come after you—can and will find you.
Join us on Friday, March 2, from 12 to 1 PM ET for a special event on the future of warfare in our socially networked world. Heritage’s James Carafano will examine the effects of digital communications on national security and diplomac. Click here to watch online.