June Lee is Program Coordinator at the Technology and International Affairs Program at the Carnegie Endowment for International Peace. Her research interests include cyber governance, international law, and the national security implications of emerging technologies. Previously, she has worked with the Atlantic Council’s Cyber Statecraft Initiative and State Department. She has a B.A. in International Relations from Stanford University.

Twitter: @heajunelee

How does state practice surrounding public attribution influence the development of international norms in cyberspace? In recent years, states have publicly assigned responsibility for cyber incidents to state adversaries with increasing frequency. As the academic and policy conversation has shifted away from whether attribution is technically feasible in cyberspace to how attribution can be communicated to greater effect, scholars have frequently discussed public attribution in the context of cyber norms. This paper examines public attribution of cyber incidents as both subject and source of cyber norms. Based on an original dataset of 41 public attributions by the US government to state adversaries, this paper proposes that U.S. government actors publicly attribute cyber incidents through four distinct “channels” – criminal, technical, official policy, and unofficial policy – involving different government agencies, with distinct missions, audiences, and underlying approaches. The channel of public attribution shapes this state practice in three ways potentially relevant for cyber norm development: purpose, normative content, and timing. This paper applies this framework to two cases of public attribution by the US government – attribution of Iran’s Operation Ababil and Russia’s Dragonfly 2.0 campaign. Future discussions of public attribution and cyber norm development must account for the broader strategic and organizational context in which this practice occurs.