#SorryNotSorry: Why states neither confirm nor deny responsibility for cyber operations

  title={\#SorryNotSorry: Why states neither confirm nor deny responsibility for cyber operations},
  author={Joseph M. Brown and Tanisha M. Fazal},
  journal={European Journal of International Security},
  pages={401 - 417}
Abstract States accused of perpetrating cyber operations typically do not confirm or deny responsibility. They issue ‘non-denial denials’ or refuse to comment on the accusations. These ambiguous signals are prevalent, but they are largely ignored in the existing cyber literature, which tends to treat credit claiming as a binary choice. The ambiguity of non-denial denials and ‘non-comments’ allows states to accomplish two seemingly opposed goals: maintaining crisis stability and leaving open the… 


Rethinking Secrecy in Cyberspace
Secrecy is central to the strategic and political dynamics of cyberspace operations. The ease with which actors can launch attacks while masking their identity poses serious problems for both
Tipping the scales: the attribution problem and the feasibility of deterrence against cyberattack
A formal model is used to explain why there are many low-value anonymous attacks but few high-value ones, showing how different assumptions about the scaling of exploitation and retaliation costs lead to different degrees of coverage and effectiveness for deterrence by denial and punishment.
The Logic of Coercion in Cyberspace
It is demonstrated that cyber power alone has limited effectiveness as a tool of coercion, although it has significant utility when coupled with other elements of national power.
Attributing Cyber Attacks
It is argued that attribution is what states make of it and to show how, the Q Model is introduced: designed to explain, guide, and improve the making of attribution.
Covert Communication: The Intelligibility and Credibility of Signaling in Secret
ABSTRACT Can states credibly communicate their intentions through covert policy tools, despite the absence of credibility-enhancing publicity? Most extant research suggests covert action and secrecy
Cyber War Will Not Take Place
Abstract For almost two decades, experts and defense establishments the world over have been predicting that cyber war is coming. But is it? This article argues in three steps that cyber war has
Aesop’s wolves: the deceptive appearance of espionage and attacks in cyberspace
Case analysis is used to examine the characteristics associated with the tools and decisions related to cyber espionage and cyber attacks to develop a framework for distinction leveraging epidemiological models for combating disease.
Invisible Digital Front: Can Cyber Attacks Shape Battlefield Events?
The first quantitative analysis of the relationship between cyber activities and physical violence during war is presented, finding that cyber attacks are not (yet) effective as tools of coercion in war.
Revisiting the Estonian Cyber Attacks: Digital Threats and Multinational Responses
In April 2007, the Estonian Government moved a memorial commemorating the Soviet liberation of the country from the Nazis to a less prominent and visible location in Tallinn. This decision triggered
Cyberwar: A New ‘Absolute Weapon’? The Proliferation of Cyberwarfare Capabilities and Interstate War
The size of the effect of the proliferation of cyberwarfare capabilities on the frequency of war will probably be relatively small and the use of computer network attack as a brute force weapon will probably become increasingly frequent.