Will We Ever Solve Cybersecurity’s “Attribution Problem?”

Read Original Article
Photo: Flickr Creative Commons
Media Outlet: Slate

Exciting news this week for dedicated cybercrime fighters: Famed Romanian hacker Marcel Lehel Lazăr, aka Guccifer, will be extradited to the United States to face hacking and identity theft charges! Guccifer made his name back in 2013 when he leaked paintings made by President George W. Bush and emails between family members about the health of President George H.W. Bush.

Unless you really liked that painting of W in the shower, you’ve probably forgotten about those incidents, and Guccifer’s numerous other email hacking exploits, by now—so many more exciting and higher-stakes cybersecurity incidents have occurred in the intervening years. But it’s worth revisiting this figure and his fate, as he is finally being forced to face the indictment issued more than a year ago in the United States. (In the interim, he also spent some time in prison in Romania.) His story—particularly the timeline—raises some interesting questions about one of the old chestnuts of cybersecurity: the attribution problem.

In the News:

Josephine Wolff was a Class of 2016 & 2017 Cybersecurity Initiative Fellow at New America, where she will write a book about cybersecurity incidents from the last decade, tracing their economic and legal aftermath and their impact on the current state of technical, social, and political lines of defense.