Home / Exclusive / Cybercrime attacks and identification of actors

Cybercrime attacks and identification of actors

By Sajad Abadi


Given the nature of cyberspace, although the allocation of a set of malicious acts to a particular actor appears to be quite complex, there are many elements that allow the implementation of cybercriminals.

Geo-strategic texture and technical texture can facilitate the assignment of hostile acts to responsible actors: for example, in a cybercrime attack on Estonia, although the official Russian services did not directly operate to neutralize its servers, but it seems that Russia played a significant role in the attack. Of course, it cannot be said that this is the only decisive factor in identifying an actor, since in some cases many actors may be suspected of carrying out an attack, or even actors may be attacked and try to act as a third accused party. It may even be possible for a government to take responsibility for cyber attacks against its rival to increase its containment position.

In some circumstances, a government that has used the infrastructure and equipment used to carry out malicious acts is also responsible for and charged. Thus, in countries where there are no judicial authorities to identify prosecution for malicious cyber attacks or cybercriminals, some actions cause them to be identified as responsible or co-sponsors of a cyber invasion. Thus, governments, as well as groups providing hacker refuge services or facilitating their operations in a single attack, can be held accountable.

Also, governments refusing to cooperate in carrying out criminal investigations on their territory are also partly responsible for the attack. In fact, in some cyber attacks, we find that some malicious acts do not occur without participation, support, tacit consent, or even a lack of corrective/preventive measures by governments.

In some cases, even if there are many indications that the actors are involved in an attack, it is difficult to provide documentary evidence to accuse them; and this uncertainty makes the adoption of preventive countermeasures extremely sensitive.

But by expanding the concept of “multinational response”, this problem can be addressed. This concept is:

– Increase the capabilities of analysis and investigation of the attack, through the use of synergies between state-owned technical equipment and the expansion of judicial and military cooperation.

– Achieving a common right to condemn a hostile act and its possible author – governments and non-governmental groups – through the creation of a unified vote, this is based on unproven evidence.

– Governments and member organizations of this multinational system can achieve a certain level of cybercrime reliance on this solution. In addition, if participants in this system define the necessity of imposing compulsory or punitive measures, its deterrence will increase dramatically.

Joseph S. Nye, in his book, “Cyber Power”, introduced this special dimension of cyber-bullying: “Since false flags are not complete, rumors of the source of cyber attacks seem to be valid.” (Although not judged by a court of law), the damage to the soft power of a cyber attacker can contribute to deterring attacks.”

The actor’s reputation in cyberspace is particularly valuable in comparison to other environments. Many online actors are known by their Internet users for their reputation (honesty, competence, access to reliable information, independence, etc.) and have many followers. The opinions expressed, the analyzes provided, and the information provided by these actors, are relatively reliable given their positive or negative reputation.

In fact, the reputation of governments, real people and legal people on the Internet creates a real cyber identity, which is due to a reputation that comes from classical different interactions. Cyber security in cyberspace is, in fact, more dynamic and more volatile than actual space.

Companies, for example, are placed against actors who are often not well-known, who can publish them on the Internet using simple materials related to their products, products or partners.

In fact, it is a serious challenge to be charged with casting cybercrime. In the same vein, blow to credit can be a means of deterring them from participating in a malicious act.


Sajad Abedi is a Resident Research Fellow at the National Security and Defense Think Tank. He obtained his Ph. D. degree in National Security from the National Defense University, Islamic Republic of Iran. His research interests pertain to Arab-Israeli studies, Cyber Security studies and National Security.

Check Also

GCC summit designates terrorism and Iran’s top threats

The 39th GCC Summit, which concluded in Riyadh on Sunday, served to highlight the threats …

Leave a Reply

Your email address will not be published. Required fields are marked *