Kijewski, P; Jaroszewski, P; Urbanowicz, J; Jart Armin
In this article we approach the problem of attributing a cyberattack to real world actors, and the social context of the problem. The basic premise is that while it is socially acceptable to assign attribution of cybercrime after the act, society expects law enforcement to attribute the possibility of cyberterrorist acts to perpetrators in advance, and to disrupt them in the making. This blends the cyberattack attribution problem with the much wider problem of fighting terrorism and organized cybercrime, far beyond the limits of “cyber” understood as the fifth domain of warfare. The main contribution of the paper is identifying research gaps and attributing complexities derived from key problems such as offline criminal activity, as well as practical difficulties in researching cybercrime and cyberterrorism. To get to those conclusions, we analysed the attribution problem from the point of view of the perpetrator, using the SWOT methodology, which gave us insight on tactics of cyberattacks that give the most protection against attribution and prosecution, which led us to identifying current research gaps.