Browse Definitions:

cyber attribution

Contributor(s): Matthew Haughn

Cyber attribution is the attempt to track and lay blame on the perpetrator of a cyber attack or hacking exploit.

Cyber attacks can have serious consequences for businesses in terms of public relations, compliance, reputation and finances. In the wake of an attack, a business may be anxious to assign blame and see the perpetrator brought to justice, thus ensuring that it’s not seen as an easy target. Investors may also demand cyber attribution. However, attribution is difficult and poses its own risks.

Often, companies don't have the expertise or resources to track down cyber criminals and outsource the job to IT security specialists but even for experts, cyber attribution is a challenge. Hackers of note generally don't commit the crimes from their own residences. Attacks are often launched from targets that the hacker has previously compromised. Hackers may also relay an attack through multiple hops to further obfuscate the source. This act alone makes it almost impossible to be sure of cyber attribution, because a hacker may have cleaned up his tracks such that there are more hops beyond the last traceable IP address.

The difficulty of being certain about attribution, coupled with the dangers of misattribution and false accusations, means that the attempt to determine the source of an attack can be as risky for an organization as the attack itself.

See a presentation on the cyber attribution challenge:

This was last updated in January 2017

Continue Reading About cyber attribution

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.


File Extensions and File Formats

Powered by:



  • copyright

    Copyright is a legal term describing ownership of control of the rights to the use and distribution of certain works of creative ...

  • keylogger (keystroke logger or system monitor)

    A keylogger, sometimes called a keystroke logger or system monitor, is a type of surveillance technology used to monitor and ...

  • password

    A password is an unspaced sequence of characters used to determine that a computer user requesting access to a computer system is...



  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...

  • mass notification system (MNS)

    A mass notification system is a platform that sends one-way messages to inform employees and the public of an emergency.


  • CompactFlash card (CF card)

    A CompactFlash card (CF card) is a memory card format developed by SanDisk in 1994 that uses flash memory technology to store ...

  • email archiving

    Email archiving (also spelled e-mail archiving) is a systematic approach to saving and protecting the data contained in email ...

  • RAID (redundant array of independent disks)

    RAID (redundant array of independent disks) is a way of storing the same data in different places on multiple hard disks to ...


  • M.2 SSD

    An M.2 SSD is a solid-state drive (SSD) that conforms to a computer industry specification written for internally mounted storage...

  • NVMe (non-volatile memory express)

    NVMe (non-volatile memory express) is a host controller interface and storage protocol to enable a solid-state drive to use the ...

  • SSD RAID (solid-state drive RAID)

    SSD RAID (solid-state drive RAID) is a methodology commonly used to protect data by distributing redundant data blocks across ...


  • RESTful API

    A RESTful application program interface breaks down a transaction to create a series of small modules, each of which addresses an...

  • cloud storage infrastructure

    Cloud storage infrastructure is the hardware and software framework that supports the computing requirements of a private or ...

  • Zadara VPSA and ZIOS

    Zadara Storage provides block, file or object storage with varying levels of compute and capacity through its ZIOS and VPSA ...