Public attribution in the US government: implications for diplomacy and norms in cyberspace

Abstract In recent years, states have publicly assigned responsibility for cyber incidents to state adversaries with increasing frequency. While emerging scholarship provides insight into the strategic rationale for public cyber attribution, the literature lacks a rigorous understanding of when and under what circumstances states publicly attribute cyber incidents in practice. This paper seeks to address this gap by providing an empirical study of public cyber attribution by the US government from 2010–2020. Based on an original dataset, I find that US government actors publicly attribute cyber incidents through four distinct “channels”–criminal, technical, official policy, and unofficial policy. The purpose, timing, and state subject of attribution appear to vary consistently by channel, while organizational interests and channel-specific factors shape the context in which public attribution takes place. The lack of a unified approach creates challenges for US diplomacy—as adversaries may misperceive attributions as reflecting a whole-of-government agenda—and informs the normative environment of cyber operations in ways potentially unanticipated by individual agencies.


Introduction
In recent years, states have publicly assigned responsibility for cyber incidents to state adversaries with increasing frequency (Mueller, et al. 2019, 110). While emerging scholarship provides insight into the strategic rationale for public cyber attribution, the literature lacks a rigorous understanding of when and under what circumstances states publicly attribute cyber incidents in practice. This paper seeks to address this gap by providing an empirical study of public cyber attribution by the US government from 2010-2020. Based on an original dataset, I find that US government actors publicly attribute cyber incidents through four distinct "channels"-criminal, technical, official policy, and unofficial policy. The purpose, timing, and state subject of attribution appear to vary consistently by channel, while organizational interests and channel-specific factors shape the context in which public attribution takes place. The lack of a unified approach creates challenges for US diplomacy-as adversaries may misperceive attributions as reflecting a whole-of-government agenda-and informs the normative environment of cyber operations in ways potentially unanticipated by individual agencies.
This paper proceeds as follows. In Section 2, I provide a brief overview of public attribution and situate it within the broader international relations literature on covert action and cyber deterrence. In Section 3, I analyze the process of public attribution in the US. Drawing on an original data set of public attributions by the US government to another state, I demonstrate that public attribution of cyber intrusions does not occur through a unified policy process, but four distinct "channels." Two case studies-of Iran's Operation Ababil from 2012-2013 and Russia's Dragonfly 2.0 campaign from 2016-2017-highlight the role of organizational factors in driving the public attribution process. In Section 4, I examine the implications of current public attribution practices in the US for diplomacy and the development of international norms in cyberspace.

What is public attribution?
As a widening array of states rely on cyber operations to achieve strategic effects, cyber attribution focuses on answering the question "who did it?" or alternatively "who (or what) is responsible?" (Rid and Buchanan 2015) While early discussion of cyber attribution focused on the "inherently limited" nature of attributing online activity (Wheeler and Larson 2003, 51), improvements in attribution techniques and the growing number of actors engaged in the practice have shifted the discussion toward what to do once attribution has been established and how to communicate it publicly (McVey 2015;Landau and Clark 2010, 39). The recent literature on cyber attribution recognizes two different stages of attribution: an analytic process in which states establish the technical facts of the intrusion and associate attacker techniques with those of previously identified actors (what Egloff terms "sense-making"), and a strategic process, in which states communicate this attribution finding to others to influence their interpretation of a particular incident ("meaning-making") (Egloff 2020). Strategic attribution involves a political decision about what to do with an attribution finding. This strategic decision is frequently treated as a binary choice between publicly attributing or not (Edwards et al. 2017). Yet the "meaning-making" process involves many more options and actors that can influence the outcome of the attribution process.
Strategic attribution may be made to a machine, an individual, or the "ultimately responsible party" (Lin 2016, 1). Moreover, strategic attribution involves a spectrum of publicity: states can choose to reveal the perpetrator of a cyber intrusion publicly, to a select audience, or not at all. A state may also choose to publicize an intrusion without naming the perpetrator or partially or fully conceal an intrusion (Baram and Sommer 2019, 14). Grotto suggests that states can effectively signal, punish, compel, and deter through selective or private means, depending on the context of attribution (Grotto 2020, 14). State decisions on publicity involve an inherent tradeoff between the desire to conceal sensitive sources and reveal evidence for credible attribution, a balance influenced by state objectives for attributing, the geopolitical context, and the target audience (Lindsay 2015).
Public attribution of cyber operations to states is significant as it suggests governments are increasingly willing to hold other states accountable for cyber intrusions by hackers and proxy organizations (Finnemore and Hollis 2020). In a domain in which state activity is mostly covert, public attribution provides a means of exposing otherwise secret operations, with accompanying risks of conflict escalation (Baram and Sommer). Publicly identifying the state responsible for a cyber intrusion may create expectations for holding the perpetrator responsible, with implications for geopolitics and diplomatic relations (Egloff and Smeets 2021). Publicly attributing to states also opens a wider range of legal, policy, economic, and military responses (Eichensehr 2020, 523). Jason Healey argues that national responsibility for cyber attacks is necessary to meet the needs of national security policy making (Healey 2013). Attributing cyber operations to state actors further enables assessment of the practice in the context of relevant international relations and political science literature, which focuses on interactions between states (Finnemore and Hollis,9).
Publicly communicating attribution serves three significant policy objectives in cyberspace. First, public attribution challenges the notion of anonymity in cyberspace and communicates to the attributed state and third parties that they cannot engage in such behavior without public attention (Finnemore and Hollis,13). States sensitive to the risk of being publicly outed may carefully tailor their offensive cyber operations to prevent harm to their international reputation (Egloff,9). Second, public attribution can serve a signaling function, by directly linking a state's cyber and non-cyber operations against a named adversary to the activities they intend to counter, "distinguish[ing] acts of preemption and retaliation" (Williams 2020). The US's 2018 National Cyber Strategy places attribution of cyber intrusions in the context of its strategies for "impos[ing] swift, costly, and transparent consequences" on malicious actors while working closely with like-minded partners to share intelligence on cyber threats, support each other's attribution claims, and impose joint consequences (President of the US 2018, 21). Third, public statements condemning particular cyber intrusions, particularly when backed by multiple states, can shape the normative environment of cyber operations. 1 Former UK attorney general Jeremy Wright suggested that continued efforts to pursue cyber attribution with allies could serve as an incentive for adversaries "to become more responsible members of the international community" (Wright 2018).

Cyber attribution, covert action, and deterrence
Existing international relations literature-drawing on theories of covert action 2 and deterrence-provides insight into the strategic rationale for states to publicly attribute cyber incidents. Yet the literature lacks a rigorous understanding of the circumstances in which states publicly attribute cyber incidents in practice, a gap this paper seeks to fill. The anonymity afforded by cyber activity has historically provided cyber actors with plausible deniability, allowing them to apply the logic of secrecy and covert action to cyberspace. An increasing number of works have examined cyber intrusions from this perspective and attribution as a means of exposing covert activity in cyberspace (Baram and Sommer 2019;Egloff 2020;Carnegie and Carson 2018). According to this literature, states may act covertly to mitigate the risk of unintentional escalation of a conflict (Carson 2018, 56). In the case of an ongoing conflict, states concerned by the potential risk of conflict escalation may choose to act covertly, or "with the intention of concealing and avoiding acknowledgement of the sponsor's role" (Carson 2018, 19). If another state detects this covert intervention through their intelligence capabilities, they may choose not to expose the conduct, to avoid pressure to respond from hawkish domestic audiences.
Yet the cyber domain possesses several characteristics that may encourage states to publicly attribute incidents, forgoing the potential deescalatory effects of covertness. While cyberspace traditionally allows for anonymous, deniable operations, advances in attribution technology and the growing field of actors engaging in attribution diminish the scope for plausible deniability. Widespread ICT access and active attribution of intrusions by governments and the private sector diminish the likelihood of sustained anonymity (Joseph and Poznansky 2018, 323). States may also view cyberspace as a less escalatory domain of activity. Healey and Jervis observe that during periods of relative stability, cyber capabilities act as a "pressurerelease valve" (Healey and Jervis 2020). Kreps and Schneider also found that the American public perceives cyber attacks as "qualitatively different from those of similar magnitude from other domains" and is "far more reluctant to escalate in the cyber domain than for … conventional or nuclear attack" (Kreps and Schneider 2019, 2). To the extent that states discount domestic political constraints and escalatory risks in cyber conflict, they may be more willing to publicly attribute cyber intrusions on their networks.
The deterrence literature provides an additional theoretical lens into motivations for publicizing state intrusions in cyberspace. Thomas Schelling defines deterrence as "preventing from action by fear of consequences" (Schelling 1966, 17). Attributionwhether selective or public-dispels the notion of anonymity in cyberspace and signals to the attributed state that they cannot engage in such behavior without public attention. The perception of a narrowing sphere for action with impunity could change the decision making of states considering cyber operations and may deter them from engaging in such operations at all (Lindsay 2015, 53). Public attribution and sharing of intelligence can also lead to enhancement in global defenses, denying actors the potential benefits of a successful cyber operation. Finally, public statements condemning a cyber intrusion, particularly when backed by multiple states, can shape the normative environment of cyber operations, imposing reputational costs for states seeking to engage in such activity. Some scholars have observed that failure to pursue retaliation after a public attribution may alternately create a perception of impunity in cyberspace, encouraging further hostile behavior (Libicki 2009, 94). Limited state action following public attribution of the 2014 Sony hack and 2016 DNC hack to North Korea and Russia, respectively, may have led to a perceived decline in the deterrent value of attribution.

Research methods and data collection
In order to provide a rigorous review of the US government's practice of public attribution, this paper develops a medium-N dataset of public attributions by US agencies in the selected period, includes insights from interviews with relevant experts in government and the private sector, and analyzes two case studies-of Iran's Operation Ababil and Russia's Dragonfly 2.0. While more states have begun to publicly attribute cyber incidents to other states, this paper focuses on public attributions by US government actors, which are consistently documented and publicly available. This paper also focuses on the period from 2010 -2020. While states have been employing cyber operations to achieve strategic gain for a much longer period, public attribution of state-backed cyber intrusions by national governments has only been observed in the past decade (Graham 2005).
The dataset includes 41 cases of public attribution between 2010-2020. 3 Past datasets of cyber attribution provided an early foundation for this research (Romanosky and Boudreaux 2021, 13). Public attribution in the form of press releases and speeches from senior officials were identified from existing databases of cyber incidents and previous research on cyber attribution (Council on Foreign Relations 2022). Public attribution through news articles (quoting named or unnamed officials) were found through keyword searches of news outlet archives, reports issued by cybersecurity firms, public communications and reports from government officials and agencies, and trade publications. Attributions in indictments and technical alerts are publicly available on the issuing agencies' websites (Department of Justice 2018c; Cybersecurity and Infrastructure Agency 2023a). An important limitation to the dataset is that it documents the outcome of government decision making, but provides little insight into government attribution processes, about which there is limited public information. The dataset is thus complemented by 13 interviews with former US government officials and private sector experts with direct experience in cyber attribution processes. Government interviews discussed the factors motivating public attribution in the US government. Private sector interviews provided independent insight into private sector decision-making on whether and when to attribute, and interaction with US government processes. Finally, this paper synthesizes the findings from the dataset and interviews through in-depth case studies of Iran's Operation Ababil (2012-2013) and Russia's Dragonfly 2.0 campaign (2016)(2017). Both cases are welldocumented and involve public attribution by multiple government actors, allowing for more thorough analysis of the factors driving public attribution.

Channels of public attribution
Assessment of the empirical record suggests that public attribution in the US government does not occur through a unified process. US government actors publicly attribute cyber incidents through four distinct "channels"-criminal, technical, official policy, and unofficial policy. The four channels of public attribution each involve different government agencies, with distinct missions, audiences, and means of publicity. This research also traced the timing of public attribution, measured from the reported start date of a cyber incident to the date of first public attribution. Table 1 provides an overview of each channel and its underlying attributes.
The attribution channel is significant to the degree that public attribution is a "political strategy," with broader effects on US diplomatic relations with the responsible state and the operational environment in cyberspace (Egloff 2020, 7). The channel pursued may influence the effects of public attribution and the manner in which it serves particular policy objectives. Variation in the primary, intended audience and agency-specific organizational processes may bring about additional differences. The rest of this section examines the four channels of public attribution, differences in the purpose of attribution, and how the practice fits into the goals of the attributing agency. 4 3.2.1. Technical 3.2.1.1. Overview. Public attribution via the technical channel 5 involves technical alerts by the Department of Homeland Security (DHS)'s Cybersecurity and Infrastructure Security Agency, often in partnership with the FBI (Cybersecurity and Infrastructure Security Agency 2023a). The alerts compose one part of DHS's National Cyber Awareness System. Technical alerts typically focus on technical details surrounding specific incidents, including "indicators of compromise (IOCs), tactics, The technical channel entails a high degree of confidence and disclosure of evidence. Alerts tie attribution findings to the technical details of an intrusion, consistent with an adversary's previous pattern of behavior. Alerts frequently reference private sector reporting to provide additional, publicly available evidence. Given political risks, private sector reporting frequently does not attribute technical indicators to a particular state sponsor, and the strength of the attribution depends on the quality of knowledge on an adversary's past TTPs. For instance, a March 2018 technical alert on "Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors" directly cited Symantec's report on the "Dragonfly" campaign, which hints at but does not explicitly identify Russian state responsibility for the intrusion (Cybersecurity and Infrastructure Security Agency 2018).
3.2.1.2. Purpose and Agency Goals. According to CISA, technical alerts are intended primarily to "provide timely information about current security issues, vulnerabilities, and exploits" (Cybersecurity and Infrastructure Security Agency 2023b). Accordingly, public attribution is intended to support information security professionals in defending against intrusions into their systems, by linking vulnerabilities or exploits involved in a particular intrusion to a known adversary's broader history of cyber activity. This purpose is consistent with CISA's aim to "build the national capacity to defend against cyber attacks and work with the federal government to provide cybersecurity tools, incident response services and assessment capabilities" to safeguard networks and support essential operations of government (Cybersecurity and Infrastructure Security Agency 2023c).

Criminal
3.2.2.1 Overview. Public attribution via the criminal channel involves criminal charges-indictments and criminal complaints-by the Department of Justice (DOJ)'s National Security Division, often in partnership with the FBI. 6 Criminal charges target individual hackers or a responsible organization. They can indicate state responsibility for a cyber intrusion by establishing that the hacker was directed or controlled by a state sponsor (Hinck and Maurer 2020, 525). While technical alerts refer to specific incidents, criminal charges provide extensive information on defendants and their affiliations, a comprehensive record of their TTPs, criminal violations, and the effects of their cyber conduct (Romanosky and Boudreaux 2021, 13).
The criminal channel entails a high degree of confidence and disclosure of evidence, as the DOJ must present evidence that can stand before a court of law (Keitner 2019). The availability of evidence and the government's willingness to publicly disclose it constrain the use of indictments for public attribution. The difficulty of proving state sponsorship imposes even further constraints on attributing an intrusion to a state adversary.
3.2.2.2. Purpose and Agency Goals. According to cyber scholars Tim Maurer and Garrett Hinck, indictments and criminal complaints "combine a public communications function with a punitive function" (Hinck and Maurer 2020, 529-532). The high threshold for evidence means the government also employs the criminal channel to justify retaliatory and punitive actions (Keitner 2019). This can be seen in the March 2018 indictment of nine Iranian hackers for an extensive campaign targeting universities, government agencies, and private companies in the US and other countries. The Department of Treasury's Office of Foreign Assets Control (OFAC) subsequently designated the defendants and their affiliated organization (Mabna Institute) for sanctions, based on the cyber activity identified in the indictment (Department of Justice 2018b). In the medium term, the criminal channel may directly disrupt malicious activity by bringing public awareness of exploits and the need to defend against IOCs revealed in technical analysis. When issued alongside public statements with partner nations, criminal charges can also support diplomacy and collective responses to adversary cyber activity. 7 In the long term, the criminal channel can contribute to the development of international norms in cyberspace. The legal action clarifies standards of acceptable state behavior, with the potential to shape the emergence of customary international law. Ultimately, the US government relies on the criminal channel to issue public attribution as the legal weight of indictments and criminal charges allow the government to demonstrate to the public, following a cyber intrusion, that it is "doing something" about continuing cyberthreats (Williams 2020).
Criminal charges are the primary tool used by the Justice Department to fulfill its mission of enforcing the law and administering justice. According to Deputy Assistant Attorney General Adam Hickey, the DOJ views criminal prosecution as a "way of deterring malicious conduct, by raising its costs (personal, reputational, financial, and otherwise)" (Department of Justice 2018a). Senior DOJ officials have frequently used the language of deterrence in announcing charges for cyber activity. 8 Indictment of foreign hacking has further served as an important tool in key agency initiatives. The DOJ's China Initiative supports its "strategic priority of countering Chinese national security threats" by "identify[ing] priority trade secret theft cases" and "develop[ing] an enforcement strategy concerning non-traditional collectors" (Department of Justice 2021). The use of indictments for public attribution is also consistent with the FBI's new cyber strategy. In September 2020, the Bureau declared its goal of imposing risks and consequences on cyber adversaries. The announcement of the FBI's strategy coincided with the issuing of three consecutive indictments of Iranian hackers, in coordination with the Iranian Revolutionary Guard Corps (FBI News 2020).
3.2.3. Official policy 3.2.3.1. Overview. Public attribution through the official policy channel involves public speeches and authorized press releases by officials from diverse agencies. This dataset includes public remarks by the White House, FBI, Office of the Directorate of National Intelligence (ODNI), State Department, DHS, National Security Agency (NSA), and senior officials. The official policy channel involves significant variation in the subject of attribution, but there is a tendency to attribute intrusions broadly to a foreign government or government agency. For instance, in a February 2020 public statement, Secretary of State Pompeo accused the Main Directorate of the General Staff of the Russian Armed Forces (GRU) of disrupting thousands of Georgian government and private websites and major television broadcasts (Pompeo 2020). This variation is reflective of the diverse agencies involved in publicly attributing cyber intrusions through the official policy channel.
The official policy channel entails a high degree of confidence and minimal to no disclosure of evidence. Compared to the high evidentiary standards present for criminal charges, public attribution through this channel follows relatively looser "standards of information" for decisions relevant to national security (Singer and Friedman 2014, 55). Yet official statements by senior government officials require interagency approval prior to publication, necessitating a high degree of confidence. This confidence contrasts with the use of less direct language in official statements (we believe it is "highly likely" … ) and lack of evidence disclosed, creating opportunity for actors to question the credibility of attribution.

Purpose and Agency Goals.
Given the diverse agencies involved in the official policy channel, public attribution through this channel serves diverse purposes. In multiple cases, government officials have used the language of accountability and deterrence to frame their public remarks. 9 Public statements have also been made in coordination with allied governments, indicative of the diplomatic aims of public attribution. Public statements have also preceded sanctions and other retaliatory measures against the attributed entity, suggesting the use of this channel to justify punitive actions (Sanger, et al. 2021).
Public attribution via the official policy channel can be seen in the context of the goals of the abovementioned agencies. At the interagency level, the National Cyber Strategy places attribution of cyber intrusions in the context of its strategies for "impos[ing] swift, costly, and transparent consequences" on malicious actors while working closely with like-minded partners to share intelligence, support each other's attribution claims, and impose joint consequences (President of the US 2018, 21). Attribution is also referenced in the strategy's Cyber Deterrence Initiative, which calls for cooperative action, including "buttressing of attribution claims" to ensure "adversaries understand the consequences of their malicious cyber behavior" (President of the US 2018).

Unofficial policy
3.2.4.1. Overview. Public attribution through the unofficial policy channel involves unofficial information disclosures, often in the form of "leaks" by unnamed officials to the press. Most unofficial statements appear in major news outlets, such as the Washington Post and the New York Times. The dataset notably includes one case in which a government official, Deputy Secretary of Energy Sherwood-Randall, publicly attributed the 2015 hack of the Ukrainian power grid to Russia, but US intelligence and security agencies subsequently commented that evidence for the attribution was not air-tight, and that the US government was not yet prepared to attribute the cyber attack. Unofficial statements appear to come from officials in the intelligence and security communities, although further details are not disclosed publicly.
The relevant literature typically does not discuss unofficial policy statements as a form of public attribution by the government. However, government actors most frequently communicate attribution findings publicly through unofficial statements. Moreover, the media treat unofficial policy statements as a channel of US government public attribution (Greenberg 2017). The unofficial policy channel is therefore included in this discussion.

Purpose and Agency Goals.
The political science literature on classified information disclosure, or leaks, provides a valuable framework for understanding the goals underlying the unofficial policy channel. According to political science scholar David Pozen, leaks represent the "government's instrumental use of the press" through classified information disclosure (Pozen 2013, 518). Such leaks, which are the result of deliberate policy action by the government, are indistinguishable from unauthorized disclosure of classified information, and allow government actors to "send interconnected messages about its activities to various domestic and international audiences without incurring the full diplomatic, legal, or political risks that official acknowledgement may entail" (Pozen,561). Unofficial statements therefore allow the government to shape the public discussion around a cyber incident when the discourse is classified or the government cannot issue a public attribution officially. 10 The audience of the unofficial policy channel is both domestic and international, given the broad readership of major news sources. In addition to informing the public about a government attribution finding, unofficial statements can signal to an adversary that the US is contemplating retaliatory action. An unofficial statement does not carry the weight of an official government statement-limiting an adversary's perception of its escalatory effect-and avoids committing government actors a particular policy action. For instance, in a New York Times article on the Sony hack, unnamed officials attributed the incident to North Korea and expressed that the government was deliberating whether and how to publicly attribute and/or respond to the attack (Sanger et al).
Variation in the purpose, involved actors, and requirements for public attribution highlight the lack of a unified process within the US government for this practice. Consistent variation in the timing and state subject of attribution by channel, as discussed in the following section, reinforce the lack of unity and raise potential policy implications of this approach.

Discussion
The dataset suggests that the timing and state subject of public attribution vary consistently by channel. Public attribution via the unofficial policy channel consistently occurred most quickly after public disclosure of a cyber intrusion, followed closely by the official policy channel. Public attribution through the technical channel tended to take more time, while the criminal channel took the most time, as seen in Figure 1. This research also tracked the potential effects of major external factors on public attribution timing, including bilateral relations between the US and attributed adversary, domestic political context, prior attribution by private sector entities, but found no significant effect.
While the specific processes underlying each channel are classified, variation in the confidence threshold and evidence disclosure requirements by channel may provide some explanation. Public attribution through the unofficial policy channel may occur in the form of an unauthorized leak by an official acting independently, bypassing bureaucratic processes for approval. While all other channels require a high degree of confidence in attribution, the official policy channel typically does not involve disclosure of evidence, which requires extensive, potentially lengthy, interagency approval given the risks of disclosing sensitive intelligence. In contrast, the Justice Department and Homeland Security Department, operating through the criminal and technical channels, rely on disclosure of evidence to fulfill their respective objectives, of punishing malicious cyber activity through the US legal system and providing technical details to network security professionals. "Existing programs and routines" may therefore constrain the behavior of attributing organizations in government.

State subject of attribution
Analysis of the empirical record suggests the US government consistently attributes cyber incidents to different states through particular channels. Notably, public attribution of cyber incidents to China occurred most frequently through the criminal channel, while public attribution to North Korea occurred most frequently through the technical channel. The most public attributions to Russia occurred through the official and unofficial policy channels. Public attribution to Iran occurred through both the unofficial policy channel and criminal channel, but not the technical channel (see Figure 2).
Such consistency may be the result of an organizational focus on the part of attributing agencies (e.g. the DOJ's China Initiative) or external factors. For instance, the lack of US-DPRK diplomatic relations and the latter's international isolation may influence the higher frequency of attributions to the DPRK through the technical channel, focused on technical remediation and prevention of future exploits, rather than official policy statements holding the regime accountable or indictments naming specific DPRK hackers. One interviewee suggested that the high volume of cyber intrusions by Chinese actors into US networks made it easier for department officials to compile the evidence needed for a criminal charge, discussed previously as a limiting factor for the criminal channel.
Public attribution practice in the US government thus appears to vary depending on the channel, reinforcing the lack of a unified approach. While further research into the reasons for this variation is needed, two case studies-of Iran's Operation Ababil (2012-2013) and Russia's Dragonfly 2.0 campaign (2016-2017)-and expert interviews suggest that organizational factors shape the context in which an agency publicly attributes a cyber incident to a state adversary.
From 2012-2013, Iranian government hackers calling themselves the "Cyber Fighters of Izz Ad-Din Al Qassam" launched a campaign of distributed denial of service (DDoS) attacks against US financial institutions, purportedly in response to an anti-Muslim YouTube video (QassamCyberFighters 2012). The campaign involved persistent, relatively uniform, and well-organized web traffic, distinguishing it from routine DDoS attacks by criminal hackers, and resulting in hundreds of millions of dollars in damage to some of the biggest firms in the financial sector (Carlin and Graff 2018). Throughout the campaign, government agencies were resistant to commenting on Iranian state responsibility through official channels. On three separate occasions, unnamed government officials attributed the DDoS campaign to Iran through leaks to the press (Windrem and Miklaszewski 2012). In March 2016, almost three years later, the US District Court in the Southern District of New York, with the Justice Department and FBI, unsealed a criminal indictment charging seven Iranian government contractors for the campaign and an additional intrusion into the network of the Bowman Dam (Carlin and Graff 2018, 230). Subsequent accounts of the government's response observe that senior leadership in the National Security Council, State Department, and National Economic Council opposed publicly attributing and prosecuting the foreign hackers, which would conflict with the US's attempts to negotiate a nuclear deal with Iran (Carlin and Graff 2018, 233). According to then-Assistant Attorney General for National Security John Carlin, the Justice Department's mission of prosecuting illegal activity, regardless of geopolitical considerations, created the impetus for public attribution. Another former government official observed that the lack of a major international policy shop in the Justice Department to elevate the policy consequences of public attribution may have contributed to the pursuit of an indictment. The subsequent fact-finding mission thus conformed to the department's internal logic and the legal requirements surrounding pursuit of a criminal indictment (Carlin and Graff 2018, 269).
Russia's Dragonfly 2.0 campaign affirms the influence of channel-specific factors on public attribution in the US government. In June 2017, energy trade publication E&E News reported that authorities were investigating an intrusion into the systems of several US nuclear power generation sites in the past year (Sobczak and Behr 2017). Over the next few weeks, public reporting disclosed more details on the intrusion, and DHS and the FBI sent a joint report to industry executives warning of the attack, although without attributing details. A week after the joint report, the Washington Post quoted unnamed US officials who unofficially attributed the incident to Russian government hackers, referring to classified findings from the National Security Agency (NSA). In March 2018, eight months later, DHS and the FBI released a technical alert describing actions by Russian government cyber actors targeting US government entities and organizations in critical energy sectors. In July 2018, senior DHS officials publicly attributed the cyber attacks to Russian threat group Dragonfly in an unclassified briefing to industry executives.
Repeated DHS public attributions followed the appointment of Kristjen Nielsen, a former senior cybersecurity advisor, as the head of the department. The change in leadership brought high-level focus to DHS's cybersecurity mission-relating to network defense and information sharing on cybersecurity threats-and greater clarity in the deployment of tools and authorities across the department to serve the mission. In the March 2018 technical alert, the first to publicly attribute a cyber intrusion to a state adversary, the department explicitly identified attribution as a means of educating network defenders and improving their ability to identify and mitigate exposure to malicious activity. In July 2018, attribution occurred during a series of briefings intended to deepen DHS's cooperation with the private sector on cyber threat information-sharing. DHS's mission and desire to build trust with private sector partners thus influenced its decisions to publicly attribute Dragonfly 2.0 to Russia, shaping the context in which such attributions occurred.
Both cases demonstrate the influence of organizational factors in shaping public attribution by US government actors. Not only does public attribution in the US occur through distinct channels, but channel-specific priorities, personnel changes, and authorities can shape the ultimate nature of public attribution through official channels. As a former senior White House official commented, the tools for public attribution are "not under the unitary control of any one entity." Macro-strategic initiatives like the National Cyber Strategy "lay out expectations for behavior" but leave ultimate implementation of practices to government agencies, creating the structural basis for a disunified approach to public attribution.

Implications
The lack of a unified policy process for public attribution generates potential challenges for US diplomacy in cyberspace and informs the normative environment of cyber operations in ways potentially unanticipated by individual agencies. Robert Jervis suggested that actors in international policy tend to view the behavior of other actors as "more centralized, planned, and coordinated than it is" (Jervis 1976, 752). Particularly when two sides are in conflict, an actor is likely to view the other as highly centralized, interpreting seemingly uncoordinated behavior as attempted deception (Jervis 1976, 767). State adversaries may perceive public attribution of a cyber intrusion through a criminal indictment-not as an action undertaken through the criminal channel-but as part of a broader, whole-of-government agenda to pressure an adversary. Adversaries may further assign significant signaling value to the timing of public attribution, viewing it as the outcome of a coordinated process, rather than the action of independent agencies, influenced by internal organizational factors (Borghard and Schneider 2021). Such misperception exacerbates the uncertainty endemic in cyberspace and can cause states to assign greater hostility to the US than warranted, playing into escalation dynamics in this domain.
Moreover, public attribution is widely seen as a tool for shaping international norms in cyberspace. Norms arise from "changed habits" and "expectations shaped by repeated behavior," both of which can emerge gradually through repeated public attribution of state conduct in cyberspace (Finnemore 2017). Given the covert nature of most cyber operations and relatively few instances of public attribution (Baram and Sommer 2019), a state decision to publicly attribute an incident implies that the underlying conduct is not acceptable and can inform public discourse around responsible state activity in cyberspace. 11 Public attribution thus serves to "signal to the potential adversaries and allies one's interpretation of the rules of the 'game,'" shaping the operational environment of cyber operations (Egloff 2020, 4).
However, this paper finds that public attribution often occurs according to the internal logic and organizational interests of different agencies. To the extent that the purpose, timing, and state subject of attribution vary consistently by channel, policymakers may not be thinking systematically about the potential impact of public attribution on the normative environment in cyberspace. This is of particular concern given that the UN Group of Governmental Experts (UN GGE) places cyber attribution at the heart of norms for responsible state conduct in cyberspace, particularly "an affected State's response to malicious ICT activity attributable to another State" (UN General Assembly 2021, 9). Yet the GGE provides states with little guidance on how they should pursue attribution, while recommending that future work "consider how to foster common understandings and exchanges of practice on attribution" (UN General Assembly 2021, 10). US practice may thus inform not only the development of norms surrounding responsible state conduct in cyberspace, but also how other states pursue this practice, further shaping the normative environment of cyber operations.

Conclusion
In recent years, states have publicly assigned responsibility for cyber incidents to state adversaries with increasing frequency. This paper contributes to the emerging literature on the strategic rationale for public attribution through an in-depth empirical study of US government practice from 2010-2020. Despite scholarly discourse on the US government's approach to public attribution, this paper finds that US government actors publicly attribute cyber incidents through four distinct "channels"-criminal, technical, official policy, and unofficial policy-with variation in the purpose, timing, and state subject of attribution. The lack of a unified approach has implications for diplomacy and normative development in cyberspace, which may be unanticipated by agencies preoccupied by organizational interests and other channel-specific factors.
The risk of misperception in this domain highlights the need for greater attentiveness to the potential interpretations of public attribution by external actors and clear communication on the objectives attributing agencies seek to fulfill through this action. Moreover, as more states develop the capability and motivation to publicly attribute cyber incidents, policymakers should develop international standards for public attribution of cyber incidents, so as to foster a stable and rules-based order in cyberspace.

Notes
1. Finnemore and Hollis have highlighted the lack of references to international law or norms in public attributions by governments. States may be hesitant to articulate legal views necessary for the development of international norms in cyberspace to prevent restriction of their own cyber activities (4). 2. Covert action is defined as actions that "by their nature, seek to conceal their sponsor" or actions that "are planned and executed so that the role of the [sponsor] is not apparent or acknowledged publicly" (Johnson 1989, 81;Exec. Order No. 12333 1981). 3. While this dataset does not claim to represent all cyber incidents in the selected time period, it provides the most comprehensive list of public attributions by US government actors available in the literature. 4. This analysis does not address private or selective means through which the US government attributes cyber incidents. For instance, government officials may share intelligence supporting an attribution to allied nations through an intelligence sharing partnership such as the Five Eyes. A different set of factors may influence the government's decision making on attribution in such contexts. 5. Note that the "technical" channel refers to one means through which the US government makes public, strategic attribution, and is to be distinguished from the processes for reaching technical, analytic attribution. 6. Criminal charges are filed by a prosecutor, whereas indictments are filed by a grand jury. 7. e.g. The Oct 2018 indictment of seven officers with Russia's GRU military intelligence agency for hack into World Anti-Doping Agency and OPCW occurred in coordination with British and Dutch condemnation of the intrusions (Nakashima 2018). 8. Scholars often dispute the degree to which public attribution deters state adversaries from engaging in malicious cyber conduct (see Finnemore and Hollis 2020; Eichensehr 2020; Romanosky and Boudreaux 2020). 9. This can be seen in the December 2017 op-ed and public remarks by HSA Tom Bossert, in which he publicly attributed the WannaCry incident to the North Korean government. He stated that "United States is publicly attributing the massive WannaCry cyberattack to North Korea. We do not make this allegation lightly. We do so with evidence, and we do so with partners" (US Embassy & Consulate in The Republic of Korea 2017). 10. Scholars have advanced several reasons why the government cannot issue an official, public attribution, including geopolitics, ongoing intelligence operations, and insufficient technical evidence. 11. This is particularly the case when public attribution occurs through the criminal channel or involves legal action. 12. Median public attribution time by channel (days): Unofficial policy: 13, Criminal: 967, Official policy: 115, Technical: 546 13. This dataset codes public attribution by the first channel used to publicly attribute a statebacked cyber intrusion. Incidents that the government attributes using multiple policy channels are coded using the initial public attribution channel for the purposes of timing.