德国国际安全事务研究所- 归属：欧盟网络制裁的主要挑战（英）-2021.pdfVIP

SWP Research Paper Annegret Bendiek and Matthias Schulze Attribution: A Major Challenge for EU Cyber Sanctions An Analysis of WannaCry, NotPetya, Cloud Hopper, Bundestag Hack and the Attack on the OPCW Stiftung Wissenschaft und Politik German Institute for International and Security Affairs SWP Research Paper 11 December 2021, Berlin Abstract ∎ The attribution of cyberattacks is a sovereign act by the EU Member States. However, these all have different technical and intelligence capabilities. This leads to a lack of coherence in European cyber diplomacy, for exam- ple when imposing cyber sanctions. ∎ Analysis of policy responses to the WannaCry, NotPetya, Cloud Hopper, OPCW, and Bundestag hack cyber incidents reveals the following prob- lems: Attribution takes a long time and relies on intelligence from NATO partners; the technical realities and the legal facts for classifying and pros- ecuting cyberattacks do not always match; the weighting of the criteria for establishing what constitutes a crime is unclear. ∎ Cyber sanctions should be proportionate, targeted measures and destruc- tive attacks, such as WannaCry or NotPetya, should result in harsher punishment than everyday cases of cyber espionage, such as Cloud Hop- per or the Bundestag hack. The EU must adapt its tools accordingly. ∎ The EU should tighten the legal criteria and harmonise the standards of evidence for attribution. The EU Joint Cyber Unit and EU INTCEN, part of the European External Action Service, should be strengthene