From csoonline.com
The already difficult task of attributing a cybersecurity attack to a particular threat actor is made harder by the shape-shifting nature of threat groups. Despite the best efforts of researchers, some attackers may never be identified.
At last week’s VB2021 conference, cybersecurity analysts and researchers walked through the breadcrumbs they followed to identify the malicious actors behind theĀ Colonial Pipeline, Sony Pictures, and Iran railway system attacks. These examples show why attribution is complicated and sometimes impossible.