Attributing Cyber Attacks: Did North Korea Hack Sony?

calendarclock - (GMT)

A presentation by Dr Thomas Rid, Professor of Security Studies at King’s College London discussing his latest publication: Attributing Cyber Attacks, a research article designed to explain, guide and improve the identification of network breaches.

Who did it? Attribution is fundamental. Human lives and the security of the state may depend on ascribing agency to an agent. In the context of computer network intrusions, attribution is commonly seen as one of the most intractable technical problems, as either solvable or not solvable, and as dependent mainly on the available forensic evidence. But is it? Is this a productive understanding of attribution? — In a new article out in the Journal of Strategic Studies, Thomas Rid and Ben Buchanan argue that attribution is what states make of it. To show how, they introduce the Q Model: designed to explain, guide, and improve the making of attribution. The framework will be illustrated by answering the question if North Korea hacked Sony. 

 Chair: Adrian Nish

Adrian Nish is an Associate Fellow at RUSI and subject matter expert on cyber security. With experience both in investigating the technical components of attacks, as well as their socio-political drivers, Adrian regularly advises both businesses and governments on cyber issues.

Adrian has recently participated in multinational operations to tackle cyber-criminal groups, as well as leading research into some of the most sophisticated cyber-espionage campaigns disclosed to date. Other research interests include data-driven security, and the emerging discipline of cyber threat intelligence. He holds a PhD in Physics from the University of Oxford.

Speaker: Professor Thomas Rid

Thomas Rid is a professor in the Department of War Studies at King’s College London. His work covers a broad spectrum of security questions, including those of cyber security. In his most recent book: Cyber War Will Not Take Place (Oxford University Press/Hurst 2013), he has taken a comprehensive analysis of political computer attacks, driven by events, technical detail, and political theory. His text “Deterrence Beyond the State” (Contemporary Security Policy 2012) opened a fresh conceptual angle on the deterrence debate by exploring Israel’s experience with non-state militants. Rid’s thesis, War and Media Operations (Routledge 2007), examined the history and rationale of the Pentagon’s embedded media programme of March 2003. 

His articles have appeared in major English, French, and German peer-reviewed journals as well as magazines and newspapers and he has held a broad range of academic posts including as a visiting scholar at Hebrew University and at Shalem in Jerusalem from 2009-2010. From 2006 to 2009 he worked at the School for Advanced International Studies, Johns Hopkins University, the RAND Corporation in Washington, and at the Institut français des relations internationales in Paris. Rid wrote his first book whilst at the Stiftung Wissenschaft und Politik, Berlin’s leading foreign policy think tank. He holds a PhD from Humboldt University in Berlin.

Speaker: Ben Buchanan

Ben Buchanan is a PhD candidate in War Studies at King's College London, where he is a Marshall Scholar. His main research focus is the intersection of cybersecurity with intelligence and military operations. He has published peer-reviewed articles on the attribution of cyber attacks and on a framework for applying cyber deterrence. Prior to coming to King's, he worked as a software designer for a range of clients, including non-profits, counterterrorism, and emergency medical response units. He is a certified computer forensic analyst. 

The event will be preceded by a tea and coffee reception.

To attend this event, please register online using the "Book your place" button above. If you have any queries please contact Duncan Rogers, Research Event Officer at

Explore our related content