Strategic aspects of cyberattack, attribution, and blame

Benjamin Edwards, Alexander Furnas, Stephanie Forrest, Robert Axelrod

Research output: Contribution to journalArticlepeer-review

31 Scopus citations


Cyber conflict is now a common and potentially dangerous occurrence. The target typically faces a strategic choice based on its ability to attribute the attack to a specific perpetrator and whether it has a viable punishment at its disposal. We present a game-Theoretic model, in which the best strategic choice for the victim depends on the vulnerability of the attacker, the knowledge level of the victim, payoffs for different outcomes, and the beliefs of each player about their opponent. The resulting blame game allows analysis of four policy-relevant questions: The conditions under which peace (i.e., no attacks) is stable, when attacks should be tolerated, the consequences of asymmetric technical attribution capabilities, and when a mischievous third party or an accident can undermine peace. Numerous historical examples illustrate how the theory applies to cases of cyber or kinetic conflict involving the United States, Russia, China, Japan, North Korea, Estonia, Israel, Iran, and Syria.

Original languageEnglish (US)
Pages (from-to)2825-2830
Number of pages6
JournalProceedings of the National Academy of Sciences of the United States of America
Issue number11
StatePublished - Mar 14 2017
Externally publishedYes


  • Attribution
  • Bayesian game theory
  • Blame
  • Cyber conflict
  • Strategy

ASJC Scopus subject areas

  • General


Dive into the research topics of 'Strategic aspects of cyberattack, attribution, and blame'. Together they form a unique fingerprint.

Cite this