Attribution in the cyber sense is the act of tying together cyber activities based on their attributes to determine that they are coming from the same actor. To make this a relevant effort in cyber warfare, we must take attribution a step further if possible and identify the actual entity the attributed actor represents. If you think about all the authority and legality required to wage cyber warfare, it could not realistically be done unless attribution is taken to its full conclusion and an actual enemy is identified. Even then, just because an enemy has been identified does not mean the action attributed to that enemy is an act of war. A graphical representation of the attribution process is shown in Figure 6-1.