actions. With fewer attackers, the cybersecurity task becomes easier to undertake.
A key characteristic of deterrence is that penalties can be directed at the proper party. Category 2 (Enabling accountability) research supports this goal by focusing on ways to ensure that actions in cyberspace can be associated with specific actors, but that research does not presume that actors will seek to conceal their actions. Malefactors in cyberspace will usually seek to do so, and thus investigators and other interested parties will need forensic tools that allow them to re-establish any deliberately broken bindings between actions and identity.
The following discussion presents illustrative topics within this category.
As noted above, cybersecurity is not just a technical domain. In cybersecurity, as in other areas of life in which security concerns arise, it is not unreasonable to conclude that the tools available to promote and enhance cybersecurity should include a legal dimension. For example, consider the notion of recourse for victims of cybercrime. In most areas other than those involving cyberspace, individuals who are victims of criminal activity can appeal to law enforcement and the courts to punish the perpetrators. But a victim of cybercrime—whether a private citizen, a business, or an organization—often or even usually has little practical recourse.
In principle, of course, cyberattackers can be held accountable for actions that cause harm in cyberspace through criminal or civil penalties. Such action requires a good characterization of what constitutes behavior that warrants criminal penalties, as well as the ability to identify the party responsible (see Section 5.1) and a legal framework that enables prosecutions to take place across all of the political boundaries that may have been crossed in the course of the punishable misbehavior. Many cybercrime perpetrators are outside of U.S. jurisdiction, and the applicable laws may not criminalize the particulars of the crime perpetrated. Even if they do, logistical difficulties in identifying the perpetrator across national boundaries may render him or her practically immune to prosecutions.
Harmonization of national laws (as provided for in the 2001 Council of Europe Convention on Cybercrime) is a good first step toward ensuring the availability of recourse, but there remains substantial legal and policy research to further the cause of harmonization more broadly and to reduce the logistical difficulties entailed in tracking, identifying, and prosecuting cybercriminals across national boundaries. Considerable efforts are underway today at the regional intergov-