It has now become a standard practice to blame China for all sorts of cyberspace evils. Whenever a sophisticated cyber attacks occurs, most of the time China is blamed for the same. This seems to be not only self contradictory but also adopting a double standard as the most sophisticated malware like Stuxnet, Duqu, Flame, etc are not works of China but other countries. In short, cyber terrorism and cyber warfare activities can be primarily attributed to nations other than China or India. Even the recent cyber attack upon South Korean banks and broadcasters was initially attributed to China but on subsequent and detailed investigation the hand of China was ruled out.
Although China is blamed for almost each and every sophisticated cyber attack, the reality is that China or India has still to match the cyber attack capabilities of United States and other countries. As per media reports, none of the top 10 malicious hosting providers on the Web are located in China. In fact, the United States and Russia have many more bad hosting providers in the top 20 than China does. Clearly, the hosting of malicious servers is not a localised problem but a global one.
We are living in an age of cyber warfare, cyber terrorism, cyber espionage, etc. We cannot take cyber intrusions and cyber attacks lightly. We have no international harmonisation and regulatory framework for areas like cyber law, cyber security, cyber terrorism, cyber warfare, cyber espionage, etc. Even the Tallinn manual on the international law is not applicable to international cyber warfare attacks and defence.
In these circumstances attributing a particular cyber attack to a particular country with absolute certainty is next to impossible. Cross border cyber attacks, authorship attribution and cyber crimes convictions issues need to be sorted out at both national and international levels. We must also stop blaming a particular country for any cyber attack or cyber crime till we have conclusive evidence in this regard.