{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreigbfjlxf65db2bsj35enyijj45bqrkwh2jhepv6knzbtwdb5dijve",
"uri": "at://did:plc:evwa3wgwmat3eowk6kwcfoog/app.bsky.feed.post/3mk5sdo3hj3q2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreihikqpsc6h333buduw7bnl5c2d27jpqi7vjk7xd54q25gw5sw3vlu"
},
"mimeType": "image/webp",
"size": 4565624
},
"path": "/blog/cyber-conflict-attribution",
"publishedAt": "2026-04-22T00:00:00.000Z",
"site": "https://1password.com",
"tags": [
"Listen to the episode",
"In this episode of Chasing Entropy",
"who acted, under whose authority, and toward what goal.",
"Get the book",
"Subscribe now"
],
"textContent": "Listen to the episode\n\nCyber conflict is easiest to misread when we treat it as an isolated technical event. In this episode of Chasing Entropy, Dave Lewis speaks with analyst and author Allie Mellen about her book _Code War_ and why the cyber strategies of the United States, China, and Russia make more sense when viewed through the lens of history, doctrine, and political intent.\n\nFrom the Gulf War to Russia’s war in Ukraine, cyberattacks are most effective when they reinforce defined objectives within a larger campaign and help a state apply pressure, gather intelligence, or shape the environment around a conflict.\n\n## History shapes cyber strategy\n\nA nation’s cyber strategy is rooted in its political history and military doctrine.\n\nMellen traces the US approach to a culture of experimentation and technical tinkering. China’s cyber ecosystem emerged from hacktivism and state-linked talent pipelines. Russia’s path was shaped by the post-Soviet collapse, when cybercrime became tied to survival and later overlapped with state interests.\n\nThose origins still influence how each country organizes teams, chooses targets, and pursues advantage. Countries do not enter cyberspace as blank slates. They bring older power habits with them, and those habits continue to shape how cyber campaigns are built and used.\n\nThat is the first step to decode cyber conflict. The tools may be technical, but the logic behind them is familiar. States still pursue leverage. They still coordinate across different forms of power. They still use whatever tools best support their goals.\n\nMellen also pushes back on the way cyber conflict is portrayed in pop culture, often appearing as code on screens and elite operators in high-tech rooms. That framing misses the larger story. One of the more memorable examples in the episode is her discussion of how _WarGames_ helped push US policymakers to take computer security more seriously in the 1980s. Public narratives matter, even when they get parts of the story wrong.\n\n## Attribution defines intent\n\nThis is where the conversation becomes especially useful for security teams.\n\nMellen argues that defenders need to understand who is behind an operation, not just what malware was used. Attribution helps explain motive, likely targets, and what may come next. It helps distinguish between disruption, intelligence gathering, and influence activity, which changes how defenders prioritize response and what they watch for next.\n\nThat matters for governments, but it matters for enterprises too. Security teams build better threat models when they understand how a group typically operates and what it wants. Technical indicators still matter, but they are more useful when paired with context about intent.\n\nThis is also where the episode connects to a broader shift in the security landscape. As more activity is delegated to automation and AI systems, defenders need better ways to understand who acted, under whose authority, and toward what goal. The attribution problem is becoming more central.\n\n## AI makes deception cheaper and attribution harder\n\nThe episode closes on AI with a sober tone. Mellen sees real value in automation, especially when it speeds up workflows and reduces manual effort. She also points to a growing challenge: AI lowers the cost of deception, makes false flag activity easier, and adds friction to attribution.\n\nThat raises the stakes for defenders. In a more fragmented internet and a less stable geopolitical environment, it becomes harder to tell what an operation is meant to do, who benefits from it, and how confidently you can respond. The problem is no longer just technical detection; it’s an interpretation.\n\nThat is what makes Mellen’s argument so useful. The mistake is a misunderstanding of the role cyber plays inside broader campaigns of pressure, intelligence, and influence. When defenders treat cyber incidents as isolated technical events, they miss the larger strategic context.\n\nListen to the full conversation with Allie Mellen on Chasing Entropy, then take another look at whether your threat model reflects how cyber conflict actually works.\n\n### Get Allie Mellen’s book, Code War\n\nCode War: How Nations Hack, Spy, and Shape The Digital Battlefield is a smart next read for anyone who wants more context on the history, strategy, and real-world stakes behind the themes explored here.\n\nGet the book\n\n### Subscribe to Chasing Entropy\n\nSubscribe to Chasing Entropy for honest, expert-led conversations on agentic AI, security, shadow IT, and extended access control from industry leaders.\n\nSubscribe now",
"title": "What cyber conflict reveals about power and doctrine, with Allie Mellen"
}