It's increasingly common to see major attacks on governments and corporations attributed to a specific country or group. Typically we don't know for certain, but it's at least suspected.
Given the general anonymity of the internet and the ability to hide behind proxies, exactly how do security experts go about determining exactly who perpetrated an attack?
