In a recent article at CSO titled: What's the value in attack attribution? Guidance Software CEO Patrick Dennis argues for the value of attribution.
As past intelligence operatives our initial response is of course you need to find out out who is responsible for the attack. Not only does it provide useful information on unknown vulnerabilities, but if the attack results in litigation having the ability to identify a bad actor might support your defense.
What do you think? Is attribution valuable?