Increasingly, security experts don't just want to know how a cyberattack happened, but what country it come from.