Cybersecurity And International Law: Defining State Responsibility for Cross Border Cyber Attacks

Abstract

The proliferation of cross-border cyber-attacks has posed profound challenges to public international law, particularly in defining the conditions under which a state may be held responsible for hostile digital operations emanating from its territory or attributed to its control. Unlike traditional armed conflicts, cyber operations traverse borders with anonymity and speed, complicating legal attribution and the application of existing doctrines such as sovereignty, non-intervention, and the prohibition on the use of force. The absence of a universally binding cyber-specific legal regime exacerbates these difficulties, leaving gaps and ambiguities in enforcement and accountability. This study examines the extent to which foundational international legal frameworks—especially the United Nations Charter, the International Law Commission’s Articles on State Responsibility, and customary principles of due diligence and attribution—govern state conduct in cyberspace. By critically analyzing doctrinal interpretations and normative challenges, the paper highlights key deficiencies in current law and argues for doctrinal refinement or the eventual development of cyber-specific norms to ensure that state responsibility in cyberspace is coherent, enforceable, and reflective of the digital age.