The Legal Gap in Regulating the Responsibility of State and Private Actors in Cross-Border Cyberattacks: A Study under Public International Law

Abstract

This study examines the legal vacuum surrounding the regulation of responsibility for transboundary cyberattacks under public international law, with a particular focus on both state and private actors. In light of the profound transformations in the nature of international conflicts, cyberspace has emerged as a new arena of confrontation, where sophisticated attacks increasingly target critical infrastructure, posing serious threats to international peace and security. The complexity of this issue is further amplified by the growing role of private companies as influential actors in the digital domain, whether through their technological capabilities, failures in data protection, or indirect involvement in cyber operations. The research aims to analyze the shortcomings of existing international legal rules in addressing responsibility for cyberattacks and to identify the dimensions of the prevailing legal gap that undermines effective international accountability. Adopting an analytical legal approach, the study evaluates relevant international legal texts and proposes a balanced legal vision that may contribute to the development of a binding international framework governing responsibility in cyberspace.