Responsibility System For Cyber Attacks By Non-state Actors

At present,non-state actors’ cyber attacks are an important threat to the cyber security of all countries,and have been included in the international legal community as an important issue in the international governance of cyberspace,and become an unavoidable problem in the development of the Internet of all countries.The current cyber attacks by non-state actors in the international community are backed by national interest confrontation and their destruction is no less than that of traditional kinetic energy weapons.Studying the responsibility system of cyber attacks by non-state actors is not only related to whether the legitimate rights of countries victimized by cyber attacks can be adequately remedied.It also bears on whether we can build a new order of global Internet governance that is equal,mutually beneficial,secure and orderly.The focus of the study on the responsibility system for cyber attack by non-state actors is to "determine the responsibility according to the public and private attributes of the cyber attack perpetrators",while the difficulty is to "accurately trace the source and judge the association between the cyber attack perpetrators and a country".The attribution in international law is the premise to judge whether an act can be classified as a state act and thus lead to state responsibility.According to the improved "effective control standard" of Tallinn manual version 2.0,the attribution of non-state actors’ cyber attack behavior is made.It can be divided into can be attributed to a country’s non-state actors network attacks and cannot be attributed to a country’s non-state actors network attack behavior,which can be attributed to a country’s non-state actors if cyber attacks at the same time,meet the national duty conditions and the conditions of illegality of responsibility theory,responsibility directly the national responsibility;for the non-state actors who only meet the conditions of liability for cyber attacks attributable to a country,we can draw lessons from the state responsibility for acts not prohibited by international law,and require the responsible country to assume appropriate and strict state responsibility.For the cyber attacks by non-state actors that cannot be attributed to a country,the country’s indirect state responsibility for the cyber attacks by non-state actors originating in its territory can be investigated from the perspective of the due diligence.In the face of the serious threat to cyber security brought by non-state actors’ cyber attacks,countries have "cooperation rather than confrontation" and "prevention rather than treatment".Insist on network sovereignty as a response to non-state actors guarantee of network attack behavior,draw lessons from the international environment state of transboundary damage prevention duty,actively carry out multilateral negotiations under the UN framework,in the form of the regional multilateral treaty countries for non-state actors general preventive measures to cyber attacks.In addition,the international rule of law in cyberspace will experience a transition from "soft law" to "hard law" in the future.Countries still need to carry out extensive dialogue and exchanges on issues related to international law in cyberspace,strengthen international cooperation,and fill in the gaps of international law in cyberspace with a large number of national practices.