New wine in old bottles: applicability of the rules on attribution to cyberattacks committed against objects of critical infrastructure
Law Review of Kyiv University of Law
Growing number of cyberattacks committed by states or with their support testifies to the need of legal attribution for the purposeof international responsibility. Tallin Manual that comprises authoritative findings on how the attribution rules should be applied raisesa serious concern about the practical possibility to establish attribution. The main reason for this concern may be found in the nature ofcyberspace that is characterized by anonymity, spoofing and targeting from the territory of
... ther states etc.The rules of Tallinn Manual reiterated the provisions of ARSIWA and do not evidence about the existence of lex specialis forcyberattacks attribution. Pursuant to them, states are responsible for actions of their de facto and de jure organs empowered to exercisethe elements of governmental functions, private actors within their effective control or for the violation of due diligence obligations.This article argues that there is no necessity to change the rules on attribution, but, due to limited human and technical resourcesof most states, a special body for technical attribution should be created. The author analyses the different proposals that foresees amembership of states or fully excludes it. Notwithstanding a model, which may be chosen, there should be a variety of technical exper -tise and limitations of states ability to impact a decision concerning the choice of a case and its outcomes.