UG research on state responsibility for cyberattacks receives NWO grant

At a time when cyberattacks are increasingly used as a geopolitical instrument, Mr. Dr. Evgeni Moyakine has been awarded an Open Competition XS grant from NWO. With this funding, he will investigate how states can be held legally responsible for cyberattacks carried out via hackers and intermediary actors.

Cyber operations are an increasing threat to countries worldwide. They target critical infrastructure and civilian systems, causing physical, financial and other forms of damage, and can even endanger human lives. At the same time, states increasingly rely on so-called ‘proxy hackers’: hackers who appear to act independently but are in reality (indirectly) directed or supported by a state. This makes their involvement difficult to prove and often prevents accountability.

New legal approach 

The research of Moyakine focuses on developing a new legal approach to better establish state responsibility. Existing rules, as developed by the International Court of Justice, set a very high threshold for proving ‘state control’ over non-state actors and therefore no longer fully reflect the realities of modern cyber warfare.

 The project, titled ‘The umbrella of control in the rainstorm of digital bullets: Developing a state control theory to attribute responsibility for contemporary state-backed cyberattacks’, adopts a socio-legal approach. It combines legal analysis with technological insights and collaboration with international experts in the field.

From Ukraine to the Netherlands

The urgency of this issue is evident. Countries such as Ukraine have been exposed to numerous persistent cyberattacks, many of which are carried out by[EM1]  state-backed hackers as part of the ongoing war. However, neutral states are also not spared: in 2024, the Netherlands became the target of a state-sponsored cyber sabotage attack affecting a specific public facility for the first time.

With this research, Moyakine aims to contribute to closing the accountability gap in cyberspace. A clearer legal framework could help victim states and international organizations respond more effectively to state-sponsored cyber threats and hold hostile states accountable, thereby strengthening international cybersecurity and legal responsibility mechanisms.