In the area of cybercrime, the dilemma of attribution impedes the prevention and mitigation of cyber harm. Gaining momentum among States and commentators, a potential solution to the problem of attribution is a response proxy—an entity against whom action is taken when action against a responsible party is not feasible. However, such a proxy response by way of a cyber duty of due diligence may be counterproductive and lead to greater instability in the international system. Combining the principle of due diligence in cyberspace and the doctrine of countermeasures, a longstanding international law response to illegal acts by another State, produces an attractive solution on its face. Nonetheless, due diligence-inspired countermeasures as an attempt to close the attribution gap may yield unintended consequences, including significant costs to security, stability, and even to international law compliance.