If experts say a "malicious [cyber] code"' has "similar effects" to a "physical bomb,"' and that code actually causes "a stunning breach of global internet stability," is it really accurate to call that event merely an instance of a "cyber attack"?
Moreover, can you really expect to deter state and non-state actors from employing such code and similarly hostile cyber methodologies if all they think that they are risking is being labeled as a cyber-vandal subject only to law enforcement measures? Or might they act differently if it were made clear to them that such activity is considered an "armed attack"' against the United States and that they are in jeopardy of being on the receiving end of a forceful, law-of-war response by the most powerful military on the planet?
Of course, if something really is just vandalism, the law enforcement paradigm, with its very limited response options, would suffice. But when malevolent cyber activity endangers the reliability of the internet in a world heavily dependent on a secure cyberspace, it is not merely vandalism. Rather, it is a national and international security threat that ought to be characterized and treated as such. Unfortunately, the United States' current approach is too inscrutable and even contradictory to send an effective deterrence message to potential cyber actors. This needs to change.
Charles J. Dunlap Jr., "Cybervandalism" or "Digital Act of War?" America's Muddled Approach to Cyber Incidents Will Not Deter More Crises, 42 North Carolina Journal of International Law 989-1012 (2017)
Library of Congress Subject Headings
Cyberterrorism, National security--Law and legislation, Self-defense (International law), Deterrence (Strategy), Military law