There have been several publicly noted instances of another nation committing serious cyber-offenses. China is frequently mentioned. Russia as well, both as a government, and as a nation that harbors hackers. North Korea was involved in a hack against Sony (I think it was Sony) over a movie they didn’t like.
We probably need rules of engagement - do they exist anywhere? Candidates for triggering a response, cyber or conventional:
-Attack on financial infrastructure. This could be anything from hacking the NYSE to hacking info and blackmailing bank officials. Use your imagination. There are a lot of ways hackers could really wreck banking or the stock market.
-Attack on energy grids. Imagine they’ve shut down all of the power in the Northeast.
-Attack on the military. They’ve hacked into a communications network, or have changed the launch codes, or have access to our satellites. Again, there’s a really long list of ways they could do really bad things if they got into computer networks.
-Attack on our Intelligence agencies or Law Enforcement. Compromising our ability to gather Intel anywhere, or enforce law and order in this country.
-Interference in internal politics.
Those are just a few ideas off the top of my head. If a country is responsible for cyber-attacks in those areas, I think we have no choice but to respond. I believe that so far we have responded with a mixture of counter-attacks and sanctions. We cannot credibly state that as a nation we solely respond when attacked, btw. There are also documented incidents of the US instigating a cyber-attack.
I wonder also if there’s a “cold war” type of thing going on. Certain countries are obviously pretty active in terms of cyber-crimes. We haven’t declared war, cyber or otherwise, on any of them. I wonder how much of that is due to a concern over any resulting escalation. As long as we pretend these are isolated incidents, do we keep the activity relatively low level?