Cyberwarfare would operate outside the realms of “being charged,”
I would imagine.
I think its jurisdiction is an issue as well.
If i live in Russia and attack your infrastructure that is based in Estonia using tools/methods that are housed in another country (DDOS), then it must be a nightmare to untangle
Consider the impact of what Russia did to Estonia in 2007
“ From 27 April, Estonia was also hit by major cyber-attacks which in some cases lasted weeks.
Online services of Estonian banks, media outlets and government bodies were taken down by unprecedented levels of internet traffic.
Massive waves of spam were sent by botnets and huge amounts of automated online requests swamped servers.
The result for Estonians citizens was that cash machines and online banking services were sporadically out of action; government employees were unable to communicate with each other on email; and newspapers and broadcasters suddenly found they couldn't deliver the news.
Liisa Past was running the op-ed desk of one of Estonia's national newspapers at the time, and remembers how journalists were suddenly unable to upload articles to be printed in time. Today she is a cyber-defence expert at Estonia's state Information System Authority.
"Cyber aggression is very different to kinetic warfare," she explained. "It allows you to create confusion, while staying well below the level of an armed attack. Such attacks are not specific to tensions between the West and Russia. All modern societies are vulnerable."
That means that a hostile country can create disturbance and instability in a Nato country like Estonia, without fear of military retaliation from Nato allies.
Shadowy forces
The alliance's Article Five guarantees that Nato members defend each other, even if that attack is in cyberspace. But Article Five would only be triggered if a cyber-attack results in major loss of life equivalent to traditional military action.”
https://www.bbc.com/news/39655415
“ On 24 January 2008, Dmitri Galushkevich, a student living in Tallinn, was found guilty of participating in the attacks. He was fined 17,500 kroons (approximately US$1,640) for attacking the website of the Estonian Reform Party.[3][15]
As of 13 December 2008, Russian authorities have been consistently denying Estonian law enforcement any investigative cooperation, thus effectively eliminating chances that those of the perpetrators that fall within Russian jurisdiction will be brought to trial.[16]”
