Introduction
Despite the importance of cyberattacks, little has been written about the relationship between these attacks and the applicable law. States are still struggling with controversies involving definitions, even though there is wide applicability of both laws and norms in this context. As a result, cyberspace remains relatively anarchic and the continued controversies have impeded further progress. The 2020 report by EU Cyber Direct illustrated this by indicating how the lack of legal clarity has prevented states from taking legal action in response to cyberattacks. Thus, state-conducted cyberattacks have been left formally unattributed and unchallenged by the law. Although cyber-focused governments in Europe and elsewhere have offered formal and public legal clarifications through statements about the applicability of international law in cyberspace, many states either lag behind in such developments or have simply refused to articulate their views. If, however, internatio