No country AFAIK has taken a clear position on whether an attack on their computers will be considered an attack on their country. This may be very destabilizing. Countries avoid war by knowing what the lines are that they can't cross with each other. In cyberwar, no one knows where the lines are. One country might attack another's military computers, thinking that this is on the same level as photographing their missile sites, and be very surprised when the latter, who sees the planting of trojans as potentially as incapacitating as a physical attack, responds with an airstrike.
The United States, having the most-networked military, is the most vulnerable to cyberattack. China acts with impunity because there is no way they could lose a cyberwar — they have so much less online to lose. It would be to their advantage to have a treaty saying that what happens online, stays online. The US can't handle the situation in the tit-for-tat way they handled the Cold War, because there isn't any tit for China's tat. It would be in the US interest to make it clear that cyberwar is war.
This could be taken up at the UN, and an international treaty worked out addressing whether it is legitimate for one country to respond with physical force to a cyberattack by another country. But most of the UN representatives only recently got their first email addresses.
Any treaty drawn up there will say that cyberwar is harmless fun."