War as we know it has spread from the real world to cyberspace, becoming one of the topmost threats to international security. All states need to institute a range of actions and cooperate to formulate an international cybersecurity strategy.

It is well-known that some countries support or even take lead in cyberattacks around the world. Some collaborate with illicit groups and invest significant amounts of money to expand their cyberattack potentials.

However, regarding such a huge threat to world security, there are significant legal gaps in international and state laws governing the rules of cyberspace.

In the recent past, Turkey faced a series of attacks by the mercenary hacker collective RedHack and the Gülenist Terror Group (FETÖ) and is actively fighting threats to its cybersecurity. As with similar hackings and leaks that aimed to harm the political system around the world, these two groups, which are known to have been backed by Western countries and groups, have regularly engaged in hacking emails and tapping telephones to influence politics. Still, it would be naïve to think that such groups limit the scope of their actions to Turkey. Groups that perpetrate such attacks and the institutions behind them are never satiated, and try to continually escalate their aggression and expand their zone of mayhem.

The cyberattacks we are talking about are not those that are made by a few overexcited geniuses trying to gain bragging rights over breaching the safety walls of a computer network. The attacks Turkey is currently facing necessitate a serious amount of funding, time, expertise and personnel. Computers and other devices linked to the world wide web run on a number of operating systems that have dozens of versions and countless applications. Any comprehensive cyberattack of a magnitude in question necessitate competence in a high number of diverse operating system environments and this in turn necessitates a great number of experts working in tandem for a defined objective. And this means serious investments to create a portfolio of attacking strategies.

The annual "Cyber Grand Challenge" (CGC) contest held by the Defense Advanced Research Projects Agency (DARPA) in the U.S. awards $1 million to the one that carries out the best attack on selected targets. However, participants share their attacking codes beforehand, allowing the agency to collect a wide range of cyberattack strategies under the guise of encouraging scientific endeavors. There are similar competitions held around the world, allowing states to create a wide range of weapons for the virtual world. Ordinary people, just by ticking on an advertisement they receive by email, can become unwitting targets in a cyberattack.

The many attacks Turkey has faced in recent times did not come from a single source. The attacks can arrive via a complicated range of networks, ensnaring hundreds of innocent bystanders in their extremely illegal activities. Keeping tabs on the private information and communications of millions of people, these cybercriminal enterprises violate basic privacy but can more importantly channel their huge power into harming energy networks, telecommunication systems, transportation infrastructure, air traffic guidance systems and satellites. This means virtual damage can soon transform into causing significant loss of life and resources in the real life.

Countries, especially the U.S., should see fighting cyberterrorism as of equal importance to fighting terrorism in the real world. Those countries that are motivated by nefarious objectives are trying to institutionalize cyberattacks, but need to be aware of the fact that those who support terrorism are bound to eventually be its victims.

What the world needs is a fail-safe governance system for the cyberspace and the introduction of legal bounds that create a rule-based system that protects all. If not, all those who believe supporting cyberterrorism is a costless undertaking will pay a very dear price.