The legality of cyberattacks as a strategic means is a complex and controversial issue because it involves many aspects such as international law, national security, and moral ethics. Here are some considerations: 1. **International law**: Under international law, especially the UN Charter, attacks between states are generally considered illegal. If a cyberattack causes serious harm to a state or its people, it may be considered an armed attack, thereby triggering the right of collective self-defense. However, the provisions of international law on cyberattacks are still unclear, and many issues are still in a gray area. 2. **Distinguishing between armed and non-armed conflicts**: In the cyber battlefield, it is sometimes not obvious to distinguish between military and civilian targets. Legality depends in part on the nature of the target of the attack and the proportionality and necessity of the attack. 3. **Moral and ethical**: From a moral and ethical perspective, cyberattacks may lead to serious humanitarian consequences, especially attacks on critical infrastructure (such as power or medical systems). Therefore, some people believe that such attacks should not be legalized. 4. **State practice and policy**: Some countries have developed cyber capabilities as part of their military and intelligence agencies for defense and active attack. State policies often regard them as legitimate strategic tools, especially in the context of national defense and deterrence. 5. **Characteristics of cyberspace**: Due to the borderless nature of cyberspace, as well as the anonymity and difficulty in tracing attacks, it is often very difficult to attribute cyber attacks, which poses challenges to the international community in dealing with related incidents. Overall, although some countries may use cyber attacks as part of their strategic means, international consensus has not yet been fully formed. In this context, it is particularly important to promote international dialogue and cooperation to establish clear rules and frameworks to deal with cyber conflicts and cybersecurity issues.