Keir Giles’ wrote a good paper that you really should read on the Russian view of the information warfare/operations (cyber warfare) legality. This is a fairly neglected aspect of information warfare studies and is completely ignored by cyber warfare experts in the West, who consider the Western view to be the sole view. It is because they are largely WEIRD. The West is largely in introspection around diversity, where diversity now means that everyone has the same values, shares same culture and is working towards the same goals in the similar fashion.
TL;DR: African Union’s draft Cybercrime Convention: Majority of the Convention is spent defining legal protection for entities and persons using the internet and other electronic means to do business. A whole section of the Convention is reserved to define rights of persons and protection from ‘strong men’. Council of Europe’s ETS 185 Convention on Cybercrime (Budapest Convention): Assumes legal environment exists where rights and obligations of persons and entities are clearly defined and protected. Provides a framework for law enforcement and legal actions for fighting crime done by electronic means.
A particularly important question is what sort of cyberattack is the equivalent of a traditional armed attack. Efforts to answer that question have culminated in the Manual on International Law Applicable to Cyber Warfare (also known as the Tallinn Manual), which will be published later this year. The Tallinn Manual is a nonbinding yet authoritative restatement of the law of armed conflict as it relates to cyberwar. Declarations of Cyberwar - IEEE Spectrum