Absolutely not. Cyber attacks are not comparable with real attacks, when it comes to counterattacking.

I mean, how would that even work?

Let’s do an example: A hospital has a cyber attack.

Assumption 1: We notice the attack.
This may sound stupid, but maybe we don’t even notice, that data is stolen and no one ever notices.

But they want to destroy shit, so they do!

Okay, let’s say we notice the attack.

Assumption 2: We notice the attack in time.
What does that mean, they destroyed stuff, right?

Yes, but when? Some attacks delete backups for weeks and then destroy the data. We are talking about a government and not a money hungry hacker group here, they have time.

Maybe all traces of the attack are deleted, before all goes black?

But we’re the good ones, the smart ones, we notice it in time. Cool.

Assumption 3: it’s possible to trace the origin.

Again, how do we do that? Does the code look russian? Maybe Isreal just knows how to trick us. We maybe have no IP, since it came in via USB or CD?

Okay, we’ll ignore that. We have an IP.

Assumption 4: The IP tells us, who it was.

An IP from Israel attacks an american hospital. Clear case, let’s attack back. Right? Wrong.

The IP is private, so it could be some random dude and you just attacked a country for one person doing a crime? Great job.
Even worse, maybe the person has a hacked smart fridge and the attack came from Russia. How would you know?

Okay, let’s say the IP is from a datacenter. Bad example, they rent their servers…

Okay, the IP is from a government agency. Now we’re talking. They don’t rent; it’s unrealistic, they were hacked. We can attack back!

Assumption 5: We know, what to do next.

(This is not a strong argument, but it stills stands)

But what do we attack? One of their hospitals? Do we start a war with them? Call the embassy?

All of this on all the prior assumptions…