suppose operatives of a State A’s intelligence agency undertake cyber operations from State B that are designed to obtain restricted data relating to the production of military equipment by a private corporation of State C. The operation involves using a rootkit attack to gain privileged access to the corporation’s files stored on servers in C’s territory. State B has jurisdiction based on subjective territoriality, whereas State C enjoys jurisdiction on the basis of objective territoriality.
