One of the key challenges for cybersecurity incidents is that attributing responsibility is at best challenging. A true agent of chaos could provoke cyberwar between two or more other parties through attacks which are made to look as if they originated from those other players. State actors themselves have used similar techniques, see the FBI's operation HOODWINK: <https://vault.fbi.gov/cointel-pro/hoodwink/cointel-pro-hoodw...>.
In the case of state actors or near state actors (think Russia's Internet Research Agency, various Chinese APTs, or even individual companies such as the NSO Group, Cellebrite, FinFisher, Blue Coat, Hacking Team, CyberPoint, L3 Technologies, and Verint), this is somewhat mooted as impunity may provide protection and the overt flagrance of actions may itself be a dimension of the attack, signalling "we can act at will without consequence". There might also be risks in tangling with large organised crime groups.
That said, vigilante justice does have a broad appeal, and makes for a popular trope in fiction.
In the case of state actors or near state actors (think Russia's Internet Research Agency, various Chinese APTs, or even individual companies such as the NSO Group, Cellebrite, FinFisher, Blue Coat, Hacking Team, CyberPoint, L3 Technologies, and Verint), this is somewhat mooted as impunity may provide protection and the overt flagrance of actions may itself be a dimension of the attack, signalling "we can act at will without consequence". There might also be risks in tangling with large organised crime groups.
That said, vigilante justice does have a broad appeal, and makes for a popular trope in fiction.