The project is an update and continuation of a previous doctoral project. The focus is on exploring how Swedish legislation for peacetime crises and war provides Sweden with the conditions to handle cyber-attacks aimed at socially important activities and infrastructure. The project deals with the borderline between peace and war and the regulations for high readiness with associated authorization laws. Cyber attacks can be legally defined as different types of crimes, as terrorism or as acts of violence between states. There are currently no international conventions that specifically regulate states' use of cyberspace and cyber operations. At the same time, cyber attacks are an effective means for states to influence other states without using conventional military force. By concealing the identity of the attacker and not resulting in direct physical injury and/or death of people, cyber attacks can create major problems for authorities dealing with them, especially in the division of responsibilities between police and military authorities. Problems arise because the laws to be applied seek clear cut points between crime, espionage and acts of war based on whether the attacker is an individual, a criminal network or identifiable as a state and where the damage should be physical to people and infrastructure. When states act with force and coercion in peacetime against another state, what is Sweden's legal right to defend itself and in what way, with what means?