Honestly, system user education/awareness goes even further. Iran nuclear facilities used an airgap but it was social engineering that was the weakest attack vector for Stuxnet to exploit. Same with the South Korean Winter Olympics; a phishing email with a macro embedded Word doc got them in there.

A great book on Russian, state-backed hacking group was by a senior Wired writer, Andy Greenberg, called "Sandworm" [0]

[0] https://www.amazon.com/Sandworm-Cyberwar-Kremlins-Dangerous-...

To an extent, you are correct: many countries participate in the cyber-spy/cyber-espionage game. Where, perhaps, you are incorrect is that this is normal. The GRU has lead exceptionally aggressive cyber-attacks on just about everyone, particularly Estonia and Ukraine.

If you're interested in this topic, I'd like to suggest the wondeful (and terrifying) book, Sandworm (https://www.amazon.com/Sandworm-Cyberwar-Kremlins-Dangerous-...) by Andy Greenberg.