This seems overblown. The behavior you're describing has been present nearly as long as the internet has been globally accessible. It's an inconvenience and it means we need to do a better job securing systems against attacks, which is hardly the worst thing from an evolutionary perspective. Better that systems get hardened now to prevent ransomware than that they remain vulnerable until there is an actual war and an enemy state takes advantage of longstanding complacency.
> or all nation states agree to tamp down on third party attackers.
This doesn't happen even with a treaty, because not all countries will be signatories, and even the signatories can just ignore the provisions as they do with many other treaties. Corrupt governments deflect blame; "the attack seems to have originated from here but we investigated ourselves and found ourselves innocent" etc. Proving otherwise without local cooperation is close to impossible because the location of the originating systems is not inherently the location of the attackers. And, of course, corrupt governments are the places where these things are already happening.