On June 17, 2010, a small antivirus company established in Belarus discovered the Stuxnet worm. Later research would reveal that an earlier variant of the worm existed at least a year earlier. Stuxnet reputedly caused the physical degradation of some 1,000 centrifuges at the Natanz facility in Iran, based on data of the International Atomic Energy Agency (IAEA) [1]. While the identity of the perpetrators is still unknown almost two years later, some have suggested nation-state involvement due to the sophistication of the malware. The heavily hardened Natanz facility was built to withstand “bunker buster” bomb attacks, but apparently not cyberattacks. The incident, involving a sophisticated cyber “weapon,” has created new impetus for examining the law of armed conflict in cyberspace.