Computer Network Attacks (CNAs) do not automatically come within the framework of the definition of ‘attack’ in conformity with the law of armed conflict (LOAC). Consequently, some so-called CNAs (especially, those used only as means of intelligence gathering) do not qualify as ‘attacks’ in the sense of LOAC. Only CNAs entailing ‘violence’ do. CNAs constituting ‘attacks’, in the LOAC sense, are governed by the same rules that apply to kinetic attacks. In particular, they are subject to the application of the cardinal principle of distinction between combatants/military objectives and civilians/civilian objects. Consequently, deliberate attacks against civilians/civilian objects are prohibited, and so are indiscriminate attacks. An important extrapolation of the principle of distinction is the principle of proportionality, whereby—when lawful targets are attacked—collateral damage to civilians/civilian objects must not be expected to be ‘excessive’ compared with the military advantage anticipated. This is a complex construct, applying to CNAs as much as to other attacks. Feasible precautions must be taken prior to any attack, including a CNA. When a civilian is engaged in any form in a CNA, the act constitutes direct participation in hostilities and the actor loses civilian protection from attack.