The cyber sphere presents unique challenges to our ability to adequately distinguish between military and civilian and thereby adhere to the fundamental principle of distinction. Moreover, the nature of cyber operations is such that it does not neatly fit into the paradigm of hostilities around which the law of armed conflict (LOAC) is constructed. In fact, it has even been debated whether the LOAC rules on targeting would always apply to cyber operations, and whether the need to distinguish between military and civilian and the pro-hibition on attacking civilian targets are applicable to all forms of cyber op-erations or not. This article addresses the question of the nature of cyber operations that are likely to take place. It includes an examination of cyber operations as fitting within the notion of attack. It then turns to an analysis of the appropriate threshold of harm that would lead a cyber operation to be considered an attack under LOAC — and thus subject to the principle of distinction — with particular focus on destruction of data and harm that does not have direct physical manifestation.