Neither international Law generally nor the law of armed conflict in particular is complete. Each contains apparent gaps, which are filled by the “freedom principle” (which permits states to act absent an established prohibition). Whether a specific gaps exists must be determined case-by-case. It is unlikely that, if gaps do exist in the rules governing cyber-conflict, those gaps will soon be filled; the conditions necessary for the creation of effective international rules regulating cyber-conflict do not currently obtain. Among the most important of those conditions is attributability, which makes possible the threat of retaliation and deterrence. While the “attribution problem” remains a serious impediment to the formulation of effective international cyber-conflict rules, this barrier is mitigated by the possibility of leaks of the sort that occurred with respect to Stuxnet. The most likely future scenario is still, however, the continuation of “drip-drip” cyber-attacks that cause considerable damage.