Stuxnet as an Act of War?

Eric Martin has a quick piece over at the Progressive Realist arguing that, by the standards of America's own cyber doctrine, the Stuxnet attack on Iran's Natanz facility was an act of war. While the internationally-accepted legal definition of "acts of war" remains murky, Martin seems basically correct here. This was a premeditated attack against a piece of physical Iranian infrastructure. If the shoe were on the other foot, I'd certainly think a military response from the United States would be worth considering. It's also worth reiterating, though, that states commit "acts of war" against each other all the time, usually without leading to open armed conflict. Much of what states' intelligence apparatuses do on a regular basis constitute acts of war. During the 1950s the U.S. regularly violated Soviet airspace with U2 spy planes. During the 1980s the CIA used a logic bomb to sabotage a Soviet gas pipeline (though admittedly the Soviets were stealing the technology in the first place). American submarines violate the territorial waters of other nations for espionage purposes. Heck, the American Congress openly debates giving money to insurgent groups that have the express intent of overthrowing internationally recognized regimes. I'm reasonably sure any of the above scenarios could plausibly be labeled acts of war. Never mind the Bin Laden raid.

None of this implies that such behavior should be taken lightly. Certainly American leaders should be careful about the international norms they unwittingly establish. And Martin's got a point that "perhaps government officials should be more circumspect and less glib about implying official involvement." Still, this seems to be one of those areas where sovereignty inevitably bends to the realities of power. Stuxnet may have been an act of war, but it's one with a long pedigree.

Update: For a more thorough exposition of some of the issues with conventional retaliation to a cyber attack, check out Jason Healey's latest at New Atlanticist.