Iran War Reveals How AI Technology and Cyber Warfare Are Reshaping Modern Combat

Old-school tricks and AI tech are weapons in the Iran war

TEL AVIV, Israel -- In the nighttime hours before launching the Iran war, Israeli military generals made sure their cars were not in their usual parking spots at military headquarters in Tel Aviv, in case Iranian spotters were looking for clues that war was near. In the days before the war, U.S. warplanes were deliberately parked in southern Israel to distract Iran -- which was perhaps keeping a close eye with Chinese satellite imagery -- as Israel prepared its own fighter jets to take off from an entirely different location, the Ramat David base in northern Israel. These were some of the "white noise" tactics deployed as Israel and the U.S. launched the war against Iran, a senior Israeli defense official from the military's operations directorate told NPR. The official spoke on condition of anonymity to divulge some of Israel's shadowy tactics. "What usually you are doing is try to influence the thinking of the rival entity to let them think that the moment is not coming soon," said Col. (Res) Doron Hadar, who helped lead influence operations and psychological warfare for the Israeli military until recently. The Iran war is being fought on a hybrid digital-physical battlefield, with old-school deception tactics and cutting-edge AI technology, officials and analysts say. The U.S. military's very first move in the Iran war was in cyberspace. "Coordinated space and cyber operations effectively disrupted communications and sensor networks across the area of responsibility, leaving the adversary without the ability to see, coordinate, or respond effectively," Chairman of the Joint Chiefs of Staff Gen. Dan Caine told reporters. Israel's warplanes, sent to target Iranian Supreme Leader Ayatollah Ali Khamenei, located him thanks to Israel's hacking of traffic cameras in the Iranian capital, the senior Israeli defense official said. As the Financial Times reported, Israel synthesized that traffic footage and billions of data points to create a bank of targets in Iran. NPR has not independently confirmed that reporting. "Israel used, or very likely used, very cutting edge kind of data processing or big data fusion techniques that from a kind of layman or citizen perspective you would call AI," said Omer Benjakob, a cybersecurity reporter for the Israeli newspaper Haaretz. Israel is likely much farther along than the U.S. is in developing its own independent AI systems for military use, he said, to avoid the kind of clash the Trump administration has had with the AI company Anthropic over military use of the company's AI model Claude. "We need to at least at some level to be able to do some of this stuff independently," Benjakob said, referring to Israel's military. "One day someone will discover we also use Claude, and then there'll be a protest in San Francisco, and then they'll take Claude away from us. So we might as well just have our own version of Claude." Iran has recruited dozens of Israeli nationals through the Telegram messaging app in the last couple years, most of whom were paid to stir up strife in Israeli society, like to start random fires or write antigovernment graffiti, Israeli authorities say. Benjakob believes Iran also recruited Israelis to threaten him and his wife, after he reported on fake social media accounts in Israel that were suspected to be an Iranian campaign. "My wife got to her office a package with, like, a Jewish memorial candle, and I got some message, like, via WhatsApp, telling me that if I don't stop what I'm doing, my wife will have to use this candle," Benjakob said. "So what we're seeing in Israel a lot is just people being tapped to kind of continue Iran's digital war against Israel in physical means." Former FBI cyber deputy director Cynthia Kaiser, now  with the Halcyon Ransomware Research Center, warns Iran may seek to retaliate against the U.S. by targeting U.S. hospitals' systems with ransomware, as it has done in the past. She has also detected what appears to be Iranian-sponsored efforts to gather data on Iranian nationals. "We have seen some activity that's consistent with espionage type activities at organizations that might have rich data on people in the region. We assess that's likely for targeting of people that the regime believes are dissidents," Kaiser said. Israel conducts psychological cyberwarfare too. At the start of the war, Israel hacked a popular Muslim prayer app in Iran to send messages to Iranian soldiers urging them to defect, the senior Israeli official said. The Wall Street Journal first reported on the hacking. Last year, after Israel bombed Iran's notorious Evin prison in Tehran, Israel sent videos of that bombing to Iranian officials to intimidate them, the Israeli official said. "The message was, you aren't as strong as you think," the official said. In a report published by digital rights group Citizen Lab, researchers say they found evidence suggesting Israel ran a disinformation campaign seeking to foment an Iranian revolt against the regime, by using AI-generated images of the prison bombing spread by false Twitter accounts. The Israeli official denied the allegation. " This is exactly the sort of thing that Israel does," said Darren Linvill, a disinformation researcher at Clemson University who co-authored the report. "They integrate psychological operations with their military operations in one clean campaign with a single goal, which is toppling the Iranian regime."

How cyberattacks, AI technology have become the new battlefield for Iran War

Driving the news: A Wednesday cyberattack allegedly linked to Iran‑aligned hackers disrupted operations at Stryker, a major U.S. medical technology company, The Wall Street Journal reported. * Stryker confirmed in a statement that it is "experiencing a global network disruption to our Microsoft environment," but that it hasn't seen any signs of "ransomware or malware" and now believes the incident is "contained." * Microsoft declined to comment. * The same group claimed on X that it hacked U.S.-based payments firm Verifone. The company said it found no evidence of a breach and no service disruption. Here's what to know about the state of cyberwarfare tactics: Israel says it's targeting cyber infrastructure Catch up quick: Israel last week carried out a "wide-scale strike" targeting a collection of military sites in Tehran that allegedly housed the headquarters of the Iranian Islamic Revolutionary Guard Corps, the IDF said on X. * The IDF claims that the headquarters of the IRGC's "cyber and electronic headquarters" and its "Intelligence Directorate" were among the military outposts hit in the strike. Yes, but: Iran has been under a near-total internet blackout since the first U.S. and Israeli strikes began, limiting the flow of information coming out of Iran, Politico noted last week. Cyberattacks from Iran By the numbers: Iran-aligned hackers and self-described "hacktivist" groups have increased activity against entities in the Middle East, the U.S. and parts of Asia following the Feb. 28 airstrikes, according to CrowdStrike. * Hydro Kitten, a group that operates on behalf of the Islamic Revolutionary Guard Corps, has indicated plans to target the financial sector, Adam Meyers, senior vice president of counter adversary operations at CrowdStrike, said in a statement earlier this month. Researchers from cybersecurity company Palo Alto Networks' Unit 42 reported that dozens of pro-Iran hacktivist groups say they have launched several cyberattacks since Feb. 28, mostly targeting critical infrastructure. * These groups have claimed responsibility for attacks against Israeli payment systems, the shutdown of Kuwaiti government websites, and incidents affecting online services at airports. Pro-Russian political hackers, called NoName057(16), teamed up with Iranian hacktivists on March 2 to target Israeli defense and municipal organizations, including defense contractor Elbit Systems, according to researchers at Flashpoint. * The same Russian hacktivists also claimed they broke into an Israeli water management system and other industrial control systems, but researchers could not verify the claim. How it works: Iran "lacks symmetric conventional response options against the United States and Israel," which is why the regime "has historically relied on cyber operations and a dispersed array of proxy actors as its instruments of response," the Center for Strategic & International Studies notes. Cyberattacks from U.S., Israel Zoom in: Israel hacked a popular Iranian prayer app to send notifications to potentially millions of phones last month, urging the country's military personnel to defect from the regime, The Wall Street Journal reported. * Iranian state media had also reported that news sites, including state news agency IRNA, were hijacked to display articles about the cyberattacks and discredit the regime. The Israeli military had access to "nearly all" of the traffic cameras in Tehran, the Financial Times reported. * In partnership with the CIA, Israel used the cameras to target the air strike that killed Ayatollah Ali Khamenei, Iran's supreme leader. * "Israel used, or very likely used, very cutting-edge kind of data processing or big data fusion techniques that from a kind of layman or citizen perspective you would call AI," Omer Benjakob, a cybersecurity reporter for the Israeli newspaper Haaretz, told NPR. Zoom out: Israel is likely much further along than the U.S. is in developing its own AI systems for military use, Benjakob said. The intrigue: Gen. Dan Caine, chair of the Joint Chiefs, said the U.S. Cyber Command and Space Command were among the "first movers" during the initial strike against Iran last month. Flashback: In February 2024, the chief technology officer of U.S. Central Command, gave the first public confirmation that the U.S. military was using AI to support strikes. * Central Command's CTO told Bloomberg that the military had used AI to help narrow down targets for more than 85 strikes in Syria and Iraq that month, as well as to identify rocket launchers in Yemen and surface vessels in the Red Sea. Citizen Lab, a digital rights group, said in October that evidence suggests Israel is "linked" to an "AI-enabled" disinformation campaign to instigate Iranian unrest. Iran's previous cyber attacks Last year, an Iranian national pleaded guilty to participating in a ransomware scheme that targeted several U.S. cities and organizations.