AI turns cyberspace into a battleground in Israel-Iran conflict
ISRAEL-IRAN CLASH
5 min read
AI turns cyberspace into a battleground in Israel-Iran conflictThe 12-day Israel-Iran conflict showed how cyberspace became a front for AI-powered phishing, infrastructure attacks and blackouts, revealing the new face of modern warfare.
Last week, Israeli hacking group Predatory Sparrow, breached Iran’s Bank Sepah and paralysed a key artery of the country’s financial system. / Reuters
Edibe Betul YucerEdibe Betul Yucer
8 hours ago

In recent weeks, from Operation Spiderweb in the Russo-Ukrainian war to the Israel-Iran confrontation, we have seen the face of modern warfare evolve beyond traditional battlegrounds.

Conflicts are now fought as much through cyber operations that can paralyse infrastructure and manipulate information with unprecedented speed and precision.

The recent conflict between Israel and Iran laid bare this transformation. After Israel’s unprovoked strikes on 13 June and Iran’s retaliatory attacks, it became clear how artificial intelligence is transforming the very nature of digital warfare.

During the twelve-day confrontation, a parallel cyber war unfolded, with both nations deploying different AI-driven tools in their attacks.

Last week when Predatory Sparrow, a hacking group linked to Israel, breached Iran’s Bank Sepah it paralysed a key artery of the country’s financial system. 

Just a day later, the group drained roughly $90 million from Nobitex, Iran’s largest cryptocurrency exchange, and deliberately sent the funds to inaccessible blockchain addresses. 

According to consultancy Elliptic, this act effectively “burned” the assets, ensuring they could not be recovered.

These coordinated strikes on Iran’s banking and cryptocurrency sectors, alongside Iran’s own AI-powered phishing and espionage campaigns, made clear that the conflict had become a proving ground for AI-driven unconventional warfare.

Blackouts, disinformation and phishing

Predatory Sparrow’s dual attacks disrupted Iran’s financial operations and undermined public confidence in its digital infrastructure.

Israeli-linked cyber attacks reportedly targeted Iranian state media. Videos circulated online showed Iranian TV airing “anti-regime” messages, indicating successful breaches of broadcast systems .

Iranian authorities, fearing further incursions, imposed a near-total internet blackout, with Cloudflare estimating that national internet traffic dropped by 97% .

The blackout was intended to shield against Israeli hackers, but it also cut ordinary Iranians off from vital services and information.

Experts point out that Israel’s “pre-emptive” cyber and physical strikes gave it a decisive and critical advantage.

“Disrupting the availability of this bank’s funds, or triggering a broader collapse of trust in Iranian banks, could have major impacts there,” said Rob Joyce, former head of cybersecurity at the NSA, in a post on X.

In 2022, Gonjeshke Darande (Persian for “Predatory Sparrow”) claimed responsibility for a cyberattack on an Iranian steel production facility. The sophisticated attack resulted in a large fire at the facility, resulting in tangible, offline damage. 

Such attacks are usually beyond the capabilities of activist hackers, security experts say, and would be more in line with the capabilities of a state.

However, one reason Israel’s cyberattacks appear to have had greater impact in this round of fighting is that Israel launched its attacks first, gaining time to prepare both offensive and “defensive” measures before Iran responded.

Iran’s cyber response took a different form with waves of disinformation infiltrated in Israeli society. Spoofed messages warned of fuel shortages, imminent attacks, or shelter bombings, designed to appear as if sent by Israel’s Home Front Command. 

Gil Messing, chief of staff for Check Point Software, observed that “a flood of disinformation” poured onto social media, escalating during the crisis .

“I’m most concerned about cyber espionage against our leaders, and surveillance aided by breaches in travel, hospitality, telecom, and other sectors, where data could be used to identify and physically track persons of interest,” John Hultquist of Google’s Threat Intelligence Group said.

Iranian state-sponsored hackers, particularly the APT35 group (also known as Charming Kitten), reportedly used AI to enhance their cyberattacks.

According to Check Point, these operations targeted Israeli cybersecurity experts, computer scientists, and tech executives with sophisticated phishing attempts. The attackers used fake messages and emails designed to trick people into sharing sensitive information, along with realistic decoys and fake login pages mimicking Google’s. 

These phishing kits captured passwords, intercepted two-factor authentication codes and logged keystrokes, allowing attackers to bypass security layers.

The tools were built with modern web technologies and designed for speed and stealth, enabling attackers to set up and dismantle fake sites rapidly as defenses caught up.

When ordinary tech turns into a weapon

BBC Verify’s analysis uncovered widespread use of AI-generated videos exaggerating Iran’s military strength and faking attacks on Israeli targets, with the top three clips gaining over 100 million views.

Pro-Israeli accounts spread disinformation by recycling old footage from Iran, falsely portraying it as current anti-government protests supporting Israel.

BBC Verify reported that many accounts repeatedly shared AI-generated images designed to exaggerate the scale of Iran’s retaliation against Israeli strikes.

One widely circulated image, which drew 27 million views, appeared to show dozens of missiles raining down on Tel Aviv.

Another video claimed to show a nighttime missile strike on a building in the city.  

AI-generated content also promoted false claims of destroyed Israeli F-35 fighter jets.

The 12-day conflict demonstrated how AI tools dramatically changed the pace and effectiveness of digital warfare between these two long-time adversaries.

Some accounts have become “super spreaders” of disinformation, gaining large followings as a result. These profiles post frequently, often share false information, and use names that appear official, leading some users to mistakenly believe they are legitimate, though their true operators remain unknown.

One of the most alarming aspects of this new digital battlefield is the weaponisation of ordinary technology.

Reports describe how Iranian hackers broke into internet-connected home cameras inside Israel and used them to spy in real time. 

These attacks combined with AI’s ability to make attacks faster and more challenging to stop, signal a new reality where digital warfare reaches into the technology people depend on every day.


SOURCE:TRT World and Agencies
Explore
AI turns cyberspace into a battleground in Israel-Iran conflict
By Edibe Betul Yucer
What is Section 899, Trump’s ‘revenge tax’ that nearly reshaped global investment
Could There Be a Political Agenda Behind CNN’s Allegations Regarding Iran?
By Ata Şahit
Japan warns against repeating 'scars of atomic bombing' as Trump compares Iran strikes to 1945
Israel smuggles synthetic opioids into Gaza via flour aid
80 years on, is the UN in need of a structural overhaul?
By Kazim Alam
Development Road Project expected to generate over $50B in 10 years: Erdogan
US cuts over 90% of foreign development programme budgets
Conflict in Sudan is spilling into Central African Republic: UN
Israeli-US food distribution scheme in Gaza a trap, 'must be dismantled': MSF
Israeli PM Netanyahu's request to delay his corruption trial denied
Why is Mexico threatening to sue SpaceX for Starship rocket blast?
The jail, the school, the hospital: A silent collapse in the American heartland
By Shiraz Mukarram
China and US finally reach a trade deal
Israeli soldiers deliberately shoot at unarmed Palestinians near aid sites in Gaza: report
Sneak a peek at TRT Global. Share your feedback!
Contact us