You’ve probably seen the videos. Fighter jets screaming across the sky. Navy ships launching missiles. The US and Israel have been remarkably open about their military hardware in the Iran conflict, flooding social media with slick content showing exactly what firepower they’re deploying.
But there’s a whole other war happening that you’re barely hearing about. While the conventional strikes get all the press conferences and viral clips, something far more sophisticated is unfolding in cyberspace. And honestly, it might be more important than the missiles.
Admiral Brad Cooper from US Central Command let slip what everyone’s dancing around: “We continue with strikes into Iran from seabed to space and cyber-space.” That’s the real headline buried inside a dozen routine briefings.
The Invisible Preparation
Here’s the thing about modern warfare that most people don’t realize. Before a single bomb drops, there’s years of groundwork. Months, sometimes years of planning goes into preparing what military officials call the “target set.”
That preparation increasingly happens online. Think about it like breaking into a house. You don’t just smash the front door. You scout it first. You learn the layout. You check the locks. You figure out how to disable the alarm.
US and Israeli cyber operatives almost certainly did exactly this with Iran’s military infrastructure. They’ve probably been inside Iranian computer networks for ages, mapping out air defenses, military communications systems, anything that could interfere with an actual strike.
The Financial Times reported something particularly chilling. Israeli operatives allegedly hacked CCTV and traffic cameras across Iran to build what’s called “patterns of life” intelligence. They were essentially creating a surveillance network to track the Ayatollah’s movements and his commanders’ habits before the strikes that killed him. Internet-connected cameras, it turns out, are gold for modern warfare. They’re cheap, they’re everywhere, and they give real-time situational awareness of exactly where people are and what they’re doing.
Blinding the Enemy
Once the actual shooting started, cyber teams had another job. General Dan Caine described them as the “first movers” in Operation. Their mission was stark: disrupt and “blind Iran’s ability to see, communicate and respond.”
That’s a polite way of saying they shut things down.
Mobile phone towers probably went offline. Communications networks likely got jammed. There are unconfirmed reports that these cyberattacks prevented Iranian security teams from even knowing the jets were coming. In Ukraine, we’ve seen this playbook executed before. It works.
Defense Secretary Pete Hegseth got weirdly specific about this in a recent press conference, boasting that members of the Iranian military “can’t talk or communicate, let alone mount a coordinated and sustained offensive.” Those aren’t throwaway words. That’s describing a successful cyber operation designed to isolate decision-makers at the worst possible moment.
Trump even hinted at similar tactics regarding the attempted capture of Venezuelan President Nicolas Maduro, cryptically mentioning that “the lights of Caracas were largely turned off due to a certain expertise that we have.” The newly-published US Cyber Strategy actually confirms they’re taking credit for rendering “our adversaries blind and uncomprehending during a flawless military operation.”
There’s also this wild story about Israel hacking BadeSaba, a popular Iranian prayer-timing app with 5 million downloads. Just as bombs started falling, push notifications went out to users saying “help has arrived.” You have to admire the psychological warfare there, even if it feels genuinely dystopian.
Finding Targets in Real Time
And it doesn’t stop once the shooting starts. Hegseth talked about “hunting for more systems to kill.” That’s ongoing cyber work, searching for fresh military targets inside Iran using open source intelligence, satellite imagery, and straight-up espionage.
Artificial Intelligence is probably all over this phase too. The military is being cagey about specifics, but when Hegseth praised “a young colonel who’s iterating on how we target and how we find and fix different aspects of what the Iranians are trying to do,” he wasn’t talking about manually combing through intelligence reports. That sounds like describing AI-powered targeting systems working in real time.
This is where Technology isn’t just supporting warfare anymore. It’s becoming the warfare.
Why Everything Stays Secret
The US and Israel have spent decades hacking Iran. The Stuxnet attack on uranium enrichment facilities in 2010 is the most famous example, but officials are still weirdly quiet about it. Israel was also apparently behind the Predatory Sparrow attacks on Iranian steel plants in 2022, though it was dressed up as hacktivist activity.
The reason for all this secrecy is obvious when you think about it. Tal Kollender, a former Israeli military cyber specialist, puts it plainly: “In cyber, the value of a capability often depends on the other side not knowing exactly how it works.” If you reveal how you broke into something, the other side patches it. Your access disappears.
But here’s what’s wild. Despite this general secrecy, Dr. Louise Marie Hurel from the Royal United Services Institute is actually impressed by how much the US is disclosing this time around. She thinks it’s important, though, that we start having a real public conversation about cyber warfare and the rules that should govern it.
“This is an opportunity for us to have a more public debate regarding the support and strategic advantage cyber provides in broader military campaigns and crisis,” she said. “If cyber is openly acknowledged as integral to the strike package, it can help sharpen the questions about the laws of armed conflict, proportionality, and what counts as a use of force.”
That’s a serious point. We need actual rules around cyber operations the same way we have rules for conventional warfare. Right now, we’re making this up as we go.
Where’s Iran’s Retaliation?
Here’s the genuinely puzzling part. Iran is supposed to be a serious cyber power. They’ve proven it before, like the 2012 Aramco attack that destroyed 30,000 computers using wiper malware. Yet in this entire conflict, they’ve been almost completely silent in cyberspace.
One Iranian-linked group called Handala did hit medical technology firm Stryker with a wiper attack this week, but that barely registers compared to what you’d expect from a nation that’s supposedly been attacked this directly.
Either Iran got incapacitated by those reported Israeli strikes and can’t mount a proper cyber response, or they’ve been overestimated all along. Or, and this is the thing that keeps security experts awake at night, they’re just waiting. Holding back. Planning something.
Hurel is careful not to count Iran out. “I wouldn’t jump to conclusions regarding Iran as we have seen considerable hacktivist activity, and public reporting has previously shown that patriotic hacker personas have sometimes been used as a facade for state-linked groups.” Translation: don’t be surprised when something happens, and don’t assume it’s “just” hacktivists rather than the state itself.
The cyber battle isn’t over. The visible one has been decided, but the invisible one? That’s just getting started.
