Translation result.
Iranian state-linked hackers armed with generative AI
Hacking groups tied to Iran’s government and affiliated intelligence networks have embedded U.S.-based generative AI tools — notably OpenAI’s ChatGPT and Google’s Gemini — into virtually every phase of their operations.
They use AI to analyze and modify malware, and to craft phishing emails, LinkedIn messages and bogus expert profiles in idiomatic English.
Where poorly written English once exposed many campaigns, AI now customizes language to local dialects and sector-specific jargon, raising the bar for detection.
Security analysts say attackers are leveraging prompts across planning, reconnaissance, social engineering and even code refinement.
APT42’s covert campaigns against the U.S. and Israel
Google disclosed that APT42, a group linked to the Iranian government, has used Gemini to run multiple phishing campaigns and reconnaissance operations.
The group used AI to draft messages and documents posing as academic exchanges or expert consultation requests to build credibility before delivering malicious links or attachments.
Some prompts reportedly directed the AI to summarize or analyze material on jamming and electronic warfare tied to the U.S. F‑35, or to suggest keywords for locating additional papers and reports — effectively widening the group’s access to sensitive research.
OpenAI says it has repeatedly detected and blocked Iran-linked attempts to abuse accounts and APIs, but it characterizes the tools as assisting with translation, research and script cleanup rather than inventing wholly new attack techniques.
AI spreading from cyber to electronic warfare, drones and C2
A Financial Times review of roughly 300 papers from Iranian military journals over five years shows AI research has moved well beyond pure cyber operations.
Researchers are applying AI to electronic warfare (radar and communications jamming and protection), drone guidance and autonomy, underwater target detection through sonar analysis, and command-and-control systems that enhance situational awareness and decision support.
Analysts cautiously suggest AI algorithms may already be augmenting target selection and threat-prioritization in some drone and missile workflows.
Much as Google Translate once lowered the language barrier to Western military literature, generative AI now accelerates summarizing, explaining and ideating applications — narrowing the technology gap.
Iran’s national AI platform hit by airstrikes, but damage may be limited
Iran had begun piloting a national AI platform intended to operate internally if external internet links were severed.
Designed to provide shared AI services across military, intelligence and industrial sectors, the program was reportedly led by Sharif University of Technology — an institution under Western sanctions for military ties.
U.S. and Israeli airstrikes in April reportedly struck the platform’s core data center and parts of Sharif’s AI facilities.
Still, experts note that algorithms, models and specialist networks already dispersed are hard to eradicate; striking physical infrastructure can slow development but is unlikely to reverse the overall trajectory.
AI as a cost‑effective force multiplier under sanctions
Under sanctions that limit access to advanced chips, equipment and funding, Iran views software- and cloud-based AI as a relatively low-cost way to raise military capability.
With a few skilled personnel and modest compute resources, actors can develop and field cyber, information and electronic warfare algorithms at scale.
As Recorded Future observes, Iran’s AI investment is effectively its national security modernization program — applicable to sanction‑evasion networks, wartime resource allocation and recovery optimization as well.
A Check Point researcher summarized the logic: Iran is a capable state actor that will keep committing resources until it achieves its objectives.
U.S. and Iran both preparing for AI warfare — the asymmetry is narrowing
The U.S. is also integrating AI models — including Palantir’s Maven Smart System and Anthropic’s Claude — into intelligence analysis, targeting and operational planning.
That sets the stage for an AI-versus-AI dynamic; Iran’s adoption of AI does not automatically yield strategic dominance.
Still, generative AI allows a limited number of experts, using commercial tools, to close gaps in personnel, training and research infrastructure and field meaningful cyber and electronic warfare capabilities.
For South Korea, state-level AI cyber and information operations conducted elsewhere can propagate through alliances, major defense contractors and military-technology partnerships to affect security on the peninsula.
Most Commented