Digitalised war is no longer a theoretical concept debated in think tanks and classified briefings. It is happening right now — in Tehran, Tel Aviv, Riyadh, Dubai, and in data centres across the Middle East — and the Iran-Israel conflict of 2026 has made it impossible for the world to look away.
The Iran war is being fought on a hybrid digital-physical battlefield, with old-school deception tactics and cutting-edge AI technology. The US military’s very first move in the Iran war was in cyberspace. Coordinated space and cyber operations effectively disrupted communications and sensor networks across the area of responsibility, leaving the adversary without the ability to see, coordinate, or respond effectively.
The digitalised war unfolding across the Middle East has produced prayer app hijackings, nationwide internet blackouts, AI-assisted assassinations, cloud infrastructure strikes, and a 700 percent surge in cyberattacks — rewriting every assumption about what modern conflict looks like and who its real victims are.
Background
Digitalised War — The Decade That Built to This Moment
The digitalised war of 2026 did not arrive without warning. It was built, piece by piece, over more than fifteen years of cyber conflict between the same actors now fighting the most visible digital war in history.
This did not start in 2026. The roots trace back to Stuxnet in 2010 — the US-Israeli cyberweapon that physically destroyed Iranian nuclear centrifuges at Natanz. Iran responded by building offensive cyber capabilities under the IRGC, launching attacks against US financial institutions, Saudi Aramco, and water utilities across the United States.
The June 2025 Twelve-Day War marked the moment cyber operations became fully integrated with kinetic strikes. Cyberattacks surged 700 percent within 48 hours. Predatory Sparrow wiped Bank Sepah’s data and burned $90 million in stolen cryptocurrency. Over 100 pro-Iranian hacktivist groups mobilised on Telegram. Israel was the most targeted country by geopolitically motivated hackers in 2025, absorbing 12.2 percent of all global attacks.
By the time Operation Epic Fury began on February 28, 2026, both sides had spent years pre-positioning for the digitalised war that was coming. The question was never whether it would happen. It was how total it would become.
Details
Digitalised War — The Opening Cyber Strike
On February 28, 2026, the United States and Israel launched Operation Roaring Lion, the joint military campaign against Iranian military, nuclear, and government targets. Within hours, fighter jets and cruise missiles were striking IRGC command centres across the country. But the assault was not limited to the physical world. In parallel, Iran plunged into a near-total digital blackout. Internet connectivity collapsed to just four percent of normal traffic. Government services, news platforms, security communications, and mobile apps failed across major cities.
This is what the opening phase of a digitalised war looks like in practice. Not tanks crossing borders. Connectivity collapsing. Information systems going dark. A population of 90 million people suddenly unable to access news, banking, or communication — isolated not by physical siege but by digital invasion.
Compared to conventional opening strikes, cyber dominance paid off in spades when it came to executing a surprise attack. The US and Israel compromised traffic cameras, entire mobile networks, and prayer apps — a level of digital penetration that intelligence agencies had spent years quietly building before a single missile was launched.
The Prayer App — Symbol of the Digitalised War
No single incident in the 2026 digitalised war has captured the collision of technology and warfare more viscerally than the hijacking of an Iranian prayer app with 30 million users.
Israel hacked a popular Iranian prayer app to send notifications to potentially millions of phones, urging the country’s military personnel to defect from the regime. The app displayed political messages instead of its regular prayer time notifications, with statements such as: Help has arrived — do not fear, defend them, and they will defend you.
The app requests access to users’ locations so that it can provide accurate prayer times. The primary reason the app was compromised was likely for its intelligence value — data about its users was raw material for Israel’s intelligence machine. If they managed to convince a few soldiers to lay down their weapons as well, that was a double win.
This is the digital warden dimension of the digitalised war — the use of surveillance architecture embedded in the most intimate corners of daily life to both monitor and manipulate. An app that helps a Muslim pray five times a day becomes, in a digitalised war, an instrument of psychological operations and mass surveillance simultaneously.
Traffic Cameras and the AI Assassination
The most operationally consequential element of the digitalised war’s opening phase was the role of compromised surveillance infrastructure in targeting the world’s highest-value military objective.
The Israeli military had access to nearly all of the traffic cameras in Tehran, in partnership with the CIA. Israel used the cameras to target the airstrike that killed Ayatollah Ali Khamenei, Iran’s Supreme Leader. Israel used, or very likely used, very cutting-edge data processing or big data fusion techniques that from a layman’s perspective you would call AI.
Real-time intelligence from compromised traffic cameras and deeply penetrated mobile phone networks was used to confirm the meeting was going ahead as planned. One particular camera pinpointed where bodyguards and drivers of senior Iranian officials liked to park in Khamenei’s compound. In addition to providing targeting intelligence, a cyber operation disrupted the mobile phone system near Khamenei’s compound so his protection detail could not receive warnings about the impending attack.
This is the digitized sol of modern warfare — not soldiers in the field but sensors, cameras, and AI algorithms performing reconnaissance, targeting, and communications disruption simultaneously, invisibly, and at the speed of code rather than the speed of human decision-making.
Iran’s Digital Invasion — The Counter-Strike
With conventional military operations crippled by Operation Epic Fury, Iran has relied on cyber attacks as its primary retaliation tool. The Iranians mobilised APT42 and APT33 — two groups with links to the Islamic Revolutionary Guard Corps and MOIS — to launch a sustained digital invasion against US, Israeli, and Gulf state targets.
The cyber response against Israel has been led largely by pro-Iranian hacktivist groups rather than confirmed direct Iranian state operations — though given that IRGC-linked networks span across the Middle East, many of these groups are considered state-adjacent at minimum. Groups like Handala, 313 Team, and Keymous have run DDoS campaigns, data leak operations, and defacements targeting Israeli government, defence, and commercial infrastructure from day one.
A cyberattack allegedly linked to Iran-aligned hackers disrupted operations at Stryker, a major US medical technology company. Stryker confirmed it was experiencing a global network disruption to its Microsoft environment.
The digital invasion extended to civilian infrastructure in ways that blurred every legal and ethical line about proportional response.
When Iranian drones struck Amazon Web Services data centres in the UAE and Bahrain, millions in Dubai and Abu Dhabi awoke to locked-down digital lives. Suddenly people found they could not pay for a taxi, order dinner, or check their bank balance on their phones. The war had come to the cloud.
AI as the Engine of Digitalised War
Palo Alto Networks’ Unit 42 reports that Iran-linked groups use AI-enhanced targeted spear-phishing campaigns, generating payloads that adapt tone and context to their victims. In March 2026, CloudSEK analysts discovered a fake Israeli Red Alert missile warning app distributed via SMS — a malware-laced application that steals SMS messages, contacts, and precise GPS locations under the guise of a war emergency. This trojanised emergency app, which victims only downloaded to stay safe, became a high-value spy tool.
Analysts now describe a category of operations known as kinetic cyber attacks — cyber operations that directly trigger physical disruption or accompany military strikes. We are seeing a structural shift: states are beginning to use automated cyber tools as strategic assets as part of an early test of what it means when governments delegate parts of warfare to machines and code.
The digital warden of the 2026 digitalised war is not a human officer in a command room. It is an algorithm — scanning millions of devices per second, identifying vulnerabilities, launching attacks, and adapting in real time to countermeasures, all at a speed that no human digital warden could match.
The GPS Disruption — Invisible Digital Invasion at Sea
Electronic warfare activity has emerged with GPS and automatic identification systems disrupting more than 1,100 ships across the Gulf region. While not yet attributed, the interference spanning Iranian, UAE, Qatari, and Omani waters is consistent with the broader pattern of cyber and electronic operations accompanying the conflict.
For mariners, port operators, and logistics companies, this invisible digital invasion is as consequential as a physical blockade. Ships that cannot trust their GPS data cannot navigate safely. Ports that cannot verify vessel identities cannot operate normally. The digitized sol of the shipping lanes has become a weapon in a digitalised war that most civilian victims did not choose to enter.
The Internet Blackout — Digital Warden Turned Inward
About four hours into the attacks, the Iranian regime imposed a country-wide internet blackout. This is the regime’s default response to internal dissent. It suggests that there may be a wartime dynamic that places a cap on the usefulness of cyber operations — because imposing an internet blackout protects the regime from external cyber penetration while simultaneously cutting off its own population from information.
Because Iran is currently experiencing a near-total internet blackout, state-sponsored groups will likely be less active than their geographically dispersed proxies. Even in a weakened state, the regime’s efforts to limit internet connectivity functioned to control citizens’ access to information and reduce its own vulnerability to cyberattacks.
The digital warden turned inward is a recurring feature of the 2026 digitalised war — governments using the tools of digital control to manage their own populations as much as to fight their enemies.
Quotes
“Coordinated space and cyber operations effectively disrupted communications and sensor networks across the area of responsibility, leaving the adversary without the ability to see, coordinate, or respond effectively.” — General Dan Caine, Chairman of the Joint Chiefs of Staff
“The message was: you aren’t as strong as you think.” — Senior Israeli Defence Official, on the psychological warfare dimension of the digitalised war
“The war had come to the cloud.” — Analysis of the Iranian drone strikes on AWS data centres in the UAE and Bahrain
“Cyber warfare is no longer a sideshow to conventional conflict.” — ZENDATA Cybersecurity Analysis
“The cyber campaign will outlast the kinetic one.” — SOCRadar Threat Intelligence Assessment
“The line between independent hacktivism and state-sponsored operations is deliberately blurred, making attribution — and proportional response — increasingly difficult.” — ZENDATA Cybersecurity
“Israel used very cutting-edge data processing or big data fusion techniques that from a layman’s perspective you would call AI.” — Omer Benjakob, Cybersecurity Reporter, Haaretz
Impact
For global cybersecurity, the 2026 digitalised war has permanently shifted the threat baseline. The Iran-Israel War has sparked a new era of aggressive cyberattacks focused on causing disruption instead of generating financial returns. The intent of these attacks is to cause extensive damage and instability over time. Destructive malware — where data is deleted permanently rather than held for ransom — is now a prominent trend in state-sponsored digital conflict.
For civilian populations, the digital invasion dimension of the digitalised war exposes an uncomfortable reality — every connected device, every app, every cloud service is a potential vector in a conflict that most civilians did not vote for and cannot opt out of. The 30 million Iranians whose prayer app was weaponised did not enlist. The millions of UAE residents who could not access their bank accounts when AWS went down did not choose to be targets. The digitized sol of modern war reaches everywhere.
For the digital warden concept — the idea that states can and should police their digital borders — the 2026 conflict demonstrates both the power and the limits of that approach. Iran’s internet blackout protected it from some external penetration while crippling its own command communications. The digital invasion that breached its traffic cameras and mobile networks had already happened years before the first missile fell.
For the future of armed conflict, the digitalised war of 2026 confirms what strategists have long predicted — cyber warfare has moved from being a secondary form of warfare to now being an integral component of military strategies and how they relate to economic systems and the overall landscape of global cybersecurity.
FAQs
What is a digital war?
A digitalised war — also called cyber war or digital warfare — is a conflict in which attacks on computer systems, networks, infrastructure, and information flow are used as weapons alongside or instead of conventional military force. Modern-day conflicts have taken on a new form as demonstrated by both conventional warfare in the form of missiles, drones, and airstrikes, and continuing cyber wars in the form of cybercrime and hacking. In a fully digitalised war, the battlefield extends into every connected system — power grids, financial networks, communication infrastructure, military command systems, and civilian apps — making the line between combatant and civilian target increasingly difficult to define. The digital warden, the digitized sol, and the digital invasion are all dimensions of this new form of conflict.
What is the Iran-Israel war about?
On February 28, 2026, the United States and Israel launched Operation Roaring Lion, the joint military campaign against Iranian military, nuclear, and government targets. The operation targeted IRGC command centres, nuclear infrastructure, and senior leadership across Iran.At its core, the conflict centres on three overlapping disputes — Iran’s nuclear programme, which the US and Israel consider an existential threat; Iran’s support for regional proxy forces including Hezbollah, Hamas, and the Houthis; and the broader question of Iran’s regional power ambitions across the Middle East. The digitalised war dimension of the conflict has added a fourth front — cyberspace — that has no geographic boundaries and no clear rules of engagement.
What are the four types of war?
Military theorists traditionally define four types of war: conventional war — armed conflict between nation-states using organised military forces; unconventional war — guerrilla warfare, insurgency, and asymmetric tactics used by non-state actors or weaker states against stronger opponents; nuclear war — conflict involving the use or threat of nuclear weapons; and cyber war — attacks on digital infrastructure, information systems, and connected networks. The 2026 Iran-Israel conflict represents all four simultaneously — conventional airstrikes, proxy and guerrilla warfare through Iran’s regional networks, nuclear brinkmanship over Iran’s enrichment programme, and a full-scale digitalised war being fought across prayer apps, traffic cameras, cloud servers, and GPS systems across the entire Middle East. Cyber warfare is expected to increasingly integrate with conventional warfare, with the intent of cyber operations being to degrade the opponent’s capability to respond appropriately — creating tactical advantage for the attacker by disrupting communications and delaying access to vital intelligence on the battlefield.
Conclusion
The digitalised war of 2026 has answered, definitively and brutally, the question that military theorists have been debating for two decades.
Cyber is not a support function. It is not a secondary tool. It is not a domain that enables conventional operations from a distance. The US military’s very first move in the Iran war was in cyberspace — and that sequence was not accidental. It was doctrine.
The digital warden that Israel built over years of patient intelligence-gathering — cameras, mobile networks, apps, satellite feeds — gave it the ability to locate and kill a supreme leader with a precision that no conventional surveillance architecture could have matched. The digital invasion that Iran launched in return — against cloud infrastructure, medical technology companies, payment systems, and port networks across the Gulf — reached civilians who had never fired a shot and never would.
The digitized sol of the 2026 conflict is not a soldier in uniform. It is an algorithm, a compromised camera, a hijacked prayer notification, a GPS signal spoofed across 1,100 ships.
The conflict that began on February 28, 2026 has no clear endpoint, and the cyber campaign will outlast the kinetic one.
That is the defining truth of the digitalised war — when the bombs eventually stop falling, the code keeps running. The digital battlefield does not have a ceasefire. It has only the next attack, already being prepared, already deployed, already inside systems whose owners do not yet know they have been breached.
Welcome to the digitalised war. It was always coming. It is already here.
