Iran could use artificial intelligence to accelerate cyberattacks on critical US and Israeli infrastructure

The experts said luck Although there is no public evidence that Iran can yet coordinate AI-powered cyber agents on the level that anthropology documented in China late last year, the country remains one of the most capable cyber powers in the world outside of the major players — the United States, China and Russia.

“Threat actors from Iran have often targeted the United States and Israel over the years, committing attacks against critical infrastructure, conducting espionage, DDoS attacks, influence campaigns, and attacks designed to wipe out systems,” said Ally Mellen, principal analyst at Forrester Research and author of the upcoming report. Code Wars: How Nations Hack, Spy, and Shape Now’s Digital Battlefield.

The IRGC is a well-resourced organization and a sophisticated cyber actor, agreed Bob Kolaski, senior vice president of critical infrastructure at AI supply chain company Exiger. “It would be surprising if they did not use artificial intelligence to enhance their offensive cyber capabilities,” he said. He added: “Iran has more than 10 years of history in attacking critical infrastructure of the United States, so they have a clear intent and ability to carry out such attacks and are supposed to use their latest weapons.”

Milin said that Iran has been experimenting with using artificial intelligence in hacking operations for years. For example, she explained, Google I mentioned recently Iranian hackers used the Gemini AI system to help collect information on targets, trick people with more convincing phishing messages, and help build hacking tools.

But Iran does not need access to a “Western” model like Anthropic to launch AI-assisted attacks, according to Liron Walter, vice president of strategy at Israel-based data protection firm Teramind. “Open-weight models like Meta’s Llama and Chinese models like DeepSeek can be downloaded, run locally (offline), and tuned without any usage restrictions or guardrails,” she said.

In fact, she noted that for a sanctioned country like Iran that doesn’t have easy access to U.S.-based models, using open source models is actually a better operational security posture than trying to abuse a censored commercial platform. “They will rely on the unsupervised open weight models that are widespread locally, where there is no kill switch, no registration, and no terms of service,” Walter said.

For Iran-linked hacking groups, AI often makes familiar tactics faster and more effective. It allows them to send more convincing phishing emails on a much larger scale – messages that appear to come from trusted contacts and are designed to trick people into sharing sensitive information. AI can also help hackers more quickly find vulnerabilities in systems, scan networks for targets, and write or adapt malware without requiring first-class programmers for each operation.

“These groups have historically targeted the energy, oil and gas, and critical infrastructure sectors, sectors where well-timed disruption has had significant geopolitical impact,” Walter said. “AI makes it faster and more scalable, and is fundamentally no different in its goals.”

All of this creates a lot of concerns for governments and companies, Kolaski said. He explained that if China decided to commit more closely to assisting Iranian military targets, it could provide more assistance in terms of artificial intelligence capabilities. Iran may also have incentives to “empty the tank” and use all means at its disposal as the conflict escalates. “AI-powered cyberattacks have not been extensively tested, and it is not known whether America’s critical infrastructure is capable of defending against new attacks,” he said. “It is clear that there are vulnerabilities that can be exploited, and artificial intelligence will make it easier for Iran to identify them.”