Iran’s Hackers Are Coordinating More Closely: Israeli Cyber Leader

Iran’s cyber apparatus has evolved from isolated hacking units into a more unified force, exchanging tools and leveraging generative AI to polish propaganda and recruitment messages. The shift, highlighted by Yossi Karadi of Israel’s National Cyber Directorate, reflects a broader trend where state‑backed actors use artificial intelligence to overcome language barriers and increase the credibility of disinformation. This coordination has already manifested in massive SMS campaigns that attempt to sow confusion among Israeli civilians, illustrating how AI can amplify traditional influence operations.

The operational impact extends beyond Israel. Recent Iranian‑linked intrusions have targeted U.S. industrial control systems, a major medical‑technology firm, and other regional entities, employing advanced espionage techniques. As physical strikes on Iranian cyber facilities ebb and flow, the hacking groups regroup, using AI to streamline attack development and reduce the need for on‑site hardware. This dynamic creates a persistent, low‑level cyber conflict that can persist even if diplomatic negotiations produce a cease‑fire on the battlefield.

Policy makers are now grappling with the dual‑use nature of powerful AI models. Karadi’s push for controlled access to Anthropic’s Mythos and similar systems underscores the urgency of equipping defenders with the same capabilities attackers seek. While the White House’s AI‑cybersecurity executive order has been delayed over industry concerns, the consensus is clear: without regulated yet accessible AI tools, governments risk falling behind a rapidly advancing threat landscape. The coming months will likely see a proliferation of such models, cementing AI as the "main threat" in cyber warfare and reshaping how nations defend digital infrastructure.