Digital Domains Are the New Battlefield

Editor’s Note: Of the many dimensions of the war against Iran, the cyber realm is one of the hardest to observe from the outside. My Center for Strategic and International Studies colleague Lauryn Williams examines how warfare in the digital domain—including outer space and the electromagnetic spectrum, as well cyber operations—is playing out in the conflict and argues that multidomain warfare is likely to be hotly contested in this and future wars.

Daniel Byman

***

When the world woke up to news of a massive U.S.-Israeli military operation in Iran on Feb. 28, the early headlines were digital as well as kinetic. Anthropic’s Claude AI tool reportedly aided the U.S. military in selecting targets for missile strikes; an alleged Israeli cyberattack compromised the widely used BadeSaba religious calendar application to send anti-regime messages; the Iranian regime imposed an internet blackout and the U.S. military claimed that cyber and space operations had “disrupted” Iran’s communications; and electronic warfare activity spiked concurrently, hampering GPS navigation systems for ships passing through the Gulf.

These events reveal a truth of modern warfare: Air campaigns like Operation Epic Fury are being fought and shaped in digital domains, including cyberspace, the information space, the electromagnetic spectrum, and outer space. Lines between these domains are blurring with growing implications for the future of modern conflict.

A Unique Domain of Conflict

The Iran operation demonstrates that governments are preparing the battlefield for major kinetic operations with cyber operations targeting civilian and military infrastructure. U.S. Chairman of the Joint Chiefs of Staff Dan Caine spoke publicly just days after the Feb. 28 strikes about U.S. Cyber Command and U.S. Space Command’s roles in hampering the regime’s ability to respond. Instead of simply acting as a supporting function, sequencing cyber effects alongside the Feb. 28 Iran strikes (and January raid in Venezuela) shows cyber is increasingly shaping the early phases of conflict.

In Iran, the religious app compromise and reported attacks on state-run websites demonstrate the integration of cyber and influence operations. BadeSaba, a religious calendar application with millions of downloads, was the target of an alleged Israeli cyberattack that pushed warnings directly to users, including one stating that the Iranian regime would “pay for their cruel and merciless actions against the innocent people of Iran.” The nature of the messages suggests the app was compromised specifically to convey anti-government messaging. Similarly, several official Iranian websites, including the state-run Islamic Republic News Agency, were compromised to display anti-regime language. As these examples indicate, the United States and Israel employed both cyber and influence of operations to set the stage for the initial wave of airstrikes by hindering regime communications and shaping the Iranian public’s perception through targeted messaging.

The Iranian regime uses nationwide internet blackouts frequently as a defensive measure to control information flow during times of national crisis and reduce the effectiveness of external cyber intrusions and information operations. However, blackouts can also complicate cyber incident attribution and obscure disruptions originating from state-imposed controls or external cyberattacks.

But Iran is not just on defense. It has a long history of strategically leveraging cyber operations as a tool for outsized disruption relative to its military might. Its demonstrably sophisticated cyber capabilities include wiper attacks, distributed denial-of-service attacks against major U.S. banks, election interference campaigns, and exploitation of industrial control systems. While certainly less capable than some other state actors, including China and Russia, Iran’s maturing offensive cyber program is capable of targeting both civilian infrastructure and critical national systems. For example, the Islamic Revolutionary Guard Corps (IRGC), sometimes presenting as hacktivist proxy groups, has targeted the water sector and other U.S. critical infrastructure for years. Iran’s cyber activity targeting Israel has spiked following recent regional conflicts, including a 700 percent increase in cyberattacks in response to the June 2025 nuclear facility strikes.

In the lead-up to the current conflict and since its start, cybersecurity firms have observed Iranian intrusions into critical infrastructure networks. Notably, activity attributed to the Iranian cyber espionage group Seedworm has targeted “a U.S. bank, an airport, non-governmental organizations in the U.S. and Canada, and the Israeli operations of a U.S. software company that supplies the defense and aerospace industries.” Additionally, regime-linked hacktivist group Handala took credit for disrupting the network of U.S.-based medical device firm Stryker, which has a global presence of 56,000 employees. The incident has been widely viewed as confirmation of Iran’s intent and capability to target companies on U.S. soil. Such activities indicate an urgent need for governments and companies alike to shore up cyber defenses as the conflict continues. These operations also demonstrate that even less-resourced cyber actors can still shape early conflict phases with outsized impact.

For the United States, the Iran strikes and the Venezuela raid in January have revealed an emerging policy of public messaging about, rather than concealing, offensive cyber operations—a change also evident in the Trump administration’s Cyber Strategy for America. Immediately following the Venezuela operation, President Trump made the unprecedented choice to claim credit for a power blackout in Caracas, stating that Caracas lost power “due to a certain expertise that we have.” The chairman of the Joint Chiefs of Staff also noted that cyber and space operations enhanced the ground invasion. This shift to public acknowledgement has continued. In the first press briefing after the start of the strikes on Iran, Chairman Caine called Cyber Command and Space Command “first movers” responsible for a “highly classified” operation that layered “non-kinetic effects, disrupting and degrading and blinding Iran’s ability to see, communicate, and respond.” Both the ongoing Iran conflict and the aftermath of the Venezuela raid will have lasting implications for how the United States approaches cyber warfare, including how openly it acknowledges ongoing and future operations, and whether transparency in cyberspace becomes a tool in itself.

Blurring Lines Between Digital Domains

In addition to cyber and the information space, the Iran conflict highlights nations’ reliance on digital domains of warfare, including the electromagnetic spectrum and outer space. Attempts to distinguish activities within (and enabled by) the digital domain from activities in the physical world are becoming increasingly obsolete.

Digital infrastructure is now becoming a battlespace in itself, and it is not confined to Earth; it extends to space, where satellite constellations, including GPS and SpaceX’s Starlink communications infrastructure, reside. Electronic interference targeting GPS has spiked in the Gulf since the onset of conflict. Over just a few days, a maritime intelligence firm observed 1,100 instances of GPS jamming and spoofing interference, actions that overwhelm legitimate satellite data or make ships or planes appear to be off course. While not yet attributed, the interference with these signals in Iranian, Emirati, Qatari, and Omani waters is consistent with the broader pattern of interlinked cyber and electronic operations in the conflict.

Further, Starlink satellite internet service is allowing reportedly 30,000 Iranian civilians and hacktivist groups to navigate around the regime-imposed internet blackout. As with internet blackouts, access to Starlink is double-edged. On the one hand, Iranian civilians are desperately seeking connection to the outside world, which has led the regime to jam Starlink signals. On the other hand, Starlink access is likely allowing Handala to launch cyberattacks from under the blackout.

The Future of Modern Conflict

From cyberspace to the information domain and further into outer space, the Iran conflict underscores how thoroughly digital domains are shaping modern warfare. Looking forward, the United States must quickly adapt to a battlespace in which operations are not taking place in siloes, but across digital and physical seams. Instead of singular, domain-specific expertise, senior leaders must encourage warfighters to cultivate genuine cross-domain expertise blending an understanding of cyber, information operations, electronic warfare, and space operations to most effectively leverage these effects for battlefield advantage and counter adversaries’ activities in these domains. In the future, these domains will only become more central and hotly contested and increasingly shape the outcome of conflicts.