America's secret weapon that disabled Iran's defenses

 The roar of warplanes, the thunder of missiles, and the plumes of dust now drown out all other sounds, from Tehran to Tel Aviv, passing through the Gulf states. On the morning of Saturday, February 28, 2026, US President Donald Trump announced the start of "major combat operations" in Iran, dubbed "Epic Wrath" by the Pentagon, while Israel announced a parallel operation called "Lion's Roar."

The announcement of these operations coincided with explosions in Tehran, Isfahan, Qom, Kermanshah, and Karaj, targeting Iranian state command and control centers and several senior Iranian leaders, including Supreme Leader Ali Khamenei. Iran responded by launching missiles toward Israel and US bases in the Gulf region, as well as airports and other vital targets.

But while missiles rained down from all directions, something else, less loud, was happening simultaneously. Iranian state and semi-official news agencies, such as IRNA, ISNA, and Mehr, were subjected to massive cyberattacks that disrupted their services, coinciding with a widespread cyberattack targeting other major Iranian institutions. Netblocks confirmed that internet connectivity in Iran had plummeted to a mere 4% of its normal level. Meanwhile, Mossad launched a Persian-language Telegram channel to address Iranians directly while their official channels were down.

The cyberwar proceeded in parallel with military operations. The attacks on Iranian news agencies were not isolated incidents but rather part of a single operation aimed at undermining the Iranian regime, not only by targeting its military and security institutions but also by disrupting its ability to communicate with the public and control the media narrative from the outset.

But this scenario wasn't spontaneous; it was clearly foreshadowed. On February 19, the Royal United Services Institute (RUSI), one of Britain's most prestigious defense research centers, published a lengthy analysis titled "Control, Replacement, Impact: Prospects for US Cyber ​​Operations in Iran." The analysis detailed what US Cyber ​​Command might target in an attack on Iran: early-warning radars, ground-based air defense systems, command-and-control networks, logistics systems, and even the internal communications of the Iranian Revolutionary Guard.

The Old Rules

There's a simple logic to why cyber warfare is built on secrecy. When a nation reveals its capabilities, it often risks losing them. Simply put, when you penetrate your enemy's network, your strength lies in their unawareness of your presence. But the moment they discover you, they close the breach, restructure, and start from scratch.

In the nuclear realm, a single image of a warhead is enough to deter an adversary. In the cyber realm, however, the same image can render the weapon ineffective. This logic has governed cyber operations since their inception. This brings us back to the Stuxnet virus, considered the first cyber weapon in history, which had been secretly operating inside Iranian centrifuges since around 2007, as Symantec researchers pointed out in 2013. It went undetected for three years until researchers at a cybersecurity firm spotted it in 2010, after it had spread beyond its original target.

At the time, the United States and Israel denied any involvement in the operation. The first detailed public account came from journalist David Sanger in The New York Times in 2012, and it wasn't an official admission, but rather a leak from former officials. To this day, there is no explicit US government acknowledgment of the development of Stuxnet. Herein lies the institutional paradox: the most successful cyber operation in history achieved its strategic impact not by revealing it, but by keeping it hidden for as long as possible.

With the rise of cyber threats, the US Department of Defense established Cyber ​​Command (USCYBERCOM) in 2009 as a subcommittee under Strategic Command. Its mission was initially defensive, but with the escalation of cyberattacks, it began to shift toward an offensive posture.