Loading blog post, please wait Loading blog post...

Listen to the AI-generated audio version of this piece.

00:00
00:00

Mere hours after US and Israeli strikes opened the 2026 Iran War on February 28, more than sixty Iranian-aligned hacktivist fronts surged into control-system operations to disrupt America’s water and energy systems

Only one day later, Iranian drones would strike three Amazon Web Services data centers in the United Arab Emirates and Bahrain. It was the first known kinetic attack on commercial cloud infrastructure in a major-power conflict.

Within weeks, the Islamic Revolutionary Guard Corps (IRGC) published a target list of twenty-nine US, Israeli, and Gulf “tech targets.”. For the first time, both of the world's critical subsea-cable chokepoints, the Red Sea corridor and the Strait of Hormuz, were closed to cable repair operations, putting at risk routes that carry roughly 17% of global internet traffic.

And, US strikes inside Iran were being planned, in part, with Anthropic’s Claude embedded in Palantir’s Maven Smart System, a targeting tool whose user base had grown to more than twenty thousand people across all US military services and combatant commands.

For years, the central question in the AI and national security debate has been whether artificial intelligence will cause the next major war. 

Researchers, such as those from the RAND Corporation, have identified six pathways through which AI might destabilize the international order: shifting the balance of power, distorting leaders’ judgment, reducing the perceived cost of force, enabling independent action, fueling domestic instability, and incentivizing preventive wars.

But the emerging evidence suggests AI is unlikely, on its own, to directly trigger interstate war.

Our research led us to a different question: even if AI does not start wars, how is it changing how wars are fought — through which systems, by which actors, against which targets, and on which timelines?

Our findings suggest that AI may not fundamentally change why wars begin. It does, however, add a new layer of conflict over the systems that make force possible 

Our findings suggest that AI may not fundamentally change why wars begin. It does, however, appear to reshape what becomes contested once they do, adding a new layer of conflict over the systems that make force possible: cloud infrastructure, data centers, semiconductor supply chains, energy, communications networks, AI models, targeting pipelines, and the public and private institutions that operate them.

Those are not only military systems. Because much of this infrastructure is dual-use, it also runs hospitals, schools, benefits delivery, courts, and emergency response. That is where the stakes for democratic governance come in.

What We Built

The SPAR AI Risk Explorer (AIRE) project is an ongoing effort to build a monitoring architecture for AI conflict risk, making emerging patterns visible before they harden into precedent, so policymakers and other decision-making actors can take appropriate action.

We combined:

  • roughly 5,000 multilingual reports on military AI developments; 

  • procurement records covering hundreds of US military AI contracts and billions of dollars in spending; 

  • country-level analyses of major AI actors (the US, China, India, Iran, and Israel);

  • an infrastructure risk tracker mapping strategic chokepoints, including data centers, semiconductor facilities, subsea cables, and energy nodes; 

  • and a catalog of roughly 80 recurring AI-conflict risk factors drawn from the academic literature and the incident record.

The point was to test whether policy and academic frameworks fit the evidence of what was happening in real time. 

The Framework

To organize the evidence, we used a two-by-two grid.

On one axis: AI as a driver of conflict juxtaposed with AI as a target of conflict. 

On the other axis, AI is contributing to conflict initiation and escalation.

That produces four questions: 

  1. Does AI make leaders more willing to use force in the first place? 

  2. Does AI infrastructure become a target before conflict formally begins? 

  3. Does AI change how coercion works once war is underway? 

  4. What happens when cloud infrastructure, data centers, cables, or compute systems themselves become military targets?

The framework matters because these are all different challenges. Related solutions involve different actors, different legal questions, and different governance tools. A debate framed only around whether AI "causes war" misses much of what is already changing.

What We Found

The three patterns we found map onto this grid. The first is about who pulls the trigger: AI is making it cheaper for more actors to threaten, coerce, and cause harm. 

The second is about who is actually in the room: when a single operation involves a military, a cloud provider, an AI company, and a proxy group, the framework's categories start to break down, because there is no single driver, no single target, and no clear moment when conflict "began." 

The third is about what gets hit: the same systems that run hospitals and banks are now appearing on military target lists.

1. AI lowers the floor for participation and raises the stakes

AI does not make weak actors equal to strong ones. Major states still hold overwhelming advantages.

But AI can make it simpler for smaller actors or weaker militaries to exert influence. Drones, targeting aids, surveillance tools, AI-enabled information operations, and commercially available geospatial analysis can give proxies, militias, and non-state actors enough reach to complicate deterrence, attribution, and escalation.

Power hasn’t flattened, but the cost of credibility has dropped. Asymmetric warfare is not new; weaker actors have always found ways to impose costs on stronger ones. What AI changes is the scale and accessibility of those tools, expanding who can participate and deepening how much disruption they can cause.

The Iran school strike illustrates the failure mode that can accompany high-tempo AI-enabled targeting processes. While the role of AI systems in the strike remains under investigation, the incident has raised broader concerns about outdated intelligence, automation bias, and compressed review timelines. As Pape’s classic analysis of air coercion documented, precision makes punishment easier to launch, but not more likely to succeed. 

2. AI is expanding the coalition of actors and deepening their misalignment

Traditional theories of coercion assume states act as unified decision-makers. 

But AI-enabled conflict increasingly doesn't work that way. A military may authorize an operation, a cloud provider may host the infrastructure, an AI company may supply the model, a contractor may integrate the system, a proxy non-state actor may act faster than its sponsor intended, and an ally or corporate actor may be pulled into consequences it did not fully control. 

These actors — militaries, allied governments, AI companies, cloud providers, defense contractors, satellite firms, infrastructure operators, and proxy groups — do not share the same incentives, legal obligations, commercial pressures, or tolerance for risk.

What is newer is a category that sits awkwardly in existing frameworks: commercial technology companies. 

Unlike traditional defense contractors, who have always known they were in the weapons business, AI companies are now building products embedded in targeting systems and military infrastructure. These firms often see themselves as outside of conflict, until they are not. Their decisions about access and terms of service function as de facto public policy.

A potential reported example comes from MizarVision, a Chinese commercial AI firm that used AI-assisted satellite analysis to reconstruct U.S. bomber flight patterns during the war. The U.S. Treasury later sanctioned the company, alleging its imagery had enabled Iranian strikes on U.S. forces. 

Neither MizarVision nor Chinese state media has confirmed or denied it. But if accurate, the case would illustrate how a commercial AI capability can become a state-level military input without a formal state-to-state transfer.

Decisions about who controls which capabilities are now being made in corporate executive suites, outside any democratic authorization process.

Alongside this sit (i) Anthropic’s dispute with the Department of War over the terms of Claude’s military use, and (ii) the Pentagon’s various deals with OpenAI, Google, and xAI. Decisions about who controls which capabilities are now being made in corporate executive suites, outside any democratic authorization process. Corporate guardrails and corporate gaps now function as de facto military public policy.

3. Civilian and military infrastructure are becoming harder to separate

The sharpest pattern concerns infrastructure.

The same data center, cloud region, cable, model, or communications network can simultaneously support hospitals, banks, logistics, social services, intelligence analysis, and military operations. 

That does not erase international law; the civilian-military distinction still applies and still matters. But it makes the facts substantially harder to apply.

When the same infrastructure supports civilian life and military capability, attacks on that infrastructure produce military, economic, and societal effects simultaneously. A strike meant to degrade targeting capacity can disrupt banking. A cable cut can affect ordinary communications. A cloud outage can cascade through public services.

Israel used AI-assisted surveillance — including hacked traffic cameras — to track Iran’s Khamenei prior to his assassination. This is a direct instance of civilian infrastructure converted to a use-case for military intelligence.

The ICRC noted in a March 2026 analysis that this very commingling makes proportionality and precautionary assessments under international humanitarian law substantially more difficult and increases foreseeable civilian harm. 

Governments are paying attention. The Office of the Director of National Intelligence 2026 Annual Threat Assessment treats AI as a top-tier, cross-cutting threat for the first time — one indicator that U.S. intelligence expects this dynamic to persist. Yet FY2026 marked the first year the Department of Defense created a dedicated AI and autonomy budget line — $13.4 billion, most of it for unmanned systems.

What the 2026 case shows is not that AI caused the war. Instead, it shows what war looks like when AI is operationally integrated into it, and what that means for every institution that depends on the same underlying infrastructure.

What Public Servants Can Track

The most useful lesson from this microcosm of conflict research may be far less about war per se than about governance.

Conflict compresses time. It reveals dependencies quickly. It shows which systems fail, which actors matter, and which risks were seemingly invisible until they were already operational.

Public servants do not need to work in defense to learn from these signals. Two tracking items stand out for incorporating into decision-making.

Watch when speed becomes the main argument

The Department of War’s January 2026 AI Strategy states that “the risks of not moving fast enough outweigh the risks of imperfect alignment.” That framing treats delay itself as the primary danger, and treats oversight, testing, and deliberation as friction to be reduced.

Speed may be necessary in a given context. The problem is that when it becomes the dominant public value, it crowds out accountability, transparency, and deliberation. 

Once “we couldn’t move fast enough” becomes a standard justification, it becomes available for use in any context, including ones where the consequences of moving too fast are borne by people with no voice in the decision. Monitoring such rhetoric is one way in which policymakers can help to mitigate risk.

This is not only a consideration for individual agencies, but for international governance and regulation. 

When one actor accelerates, it creates pressure for others to do the same, a ratchet effect that no single actor can reverse unilaterally, and that makes conflict harder to control once it begins. 

Palantir's trajectory shows how fast speed-as-doctrine is being capitalized: Its Maven contract began at $480M in 2024, and in 2025 the Army folded 75 contracts into a single enterprise agreement with a $10B ceiling, on top of a $795M Maven expansion. Ceilings are not obligations, but the direction and pace are the signal.

Treat digital systems as civic infrastructure

Cloud services, data centers, communications networks, and platform dependencies are now part of the operating layer of government, due to their dual-use capabilities. They support benefits delivery, emergency response, hospitals, schools, courts, transportation, and public communication.

Governments typically think about cloud services, data centers, and communications networks as IT. The 2026 conflict suggests they must be treated as civic infrastructure—as consequential to democratic functioning as roads, water, or the electrical grid.

Governments typically think about this layer as IT and/or a function of procurement. The 2026 conflict suggests these systems are, and must be, treated as civic infrastructure — as consequential to democratic functioning as roads, water, or the electrical grid.

The IRGC’s targeting doctrine toward U.S. tech companies reflects a broader shift: digital infrastructure is and will be increasingly treated as a strategic asset in conflict.

A cloud provider relationship that resembles a commodity IT contract may, in a disruption scenario, become a single point of failure for multiple public functions. The same applies to model vendors, cable routes, and identity systems.

The AIRE evidence makes this visible in the military context: Anthropic's exclusion from classified networks, the MizarVision proxy-diffusion case, and the Pentagon's turn to unrestricted "any-lawful-use" terms all describe situations in which capability and accountability are held by diffuse actors.

The formal decision-maker may have authorized the action, but others shaped what was possible.

The Larger Democratic Question

By the time a failure is visible, the infrastructure, incentives, contracts, workflows, transparency, and accountability gaps that produced it may already be embedded.

Democratic institutions derive their authority from the premise that the people who make consequential decisions can be held accountable by the people those decisions affect. 

When consequential national security decisions are distributed across militaries, commercial AI providers, cloud operators, contractors, and proxy actors, that chain of accountability stretches until it breaks

When consequential national security decisions are distributed across militaries, commercial AI providers, cloud operators, contractors, and proxy actors, that chain of accountability stretches until it breaks. It fragments across jurisdictions and migrates into contracts and terms of service that no voter ever sees.

The 2026 US-Iran-Israel conflict offers an early illustration of what large-scale operational integration of AI looks like: the future of war will be more integrated across a wide range of actors. 

And the result is that AI is reshaping conflict by reshaping the systems that enable action, shifting norms around what can be tracked, targeted, automated, outsourced, and justified in the name of speed. 

The task is, ultimately, to make these dependencies visible before conflict does it for us.