Several international media outlets, citing The Wall Street Journal, reported that the U.S. Central Command used AI models from Anthropic (Claude Gov) to support operations against Iran. According to these reports, the models were applied in the analysis of intelligence information, target identification and prioritization, as well as the simulation of possible operational scenarios.Regardless of the exact internal timeline, the development clearly demonstrates how deeply commercial AI has already been integrated into military decision-making processes. From a cybersecurity perspective, this is not merely a question of technology, but of system architecture and control. The decisive factors are operational dependencies, supply chain risks, and AI-specific vulnerabilities. Among the strategic advantages is the Decision-Support Layer. It accelerates the processing of large volumes of ISR data (Intelligence, Surveillance, Reconnaissance), correlates signals from multiple sources, and models probable developments. However, these advantages remain sustainable only if the security architecture is as resilient as the models themselves.
Once a security-critical organization becomes dependent on an external AI provider, the focus shifts from performance to governance:
- Who controls model versions and updates?
- Where is the infrastructure located?
- Who has access to telemetry and log data?
- Can policies be modified remotely or access restricted?
In highly sensitive environments, even structural dependency - without malicious intent - can create strategic attack surfaces.
Additionally, there is the specific attack surface: model or data poisoning can distort analytical outcomes. Prompt injection can influence inference logic through manipulated inputs.
Sensitive information may leak via outputs or logs (data exfiltration).
Adversarial manipulation can shift statistical weightings in ways that affect operational assessments. If AI supports target prioritization or scenario analysis, even minor distortions can have practical consequences. Furthermore, clearly segmented environments, controlled update processes with integrity verification, full auditability of decision pathways, and the consistent integration of human oversight in decision-making (human-in-the-loop) are essential. Against this background, cybersecurity forms the structural foundation, protecting not only systems, but strategic operational capability in the digital battlespace.