The “Midnight Hammer” operation launched by the United States against Iran’s nuclear facilities has sparked global attention. According to senior officials at the U.S. Department of Defense, the U.S. Cyber Command led a network army in this operation, providing crucial support and showcasing the indispensable role of digital power in modern military operations.
Chairman of the Joint Chiefs of Staff, Gen. Dan Caine, held a press conference at the Pentagon on June 23, stating that the strike mission received support from U.S. Strategic Command, U.S. Transportation Command, U.S. Space Command, U.S. Space Force, and U.S. European Command, and expressed gratitude to participating units, including cyber warfare personnel.
While the Pentagon did not further elaborate on the specific actions of the network army, experts familiar with military cyber operations, who spoke to DefenceScoop on condition of anonymity, pointed out that cyber forces have become almost standard in modern military operations. Even the most basic missions rely on information and network warfare support.
Gary Brown, a senior legal advisor at the U.S. Cyber Command and currently a professor at Texas A&M University’s School of Government and Public Affairs, told DefenceScoop: “Almost all of our military operations now involve cyber support. Even in simple intelligence collection, cyber power remains present.”
A former military cyber official noted that complex operations like the “Midnight Hammer” demonstrate the maturity of the Cyber Command, which was established only 15 years ago and is now “a fully integrated mechanism,” supporting air superiority and global transportation.
According to publicly available information, the operation involved seven B-2 “Spirit” stealth bombers dropping 14 massive 30,000-pound bunker-buster bombs, in coordination with Tomahawk cruise missiles and a joint fleet of 125 aircraft including aerial refueling tankers and fighters, targeting Iran’s three main nuclear facilities: Fordow, Natanz, and Isfahan.
Analysts have suggested to DefenceScoop that the U.S. cyber army may have supported the air strike operation in three main aspects: first, the “Cyber Escort Program” to assist in mobilizing global air assets and support system stability to ensure uninterrupted communication and operational systems; second, to paralyze or deceive the enemy’s Integrated Air Defense System (IADS) to enable the stealth bombers to penetrate safely; and third, to provide real-time alerts and post-strike battle damage assessments.
Especially considering that the B-2 stealth bombers themselves have minimal active defense measures and limited maneuverability, if the cyber army can paralyze the enemy’s IADS, it will significantly enhance the success rate of the air strikes and reduce risks.
Experts emphasized that cyber army support often requires prior access to enemy systems, a point often overlooked by the public. In reality, cyber operations are not as straightforward as in movie plots. Forces must penetrate the enemy’s networks, gather intelligence, and analyze systems, only carrying out system attacks if authorized.
Therefore, cyber units must continuously infiltrate and maintain access to enemy systems, even during non-conflict periods. The U.S. Congress authorized the Cyber Command in 2018 to conduct such “battlefield intelligence preparation” without presidential authorization, establishing it as a traditional military operation.
Due to the difficulty of establishing and maintaining access rights, each operation must be carefully evaluated for deployment, as once activated, access may fail. For instance, if the Iranian air defense system did not immediately threaten the B-2 bomber group, the U.S. military might choose to preserve for future actions.
According to Axios, the U.S. government had once asked Israel to first destroy Iran’s air defense systems to clear obstacles for the U.S. air strikes.
Analysis also suggests that cyber warfare personnel may be on standby elsewhere to launch disturbances to divert Iran’s attention, such as local power outages or communication disruptions, but these actions come with the risk of losing long-term access, requiring a careful balance of risks and gains.
Prior to the airstrikes, the cyber army may have provided intelligence, surveillance, and reconnaissance (ISR) through the network to assist in target designation, analyzing the enemy’s real-time responses, troop deployments, and capabilities to potentially counter U.S. attacks.
During the attack, the cyber army could provide real-time “indications and warnings” to help the U.S. military monitor potential actions and counterattacks by the Iranian forces.
Additionally, the cyber army might engage in offensive cyber operations during the airstrikes, disrupting Iran’s military and civilian communication systems, preventing rapid responses. These actions are typically carried out by combat mission teams specialized in offensive cyber tasks, possibly including paralyzing enemy early warning systems or creating false threats or multiple attacks.
Axios reported that the cyber command could assist in battle damage assessment through cyber means, typically falling under the purview of the National Security Agency (NSA), monitoring internal communications within Iran.
Forces from the NSA or cyber army may monitor internal communications within Iran to determine if they have successfully diverted Iran’s attention. Initially, the U.S. reportedly had some bombers fly towards Guam as a decoy, diverting Iran’s attention from the B-2 bomber group traveling from the U.S. mainland across the Atlantic to the target.
After the attack, the cyber army may shift to defensive tasks, launching preemptive actions against potential threats, including constraining the attack capabilities of major Iranian hacker groups. Combat mission teams dedicated to the Middle East region or Cyber National Mission Force units tailored to specific Iranian threat actors could be involved in defense operations.
While the specific role of the U.S. cyber army in overall operations remains classified, this operation reaffirms that modern U.S. military operations have fully integrated digital and physical capabilities, with the Cyber Command now an indispensable core unit in the U.S. defense framework.