Back to News
Market Impact: 0.66

AI in warfare: Report says Iran using ChatGPT and Gemini to target US, Israel with malware attack

Artificial IntelligenceCybersecurity & Data PrivacyGeopolitics & WarInfrastructure & DefenseTechnology & InnovationSanctions & Export Controls
AI in warfare: Report says Iran using ChatGPT and Gemini to target US, Israel with malware attack

Iran is reportedly using ChatGPT, Gemini, and other Western AI tools to develop malware, craft phishing campaigns, and improve cyber and battlefield capabilities against the US and Israel. The report also says Iranian-linked groups are using AI for disinformation, drone guidance, and military research, while Google detected APT42 using Gemini in late February. The development raises cyber and geopolitical risk for US, Israeli, and UAE targets, with potential implications for cloud and defense infrastructure.

Analysis

The market implication is less about a one-off cyber headline and more about a structural compression of the cost of asymmetric conflict. If low-cost AI meaningfully improves phishing conversion, malware iteration, and target selection, the marginal defense burden shifts to cloud, identity, and endpoint vendors — but also to the hyperscalers themselves, because they are now part of the attack surface, the detection layer, and the political target set. That creates a weirdly dual outcome: security spend should rise, yet the large cloud platforms may face a higher probability of reputational scrutiny, procurement friction in sensitive geographies, and occasional localized service-risk premiums.

For GOOGL, the near-term issue is not revenue leakage from AI misuse; it is the liability of model availability and brand trust. Every publicized misuse episode strengthens the case for stricter access controls, rate limits, and provenance checks, which could modestly slow product adoption in frontier markets and by smaller developers, while leaving the core enterprise franchise intact. The second-order effect is favorable to dedicated security vendors and managed detection providers, because customers will likely overbuy layered controls once boards connect generative AI to operational risk rather than abstract policy risk.

AMZN’s risk is more concentrated on infrastructure resilience and geopolitical spillover than on direct demand impact. If cloud assets are being rhetorically elevated into “legitimate targets,” the market should price a low-probability but high-consequence tail where regional facilities, routing, or partner ecosystems become intermittently disrupted; that is not a core earnings problem, but it can widen risk premiums and drag on sentiment during periods of escalation. The contrarian view is that the selloff risk in hyperscalers may be overdone if investors conflate cyber exposure with revenue exposure: the more AI-driven threat activity rises, the more enterprises are forced to increase security and cloud spend, which ultimately accrues to the same platforms, especially on the defensive tooling side.