Skip to content

War in the Digital Age: How AI Deepfakes Are Weaponising Truth in the Israel-Iran Conflict

Sotiris SpyrouUpdated on

Share this article

LinkedInXEmail
War in the Digital Age: How AI Deepfakes Are Weaponising Truth in the Israel-Iran Conflict

AI-powered information warfare uses deepfakes, repurposed video game footage, and chatbot-generated falsehoods to distort real conflicts, and the Israel-Iran war has become the clearest example yet. As AI deepfakes, video game footage passed off as real combat, and chatbot-generated falsehoods distort the conflict, we're witnessing a digital crisis that exposes the urgent need for independent AI validation.

When AI Becomes a Weapon of War

The Israel-Iran conflict will probably be the first war that's fought online via AI-powered misinformation campaigns, with millions believing and sharing viral content before checking its accuracy. The scale is staggering: three AI videos alone amassed over 100 million views across multiple platforms.

What makes this particularly alarming is the sophistication of the tools being used. Companies like GetReal Security have traced many fabricated videos to Google's Veo 3 AI generator, known for hyper-realistic visuals, with the Veo watermark visible at the bottom of videos posted by news outlets like Tehran Times, claiming to show "the moment an Iranian missile" struck Tel Aviv.

The speed and ease of creation is unprecedented. Rob Greig, Chief Information Officer at Arup, demonstrated this reality when he attempted to make a deepfake video of himself in real time using open source software - it took him just 45 minutes.

The Corporate Connection: Why This Matters for Your Business

This isn't just a geopolitical crisis - it's a preview of what every organisation faces in an unregulated AI landscape. Recent data shows that 92% of businesses have experienced financial loss due to deepfakes, with the financial services sector reporting substantial average losses per incident.

Even more concerning, whilst 56% of businesses claim they are very confident in their ability to detect deepfakes, only 6% report having avoided financial losses from these attacks. This confidence-competence gap mirrors what we're seeing in the current conflict, where even sophisticated state actors struggle to control AI-generated misinformation.

The financial implications are accelerating rapidly. Regula's research from 2022 indicated that the average financial burden of identity fraud was around £230,000, illustrating how quickly the threat landscape is evolving.

The EU AI Act Response: Regulation Meets Reality

The timing couldn't be more critical. The EU AI Act's prohibition of AI systems posing unacceptable risks started applying on 2 February 2025, with rules on general-purpose AI systems requiring compliance with transparency requirements applying 12 months after entry into force.

Content that is either generated or modified with AI - images, audio or video files including deepfakes - must be clearly labelled as AI generated so users are aware when they encounter such content. However, the Israel-Iran conflict demonstrates the limitations of requiring bad actors to self-label their malicious content.

According to Reality Defender, adversaries have demonstrated ways to remove or tamper with watermarks, and these solutions only work when content creators actively participate in marking their content as synthetic, leaving organisations vulnerable to bad actors who intentionally circumvent or ignore these requirements.

The Professional Reality Check

The current conflict forces us to confront uncomfortable truths about AI governance:

Can your organisation detect sophisticated deepfakes when experts struggle? Even experts cannot determine whether such videos are AI-generated, which shows the complexity of detection.

Are your AI compliance measures tested against real-world attack vectors? The surge in wartime misinformation has exposed an urgent need for stronger detection tools, as major tech platforms have largely weakened safeguards by scaling back content moderation and reducing reliance on human fact-checkers.

How confident are you that your AI systems won't be weaponised? These tools are being used to manipulate public perception, often amplifying divisive or misleading narratives with unprecedented scale and sophistication.

Beyond Detection: The Independent Validation Imperative

The Israel-Iran crisis reveals a fundamental flaw in current approaches to AI safety: organisations cannot grade their own homework. Both Iran and Israel have moved to weaponise artificial intelligence, with legitimate governments adopting similar tactics to non-state actors. This demonstrates why independent validation is essential.

The EU AI Act mandates penalties for non-compliance that can reach up to 35 million euros or 7 percent of global annual turnover, with enforcement ensured by administrative fines. For enterprises, this isn't just about avoiding penalties - it's about maintaining operational integrity in an environment where AI systems can be compromised or misused.

What's needed is independent behavioural testing of responsible AI practices, in our advisory work at VerityAI - the kind of validation that probes actual system behaviour rather than just reviewing policy documents. This kind of scrutiny is what surfaces the misuse potential of AI generation tools before they become weapons of misinformation.

Turning Compliance Into Competitive Advantage

Smart organisations recognise that strong AI compliance isn't a cost centre - it's a competitive advantage. Whilst competitors struggle with AI-related incidents and regulatory exposure, organisations that invest in independent AI governance advisory can innovate with more confidence, knowing their systems have been properly scrutinised.

The Israel-Iran conflict serves as a stark reminder that AI systems powerful enough to create compelling warfare footage are certainly powerful enough to impact your business operations. The question isn't whether you'll face AI-related risks - it's whether you'll be prepared when they arrive.

Moving Forward: The Trust Infrastructure Imperative

Financial losses from deepfake-enabled fraud exceeded $200 million during the first quarter of 2025 alone, suggesting an "alarming" escalation and growing sophistication of deepfake-enabled attacks worldwide.

The path forward requires more than hope. It requires systematic, independent validation of AI systems before they're deployed, going beyond theoretical frameworks to examine actual system behaviour under stress conditions.

As we witness AI being weaponised in real-time conflict, the urgency for proper AI governance has never been clearer. The organisations that recognise this inflection point and act decisively will define the next era of trustworthy technology deployment.

The war in the digital age isn't coming - it's here. The question is whether your organisation is building systems that can be trusted in this new reality.

Ready to ensure your AI systems can withstand real-world scrutiny? Talk to VerityAI about EU AI Act compliance advisory and turn regulatory risk into a competitive advantage.

For hands-on help, see VerityAI's AI risk and compliance advisory.

Frequently asked questions

What is AI-powered information warfare?

AI-powered information warfare is the use of generative AI tools, including deepfake video, manipulated images, and chatbot-generated text, to create and spread false narratives during a conflict. It differs from traditional propaganda because the content can be produced quickly, at scale, and often looks convincing enough that even trained observers struggle to tell it apart from genuine footage.

Can deepfake watermarks be trusted?

Watermarks only work when the person who created the content chooses to include one and leaves it in place. Adversaries have shown they can strip or bypass watermarks entirely, so a watermark's presence is not proof of authenticity and its absence is not proof of manipulation.

Why does independent validation matter more than self-reported compliance?

Self-reported compliance relies on an organisation checking its own AI systems and declaring them safe, which leaves obvious blind spots. Independent validation brings in a third party to test how a system actually behaves under real-world conditions, which surfaces misuse potential that an internal review is unlikely to catch.

How does the EU AI Act apply to AI-generated conflict content?

The EU AI Act requires AI-generated or manipulated content to be labelled as such, and it sets out penalties for providers and deployers who fail to comply. The Act applies within the EU regulatory perimeter, which means its practical reach over content produced by state actors or parties operating outside that perimeter is limited.

Share this article

LinkedInXEmail
Sotiris Spyrou - Author

Sotiris Spyrou

Sotiris Spyrou is the founder of VerityAI, a Responsible AI advisory for boards and AI-deploying businesses. With 27 years across agencies, global in-house roles, and the C-suite, he advises leaders on AI governance and risk, and on answer-engine visibility engineered without the dark patterns the rest of the industry is getting penalised for. He is the author of TRANSFORM, AI Moats, and Ethical AI.

Founder at VerityAI