On the morning of Saturday, 28 February 2026, a man in Tehran opens a navigation app on his phone. The app places him in a city 900 kilometres south of his real location. He closes it, tries again, and gets the same result. He attempts to call a friend, only to discover there is no network, no internet, no messages.
At the time, the man did not know that a US or Israeli missile strike had been carried out minutes earlier not far from where he was. He did not know that the Al Shajara Al Tayyiba Primary School for Girls, in the city of Minab in southern Iran, had been destroyed in a bombardment that killed 165 people, most of them young girls. He did not know because there was no way for anyone to tell him.
This is not a scene from a science fiction novel. It is an attempt to imagine what millions of Iranians lived through last Saturday morning, when internet connectivity in Iran dropped to just 4 percent of normal levels, according to NetBlocks, the organisation that monitors internet shutdowns, before effectively reaching zero from 7:30am GMT (11:00am in Tehran), according to Cloudflare data. NetBlocks reported the next day that the internet had completed 24 hours at 1 percent of normal levels, meaning a near total blackout.
At that same moment, on the other side of the Gulf, more than 1,100 vessels experienced interference in GPS (Global Positioning System) and AIS (Automatic Identification System) within 24 hours in the waters of the UAE, Qatar, Oman, and Iran, according to data from Windward, the maritime intelligence company. The company recorded at least 21 new jamming hotspots affecting AIS, causing ships to appear incorrectly on tracking screens as if they were stopped at airports, or beside the Barakah nuclear power plant in the UAE, or on Iranian territory.
One could regard what happened that day as one of the largest electronic warfare operations. It did not distinguish between a military radar and the phone of a mother searching for her children. It did not differentiate between an air defence system and a navigation app guiding a taxi driver to his destination.
For example, a very large crude carrier waiting to load in a Qatari port was subjected to interference that made it appear in six different locations within 24 hours. The US Navy declared a maritime warning area stretching across the Gulf, the Strait of Hormuz, and the Arabian Sea, telling commercial ships it could not guarantee their safety, and warning that jamming and satellite signal spoofing were possible, as reported by Lloyd’s List.
Of course, none of the above was a mere technical fault in internet, communications, or positioning services. It was an indicator that preceded the start of military attacks. When the United States and Israel carried out their operation against Iran at dawn on Saturday, the war did not begin only with missiles and bombs. It began in the electromagnetic spectrum, the invisible infrastructure through which every signal the modern world relies on flows: GPS, the internet, phone networks, radars, and maritime and aviation navigation signals.
What happened that day can be seen as one of the largest electronic warfare operations. It did not distinguish between a military radar and the phone of a mother searching for her children. It did not differentiate between an air defence system and a navigation app guiding a taxi driver to his destination. It did not separate Revolutionary Guard communications from a hospital emergency line. There are no walls around the electromagnetic spectrum. When it becomes a battlefield, every civilian who depends on a digital signal becomes a potential incidental target. So what is the story of this electronic war, and who pays its price?
The war you can feel
Before anyone in Tehran heard explosions, the war had already begun in a place no one can see. The digital blackout began shortly after several Iranian news sites, including the state news agency IRNA, announced they had been hit by sophisticated cyberattacks. This was the first wave: an external cyberattack targeting the state’s information infrastructure. It began by taking down news sites, including IRNA, ISNA, Tasnim, Fars, Press TV, and the broadcaster centre affiliated with the national radio and television authority, all at once.
Israeli media reported, citing social media posts before the complete shutdown, that a widely used prayer app had been hacked and displayed messages saying, “Help has arrived”, referring to an earlier statement by US President Donald Trump addressed to Iranians. A woman in western Tehran managed to speak by phone with NPR moments before communications went down. She said multiple targets had been hit around her, and people were in a panic trying to reach their homes as children fled schools. She added that she had received no warning from the Iranian government. In other words, before bombs fell, every source of information that could tell Iranians what was happening had already fallen.
Then came the second wave, this time driven by an internal measure, as the government shut down the country’s internet, a repeated step during crises and wars. Since 28 January, the country had already imposed severe internet restrictions following an earlier disruption that Bruce Schneier, a cybersecurity expert at Harvard University, described as the worst in Iran’s history. That earlier shutdown did not only block social media or foreign websites as usual. It reached even the domestic national network, the intranet itself: mobile networks, SMS, landlines, and even Starlink.
On the morning of 28 February, Iranian authorities completed themselves what the external cyberattack had begun. As NetBlocks confirmed, national connectivity dropped to 4 percent of normal levels, matching the measures used by the Iranian government during the June 2025 war, as the organisation noted. The simultaneous collapse across different regions showed a centrally coordinated intervention rather than a technical fault.
Missiles were falling, and citizens did not know where they had landed. They could not contact their families to learn whether they were still alive.
This paralysed the entire information environment. State media, which Iranians rely on as an official source of news, became either disabled or compromised. At one stage, anyone opening the Tasnim website found messages opposing the Supreme Leader. Anyone trying to open IRNA found a blank page. Anyone opening the prayer app found a message written by someone in another country fighting a different war. Nothing could be trusted, and nothing could be verified.
What made this shutdown different from all those before it was not only its scale, but its context. This was not repression of protests or a blackout during elections. It was unfolding in parallel with a coordinated large scale military operation that struck targets in 24 Iranian provinces. Missiles were falling, and citizens did not know where they had landed. They could not contact their families to learn whether they were still alive. To understand how we reached this moment, we first need to understand the weapon used in it.
What is electronic warfare?
The starting point is to understand what the electromagnetic spectrum actually is. Put simply, it is the range of electromagnetic waves modern communications depend on, from radio waves and satellite signals used for positioning, to mobile networks, Wi Fi, radar, television broadcasts, and emergency communications. All share the same space, much like cars, pedestrians, and bicycles share a single road.
Electronic warfare is the art of attacking this invisible infrastructure, or defending it. It is not new. Radar jamming was used in the Second World War, radio jamming in the Cold War, and GPS jamming in the Gulf War in 1991. What has changed radically is the scale of civilian dependence on this spectrum. In 1991, GPS was a purely military technology. Today, every smartphone, every delivery app, every ambulance, every civilian aircraft, and every commercial ship depends on it.
To understand what happened on 28 February, we need to distinguish between three forms of attack on these waves.
Jamming
First are jamming attacks. Imagine you are in a crowded room trying to hear someone speaking to you. Jamming is when a third person shouts as loudly as possible, drowning everything you hear in noise. Technically, it means flooding a specific frequency with electronic noise so the real signal cannot get through. When an air defence radar is jammed, operators see a screen full of noise instead of incoming aircraft. When a GPS signal is jammed, your phone loses the ability to locate you entirely.
Spoofing
Second is spoofing, also called falsification. This is more dangerous and more complex. Instead of drowning a signal in noise, the attacker sends a fake signal that imitates the real one, and the receiver trusts it. You then believe you are somewhere, but you are not. This is exactly what happened to more than 1,100 ships in the Gulf on 28 February, when they appeared on navigation screens as if they were at airports, beside a nuclear plant, or on Iranian land, rather than at their real positions. The danger is that a captain may not realise the position is false until land is in front of their eyes.
Cyberattack
Third, and finally, is the cyberattack, which targets the digital networks that operate on top of the electromagnetic spectrum, such as websites, apps, communication systems, and internet infrastructure. Hacking, denial of service attacks, and data manipulation were what brought down IRNA, ISNA, Tasnim, and other Iranian websites and sources of information.
Unlike a bomb that can be directed at a specific building, or a bullet that hits a single target, electronic jamming cannot be directed at one device and not another. When you jam the radar of a military base, you also jam every civilian phone in the surrounding area. When you cut the internet to conceal military operations, you also blind every doctor, every mother searching for her children, and every journalist trying to document what is happening. This spectrum is shared space, and war within it does not distinguish.
Preparing the battlefield
The US Israeli alliance was amassing its capabilities through an integrated approach that links electronic surveillance, jamming, and engagement, considering that the United States possesses two of the most prominent electronic warfare platforms in the world.
The first is the EA 18G Growler, an electronic attack aircraft designed to suppress air defences. Its mission is to jam radars and disrupt their ability to detect and track. It either escorts strike formations or operates from a safer distance as an independent jamming platform. In both cases, it forces air defence systems to operate in an environment saturated with electromagnetic noise, weakening their ability to guide radar directed missiles.
The second is the F 35. Here it is not treated only as a stealth fighter, but as an advanced electronic sensing platform. It carries an integrated electronic warfare suite, the AN ASQ 239, capable of capturing radar emissions, analysing them, and classifying them. In other words, it can build an updated picture of an adversary’s air defence network in real time, then share it with the rest of the strike force. This allows tasks to be distributed across different aircraft, with one conducting reconnaissance, another jamming, and a third engaging, rather than loading all burdens onto a single platform.
Before explaining how these platforms work together in the field, it is important to clarify a key concept: the “kill chain”. Despite the harsh name, it is an operational description of the path any military operation takes from detecting a target to disabling or destroying it. The chain consists of six linked steps, each feeding the next: detection, identification and classification, fixing and tracking, decision and weapon allocation, engagement or effect, and assessment, meaning confirmation of impact or the need to repeat the strike.
The core idea is that whoever can accelerate their chain and reduce its cycle time, or break a link in the opponent’s chain, gains a major advantage even before launching the first missile. Air defence operates through its own kill chain: a radar detects a target, tracks it and updates data continuously, passes that data to a command centre or fire control radar, a decision to engage is made, then a missile is launched and guided until impact.
Accordingly, suppression of air defences does not target radar only as hardware. It targets the entire chain. One method is to cut early links, detection, tracking, and data transfer, through jamming and electronic deception. Another method is to push human operators into reactions that make their systems easier to detect and target. In both cases, defensive systems are forced to operate with incomplete situational awareness and slower decision time, while an opposing offensive kill chain targets sensing and guidance nodes.
On this basis, the practical logic becomes clear. F 35 aircraft begin by building a precise map of active radars, including their operating patterns and approximate locations. They then transmit this data immediately to Growler aircraft, which begin concentrated jamming of those radars across multiple bands and frequencies, depending on the radar type and battle conditions.
The core idea is that whoever can accelerate their chain and reduce its cycle time, or break a link in the opponent’s chain, gains a major advantage even before launching the first missile.
At this point, Iranian air defence operators face a hard dilemma. Option one is to try to pierce the jamming by increasing transmission power or changing operating modes. But that increases their electromagnetic emissions, improving the ability to detect the broadcast source and raising the chance of being targeted by anti radiation missiles, designed specifically to home in on radar emissions and destroy them. Option two is to reduce transmission or temporarily shut down to avoid being targeted, but this effectively means losing situational awareness at a critical moment and leaving the airspace exposed to a strike force already operating inside a carefully managed jamming environment.
What made this operation different from previous suppression of air defence operations was the synchronisation between traditional electronic warfare and cyber warfare. Cyberattacks struck state media, cutting the state’s ability to communicate with its people and with the world. Attacks also affected the internet, whether through an external strike, an internal shutdown, or both. Simultaneously, radars and military communications were jammed. Finally, in this total electronic and informational vacuum, missile strikes began.
Iran, however, is not an easy target in this electronic war. It also has its own weapons.
The Iranian side
It is easy, reading about the collapse of Iran’s internet, disabled radars, and disrupted navigation signals, to imagine Iran as a passive party. But Iran is not merely a victim. It is an active actor, and over years it has built electronic warfare capabilities it has used against US reconnaissance aircraft and against maritime navigation in the Gulf.
During the June 2025 war, around 970 vessels per day were affected by GPS jamming in the Arabian Gulf and the Strait of Hormuz, according to Windward data. In less than two weeks, more than 3,000 ships were subjected to jamming, and traffic through the Strait fell by 20 percent in a single week, according to the Joint Maritime Information Center (JMIC) affiliated with the US Navy.
On the night of 17 June 2025, the supertanker Front Eagle, operated by Frontline and bound for China, collided with another tanker off the coast of Khor Fakkan in the UAE, hours after its navigation system was subjected to severe and sustained GPS jamming as it transited from Iraq through the Arabian Gulf and the Strait of Hormuz.
These are not marginal capabilities. Iran turned the Strait of Hormuz, through which around 20 percent of global oil and gas exports pass, into a permanent electronic warfare zone, doing so at relatively low cost compared to the economic and military impact it generated.
Iran used the same tactics in the period preceding the current military escalation. On 9 February, the US Maritime Administration (MARAD) issued a warning to US flagged vessels about the risks of interception, detention, and Iranian jamming in the Gulf, the Strait of Hormuz, and the Gulf of Oman. The warning was unusual. It asked ships to keep AIS enabled, remain as far as possible from Iranian waters, and prefer routes closer to the Omani coast.
In the second week of February, Iran’s Islamic Revolutionary Guard Corps launched exercises titled “Smart Control of the Strait of Hormuz”, which included a clear GPS jamming component, according to analysis by Dryad Global, the maritime security firm. On 19 February, Iranian Russian joint naval drills began in the Gulf of Oman and the northern Indian Ocean, also including electronic warfare elements.
GPS signal interference had already been spreading across Iraq, Syria, and the Gulf region throughout the past two months, January and February, creating a turbulent environment before any military operation. In other words, the electromagnetic spectrum in the region was already disturbed before the US Israeli operation began. That made it difficult to distinguish between Iran’s prior jamming and the jamming that accompanied the latest strikes. But it also shows that both sides were preparing for war in this spectrum before preparing for it in the sky.
Returning to the ordinary Iranian citizen, they now understand that the world they moved through yesterday, the signals they trusted, and the communications they depended on, disappeared that day. In their absence, they cannot know what is real, what is happening, or whether the people they love are still alive.
This platform runs on funding from the Ummah.
