Modern cities are no longer just places people live, they are data-rich environments continuously broadcasting intelligence. In an era of escalating geopolitical tension, including the current Iran-linked cyber activity observed across Western networks, that reality is becoming strategically dangerous.
Since early February, Iranian state-linked cyber actors, most notably the group known as Seedworm (also tracked as MuddyWater) have been identified by Symantec operating in U.S. networks, including banks, airports and critical organisations. These intrusions, assessed by both U.S. and UK authorities as linked to Iranian intelligence, began before overt military escalation and positioned adversaries with latent access to sensitive systems.
This is the critical shift where cyber access is no longer just about data theft, it is about pre-positioning for real-world effect.
Urban infrastructure aka ‘smart cities’ comprising traffic cameras, surveillance systems, smart transport grids, creates a persistent, real-time model of how cities function. These systems track density, movement, timing,and behavioural patterns. In isolation, they improve safety and efficiency. In aggregate, they provide adversaries with something far more valuable, notably a continuously updated targeting and navigation system.
Groups like Seedworm demonstrate how this access is achieved. By embedding backdoors and maintaining persistence within networks, sometimes weeks ahead of conflict escalation, they effectively turn civilian infrastructure into an intelligence platform.
For modern drone warfare, this is a force multiplier.
First, target acquisition becomes trivial. Compromised urban systems reveal where populations concentrate, when transport bottlenecks form and where disruption would have maximum civilian and economic impact and as Iranian leaders have discovered, the tracking of key personnel.
Second, navigation is externalised. Instead of relying solely on onboard sensors, drones can leverage live or near-real-time feeds from compromised cameras, allowing precise routing through complex urban terrain.
Third, timing becomes weaponised. By understanding how emergency services respond and how cities recover from disruption, attacks can be synchronised to cascade, targeting not just individuals but the systems that sustain urban continuity.
This is not hypothetical. Researchers have already warned that Iranian cyber activity has placed adversaries inside critical sectors, including aviation and infrastructure, at a time of rising geopolitical tension. The implication is clear, access precedes action.
We are witnessing the convergence of three trends like ubiquitous urban sensing, low-cost autonomous drones and state backed cyber intrusion. Together, they collapse the gap between observation and attack.
The uncomfortable truth is this, our increasingly smart cities have been engineered for visibility and efficiency not for contested environments. We have built digitally instrumented environments without embedding equivalent levels of security, sovereignty and control.
Mitigating this risk requires more than patching vulnerabilities. It demands a shift in mindset from viewing urban technology as isolated systems to recognising it as a shared, contested intelligence surface. Security must extend beyond device hardening to include data governance, access control, real-time anomaly detection and critically, independent assurance of how these systems behave under adversarial conditions.
If this trajectory continues, the very systems designed to make cities safer like cameras, sensors, connectivity, risk becoming the enabling layer for precision attacks against civilian populations.
In an era of drone warfare and dynamically evolving hybrid conflict, the strategic question is no longer whether adversaries can infiltrate digital infrastructure. It is whether we can secure it before it is operationalised against us.
Posted on March 21, 2026
0