Iran's Sleeper Cells Weren't Real. The Alternative Is Worse.

In the weeks before Operation Epic Fury opened, pundits and security analysts across the United States, Europe, and beyond tried to sound the alarm. Start a war with Iran, the warning went, and there was no telling what kind of chaos Tehran could unleash. For decades, and with rising intensity in recent years, the threat of Iranian sleeper cells had kept policymakers and ordinary citizens awake at night, as politicians pointed to porous borders and mass migration as a vector for Iranian agents to slip into Western societies.

But when Operation Epic Fury began, those sleeper cells did not attack. Judging by how little impact they made, they may never have existed at all. There were no Revolutionary Guard soldiers rampaging through New York, Paris, or Berlin.

That absence, however, did not mean Iranian infiltration simply failed to happen. After three months of on-and-off combat and continuous global uncertainty, a clearer picture emerged: the Iranian threat was not imagined, but misunderstood. From the United States to the European continent, known or suspected Iranian operatives have been busy hacking sensitive systems, sabotaging symbolic targets, and recruiting lone wolves to carry out violent attacks.

Iran did have a plan to strike the Western world on its home turf. But instead of fielding sleeper cells, Tehran chose to wage a campaign of true, asymmetric hybrid warfare.

A Necessary Caveat on Sourcing

Before laying out the evidence, a word on what can and cannot be claimed here. The information below is accurate, to the best of available knowledge, as of the end of the day on Thursday, the twenty-first of May, local time in the United States. These Iran-linked asymmetric attacks against the US and Europe remain an ongoing problem, still being exposed through a constant stream of indictments and investigations.

That means any attacks taking place after that date are not captured here, and neither is evidence that surfaced afterward. The campaign described below is a snapshot of a moving target, drawn from public reporting, court documents, and intelligence assessments as they stood in mid-to-late May. Readers should treat it as a status report on an unfinished story, not a final ledger.

What the West Expected, and Why

Long before the Iran War began, the specter of Iranian sleeper cells was well established across the Western world, in both security circles and broader public debate. As a Wall Street Journal piece explained, the Quds Force, the external arm of Iran’s IRGC, has in recent years recruited proxies among organized-crime groups and Shia Muslim communities in Europe, including motorcycle gangs and migrants from Afghanistan and Syria.

These were not abstract fears. Raids across several countries had led to the arrests of Hamas and Hezbollah operatives, some of whom had stockpiled weapons and ammunition. According to the Journal, over the past year Iran had pre-positioned arms and ammunition for proxy cells in countries including Germany and Austria, as well as along migrant routes in the Balkans.

So the building blocks of a conventional infiltration threat genuinely existed. But once the fighting started, authorities quickly realized that Iran’s true campaign would look different from what they had braced for. The pre-positioned weapons and embedded operatives were part of the story, yet the attacks that followed pointed toward a more diffuse and disposable model.

Attacks on America

The campaign struck the United States almost immediately. The first suspected Iran-linked attack came just one day after Operation Epic Fury began, when a gunman walked into a beer garden in Austin, Texas, and opened fire. Two people were killed and fourteen wounded. The attacker wore clothing reading “Property of Allah” and a design resembling the Iranian flag. He was a fifty-three-year-old man from Senegal, and he was killed at the scene.

The timing was sudden but not entirely surprising. Just after the death of Iran’s late Supreme Leader, Ali Khamenei, the Revolutionary Guard Corps had warned that its enemies “will no longer be safe anywhere in the world, not even in their own homes.” The Austin shooting made that threat very real, very quickly, and from there Iran-linked attacks were reported with stunning frequency.

In mid-March, two people in Toronto stepped out of their car and fired a handgun at the US consulate before driving away in the pre-dawn hours. By then, Toronto had already endured three separate shooting attacks against synagogues, on March 2, 6, and 7. A day after the consulate attack, three unnamed brothers were arrested in Norway for carrying out what authorities called a “terror bombing” on the US embassy in Oslo, using a large improvised explosive device hidden inside a backpack.

The pattern spread fast. A few days later, the Amsterdam offices of the Bank of New York were struck in an improvised explosive attack. In April, an Iranian operative tried to hire a Mexican cartel member, who was in fact an undercover US law enforcement officer. That agent was offered ten thousand dollars to carry out arson attacks against a synagogue in New York City and two Jewish centers in Los Angeles and Scottsdale, Arizona.

A Bomb at CENTCOM’s Doorstep

One of the most alarming American incidents struck at the heart of the military command running the war. In March, a Chinese-born brother and sister, both US citizens, planted a bomb in the visitors’ center at MacDill Air Force Base, which hosts the headquarters of US Central Command.

The device went undiscovered for several days. During that window, the two siblings fled to China, though the sister eventually returned and was detained. The bomb was located before it could detonate. US officials have not publicly disclosed any links to the war in Iran, but the connection is hard to ignore: US Central Command is the command unit that has overseen the war since it began.

The MacDill plot underscores a recurring feature of the campaign. Targets carried symbolic and strategic weight, the perpetrators did not fit a single profile, and the line between a state-directed operation and an opportunistic strike was deliberately blurred.

The Digital Front

American digital infrastructure was not spared. In the earliest days of Epic Fury, Iran-linked hackers hit several oil and gas sites in the US, focusing on the logic controllers that let machines communicate with each other and forcing several companies to revert to manual controls.

During the war’s second week, the medical technology company Stryker was hit with a major cyberattack, carried out by hackers who claimed to be retaliating on Iran’s behalf. In mid-May, US officials revealed that Iran appeared to be behind a series of breaches of fuel storage monitoring systems, particularly those tracking how full gas station fuel tanks are. Officials told CNN anonymously that the hacks could have allowed Iran to cause gas leaks that would have gone undetected, quite possibly until an explosion.

In their highest-profile cyber operation to date, Iran-linked hackers breached the personal emails of FBI Director Kash Patel, posting photos and documents stolen from his account. A telling detail runs through all of it: in each case, the hacker groups claimed credit rather than trying to hide their origin. The goal was not stealth but intimidation.

The White House Correspondents’ Dinner Shooting

Perhaps the highest-profile incident of all was the attempted assassination of US President Donald Trump and other administration officials at the White House Correspondents’ Dinner in April. The sourcing here demands care. WarFronts draws on an exclusive report from Reuters, which in turn drew on an intelligence report from the Department of Homeland Security, sent to US law enforcement at the local, state, and federal levels.

The report indicated that the suspect, a man named Cole Tomas Allen, was acting on “multiple social and political grievances,” and that the war in Iran “may have contributed to his decision to conduct the attack.” To support that, the report cited Allen’s recent social media posts criticizing Washington’s wartime conduct.

Crucially, as of late May, there is no publicly known evidence that Allen was recruited or paid directly. That ambiguity is itself instructive. It captures how difficult it has become to draw a clean line between a grievance-driven lone actor and a deliberately cultivated proxy, a distinction that the rest of this campaign would only blur further.

A Larger Network: The Rise of HAYI

The United States was far from the only nation under attack. Across Europe, Iran-linked attacks came in several forms at once, and many were tied to a pro-Iran group known as HAYI. The group first appeared online after the war had already started, releasing a statement on Telegram on March 9 announcing that “military operations” against American and Israeli interests across the globe had begun.

According to the International Centre for Counter-Terrorism, HAYI had no digital footprint before that statement. That suggested it was either created just before or after the war began, or had been kept secret as a cultivated asset for some time. The center was blunt about the uncertainty, noting it was unclear “whether HAYI is a genuine terrorist group or merely serves as a façade for Iranian hybrid operations that enable plausible deniability.”

The group’s branding and messaging aligned clearly with Tehran, but it was harder to tell whether Iran built and managed it directly or whether it operated in Iran’s global periphery, further from direct control. Even its logo appeared to be AI-generated, raising suspicion that HAYI, as a concept, had been thrown together by Iranian operatives at the last minute.

HAYI’s European Campaign

Clarity on HAYI’s true nature never fully arrived, but the world witnessed enough attacks to start documenting patterns. In Amsterdam, where the local Bank of New York branch was firebombed, two synagogues and a Jewish school also came under attack. In Belgium, the group attacked a synagogue in Liège and set a car on fire in Antwerp’s Jewish quarter. In northwest London, three people were charged with an arson attack that burned out four ambulances owned by a volunteer-led Jewish emergency medical service.

In late March, French authorities implicated HAYI in a plot to attack Bank of America offices in Paris, days after the group released a propaganda video threatening Jewish interests and communities across Europe. In that incident, a five-liter petrol can was attached to a commercial pyrotechnic explosive to make an improvised bomb. French investigators said it was the work of one adult suspect and three teenagers, each paid between five hundred and one thousand euros to plant the device and film its detonation.

The recurring targets, Jewish institutions and symbols of American financial and diplomatic power, and the recurring method, cheap improvised devices placed by paid amateurs, were becoming a signature.

Escalation in Germany

It was in Germany, starting in late April, that HAYI’s tactics began to escalate. German domestic intelligence warned that the group was looking to step up its attacks across Europe and to advance toward more dangerous and destructive methods. Until that point, HAYI’s work had mostly involved arson and vandalism, even though, after decades of terror attacks across Europe, the potential for deadly attacks was hardly a secret.

Days later, a thirty-three-year-old German man drove his car through a crowded pedestrian area in Leipzig, killing two people and severely injuring two others. As of late May, HAYI has not been formally connected to the attack, and German authorities indicated the attacker may have suffered from psychological problems.

Nor has HAYI been formally linked to charges Germany announced on Thursday, May 21, against two men accused of plotting to kill prominent Jewish and Israeli community leaders on behalf of Iran. One was a Danish citizen with close ties to the Quds Force, the Revolutionary Guard’s unconventional arm, who had allegedly scouted targets in Berlin the previous year. The other had promised to procure a weapon and help kill the leader of the prominent German-Israeli Society. Three other targets were named in the indictment.

The Saadi Indictment

The biggest global break on HAYI, as of late May, came from American investigators in mid-May. The US Department of Justice unveiled charges against Mohammad Baqer Saad Dawood al-Saadi, a thirty-two-year-old Iraqi national identified as a senior commander for the Iran-backed militia Kataib Hezbollah. According to US authorities, al-Saadi was involved with at least eighteen attacks and planned attacks across North America and Europe.

He had been arrested in Turkey and extradited to the United States. The FBI accused him of maintaining relationships with Iranian Revolutionary Guard commanders, including the now-deceased Qasem Soleimani. The criminal complaint says Saadi worked to coordinate retaliatory attacks against US and other Western interests after the war began, often recruiting teenage suspects to do part or all of his dirty work.

The list of attacks attributed to him reads as a map of the entire campaign: the firebombing of the Bank of New York in Amsterdam, the US consulate shooting in Toronto, the attempted bombing of the Bank of America in Paris, the stabbing in London, and the simultaneous plots against Jewish targets in New York, California, and Arizona. His arrest confirmed what experts had already begun to suspect about how this network actually functioned.

”Gig-Economy” Spies and Terrorism as a Service

The Saadi indictment validated what analysts had noticed about HAYI’s operations, recruitment, and intent. Where security experts typically imagine asymmetric saboteurs as ideologically motivated or loyal to the regime they serve, HAYI operated very differently. The outlet The I Paper described its members as “‘gig-economy’ Iranian spies,” people offered cash to carry out an attack or simply to be in the right place at the right time with a camera. The implication is stark: many of these people did not particularly care about Iran.

They cared about getting paid.

As indictments and detentions became public, it grew clear that HAYI recruits an unusually high share of teenagers, along with disillusioned people, those struggling psychologically, and those with little to their name. In short, people without much to lose. This mirrors the tactics Russia has used in its own sabotage campaign across Europe, carried out, according to CNN, by “non-Russian nationals for small amounts of money and without full knowledge of who the operations serve.”

The distinction from a traditional sleeper cell matters enormously. Other than al-Saadi himself, none of these attackers appear to have received formal, direct training from the Revolutionary Guard. Some learned to build improvised explosives, or found that knowledge on their own, and all received orders on where, when, and how to strike. But these were not military operations.

They exploited vulnerable people, or people willing to do dangerous things for the right price. That is not necessarily better. It is simply a different kind of threat.

Why the Alternative Is Worse

A militarized sleeper cell might have carried out larger, more coordinated, and more destructive attacks, from sabotage against critical infrastructure to coordinated terror strikes. But such cells would also have been easier to detect. Once identified ahead of time or intercepted during or after an attack, the threat could be contained.

The HAYI model offers no such reassurance. Al-Saadi may face a very long prison term in the US, but his online role can easily be filled by the next recruiter, and the one after that. Unlike a military cell with defined tactics and a degree of operational rigidity, these lone-wolf attackers can come from anywhere.

They can be tasked with almost any mission, even if they are less effective, and they tend to be people society is not paying much attention to, or chooses to ignore. As The Guardian put it, spies or their proxies “can now just put out a call on social media and recruit, for a few hundred pounds, euros or dollars, someone who may not even have any sympathy whatsoever with their cause.”

The Iran War has been a deeply educational experience for much of the world, delivering many hard lessons at once. On asymmetric threats, the most important is clear. When Iran, Russia, or others engage in this behavior in 2026, they do not waste months sneaking their own soldiers across borders, nor do they risk exposure building traceable smuggling chains for weapons or cash. They find people willing to throw their lives away, offer to pay them, and see whether those people will take the chance that they might get away with it.

As terrorism expert Peter Neumann described it to The Guardian, “we are now entering an era of terrorism as a service. It is still terrorism, it still has a political agenda and is an attack meant to terrorize a particular community, whether that is the Jewish community or an entire nation, but the perpetrator is not necessarily radicalized as such.” For the US, for Europe, and for the rest of the world, that is going to be a problem, and to address it, the West’s entire understanding of counterterrorism may be due for a rethink.

Frequently Asked Questions

Did Iranian sleeper cells attack the West during the Iran War?

No. The long-feared sleeper cells did not launch coordinated attacks once Operation Epic Fury began. Judging by their negligible impact, they may never have existed as imagined. What materialized instead was a decentralized hybrid-warfare campaign run through proxies and paid recruits.

What was the first suspected Iran-linked attack on the United States?

One day after the war began, a gunman opened fire in a beer garden in Austin, Texas, killing two people and wounding fourteen. The fifty-three-year-old attacker, from Senegal, wore clothing reading “Property of Allah” and a design resembling the Iranian flag, and was killed at the scene.

What is HAYI and how does it operate?

HAYI is a pro-Iran group that surfaced online with a Telegram statement on March 9, after the war had started, declaring “military operations” against American and Israeli interests. It had no prior digital footprint and even appeared to use an AI-generated logo. Analysts could not determine whether it was a genuine terrorist group or a façade enabling plausible deniability for Iranian hybrid operations, though its recurring targets — Jewish institutions and symbols of American financial power — and its method of paying amateurs to plant cheap improvised devices became a signature.

Who is Mohammad Baqer Saad Dawood al-Saadi and what was his role?

He is a thirty-two-year-old Iraqi national identified by US authorities as a senior commander for the Iran-backed militia Kataib Hezbollah. The Department of Justice charged him in connection with at least eighteen attacks and planned attacks across North America and Europe, including the Amsterdam bank firebombing, the Toronto consulate shooting, and the Paris Bank of America plot. Arrested in Turkey and extradited to the US, he was accused of maintaining relationships with IRGC commanders and recruiting teenagers to carry out attacks.

Why do experts consider the gig-economy proxy model harder to counter than traditional sleeper cells?

A military sleeper cell could be detected and, once identified or intercepted, contained. The proxy model offers no such reassurance: recruiters like al-Saadi are easily replaced, attackers can come from anywhere and be tasked with almost any mission, and they tend to be people society overlooks. Terrorism expert Peter Neumann described it as “terrorism as a service,” an approach that may force a wholesale rethink of Western counterterrorism doctrine.

Sources

1. https://www.wsj.com/articles/stryker-hit-with-suspected-iran-linked-cyberattack-52f6615c
2. https://www.cnn.com/2026/05/15/politics/iran-hackers-tank-readers-gas-stations
3. https://www.cnn.com/2026/04/07/politics/iran-linked-hackers-disrupt-us-industrial-sites?source=sub_web_wall-met
4. https://www.cnn.com/2026/03/27/politics/iran-linked-hackers-fbi-director-patel
5. https://www.aljazeera.com/news/2026/3/3/qatar-announces-arrest-of-iranian-irgc-sleeper-cells
6. https://www.al-monitor.com/originals/2026/04/france-suspects-pro-iranian-group-hayi-was-behind-foiled-attack-bank-america
7. https://www.aljazeera.com/news/2026/5/16/us-charges-alleged-iran-backed-%E2%81%A0kataib-hezbollah-suspect-what-we-know
8. https://www.jpost.com/international/islamic-terrorism/article-890114
9. https://www.nytimes.com/2026/04/01/world/europe/bank-of-america-attack-pro-iranian-group.html
10. https://www.bbc.com/news/articles/cwyj1p49gdpo
11. https://www.nytimes.com/2026/04/04/world/europe/london-arson-attack.html
12. https://www.reuters.com/world/car-rams-into-crowd-people-german-city-leipzig-focus-online-reports-2026-05-04/
13. https://www.agenzianova.com/en/news/German-intelligence-warns-of-attacks-by-pro-Iranian-group-Hayi/
14. https://theweek.com/crime/hayi-pro-iran-terror-group
15. https://www.nbcnews.com/news/us-news/man-suspected-planning-nyc-terrorist-attack-court-rcna345356
16. https://time.com/article/2026/03/13/iran-war-us-attacks-threat-cyberattacks-drones-terrorism-proxies/
17. https://time.com/7382024/austin-shooting-suspect-victims-investigation-reactions-potential-terrorism-iran-shirt/
18. https://www.jpost.com/middle-east/iran-news/article-896386
19. https://www.tps.ca/media-centre/stories/suspects-sought-in-consulate-investigation/
20. https://www.aljazeera.com/news/2026/3/11/three-brothers-arrested-in-norway-over-bomb-attack-on-us-embassy-in-oslo
21. https://www.wsj.com/world/europe/iran-suspected-of-directing-attacks-in-europe-creating-bogus-group-to-claim-responsibility-7ebd8188
22. https://www.reuters.com/world/us/iran-conflict-may-have-motivated-trump-dinner-shooting-suspect-us-intelligence-2026-05-06/
23. https://fortune.com/2026/03/30/france-probe-bank-of-america-bomb-attack-iran/
24. https://www.reuters.com/world/germany-charges-two-with-plotting-kill-jewish-leaders-iran-2026-05-21/
25. https://apnews.com/article/france-bank-of-america-attack-thwarted-paris-a5a5bf12b6422ad7e658b6cbaad5bda8
26. https://www.reuters.com/technology/stryker-shares-fall-after-report-suspected-iran-linked-cyberattack-2026-03-11/
27. https://www.euractiv.com/news/exclusive-german-intelligence-warns-iran-could-expand-terror-operations-in-europe-after-war/
28. https://x.com/burweila/status/2057025083286200632
29. https://www.theguardian.com/world/2026/may/18/disposable-terrorists-for-hire-menace-western-countries
30. https://www.theguardian.com/us-news/2026/mar/27/macdill-air-force-base-explosive-device-florida
31. https://www.nytimes.com/2026/05/15/nyregion/hezbollah-arrest-nyc-jewish-targets.html
32. https://www.reuters.com/world/middle-east/iran-war-puts-many-us-high-alert-synagogue-attack-shows-limits-2026-03-13/
33. https://www.nytimes.com/2026/05/07/us/austin-bar-shooting-gunman-iran-fbi-investigation.html
34. https://www.nbcnews.com/news/us-news/austin-gunman-was-lone-actor-bar-attack-killed-3-fbi-says-rcna344149
35. https://www.nbcnews.com/news/us-news/shooting-suspect-white-house-correspondents-dinner-cole-thomas-allen-rcna342146
36. https://www.theguardian.com/us-news/2026/apr/26/trump-news-at-a-glance-white-house-press-dinner-thrown-into-disarray-by-lone-wolf-attack
37. https://www.washingtoninstitute.org/policy-analysis/deniable-disposable-disruptive-irans-hybrid-warfare-europe-demands-proactive
38. https://jamestown.org/hayi-iranian-proxy-targeting-jewish-and-israeli-sites-in-europe/
39. https://www.cnn.com/2026/04/11/europe/iran-linked-hybrid-attacks-europe-intl
40. https://www.theguardian.com/uk-news/2026/apr/23/iran-low-level-hybrid-warfare-arson-attacks-uk-europe
41. https://thesoufancenter.org/intelbrief-2026-april-17/
42. https://smallwarsjournal.com/2026/05/20/kataib-hizballah-commander-with-ties-to-iran-arrested-for-terror-campaign/