The Cipher Brief

OPINION — “This memorandum consolidates approximately ten separate outdated memoranda that were inadequate to address the current, complex unmanned aircraft system (UAS) threat environment. The new guidance affects a culture shift by empowering commanders to unambiguously apply their authority to mitigate threat UAS. Our message is clear, Department of War (DoW) airspace is off limits, and our commanders on the ground have the discretion to defend our airspace against all manner of UAS threats…Expanding the Defensive Perimeter : Grants commanders the authority to extend defensive actions beyond the physical ‘fence line’ of an installation; allows for the adequate protection of covered facilities, fixed assets, and mobile assets; placing trust in the commander and maximizing their flexibility to defend facilities and assets.”

That’s a quote from last Tuesday’s Defense Department (DoD) press release, Fact Sheet: C-UAS [counter unmanned aircraft systems] Policy in the U.S. Homeland. It was issued just hours before the Federal Aviation Agency (FAA) temporarily closed airspace within an 11-mile radius of El Paso International Airport, but after Customs and Border Protection (CBP) personnel on the day before [Monday, February 9] used a classified Pentagon laser system on nearby Fort Bliss Air Base, to shoot down what they thought were drug cartel UAS systems [drones], but turned out to be metallic party balloons.

According to the Wall Street Journal, Defense Secretary Pete Hegseth last month had approved lending the 20-kilowatt directed-energy LOCUST [laser] weapon to CBP for use on the Fort Bliss installation, whose fence line is on the Mexican border.

The CBP test was not coordinated with the FAA and the resultant uproar, which subsequently involved the White House and Congress, marks only the beginning of what I believe will be a series of similar episodes related to homeland protection against suspect UAS drone systems.

An interesting sidelight to last week’s events: The Senate Armed Services Committee was scheduled to have a meeting last Thursday morning with two Pentagon drone experts, Owen O. West, DoD Senior Advisor for Drone Dominance, and Travis Metz, Drone Dominance Program Manager. It was called off at the last minute.

What national security news are you missing today? Get full access to your own national security daily brief by upgrading to Subscriber+Member status.

Drones are becoming smarter, more autonomous and more widespread, and as their uses grow the lines get blurry between legitimate and illegitimate, secure and not secure, particularly in metropolitan areas. There are strict FAA rules that govern drones over 55 pounds or any flown for non-recreational purposes. There are even some FAA requirements for outdoor flying of smaller drones for personal pleasure.

Back on June 6, 2025, President Trump issued an Executive Order (EO) called Restoring American Airspace Sovereignty that dealt primarily with UAS. It said of them, “criminals,

terrorists, and hostile foreign actors have intensified their weaponization of these technologies, creating new and serious threats to our homeland. Drug cartels use UAS to smuggle fentanyl across our borders, deliver contraband into prisons, surveil law enforcement, and otherwise endanger the public. Mass gatherings are vulnerable to disruptions and threats by unauthorized UAS flights. Critical infrastructure, including military bases, is subject to frequent — and often unidentified — UAS incursions. Immediate action is needed to ensure American sovereignty over its skies and that its airspace remains safe and secure.”

Trump’s June 2025 EO also said that the United States must have a secure and strong domestic UAS industrial base and that relying on UAS produced in foreign countries as well as foreign-made UAS critical components pose unacceptable national security risks to the U.S.

As one response, the June EO called for, “The Attorney General, in coordination with the Secretary of Defense; the Secretary of Transportation, acting through the Administrator of the FAA; the Secretary of Homeland Security; the Director of OMB; and the Chairman of the Federal Communications Commission, shall promptly take all appropriate steps…with regard to the creation of the National Training Center for Counter-Unmanned Aircraft Systems (Center), and, upon establishment of the Center, focus initial training provided by the Center on development of Federal and SLTT [State, Local, Tribal, and Territorial] capabilities to secure major upcoming national and international sporting events held in the United States, such as the FIFA World Cup 2026 and the 2028 Summer Olympics.”

By December 2025, the FBI had established the National Counter-UAS Training Center (NCUTC) at Redstone Arsenal in Huntsville Alabama where the Bureau already had cybersecurity, intelligence, and forensic training. Ever since, the NCUTC has been training officers from state, local, tribal, and territorial agencies on how to detect drones using radar, radio frequency sensors, and related technologies. More important, they are trained how to identify whether a drone is authorized or hostile, assess threats, and coordinate responses across various agencies.

During training, the FBI emphasizes that offensive actions against drones only occur when legally authorized, but the rules are complex. The FAA website, to assist law enforcement personnel responding to drone incidents, has created a three-part video series that covers the basics of drone regulations.

An additional response to the Trump June 2025 EO was Defense Secretary Pete Hegseth’s establishment in August 2025 of Joint Interagency Task Force 401 (JIATF 401) to replace the Pentagon’s then existing Joint C-sUAS Office. Operating under the Secretary of the Army, Hegseth’s order said, “JIATF 401 will be a joint activity and established as a jointly manned organization. The Military Services will support JIATF 401 with timely joint manning…This

new task force is empowered with broader authorities, funding flexibility, and rapid acquisition capabilities. Its mission is to strengthen U.S. airspace sovereignty, protect personnel and facilities, and outpace adversaries’ growing drone threats. With joint manning, interagency collaboration, and streamlined governance, JIATF 401 is designed to deliver innovative, mission-ready solutions at speed.”

As an example of cooperation, last Thursday, Army Brig. Gen. Matt Ross, JIATF 401 Director, visited the FBI's NCUTC in Huntsville yesterday. He met with Mike Torphy, FBI acting assistant section chief for UAS and counter-UAS, and discussed security preparations for this summer's soccer FIFA World Cup activities. Ross and Torphy also met with expert instructors who are teaching a specialized course for local law enforcement in each of the soccer tournament's eleven host cities across the nation.

One of the more unusual steps underway in the drone security field was announced by the Federal Communications Commission (FCC) last December 21. It referred to “a [White House] National Security Determination regarding the unacceptable risks posed by UAS and UAS critical components that are produced in foreign countries.”

It added that, “U.S. cybersecurity and critical infrastructure guidance has repeatedly highlighted how foreign manufactured UAS can be used to harvest sensitive data, used to enable remote unauthorized access, or disabled at will via software updates.”

As a result, the FCC has updated its so-called Covered List, which identifies foreign-made communications equipment and services that pose unacceptable risks to U.S. national security, and thus cannot be imported for sale or use in the U.S. The action, taken by the FCC last December 22, prohibited the future imports of both foreign-made UAS and UAS components, but does not affect any previously-purchased drone, nor does it prevent retailers from continuing to sell, import, or market foreign drone models or parts approved earlier in 2025.

I found one of the best descriptions of the drone security dilemma was in a sales brochure entitled Countering UAV Threats, produced by BAE Systems, a leading defense contractor.

The BAE brochure said, “Detecting small and inexpensive UAVs remains one of the most persistent operational challenges facing today’s militaries. These platforms possess small radar cross-sections, produce minimal acoustic and thermal signatures, and often operate at low altitudes within ground clutter. Many are capable of autonomous flight with little or no radio frequency (RF) emission, making traditional detection methods unreliable. Urban and vegetated terrain further complicate detection, as buildings and foliage create blind spots and signal reflections that mask UAV movement. Adverse weather, restricted lines of sight and interference from birds or civilian activity introduce additional uncertainty.”

Then brochre went on, “A connected challenge is distinguishing between hostile and civilian UAVs. Attribution and intent are major challenges, as it is often unclear who controls a UAV and for what purpose it is being used, particularly in grey-zone or proxy scenarios. The compressed decision timelines of UAV operations further complicate matters, as engagements frequently occur in seconds, leaving little room for deliberation.”

Needless to add, last week the Air Force Life Cycle Management Center, Eglin Air Force Base, Florida awarded BAE a cost-plus-fixed-fee $145 million contract for the development, manufacturing, and delivery of Counter Unmanned Aerial Systems weapon systems.

Along with everything else, the drone problem is worth keeping an eye on.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Who's reading this? 500K+ dedicated national security professionals. Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because national security is everyone’s business.

How Cuba's Infrastructure Crisis Is Opening the Door to Foreign Intelligence Networks

DEEP DIVE — On February 13, nighttime light emissions across major Cuban cities had dropped as much as 50 percent compared to historical averages — the latest chapter in a crisis that has seen the island's grid collapse multiple times over the past year.

As desperate citizens in half the country waited in the dark, something else was accelerating along the island's few electrified corridors. Chinese technicians continued installing telecommunications equipment, Russian engineers maintained radar stations, and intelligence operatives from both nations embedded themselves deeper into Cuba's crumbling infrastructure.

Just 90 miles from Florida, Cuba's energy crisis has metastasized from an economic catastrophe into a national security vulnerability. Although Havana struggles to maintain the lights, Beijing and Moscow have come to Cuba's aid not as charitable donors but as strategic opportunists seeking to expand their intelligence-collection capabilities.

The State Department warned just one day after the latest outage that "scheduled power cuts occur daily, and unscheduled outages persist throughout Cuba." The island's thermoelectric plants, many dating back decades, now operate at barely 34 percent of their capacity. In February, five of eight Turkish-leased floating power plants departed Cuban ports after Havana failed to meet payment obligations.

The crisis has intensified dramatically as Cuba's oil lifelines have been severed. Following the U.S. seizure of control over Venezuelan oil operations in early January, Mexico had become Cuba's primary supplier, shipping nearly 20,000 barrels per day through September 2025. Yet, under mounting pressure from the Trump administration, which threatened tariffs on any country supplying Cuba with oil, Mexican President Claudia Sheinbaum announced in late January that shipments had been at least temporarily halted.

The figure had already plummeted to about 7,000 barrels per day, leaving Cuba essentially without oil imports for the first time in years.

The breakdown has created an opening that America's strategic competitors are exploiting with alarming sophistication. From this vantage point, intelligence services can monitor U.S. military installations across the Southeast, track Space Force launches from Cape Canaveral, intercept communications from Southern Command headquarters in Florida, and observe naval movements throughout the Atlantic and Gulf of Mexico.

For Beijing and Moscow, Cuba's desperation has become an important windfall.

Beijing's Digital Footprint Expands

China's presence in Cuba has grown exponentially, particularly in telecommunications and digital infrastructure. In testimony before Congress last May, national security analysts confirmed that satellite imagery identifies at least four Chinese-linked signals intelligence facilities across Cuba — Bejucal, Wajay, and Calabazar near Havana, plus a newly constructed site at El Salao near Santiago de Cuba.

"Cuba's proximity to the homeland continues to make the island an attractive intelligence platform for U.S. adversaries," Connor Pfeiffer, senior director of government relations at Foundation for the Defense of Democracies Action, tells The Cipher Brief. "Within 400 miles of Havana sit the headquarters of the U.S. combatant commands for Latin America and the Middle East, U.S. Special Operations Command, and air bases that regularly host advanced U.S. fighter aircraft."

Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

As Cuban telecommunications companies struggle with outdated Soviet-era equipment and chronic power failures, Chinese firms, particularly Huawei and ZTE, have positioned themselves as the only viable solution. These companies aren't simply selling hardware; they're installing the very networks through which Cuba's limited internet traffic flows.

"Because of this proximity, intelligence outposts in Cuba provide signals intelligence and other capabilities that are invaluable to Beijing and Moscow," Pfeiffer explains.

The El Salao site features a circularly disposed antenna array, a configuration highly effective at determining the origin and direction of incoming high-frequency signals. These installations can track signals up to 9,300 miles, providing Beijing with unprecedented visibility into U.S. military communications and operations.

Meanwhile, MacDill Air Force Base in Tampa, home to U.S. Central Command and Special Operations Command, sits less than 300 miles from Cuban shores. Naval Station Mayport in Jacksonville, Naval Air Station Key West, and dozens of other sensitive military installations across Florida, Georgia, and Alabama all operate within easy range. The advantage over satellite surveillance is stark.

"By contrast to what can be obtained from overhead satellite images and other collection from satellites in low earth orbit whose time passing overhead can be anticipated, the ELINT facilities in Cuba are a constant presence with line of sight to key U.S. facilities," Evan Ellis, research professor of Latin American Studies at the U.S. Army War College Strategic Studies Institute, tells The Cipher Brief.

The infrastructure crisis has made Cuba more dependent on Chinese technical expertise. In February 2025, Chinese Ambassador Hua Xin and Cuban President Miguel Díaz-Canel announced China would construct 55 solar plants by the end of 2025, with an additional 37 planned by 2028. If completed, the network would add over 2,000 megawatts of capacity. However, this dependency gives Chinese intelligence services unprecedented access to Cuban government communications, military installations, and infrastructure systems.

"During the present U.S. military operations in the Caribbean, and in a future U.S. conflict in the Indopacific involving U.S. deployment from bases on the Atlantic seaboard and transit through the Caribbean, the Chinese electronic intelligence gathering facilities in Cuba are well positioned to capture not only things like radio transmissions, but the emissions from U.S. facilities, and the signatures of U.S. ships and other forces," Ellis underscores.

In simpler terms: China's Cuban listening posts can intercept not just what U.S. forces communicate, but the electronic fingerprints of their equipment, from radar emissions to communications arrays and ship propulsion systems. By using these signatures, adversaries can identify specific vessels and aircraft, track their movements, and potentially develop countermeasures to defeat U.S. military technology.

Moscow's Renewed Military Presence

Russia's intelligence footprint in Cuba never entirely disappeared after the Cold War, yet Moscow's activities have intensified dramatically. In March 2025, Russia and Cuba signed a military cooperation agreement that Russian lawmakers ratified in October. Ukrainian intelligence estimates that between 6,000 and 7,000 Cubans are currently fighting as mercenaries in Russia's war against Ukraine — the second-largest foreign contingent after North Korea's approximately 12,000 troops.

Rather than operating out of a single massive facility like the Soviet-era Lourdes complex, Russian intelligence has embedded personnel and equipment within ostensibly civilian infrastructure projects. Russian engineers arrive whenever Cuba's power grid requires emergency maintenance, bringing more than just technical skills. When radar systems at Cuban air defense installations fail, Russian specialists provide upgrades with built-in collection capabilities.

Russia has also leveraged Cuba's energy crisis to deepen military cooperation through increasingly frequent naval port calls in Havana; visits that allow Russian intelligence personnel to rotate in and out without scrutiny.

Not everyone in the intelligence community shares the alarm. Critics argue the threat is being overblown by voices eager to justify increased defense spending or maintain hardline Cuba policies that have failed for six decades. Some policy experts argue the infrastructure crisis actually presents an opportunity. If Washington eased sanctions and provided assistance to Cuba's energy sector, Havana would have less incentive to accommodate Chinese and Russian intelligence requirements.

Yet Ellis rejects the notion that Cuba could credibly reduce its ties to Beijing and Moscow in exchange for U.S. economic relief.

"Although U.S. economic coercion, taking advantage of Diaz-Canel's currently desperate economic state, could facilitate a deal in which Cuba promises to reduce its Cuban or Russian presence, Cuba will promise to comply to the degree that it can without truly breaking those ties to China and Russia, which for it are both ideological allies and partners in its survival," he continues.

The regime's dependency, Ellis stresses, runs too deep.

"Not until there is a sincerely democratic pro-US regime in Cuba will the U.S. be truly secure from the type of extra-hemispheric threats that Cuba, like Venezuela, can host in the Caribbean," he asserts.

The desperation-dependence cycle gives Beijing and Moscow leverage that extends beyond traditional espionage. Cuban officials are not in a position to demand transparency when Chinese technicians install new telecommunications equipment. Moreover, when Russian engineers service radar installations in Havana, the government lacks leverage to refuse requests for expanded intelligence cooperation.

"Without Venezuelan oil aid, the Cuban regime faces acute energy shortages and reduced inflows of much-needed foreign currency," Pfeiffer says.

The Trump administration's successful pressure on Mexico to halt oil shipments represents a calculated gamble—one that leverages Mexico's vulnerability during upcoming trade agreement negotiations. The complete severance could accelerate the regime's collapse—or drive it even more desperately into Chinese and Russian arms.

Strategic Vulnerabilities

The intelligence implications extend far beyond passive eavesdropping.

"The data that could be collected could allow the Chinese to capture particular intelligence transmitted in an imperfectly secure or decipherable fashion, but also just from the signatures, have an idea regarding the composition and state of activity of U.S. forces, their location, and signatures that could allow them to more effectively locate and defeat U.S. systems in combat," Ellis points out.

The worst-case scenarios involve cyber weapons pre-positioned in critical infrastructure, electronic warfare systems that could interfere with U.S. military communications during a crisis, or intelligence networks that could support hostile operations on America’s doorstep. The geographic proximity compounds every vulnerability.

Yet not everyone views American intervention as the solution.

Leon Valencia, a former ELN rebel commander and director of the Bogota-based think tank Fundación Paz y Reconciliación, offers a Colombian perspective that reflects broader Latin American sentiment.

"We do see Cuba more as a victim," Valencia tells The Cipher Brief. "Throughout several peace negotiations, Cuba has been a very important part. For example, the peace agreements with the FARC rebels, signed back in 2016, were negotiated in Cuba. Cuba has always kept its doors open towards us. We are thankful to Cuba, but we wouldn't get involved in military actions; there would be a protest."

Yet Valencia and other regional analysts increasingly believe change in Cuba may be inevitable. Enrique Serrano, a Colombian political analyst specializing in Latin American authoritarianism, sees the current crisis as potentially terminal.

"It's very unlikely that the government in Cuba might survive this year," Serrano tells The Cipher Brief. "I think finally we can change, and especially because Venezuela failed too, and even I think Nicaragua will fail to. Those authoritarian governments like Venezuela, Nicaragua and Cuba, what they try to do in real life is to gain time. They will disappear earlier or later."

Washington's Dilemma

The expansion of Chinese and Russian intelligence capabilities in Cuba presents Washington with a challenge that defies easy solutions.

According to Pfeiffer, "continued U.S. pressure will make it difficult for China or Russia to assist the Cuban regime in getting out of this crisis of their own making."

The infrastructure crisis complicates any potential diplomatic opening. A government desperate to keep the lights on may prove more willing to accommodate Chinese and Russian intelligence requirements than it would under less dire circumstances.

The intelligence collection capabilities that Beijing and Moscow are establishing in Cuba will persist long after the current blackouts end. Once installed, telecommunications infrastructure operates for years or decades. Every blackout pushes Havana closer to Beijing, every grid failure necessitates Moscow's help; each represents an incremental expansion of foreign intelligence capabilities on American soil.

"The opportunities stemming from Cuba's military and political alignment with the PRC, longstanding working relationship with its military and other personnel, geographical proximity, and other benefits, both before and during war, are hard to overstate," Ellis adds.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

Media Literacy Isn’t Enough Anymore

OPINION — For years, media literacy has been treated as the solution to misinformation. I've advocated that position as well.

Teach people to question headlines. Encourage them to check sources. Help them recognize bias and emotional manipulation.

All of that still matters. In fact, it matters more than ever. I often encourage people to think like intelligence analysts when they encounter information online. Pause. Ask who benefits. Look for what is missing. Compare across sources. Pay attention to emotion. Those skills are essential. They are part of being an informed citizen in a digital world. And yet, they are no longer sufficient on their own.

The information environment has changed in ways that place unprecedented strain on individual judgment. AI-generated content now moves at a scale and speed no human can comfortably keep up with. Synthetic images, audio, and video are increasingly realistic. Recommendation engines quietly shape what we see first, what we see repeatedly, and what we never see at all.

Even people who are informed and motivated can feel overwhelmed. Not because they lack critical thinking, but because the environment itself is engineered for constant engagement and reaction. Volume replaces deliberation. Speed crowds out reflection. This creates a subtle but important shift in responsibility.

When every individual is expected to function as a full-time analyst, constantly verifying and filtering, fatigue sets in. Naturally, people disengage. Or they rely on shortcuts. Familiar narratives feel safer. Emotion becomes a guide. Over time, trust erodes, not only in information, but in the idea that careful judgment is even possible.

This is where the conversation needs to broaden. Individual literacy and critical thinking remain necessary. We should continue to teach people how to evaluate information and resist online manipulation. At the same time, we have to recognize that resilience cannot rest entirely on individual effort.

Healthy societies depend on environments that support human cognition. Spaces that allow for pause. Systems that introduce friction in high-risk moments instead of eliminating it. Norms and designs that make room for judgment rather than constantly competing for attention. Freedom has always depended on those moments when humans decide what matters, rather than being swept along by momentum.

In a world optimized for speed and engagement, protecting those moments may be one of the most important things we can do.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

From the Monroe Doctrine to Maduro: The Precedent Problem in U.S.

OPINION — In 1895, Secretary of State Richard Olney sent a diplomatic note to Britain that contained one of the most remarkable sentences in American foreign policy history: "The United States is practically sovereign on this continent, and its fiat is law upon the subjects to which it confines its interposition." The line was not a boast. It was a warning — directed at London during a boundary dispute in Venezuela, designed to end the conversation before it began. Britain, to the surprise of many, stood down. What Olney had asserted as doctrine, Elihu Root would spend the next two decades trying to discipline. As both Secretary of War and Secretary of State under Theodore Roosevelt, Root understood that a nation capable of issuing such a fiat faced a problem more dangerous than weakness: the temptation to use power simply because it could.

That project matters again. In January, the Trump administration carried out an operation that resulted in Venezuelan President Nicolás Maduro being taken into U.S. custody and transferred to Florida to face federal narcoterrorism charges. The action was legally defensible under existing statutes and drew intense attention at home, dividing domestic opinion. It was also the kind of operation Root would have recognized as dangerous; not because it violated the law, but because it normalized the use of military force as an instrument of policy once legal justification could be established.

Root's concern was not with Olney's outcome. Britain had backed down, arbitration followed, and the crisis resolved without war. The problem was what Olney's success licensed. A tool used effectively once becomes a template, and the lesson absorbed from 1895 was not that American power required discipline, but that assertion worked. Root understood this danger in part because he had helped institutionalize it. The Monroe Doctrine, as originally conceived in 1823, was framed as a barrier against European intervention in the Western Hemisphere. It was defensive in character. The Roosevelt Corollary, which Root helped construct in 1904, transformed that posture into an assertion of U.S. authority to intervene whenever Washington judged instability intolerable — Olney's logic formalized and given permanent address. In practice, this produced a system of ongoing intervention that stopped short of formal empire while exercising many of its functions: military occupations in Haiti and the Dominican Republic, repeated interventions in Nicaragua and Cuba, and coercive diplomacy justified in the language of order and stability.

Root spent the latter part of his career attempting to correct what he had helped build. He argued for international arbitration, multilateral institutions, and legal frameworks that would constrain American power even as the country grew stronger. In 1914, before the American Society of International Law, he offered a deliberately narrow redefinition of the Monroe Doctrine — not a declaration of hemispheric sovereignty, but a statement that certain foreign acts would be regarded as injurious to American peace and safety. The contrast with Olney was implicit but unmistakable. Root never named him. He didn't need to. He simply offered a different reading of the same doctrine — more disciplined, more defensible over time — and let the contrast speak. He won the Nobel Peace Prize in 1912 for that broader project. But his warning proved easier to admire than to heed. Over time, his diagnosis of American dominance flattened into justification and extended well beyond its original hemispheric frame.

I recognize the appeal of that logic because I once believed in it. In my twenties, working in Washington on national security issues at the end of the Cold War and into the early 2000s, I believed that the freedoms we enjoyed in the United States were a privilege that should not be exclusive, and that American power could and should be used to defend and extend the political conditions that made those freedoms possible. I sometimes imagined an America less burdened by the expectation that every use of power required a moral narrative alongside it — more openly transactional, less apologetic. I was a neocon before it mattered, and perhaps even MAGA before it was born. Iraq forced a reckoning, in part because it revealed how easily power justified by necessity could outrun foresight, legitimacy, and responsibility for what followed.

In the Maduro case, the debate in Washington quickly narrowed to whether the seizure could be defended legally. That question is necessary, but incomplete. The rule of law is the foundation of democratic authority, yet legality alone cannot carry the weight of wise judgment. A government can act within the law and still act unwisely, weakening the norms it depends on once power alone is no longer sufficient. American power should be used to confront injustice, and non-military tools are often preferable to force. The question is not whether to act, but how routinely power is applied once legality becomes its own justification.

The Maduro episode is unlikely to be the last application of this logic. Attention inside the administration has already shifted toward Cuba, where Washington is applying pressure through fuel interdiction, secondary sanctions, and emergency authorities framed as enforcement rather than intervention. These measures are calibrated, legally grounded, and short of war. They represent controlled intervention rather than unconstrained power.

That distinction matters — but it does not resolve the underlying risk. The Caracas operation involved the direct use of military force against a sitting head of state. Cuba involves economic pressure and interdiction. Root would have recognized the difference. He also would have understood how the former creates permission structures that make escalation from the latter more likely. The logic that validates measured coercion in Cuba is the same logic that justified seizing Maduro. Each action establishes precedent for the next. The question is not whether any single measure crosses a line, but whether the accumulation of incremental steps creates a system in which restraint becomes optional rather than structural.

There is a deeper tension at work. If the United States treats spheres of influence as an acceptable norm in its own hemisphere, it becomes harder to reject similar claims elsewhere. Vladimir Putin's arguments about near-abroad authority rest on a logic the United States weakens when it asserts special prerogatives rooted in power rather than principle. The cases are not morally equivalent. Putin's interventions in Ukraine and Georgia involve territorial conquest and the erasure of sovereignty in ways American actions in the hemisphere do not. But the structure of the argument is similar enough that adversaries will exploit the parallel and allies will notice the inconsistency.

Root understood that sovereignty without discipline invites decay. The question before us is not whether America can act this way. Clearly, it can. The question is whether doing so strengthens the order it claims to lead or erodes it through accumulated precedent. Power exercised without restraint rarely remains exceptional.

Root's warning was never about weakness. It was about the difference between authority and dominance, between leadership that endures and power that exhausts itself. A century later, we are testing that distinction again.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because national security is everyone’s business.

Inside the High-Stakes U.S. Pressure Campaign on Iran

EXPERT INTERVIEW – U.S. officials say a second aircraft carrier will be deployed to the Middle East amid the administration’s efforts to pressure Iran to agree to restrictions on its nuclear program. The USS Gerald R. Ford is expected to join the USS Abraham Lincoln in a significant build-up of U.S. military force in the region.

President Trump said this week that he does believe the U.S. will be able to reach a deal with Tehran but warns that if talks fail, the outcome could turn far more severe.

After meeting with the president in Washington this week, Israeli Prime Minister Benjamin Netanyahu is less optimistic about a deal, telling reporters on Thursday that “...I expressed general skepticism about any agreement with Iran, but I said that if an agreement is reached, it must include the elements that are important to Israel: not only the nuclear program, but also the ballistic missiles, and also the Iranian proxies.”

Meanwhile, Iran’s national security chief Ali Larijani is warning that Tehran would strike U.S. bases in the region if it is attacked.

The Cipher Brief spoke with former National Intelligence Manager for Iran at ODNI Norm Roule about what is likely to come next. Roule, who is also a Cipher Brief Expert, travels regularly to the region for meetings with senior leaders. We spoke with him in this exclusive interview about the risks and opportunities facing the U.S. with regard to Iran and what he believes Iran is likely to do first if the U.S. does launch a military attack.

Norman T. Roule

Norman Roule is a geopolitical and energy consultant who served for 34 years in the Central Intelligence Agency, managing numerous programs relating to Iran and the Middle East. He also served as the National Intelligence Manager for Iran (NIM-I)\n at ODNI, where he was responsible for all aspects of national intelligence policy related to Iran.

THE INTERVIEW

The Cipher Brief: The U.S. is continuing to deploy military assets to the Middle East. How are you assessing the opportunities given where talks with Tehran are at the moment? What do you see as realistic U.S. objectives?

Roule: You’re correct to start with a focus on objectives. This will give us targets to assess risks and opportunities, as well as the report card against which the success of any strategy must be judged.

A number of these are included in the Trump Administration’s December 2025 National Security Strategy: avoid involvement in a costly regional war or nation-building, ensure that regional sea lanes and choke points remain open, and maintain stable energy markets.

Regarding the Islamic Republic, every Administration – indeed the entire international community – has agreed that Tehran must cease the oppression of its people, must not be allowed to develop a nuclear weapon, its missile programs must be constrained, and its malign regional adventurism and support for terrorism must end. This latter set of ambitions has been part of not only this administration’s Iran strategy but also of the first Trump administration's strategy. Former Secretary of State Mike Pompeo’s May 2018 Twelve-Point Speech on Iran highlighted each of these goals.

However, the current approach addresses areas where there are different views on the balance between nonproliferation and broader regional issues, and on whether to resolve the nuclear issue first and address other issues later, or to handle them together.

Former Secretary of State Condoleezza Rice once famously reminded a group that policymaking is done in a reality where we must remember that we are a country and not an NGO. National interests, security, and power drive foreign policy.

Humanitarian goals will be important in our policies, but they won’t be the primary driver. Ours is not the first generation to face the challenge of how far we should go to encourage and militarily support those who courageously stand against tyrants.

Woodrow Wilson faced this dilemma as White Russian armies fought the Bolsheviks in 1918-1920. Several presidents were pressed to respond as Germans, Czechs, Hungarians, and other protestors valiantly stood up against heavily armed Soviet occupiers in the 1940s, 50s, and 60s. It’s easy to say we should do more, but these decisions are never clear. In this case, there have been many calls for military action, and it is easy to understand the rationale, watching the regime’s cruelty against the courage of Iranian protestors. But it is also unclear exactly what we are to attack, for how long, how we would measure success, whether the results would justify the ramifications of dealing with Iran’s military retaliation and lastly, whether the moment for such action has passed. Every presidential advisor would try to address these questions.

But if policy choices regarding Iran involve profound risks, the events of this month show that kicking the can down the road is no less dangerous. Inevitably, the can gets heavier with every kick and the road gets shorter. There is absolutely nothing regarding the Iran threat today that hasn’t been predicted for years. The international community refused to risk the price of hard actions against Iran, and elected to use repeated attempts at diplomacy, corrosive sanctions (which were effective in limiting Iranian capabilities) and until June 2025, increasingly empty threats of military action to constrain Iran.

In terms of opportunities, the Administration has been consistent in its focus on four priorities with regard to Iran. The most recent has been humanitarian and involves the U.S. threat of military action against the regime if it continues using widespread murderous force against Iranian protestors. No one can deny the horrific and bloody crimes committed by this regime during the recent unrest. The violence has subsided along with the protests, albeit widespread arrests and detentions continue. The President has claimed that his threats of military action limited Iran’s use of violence and stopped Iran from hanging large numbers of protestors. Some certainly argue that we should have used military action to aid the protesters, but this raises the question I mentioned earlier and related issues about whether we had sufficient assets in the area to address potential “Day After” consequences. This is a question with no single clear answer. However, our use of diplomatic, economic, and military pressure to prevent regime violence against protesters is appropriate and consistent with our national values.

The Cipher Brief: The White House is now focused on Iran’s nuclear, missile, and regional threats. Talk to us about why this is a priority and whether the current moment is an opportunity.

Roule: Let’s start with Iran’s nuclear program. The June 2025 Twelve-Day War severely degraded – at least for now – Iran’s nuclear weapons capability. But that capability can be rebuilt, and if Iran has any enrichment capacity, especially one not under international supervision, they can try to produce weapons-grade enriched uranium. But if Iran doesn’t agree diplomatically not to rebuild these capabilities and to provide the International Atomic Energy Agency with the access it requires, we should steel ourselves to the requirement that the Israelis or we will need to repeat the June 2025 military strikes when Iran chooses to rebuild.

Next, we have the Iranian ballistic missile threat. The unclassified May 2025 Defense Intelligence Assessment stated that Iran’s space-launch vehicle program could give it the capability to build as many as sixty intercontinental ballistic missiles (ICBMs) by 2035.

Iran’s repeated use of ballistic missiles against multiple countries makes it reasonable for Israel to be concerned about the long-term size and direction of this program as well. Iran’s missile program is not currently a threat to Western Europe. If Iran builds ICBMs, this, of course, changes. The idea that anyone would allow a country with Iran’s political, military, and nuclear history to build dozens of potentially nuclear-tipped ICBMs within nine years should not be acceptable. It would also be too easy to imagine a scenario in which Iran and North Korea joined forces to threaten the U.S. Homeland. So, we either compel Iran to change the course of its ballistic missile program, work with Europe to build a costly missile shield, or destroy that program militarily now.

Last, Iran’s Quds Force remains operational and has begun to repeat what will be a several-year campaign to reconstitute its regional proxy program. This is not the first time the Quds Force has been required to rebuild a regional program amid great risk to the regime. In fact, it’s the third time since 2003.

By any traditional measure, the Islamic Republic represents a failed revolutionary state ruling a disillusioned and angry population. In many ways, it resembles the final years of the Soviet Union: an ossified regime whose ideology is dismissed even by its most ardent supporters. The regime retains power through repression, coercion, corruption, and a multi-layered system of lucrative patronage that its most potent supporters would lose in any reformed government.

The administration’s rhetoric and actions make a reasonable case that the current moment should be tested to see whether, with further pressure – which could include military action – the regime would sacrifice these malign activities in exchange for sanctions relief that would allow the Islamic Republic to survive. This won’t satisfy those who seek regime change, but it does parallel Washington’s approach to Venezuela.

The Cipher Brief: How would you assess Iran’s losses to date?

Roule: By any measure, Iran’s losses have been extraordinary, consequential, and unprecedented in modern history for a country of its size, regional influence, and global economic impact in the energy market. The last two years have been crowded with examples of the collapse of its political, economic, and national security architecture.

In terms of leadership, the regime has endured the death of President Ebrahim Raisi, who was highly likely to be Supreme Leader Khamenei’s choice. His passing was followed by a historic low turnout in elections that led to the Pezeshkian presidency. Pezeshkian failed to deliver on his economic promises. His tenure has included the dismissal or resignation of two vice presidents, two cabinet officials, and other senior officials. He spends much of his time apologizing to the Iranian people for the government's failures, hoping this tactic will win him popular support. It’s somewhat understandable in that the economic complaints that ignited Iran’s recent nationwide unrest occurred in a country that has endured months of shortages of water, electricity, natural gas, and refined products, which forces the repeated closure of schools, government offices, and businesses.

The World Bank estimates that one-third of Iranians (25-26 million) are below the poverty line. Annual inflation reached 43 percent in December 2025. The rial, which fell to 1.43 million to the dollar before the unrest, just reached 1.63 million to the dollar and appears to have no bottom. U.S. Secretary of the Treasury Scott Bessent’s comments on recent U.S. expanded sanctions in response to Iran’s handling of protests underscores Washington’s intent to use whatever economic tools it can to pressure Tehran.

The Cipher Brief: If you’re looking at this in terms of Iran’s own national security, how does it look?

Roule: In terms of national security, the picture is bleak. Over the past two years, Israel killed the commanders of Iran’s primary proxy partners and destroyed the group's strategic capacity. Russia and China proved to be of no help in the June War, nor could they stop the reimposition of United Nations Security Council Sanctions.

The loss of Syria and Venezuela cost Iran its closest external allies, reducing its regional and global political reach. The June War was a profound defeat for Iran’s air defenses and intelligence services. Israel and the U.S. easily destroyed key elements of Iran’s hugely expensive nuclear program, an effort that has cost billions of dollars and for which Iran has endured decades of political and economic isolation. The conflict cost Tehran many of its most experienced military and nuclear personnel, and left Iran with billions of dollars in damage to its nuclear and missile infrastructure.

Finally, Iran’s murderous killing of protestors and internet shutdown starkly illustrated that the most successful aspect of the regime’s national security investments remains its tools of oppression.

The Cipher Brief: Many have described Tehran today as weak. Yet the regime keeps surviving protests. Its missile programs are considered a potential threat, and policymakers are worried about its capacity to threaten the Strait of Hormuz, impacting energy markets. What’s your take on this?

Roule: The regime is weaker in many areas, but it is more accurate to say that the regime has never been more fragile and is strategically weaker than it has been in decades. All of this is known to Iran’s Supreme National Security Council. But they can also list strengths they believe will help them survive. I would rather not list these publicly but suffice it to say that key elites and security elements remain unified, disciplined, and responsive.

If the government’s deep national unpopularity is a fact, it can’t be ignored, as a substantial portion of the population remains uncommitted to its overthrow, and some are committed to its survival rather than supporting the opposition. Externally, it may have no reliable state allies, but nor does it face an international coalition. The U.S. is its primary adversary. What it achieves against Washington will shape its relations with the world.

Iran may not be able to compete with the U.S. militarily, but that has always been the case. Its leaders know that they must be able to threaten an asymmetric response: regional and global economic destruction by missile, drones, and cyber-attacks will immediately begin should the U.S. attack Iran.

This list should leave your readers with the sense that these men believe the best days of the regime are ahead. That would imply stupidity, which is not a characteristic that gets one through Iran’s national security shark pool of political and policy challenges.

They wake every morning, knowing that their domestic political and economic realities make another cycle of nationwide anti-regime unrest inevitable. The Supreme Leader will be 87-years old on April 19. His eventual passing will trigger the final transition to the regime’s post-revolutionary generation and they have had years to prepare for this moment. But his passing, which could occur at any time, could create a new crisis. And of course, if an actual military conflict with the U.S. takes place, the survival of the regime, and the personal survival of those in Iran’s leadership could be in question.

The Cipher Brief: How are you assessing the impact of the Trump administration’s approach right now?

Roule: The structure of the Trump administration’s strategy remains strategically conventional. The administration’s primary goal is a diplomatic outcome that avoids a conventional war or an episode that leaves Iran empowered and U.S. credibility damaged. Hence, the likelihood of a dramatically powerful military attack on Iran remains high.

The administration has made no secret of its buildup of one of the most powerful offensive air, missile, and air defense capabilities in history. Israel has also threatened military action. The President is also reportedly considering dispatching another aircraft carrier task force to augment his offensive capabilities further. The way this force has been deployed thus far shows that it is part of the pressure campaign and that the President has not yet authorized military operations. Of course, this last point could change at any time.

The administration has deployed a senior diplomatic team and urged regional partners to press Iran to engage with the U.S. to reach a deal. The administration has loudly announced new economic pressure on Iran and of course, deployed a massive military force. All of this is meant to pressure Iran’s leaders into making concessions.

This brings us to the subject of timelines. This current process is likely to last until the president and his advisors believe they have exhausted diplomacy. If the administration continues to believe it must strategically change Iran’s nuclear, missile, and Qods Force, then military action becomes a very high probability.

Predicting this timeline is impossible as it is shaped by Iran’s decisions, partner input, U.S. political conditions, and even unexpected events, such as a sudden spike in unrest within Iran, the sudden death of the Supreme Leader, etc.

The Cipher Brief: What about Iran’s response?

Roule: Iran needs to conduct multiple actions simultaneously to reduce the pressure on the regime and improve its chance of long-term survival. These steps include ending the protests, improving its military capabilities, and developing a diplomatic strategy to delay a U.S. military strike. But in the near term, Tehran remains unlikely to give Washington what it wants.

Domestically, Tehran must ensure and demonstrate leadership and unity among security forces. The country’s leadership will continue to comprise a spectrum of trusted actors. Security forces will aggressively seek to locate and detain anyone believed to have been part of the recent unrest and anyone who they believe has engaged in unauthorized contact with Western opposition or media, and expedite trials to show that the regime’s control remains strong. The regime will seek opportunities to project an atmosphere of normalcy and, as we have already seen, organize pro-regime rallies and events to show that it has its own base of support.

Externally, the regime will seek to project defiance and confidence. Its primary diplomatic goal will be to buy time and prevent coalitions from forming, so it will seek negotiations, indirectly whenever possible, and will always focus on the most complicated issue: the nuclear program. Its public comments on the talks will be positive and vague. This has been its usual practice because doing so has a positive impact on the value of the rial to the dollar and supports the regime’s propaganda on diplomacy.

We should expect Tehran to maintain oil production and maybe even try to increase floating storage on shadow-fleet assets in Asia to allow it to meet contracts during any short-term conflict with the U.S. If it feels it needs to close the Strait of Hormuz, it has multiple ways of doing so, but we shouldn’t be surprised if the U.S. military has multiple options for dealing with that.

At the same time, it will prepare missile and cyber operations both to signal deterrence and to survive any U.S. and possibly combined U.S.-Israel attack. In the absence of a credible air defense, its deterrence rests on a public diplomacy narrative that it stands ready to launch broad attacks against every U.S. base in the region, Israel, and to close the Strait of Hormuz and perhaps attack oil export facilities, damaging the international oil market, if the U.S. attacks. Iran hopes these statements will spark debate in the U.S. and diplomatic pressure from the international community against Washington over an attack.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Need a daily dose of reality on national and global security issues? Subscribe to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

Confidence, Interoperability, and the Limits of U.S. Decision Systems

OPINION — In recent months, U.S. policy debates have increasingly acknowledged that the decisive contests of the 21st century will not be fought primarily on conventional battlefields. They will be fought in the cognitive domain, through influence, perception, legitimacy, and decision velocity. This recognition is important and depends on an adequate technical and institutional layer to deliver durable strategic advantage. Cognitive advantage cannot be declared. It must be engineered.

Today, the United States does not lack data, expertise, or analytic talent. What it lacks is decision-shaping architecture capable of producing consistently high-confidence strategic judgment in complex, adaptive environments. The result is a persistent gap between how confident U.S. decisions appear and how reliable they are - especially in Gray Zone conflicts where informal networks, narrative control, and societal resilience determine outcomes long before failure becomes visible. Afghanistan was not an anomaly. Nor will it be the last warning.

The Confidence Illusion

In U.S. national security discourse, the phrase “high confidence” carries enormous weight. It signals authority, rigor, and analytical closure. Yet extensive research into expert judgment, including studies of national-security professionals themselves, shows that confidence is routinely mis-calibrated in complex political environments.

Judgments expressed with 80–90 percent confidence often prove correct closer to 50–70 percent of the time in complex, real-world strategic settings. This is not a marginal error. It is a structural one.

The problem is not individual analysts. It is how institutions aggregate information, frame uncertainty, and present judgment to decision-makers. While pockets of analytic under confidence have existed historically, recent large-scale evidence shows overconfidence is now the dominant institutional risk at the decision level.

Recent U.S. experience from Iraq to Afghanistan suggests that institutional confidence is often declared without calibration, while systems lack mechanisms to enforce learning when that confidence proves misplaced. In kinetic conflicts, this gap can be masked by overwhelming force. In Gray Zone contests, it is fatal.

Afghanistan: Studied Failure Without Learning

Few conflicts in modern U.S. history have been studied as extensively as Afghanistan. Over two decades, the U.S. government produced hundreds of strategies, assessments, revisions, and after-action reviews. After the collapse of 2021, that effort intensified: inspector general reports, departmental after-action reviews, congressional investigations, and now a congressionally mandated Afghanistan War Commission.

The volume of analysis is not the problem. The problem is that these efforts never coalesced into a unified learning system. Across reports, the same lessons recur misjudged political legitimacy, overestimated partner capacity, underestimated informal power networks, ignored warning indicators, and persistent optimism unsupported by ground truth. Yet there is no evidence of a shared architecture that connected these findings across agencies, tracked which assumptions repeatedly failed, or recalibrated confidence over time.

Lessons were documented, not operationalized. Knowledge was archived, not integrated. Each new plan began largely anew, informed by memory and narrative rather than by a living system of institutional learning. When failure came, it appeared suddenly. In reality, it had been structurally prepared for years.

The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.

Reports Are Not Learning Systems

This distinction matters because the U.S. response to failure is often to commission better reports. More detailed. More comprehensive. More authoritative. But reports - even excellent ones - do not learn. Learning systems require interoperability: shared data models, common assumptions, feedback loops, and mechanisms that measure accuracy over time. They require the ability to test judgments against outcomes, update beliefs, and carry lessons forward into new contexts. Absent this architecture, reports function as historical records rather than decision engines. They improve documentation, not confidence. This is why the United States can spend decades studying Afghanistan and still enter new Gray Zone engagements without demonstrably higher confidence than before.

Asking the Wrong Questions

The confidence problem is compounded by a deeper analytic flaw: U.S. systems are often designed to answer the wrong questions. Many contemporary analytic and AI-enabled tools optimize for what is verifiable, auditable, or easily measured. In the information domain, they ask whether content is authentic or false. In compliance and due diligence, they ask whether an individual or entity appears in a registry or sanctions database. In governance reform, they ask whether a program is efficient or wasteful. These questions are not irrelevant, but they are rarely decisive.

Gray Zone conflicts hinge on different variables: who influences whom, through which networks, toward what behavioral effect. They hinge on informal authority, narrative resonance, social trust, and the ability of adversaries to adapt faster than bureaucratic learning cycles.

A video can be authentic and still strategically effective as disinformation. An individual can be absent from any database and still shape ideology, mobilization, or legitimacy within a community. A system can appear efficient while quietly eroding the functions that sustain resilience. When analytic systems are designed around shallow questions, they create an illusion of understanding precisely where understanding matters most.

DOGE and the Domestic Mirror

This failure pattern is not confined to foreign policy. Recent government efficiency initiatives-often grouped under the banner of “Department of Government Efficiency” or DOGE - style reforms - illustrate the same analytic tendency in domestic governance. These efforts framed government primarily as a cost and efficiency problem. Success was measured in budget reductions, headcount cuts, and streamlined processes.

What they largely did not assess were system functions, hidden dependencies, mission-critical resilience, or second-order effects. Independent reviews later showed that efficiency gains often disrupted oversight and weakened essential capabilities - not because reform was misguided, but because the wrong questions were prioritized. DOGE did not fail for lack of data or ambition. It failed because it optimized what was measurable while missing what was decisive. The parallel to national security strategy is direct.

Why Gray Zone Conflicts Punish Miscalibration

Gray Zone conflicts are unforgiving environments for miscalibrated confidence. They unfold slowly, adaptively, and below the threshold of overt war. By the time failure becomes visible, the decisive contests - over legitimacy, elite alignment, and narrative control - have already been lost.

Adversaries in these environments do not seek decisive battles. They seek to exploit institutional blind spots, fragmented learning, and overconfident decision cycles. They build networks that persist through shocks, cultivate influence that survives regime change, and weaponize uncertainty itself. When U.S. decision systems cannot reliably distinguish between what is known, what is assumed, and what is merely believed, they cede cognitive advantage by default.

What “90 Percent Confidence” Actually Means

This critique is often misunderstood as a call for predictive omniscience. It is not. According to existing standards, No system can achieve near-perfect confidence in open-ended geopolitical outcomes. But research from forecasting science, high-reliability organizations, and complex systems analysis shows that high confidence is achievable for bounded questions - if systems are designed correctly.

Narrowly scoped judgments, explicit assumptions, calibrated forecasting, continuous feedback, and accountability for accuracy can push reliability toward 90 percent in defined decision contexts. This is not theoretical. It has been demonstrated repeatedly in domains that take learning seriously. What the U.S. lacks is not the science or the technology. It is the architecture.

Cognitive Advantage Requires Cognitive Infrastructure

The central lesson of Afghanistan, Gray Zone conflict, and even domestic governance reform is the same: data abundance without learning architecture produces confidence illusions, not advantage.

Cognitive advantage is not about thinking harder or collecting more information. It is about building systems that can integrate knowledge, test assumptions, recalibrate confidence, and adapt before failure becomes visible.

Until U.S. decision-shaping systems are redesigned around these principles, the United States will continue to repeat familiar patterns - confident, well-intentioned, and structurally unprepared for the conflicts that matter most.

The warning is clear. The opportunity remains with Yaqin.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because national security is everyone’s business.

A Path to Understanding Autonomy in Defense Technology

Welcome to The Iron Triangle, the Cipher Brief column serving procurement officers tasked with buying the future, Investors funding the next generation of defense technology, and policy wonks analyzing its impact on the global order.

COLUMN/EXPERT PERSPECTIVE -- In its purest sense, autonomy is the condition of self-government. When we overlay that concept onto military machines and armed drones, the immediate fear is that we are outsourcing the moral weight of life and death to an algorithm. I’ve seen the Terminator series, so I know what you’re thinking. No, you don’t need to learn how to make a pipe bomb. It’s not as bad as you think… maybe.

However, the reality of military command is more nuanced. To understand autonomy in defense technology, I want to first be clear about how the military defines command.

Command is composed of three elements: authority, responsibility, and decision-making. Authority is the delegated power to make decisions and use resources. Responsibility is the legal and ethical obligation for everything a unit does or fails to do. And decision-making is the process of translating high-level intent into actionable orders.

Autonomy does not replace the commander; it enables the commander to aggregate and disaggregate aspects of Command and Control (C2). Specifically, autonomy allows a commander to delegate control to a machine while maintaining command. However simple this sounds, it is a monumental mindset shift for many commanders. To be successful, this will require reshaping some commanders’ understanding of technology.

To use autonomous systems appropriately, the commander assigns a framework of authority. This authority might be a benign task, such as "Conduct intelligence, surveillance, and reconnaissance in order to identify the enemy within [defined area]."

On the opposite end of the spectrum, such as in high-intensity, peer-conflict scenarios where there is no civilian presence, "Identify and destroy targets in [defined area]." The authorities a commander assigns to autonomous systems will depend heavily on their risk calculations and dozens of other factors.

The Rewards: Why Accept the Risk?

Remember that all responsibility for the mission remains with the commander. Given the potential risks outlined above, why would a commander accept responsibility for an autonomous system’s performance? Because autonomous systems will be required not only for survival, but to fight and win on a modern, transparent battlefield.

Operational Tempo (OPTEMPO). Autonomy denies the adversary the ability to reset during what would otherwise be natural lulls in combat operations. It enables a constant and consistent pressure campaign that human operators, limited by fatigue, cognitive bandwidth, and resources, cannot sustain.

Force Protection and Attrition. We must shift our thinking toward lifecycle protection. Autonomy allows us to project power and achieve effects without putting a human in the loop–where they are most vulnerable.

Cognitive Decoupling. By reducing the pilot-to-platform ratio from 1:1 to 1:Many, autonomy frees the commander’s mind to focus on the strategic rather than the tactical, effectively reducing cognitive load.

The Implications: The Path Forward

To move autonomy to battlefield reality, we must address three critical pillars:

Low-Cost Near-Exquisite Systems: Commanders cannot get comfortable with autonomy if they are afraid to lose their assets. We must continue to move away from high-cost platforms toward mass-producible, near-exquisite systems that allow for the thousands of training iterations required to build trust.

Interoperability: A quadcopter built in a Florida garage must immediately work cohesively with a bespoke system from a big defense prime. If autonomous systems cannot operate across-domains, if they aren’t vendor-agnostic, and if they can’t operate as one element of a swarm ecosystem, they aren’t force multipliers; they are a logistics burden.

The Cipher Brief applies expert-level context to national and global security stories. Grant yourself full-access to Cipher Brief expert insights, analysis and private briefings in the new year by becoming a Subscriber+Member.

End Vendor Lock-In: Continuous innovation is the only defense against adversarial countermeasures, and rigid multi-year contracts stifle technology iteration. We need a development operations model for hardware, where field feedback is transferred directly to engineers, rapid improvements are made, and systems are re-fielded. Vendors need to be held accountable–by losing profitable contracts–when they fail against this standard.

For the procurement officer: Stop buying platforms and start buying ecosystems that support delegated authority, scalability, and innovation. Establish criteria for continuously evaluating technology and hold companies accountable. I commend the Department of Defense for acknowledging this need with more flexible contract mechanisms, but more can be done. There are many small, innovative technologies that might make a substantive difference if they are given an opportunity.

For the investor: Look for companies whose technology is not dependent on specific hardware, and for those who are open to rapidly partnering with other OEMs to overcome technical limitations. There are an unprecedented number of small defense technology firms in today’s ecosystem and there will be a consolidation within two-to-five years. If a company insists that every capability is vertically integrated, there is a strong likelihood that they will be outpaced by an up-and-comer or a conglomeration who is more flexible.

For the policy wonk: The debate isn't about whether machines will make decisions, but how we legally and ethically define the authority we give them. Setting conditions that promote and reward innovation will de-risk this transition now. We also need to think about the resources we provide the services for training, and how rules of engagement stack against those of our adversaries. This will all lead to better outcomes when it counts.

The coming years will be a period of creative destruction for the defense industry. The era of proprietary technology is ending, replaced by an ecosystem where the only constant is change. We must reward the agile and hold the stagnant accountable. Whether it’s a garage-born startup or a legacy prime, the winners will be those who embrace the DevOps of hardware and the radical transparency of interoperable swarms. Autonomy is the catalyst; how we choose to fund, buy, and govern it will determine who leads the global order for the next century.

Joey Gagnard is a Cipher Brief columnist who regularly shares his perspective on national security and technology via his Iron Triangle column.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

Standing Up to a Spy: My Run-In with Aldrich Ames

OPINION — I had an unpleasant episode with Aldrich Ames which taught me some life lessons.

I was a mid-level CIA analyst working Caucasus and Central Asian issues in the 1990s. My job responsibilities then included reviewing agency participation in conferences located in that part of the world, helping assure the environment was conducive to the type of gathering being proposed and identifying any threats there might be. The reviews were usually noncontroversial and proforma, perfectly suited for a mid-level analyst.

Sometime, though, in mid 1993, a memo came across my desk from a desk officer in the CIA’s Counter Narcotics Center (CNC) proposing a senior level CNC conference in that part of the world that I worked. I felt strongly there were security risks associated with the gathering that did not justify agency participation. I was also concerned that the host country could not adequately address the conference logistics. I documented my concerns, did not sign off, and moved on, without giving the subject any additional thought.

The following day, as I was reading through my cables, I looked up from my computer to find a very unkempt individual, about 20 years my senior with bushy eyebrows and a dirty, wispy looking mustache hovering over me, in essence, violating my personal space. He introduced himself as Aldrich Ames, the individual planning the conference which I had refused to sign off on the day before. He demanded to know how I had the gall to stand in the way of this important conference. I explained to this aggressive individual that I saw no upside to holding such a conference where he had proposed and explained to him my security and logistics concerns. He continued by berating me for not understanding the former Soviet Union.

Sure, I was in the earlier stages of my career but by then I had an undergraduate and graduate degree in Soviet Studies. I studied in Moscow and St. Petersburg. I wrote my master’s thesis on the role of women in Uzbek politics, participated in several summer workshops at Harvard University and other universities focused on Ukraine and Central Asia, had published articles in academic journals on Central Asia, had spoken on many conference panels regarding Soviet and Former Soviet Union politics, and had just completed a year as part of the CIA Director’s Exceptional Analyst Program studying the history and culture of Azerbaijan and Azeri language.

I stood my ground with Aldrich Ames and politely invited him to leave. Not to be deterred, Ames came back to my desk a few times. I was not there and my cubicle-mates alerted me to the fact that the unkempt man from the CNC was looking for me. He found me at my desk a few weeks later. By then, he was even more surly and patronizing. He told me that he was a senior operations officer and that I was thwarting important operations. I told him to get the Department of Operations to sign off and then come back to me. He then complained to my boss about the stupid analyst. She had my back but as a fairly young analyst, I was shaken by his demeanor and his threats.

Months later I heard that the CNC Conference was happening but maybe somewhere else.

Mr. Ames was arrested for espionage on his way to this relocated conference shortly thereafter.

I later came to know that Mr. Ames may have shared my analysis with the Russians. But, I was not in harm's way. More importantly, I remember the families and loved ones of those executed due to Ames’ betrayals and pay tribute to them and the colleagues whose careers he sidetracked.

This is just another ugly, though inconsequential story in the Aldrich Ames saga. What I learned as an analyst who unwittingly stood up to a spy is to trust your instincts, stand your ground, expertise matters, and that ultimately bad people cannot disguise that they are bad people. And Mr. Ames should have taken my advice.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because national security is everyone’s business.

Russia’s Promises of Security Lead to Ukraine's Frontlines

DEEP DIVE — Moscow has spent nearly four years burning through human resources in Ukraine, and now they’ve found a new way to fill the gaps of loss: exploiting the Global South. Russia is luring in thousands of men with promises of ‘work’ or ‘security,’ only to hand them a rifle. When these guys eventually head home, their own governments are going to be left dealing with the fallout of having thousands of war-hardened veterans they never asked for.

Ukraine’s military intelligence has identified more than 18,000 foreigners from 128 countries who have fought or are currently fighting for Russian forces. At least 3,388 of these fighters have been killed, according to Ukrainian officials. The death toll includes citizens from Cuba, Nepal, India, Kenya, and across Central Asia — men who often arrived in Russia seeking construction jobs or warehouse work, only to find themselves thrust into Ukraine’s grinding war of attrition with minimal training and false promises.

“Russia has no choice but to attempt to continue its foreign recruitment model given Russian military casualties and political realities of a significant mobilization in President Putin’s political bases in Moscow and Saint Petersburg,” Alex Plitsas, nonresident senior fellow with the Middle East Programs at the Atlantic Council, tells The Cipher Brief.

For Washington, the pipeline carries implications beyond the immediate battlefield. Combat-hardened fighters from regions where the United States competes with Russia for influence, particularly across Africa and Latin America, will eventually return home potentially equipped with drone warfare expertise, small arms proficiency, and tactical knowledge gained in Europe’s most technologically advanced land war since 1945.

Former AFRICOM commander General Stephen Townsend warned in 2019 that Russia’s meddling in Africa comprises the “second biggest threat to US security interests” after terrorism.

The Architecture of Exploitation

Moscow has effectively turned its migration system into a trap, routinely building military recruitment offices right beside immigration facilities where beatings and freezing cells are used to coerce signatures. Detention or military service are often the only options for migrants in legal limbo.

Incentives are also used to exploit poverty. Nepali recruits receive 75,000 to 200,000 rubles monthly, or $750 to $2,000, dwarfing local earnings but representing only a fraction of Russian compensation. Cuban networks promise citizenship and generous payments.

The Human Trafficking Pipeline

Several governments now describe these recruitment tactics as outright human trafficking. In Kenya, an investigation revealed that citizens were promised stable jobs only to find themselves on drone assembly lines in active war zones. India has documented a similar pattern, with at least 35 of its nationals sent to the front lines against their will.

Nepal perhaps serves as the most stark example of this human cost. Officially, 14 Nepalis are confirmed dead, but estimates suggest as many as 2,000 may have enlisted in Russian forces. The subsequent outrage in Kathmandu led to Russia and Ukraine’s work permits being denied in early 2024. This proved effective, at least temporarily, as only one known Nepali citizen had signed a contract in the first ten months of 2025.

The situation, however, is harrowing on the ground. Foreign recruits are deployed to frontline assaults after just a week of training, according to Ukrainian prisoners of war. Despite promises of non-combat roles, some of these men signed Russian-language contracts they couldn’t even read.

“The foreign recruits have proven to be less effective as a result of the minimal amount of training and poor equipment that they receive upon joining,” says Plitsas. “Russia is throwing bodies at the problem, so to speak, in terms of trying to fortify the front lines and replacing fallen Russian troops.”

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

The political calculus is deliberate. Plitsas highlights that there are far fewer political ramifications for losing foreign fighters than for Russian citizens.

“Many see these foreigners as having volunteered, so if they die in combat, it doesn’t have a significant reflection within Russian society,” he continues.

Central Asian migrants face particular vulnerability.

Moscow has increasingly turned its attention to the four million Central Asian migrants living within its borders to solve its mounting personnel shortages. Since the legal shifts in September 2022, the Kremlin has effectively tied residency and citizenship to military service.

Uzbeks and Tajiks working in Russia face a forced choice: enlist or lose their legal status. It is common for new arrivals’ residency applications to be stalled unless they sign a military contract, making them a prime target for Russian recruiters.

The Manpower Calculus

Moscow’s reliance on foreign recruits reflects an acute strain on its ability to sustain combat operations. Western estimates suggest Russia has suffered approximately 1.2 million casualties — killed and wounded — since February 2022. The UK Ministry of Defense reported Russia lost approximately 415,000 personnel in 2025 alone, the second-deadliest year of the conflict. December 2025 averaged 1,130 casualties daily, marking four consecutive months of rising losses.

The Kremlin maintains a monthly recruitment rate of roughly 30,000 to 40,000 contract soldiers, approximately matching battlefield attrition rates. This pace requires exploiting every available demographic, with provincial governments pressured to meet quotas.

Yet debate exists over the scale’s significance.

“The Russian army does not depend critically on foreign mercenaries,” Oleg Ignatov, Senior Analyst for Russia at the Crisis Group, tells The Cipher Brief. “The exact number of foreign mercenaries in the Russian army is unknown, but it is small compared to the total number of troops.”

Independent estimates hover around 1,500, while Russian officials claim 30,000 total — a fraction of Russia’s roughly 700,000 troops in Ukraine.

“Overall, there is no evidence that foreign mercenaries stand out among Russian soldiers and suffer significant losses compared to other soldiers,” Ignatov insists, noting North Korean forces initially suffered heavy losses because “they were not adapted to the realities of war in Ukraine.”

“All other foreigners serve in Russian units and suffer the same losses as all other servicemen in these units,” he says.

The pattern reflects a broader strategic reality.

According to Ignatov, “both Russia and Ukraine are experiencing a shortage of manpower for this type of war, which explains their efforts to recruit foreigners.”

“In addition, Russia needs to maintain its manpower advantage on the front lines, which it gained by the end of 2023-early 2024,” he points out.

Plitsas frames the imperative more starkly.

That political risk became clear more than three years ago. Moscow remains wary of the domestic fallout that followed the September 2022 mobilization. The Kremlin thus relies on foreign recruitment to maintain frontline numbers.

The Security Aftermath

The long-term security implications of Russia’s foreign recruitment extend far beyond the battlefield. Combat veterans returning to impoverished home countries bring specialized military skills from Europe’s largest land war since 1945. Historical precedent from Afghanistan, Syria, and Iraq demonstrates that even small percentages can destabilize regions.

“Foreign fighters returning home often suffer from the same types of combat-related stress disorders as troops but given that they were working for a foreign military, they do not get benefits when they return to their home country,” Plitsas cautions. “They also have sufficient training to be able to conduct attacks at home, even if they are simplistic, involving only small arms.”

The psychological and practical risks compound.

“There is always a risk in having a population of combat-experienced fighters who lack access to benefits and treatment for combat-related issues and their susceptibility to domestic causes that could be problematic for their home governments,” Plitsas underscores, pointing to Syria. “Many foreign fighters returned from Iraq with combat experience and helped to form the base of the armed factions that overthrew the Assad regime.”

Beyond physical combat skills, the technological knowledge poses distinct dangers.

“One concern is that foreign fighters will accelerate the proliferation of drone technologies and tactics used in Ukraine to nefarious groups around the world, some of which have already started adopting them,” John Hardie, deputy director of the Russia Program at the Foundation for Defense of Democracies, tells The Cipher Brief.

Ukraine has become a laboratory for drone warfare. Veterans returning with hands-on experience could rapidly advance militant and criminal capabilities from Latin America to Southeast Asia.

Some nations are trying, or tried, to push back.

Kazakhstan opened a record 709 criminal cases in 2025 against citizens who joined Russian formations, with sentences ranging from 4.5 to 5 years. Kyrgyzstan’s attempt to set a legal precedent, however, fell flat when the Kremlin stepped in with pressure to drop charges.

In spite of the death toll of more than 120 Uzbek, Tajik, and Kyrgyz fighters by late 2024, accountability remains nonexistent. It is common for recruits to hide behind new Russian passports, which legally place them beyond the reach of their home governments. The real worry now isn’t just the dead, but the survivors; men who stay in Russia with specialized combat training and no clear path except drifting into the criminal margins.

For Cuba, which joined the Russian-led BRICS bloc, estimates suggest up to 20,000 Cubans recruited since 2022, with 200 to 300 killed. El País reported that 40 percent had previously served in the Cuban Armed Forces, suggesting state awareness. Due to the high percentage of active military personnel and ex-military personnel fighting under the Russian banner, Cuba’s government may be tacitly permitting the recruitment pipeline.

Unlike Nepal or India’s aggressive crackdowns, Havana’s muted response raises questions about quid pro quo arrangements with Moscow, particularly as Cuba faces a severe economic crisis and depends heavily on Russian support.

“Travel bans and efforts by governments to stop their citizens from volunteering will have some impact, though the overall numbers are still small in general terms,” Plitsas observes. “Augmenting Russian troops with foreign troops has also proven to be efficient, though poor training and equipment limit overall effectiveness.”

The offensive exploits global inequality while exporting costs to nations with limited pushback capacity. While Moscow claims foreign recruits demonstrate international support for the war, the reality is much bleaker: it’s a trafficking operation that targets the poor and desperate. The same thing happened in Syria and Iraq, demonstrating to the international community that a handful of combat-hardened veterans can destabilize an entire country.

When these men return to Africa or South Asia with expertise in drone strikes and urban warfare, they often don’t just go back to civilian life; they become a ready-made kit for insurgencies or criminal groups.

“Foreign governments have taken some steps to try to stem the flow of foreign fighters supporting Russia, but the populations involved have been relatively small, and it hasn’t been seen as a significant enough problem for home governments to take more significant action to date,” Plitsas explains.

He identifies structural challenges.

“Many of the fighters come from countries that are friendly to Russia, and so banning travel, or things of that nature, becomes more difficult given the status of the relationship between the countries,” Plitsas continues. “Also, when you’re traveling abroad and need a visa, the country you are traveling to has to grant it to you. Russia is incentivized to allow the flow to continue, as the burden is on Russia to grant the visa, not the home country. It makes policing the effort very difficult.”

As battlefield casualties mount and domestic constraints prevent mobilization, foreign recruitment provides a crucial release valve for Moscow. As a result, thousands of people have been channeled into war under false pretenses, leaving survivors scarred and equipped with military skills posing long-term security risks.

Yet Ignatov pushes back against the alarmist framing.

“War is a serious trauma, and all soldiers need psychological help. But I don’t think there are any risks of radicalization beyond this problem,” he contends. “There is no radical ideology in Russia that poses a threat of global spread.”

Whether ideological or not, the pattern is clear: Russia’s manpower crisis shows no sign of abating.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

After New START: America Weighs a New Nuclear Strategy

OPINION — “Militarily, the expiration [last Thursday] of New START [2010 Treaty with Russia] enables the United States to take parallel steps. We will complete our ongoing nuclear modernization programs that were initiated while New START entered into force. The United States also retains non-deployed nuclear capacity [some 1,900 stored nuclear warheads and bombs] that can be used to address the emerging security environment, if directed by the President. Such actions include expanding current forces, diversifying our capabilities, developing and fielding new theater-range nuclear forces, and adapting our extended deterrence posture as necessary.”

That was Under Secretary of State for Arms Control and International Security Thomas DiNanno speaking in Geneva last Friday at the United Nations Conference on Disarmament in Geneva.

One day earlier, in a post on Truth Social, President Trump offered this arms control idea: “Rather than extend ‘NEW START’ (A badly negotiated deal by the United States that, aside from everything else, is being grossly violated), we should have our Nuclear Experts work on a new, improved, and modernized Treaty that can last long into the future. Thank you for your attention to this matter! PRESIDENT DONALD J. TRUMP”

Having written about nuclear weapons and covered arms control efforts over the past 60+ years, I thought I would join with others to offer some ideas on where we are now and where we ought to be headed. But rather than doing it alone, I thought I would include some matters raised by former U.S. government nuclear weapons and arms control experts who testified last Tuesday before the Senate Arms Services Committee during a hearing on the post-New START treaty environment.

Let’s start with who is at Trump’s future negotiating table. Trump and other U.S. officials have said China along with Russia has to be there, although so far the Chinese have refused to discuss their nuclear programs. Russian President Vladimir Putin, in response to the Chinese participating idea, said he would then want the United Kingdom and France, two other nuclear powers, also included.

At last week’s Senate Armed Services hearing, Rose Gottemoeller, the lead U.S. negotiator for New START and now Lecturer at Stanford University and Research Fellow at the Hoover Institute, gave what I believe would be the best ideas for the way forward.

She said, “I do not support trying to do a trilateral negotiation. I believe that these negotiations [with Russia and China] should be done in parallel. We have 50 plus years of experience limiting and reducing nuclear weapons with the Russians. We can continue that kind of process [to include tactical and hypersonic nuclear weapons] with them.”

Gottemoeller added, “And by the way, I agree that non-strategic nuclear weapons [should be included]. We did not constrain non-strategic nuclear weapons in the New START treaty. It was not designed for that purpose. So to fault it for not controlling those weapons is a bit bizarre, but nevertheless, I agreed with the Trump administration during the first term when they said we need an all-warhead limit in the next negotiation. I think that is definitely the priority we need to proceed on with the Russians.”

Gottemoeller also said, “It's been my recent experience working with them [the Chinese] in track two [non-U.S. Government] settings that they seem very interested in trying to figure out ways to begin a conversation with the United States about nuclear risks… developing better communications, links with them at the strategic level, hotline arrangements, these types of things. I think they are valuable to begin a conversation about the necessity of controlling nuclear weapons at the negotiating table and [for the Chinese] not being so un-transparent about what they're doing with their modernization. That has to be the first and foremost objective talking to them about what their intentions are.”

She added, “I've already spoken about the Chinese. I think they are willing to talk to us now, but it is about risk reduction and the beginning of more predictability and transparency about their nuclear objectives,” matters that up-to-now they have refused to discuss.

Picking up Gottemoeller’s idea for China at the Senate hearing was another witness, retired-Adm. Charles A. Richard, former commander of the U.S. Strategic Command (STRATCOM), and incoming chief executive officer of the Institute for Defense Analysis.

Richard told the Senators, “I think that is an excellent starting point for a conversation with China. There are terms like confidence building and transparency that I would certainly endorse. But fundamentally it comes back to how do you responsibly operate weapon systems with this magnitude of destructive potential. That is to everyone's benefit including China. And I think that makes an excellent starting point for diplomacy.”

The Gottemoeller/Richard approach reminded me of discussions I had had back in the early 1970s with Paul Nitze when he was part of the Nixon team negotiating SALT I. Nitze told me the Soviet negotiators who were Foreign Office diplomats had little knowledge about nuclear weapons thereby leaving most of the negotiations to the Russian hard-line military. As a result, the Americans had to educate the Soviet diplomats about the destructive power of these weapons to get them more active in the negotiations.

Under Secretary DiNanno in his Friday Disarmament Conference Geneva speech said future discussions meant “taking into account all Russian nuclear weapons [strategic and tactical], both novel and existing strategic systems.” DiNanno specifically mentioned Russia’s “nuclear-powered Skyfall cruise missile and its doomsday Poseidon [nuclear strategic] torpedo. New START constrained neither of these systems and Russia has successfully tested both within the last few months.”

Faced with Russia and China, two potentially peer nuclear powers, both Gottemoeller and Richard agreed about the need for the U.S. to increase its nuclear forces.

Gottemoeller said, “I actually agree with the notion that we need to think carefully about the threat that is presented by two nuclear peers by China and by the Russian Federation going forward. And we need to make judicious choices juxtaposed against the other demands on our defense budget. And I mentioned the conventional force posture, but also the new technologies that are coming our way and must be judiciously incorporated into our new weapon systems as well as the whole arena of cyber threats and how we are going to contest the Russians and the China Chinese in that space.”

Richard was much more specific. He said, “I think that the United States needs to immediately start taking steps, steps that are currently precluded by the New START treaty…to include uploading [currently stored U.S. nuclear] warheads to our intercontinental ballistic missiles, removing covers off the four [launch] tubes on our Trident [strategic] submarines that are currently empty [of strategic nuclear sea-launched ballistic missiles], and several other posture steps that should be taken now, and not a year from now.”

At Geneva Friday, Under Secretary DiNanno raised questions about “Russian and Chinese nuclear testing in violation of their respective moratoria on yield-producing nuclear tests.” He said, “The annual U.S. compliance report has previously assessed that Russia has failed to maintain its testing moratorium by conducting supercritical nuclear weapons tests.”

DiNanno also disclosed, “Today, I can reveal that the U.S. Government is aware that China has conducted nuclear explosive tests, including preparing for tests with designated yields in the hundreds of tons…China has used decoupling – a method to decrease the effectiveness of seismic monitoring – to hide their activities from the world. China conducted one such yield producing nuclear test on June 22 of 2020.”

However, at the Senate hearing, Sen. Jacky Rosen (D-Nev.), talked about the Nevada National Security Sites where the U.S. has carried out its nuclear testing saying, “Today the site's underground laboratory is undergoing major mining and construction to provide enhanced capabilities for sub-critical experiments [that are allowed because they don’t involve a nuclear yield] and it will host in the near future two of the most capable weapons radiographic systems in the world.”

Rosen added, “Together with other efforts, these machines will provide greater certainty and data about the performance of the U.S. nuclear stockpile. Far better data, experts say, than the information that could be gleaned if the U.S. were to break the [1992] moratorium [on underground nuclear testing] and conduct an explosive nuclear test, as the President [Trump] and some in his orbit have advocated.”

Rosen then got ret.-Adm. Richard to agree that while he was STRATCOM commander four years ago, U.S. sub-critical experiments and robust computer modeling provided data that led him to certify the military effectiveness of our stockpile without the need to resume explosive testing.

Gottemoeller added, “President Putin himself said that they would only resume testing on a

reciprocal basis with the United States. So, I would expect that to be the outcome. And I do expect that it would disadvantage us, you know, because we conducted more explosive nuclear tests than any nuclear weapon state. We have more data available to us with which we are able to do a massive amount of calculation and other activities in order to assure our stockpile is safe,

secure and effective.”

Gottemoeller and Richard both delivered their own views on the advantages of arms control.

“Stable deterrence is driven by predictability and nuclear negotiations done right deliver predictability,” Gottemoeller said. She added, “The effect comes about because restraints on our opponents reached through agreement bolster predictability which in turn supports our nuclear forces in their drive for reliable, stable and effective deterrence. Lack of predictability by contrast feeds uncertainty about the status of the nuclear forces among our adversaries, which means we may end up spending more than we have to on nuclear weapons and their delivery vehicles.”

Richard said, “Our entire nuclear deterrence posture is designed to, by threat of escalation, convince your opponent -- have a perception in your opponent's mind -- that restraint, inaction is their least bad course of action. And that has been successful for over 60 years in deterring not only nuclear attack on the United States and our allies, but has made a great contribution to the deterrence of great power war.”

I want to close with a reminder that I often use when discussing nuclear weapons. That is to remind readers the original handful of nuclear weapons were built by U.S. scientists, including Dr. J. Robert Oppenheimer, as terror weapons, to kill as many people as possible to end a war – not to fight one.

And as ret.-Adm. Richard noted above, despite the much too large a number of both tactical and strategic nuclear weapons that have since been built and exist today, none has been used in a war situation since two were used in 1945, and they did end a war.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because national security is everyone’s business.

The Former Head of NSA on the Future of U.S. Cybersecurity

EXPERT INTERVIEW -- General Paul Nakasone (ret.) has spent a career at the very center of America's most invisible battlefields. He has served as both director of the National Security Agency and commander of U.S. Cyber Command, two roles that sit at the intersection of intelligence, technology, and modern warfare. During his tenure, cyber operations moved from the shadows into daily strategic competition as the United States confronted persistent threats from China, Russia, Iran, and criminal networks operating at a nation state scale.

General Nakasone prioritized a doctrine of persistent engagement, challenging adversaries continuously in cyberspace rather than reacting to incidents after the fact. It was a shift that reshaped how the U.S. thinks about deterrence, escalation, and defense in a digital age. It feels even more important today, as artificial intelligence accelerates decision-making and blurs the lines between peace and conflict.

Since retiring, General Nakasone is continuing his mission as the founding director of Vanderbilt University's Institute of National Security. He also serves as a board member and advisor to some of the world's leading technology companies. General Nakasone is also being recognized with this year’s Impact in Cyber Award, being presented at The Cipher Brief Honors Dinner in Washington in March.

I spoke with General Nakasone on Friday for the State Secrets Podcast. Below are highlights from the conversation, lightly edited for length and clarity. You can also listen to the full interview of the State Secrets podcast available wherever you listen to podcasts.

General Paul Nakasone (Ret.)

General Paul Nakasone (Ret.) served as Director of the National Security Agency (NSA) and Commander of the U.S. Cyber Command from May 2018 to February 2024.

THE INTERVIEW

Kelly: You've argued that persistent engagement really changed the cyber battlefield. Looking back, where do you think it succeeded beyond expectations and where did it fall short against adversaries like China and Russia?

Gen. Nakasone: I think when we think about cyber, remember, this is a very dynamic environment. When I took over as both the commander and director in 2018, we were coming out of the 2016 elections. And one of the guidance points from President Trump and the secretary of defense was that we can't let this happen again. We cannot have a foreign nation attempt to influence our elections.

We looked at what we had done and what had occurred and we came to the realization that this is not an episodic event where we can just come and do our business and then leave. We must be engaged every single day. And so this idea of persistently engaging with our adversaries was born. It worked quite well in terms of the security of the 2018, 2020, 2022 and 2024 elections. It's worked against a series of different adversaries, Iran, Russia and China. But I think the point is that the environment is dynamic. To your point, as we look at greater scale and scope of adversaries like the Chinese, persistent engagement must also change. We need new partners, new techniques and new technologies. Those are things that we must be able to look at and be able to practice every single day.

Kelly: Midterm elections are coming up later this year. There is certain to be a lot of politics and political messaging around those elections. What are you focused on strictly from a cybersecurity awareness perspective when it comes to securing the midterms?

Gen. Nakasone: As a private citizen, I'm very, very interested in what foreign adversaries might try to do to influence our election. That's what the National Security Agency and U.S. Cyber Commander focused outside of the United States. I want to make sure that there is no nation that can influence what goes on in our electoral processes. That was what I was doing as a military member, and that's what I'm focused on now as a private citizen.

Kelly: Is there more that you can do from the private sector side in terms education? What are you trying to do at Vanderbilt?

Gen. Nakasone: We're really trying to do three things at the Institute of National Security. First, we’re building the next generation of national security leaders. Whether those leaders are in the private sector or the public sector - it's very, very important that we're able to do that.

The second thing we're trying to do is to provide pragmatism to theory. This is one of the things that Vanderbilt and our Institute takes great pride in by saying, ‘Hey, there's a lot of theory out there, but let's make a pragmatic approach to securing the critical infrastructure or looking at new ways in terms of being able to identify and solve hard problems.’

And the third thing we do is we educate. I mean, that's what great universities do. That's what Vanderbilt does. Whether we’re educating our students or whether we’re educating our faculty or whether we’re educating the broader public, that's what we're trying to do at the Institute of National Security.

Kelly: Cyber deterrence is an issue that comes up a lot. Is cyber deterrence something that exists today or are we still stuck in this model of continuous contact without any clear red lines?

Gen. Nakasone: I don't think cyber deterrence is the same thing as nuclear deterrence. Certainly, that's not an analogy I would use. But here's what I would use: we need to be very, very proactive in what we do to be able to secure the domain that we utilize for so many things every single day. And so again, this idea of persistent engagement, I would tell you that that's the right way we've got to approach it. But we need greater partnerships, we need greater technology with greater scope. And I think there are new ideas that need to come to fruition here. So, as the national cyber director gets ready to release his national strategy, I look forward to what he's going to say about how we involve academia or the private sector or private citizens in terms of what we can do to secure this domain that's so important to our nation.

Kelly: There's a whole lot of breath holding over when that national strategy will be released. What are some of the key components of the new strategy that you hope to see?

Nakasone: I'm hopeful to see a very, very strong focus on partnerships. What is it that the government does best? What is it that the private sector does best? What do we, as private citizens need to be able to do? I'm also looking for a component of, ‘How do we look at this and look at our threats differently?’ There's a broad range of threats that we face in cyber states, nation states, non-nation states, criminals. These are all different areas that need different approaches. I'm looking for a strategy that can take care of all of that. And any great strategy should motivate us, should make us think, ‘Wow, this is exactly the way we want to be able to do things and to conduct ourselves to solve these tough problems.’

Kelly: You talk a lot about partnerships. I'm proud to say that Sir Richard Moore, who just recently stepped down as the chief of MI6, is also a fellow honoree at this year's Cipher Brief Honors Awards for his impact through alliances, because alliances and partnerships are so critical. Can you talk a little bit more about how you see partnerships evolving in the future given how dramatically technology is changing the battlefield in cyber?

Gen. Nakasone: Before I talk about that, let me just take a step back and congratulate my fellow honorees, Gilman Louie and Sir Richard Moore and Janet Braun and David Ignatius. These are true giants of what has gone on. I think to be mentioned in this same category of honorees, is really very humbling. I congratulate each one of them. And I'm really looking forward to the HONORS dinner on the 13th of March.

With regards to partnerships, we just had the honor of hosting Sir Richard Moore at Vanderbilt University for a talk. And one of the things that we both agree on very strongly is that we're much better together than we are separately. What I'm always trying to emphasize in partnerships is that we can do things much better collectively than we can alone. As you take a look at what Richard Moore has done throughout his entire life, it's been a series of incredible partnerships that he's been able to foster. I feel the same way. This partnership needs to expand, it needs to be broader and it needs to be inclusive of more nations, more technologies, more industries that can help us be even more secure in the future.

Kelly: Let’s talk about China. What do think Beijing has learned from Russia's performance in Ukraine and do you think anything surprised them?

Gen. Nakasone: I think the first thing that they probably were surprised at is how much the United States intelligence community knew about what was going to take place on the 24th of February 2022. And the administration released that information publicly. I'm sure that shocked the Chinese.

The second thing I think they learned is that the Russians were not that good. And what has occurred over the past three plus years of seeing the loss of life and the loss of equipment, that must have really provided a pause to the Chinese as they think about the future.

The third thing that they've clearly demonstrated is that they've learned they cannot stop supporting Russia. They are the number one supporter of what Russia has been able to do in Ukraine - and continues to do. And even with that, they have not been able to overcome the Ukrainians. Those are the three lessons that I think the Chinese probably have thought about as they look back on the three plus years of this conflict.

Kelly: Do you think China is more likely to use cyber operations as a prelude to any kind of kinetic conflict with Taiwan?

Gen. Nakasone: One of the things that I think the department and certainly I have agreed with is that probably the first shots of any future conflicts are going to take place in cyber and space. And I would include space in that as well. Space is a competitive advantage for our nation, just as cyber is. But as any adversary looks to the future, I don't think they say, ‘Hey, let's go ahead and just wait for this conflict to take place. Let's make sure if we're going to take on the United States that we nullify their competitive advantages’ and the competitive advantages begin with space and cyber.

Kelly: Kevin Mandia, whom you’ve worked with over the course of your career, told how incredibly good Russia is in cyber. They once sort of dominated the cyber conversation. Do you think they're still a top tier cyber adversary? Or has the war in Ukraine exposed a lot of their structural weaknesses?

Gen. Nakasone: I would agree with Kevin that they are a top power in terms of their cyber capabilities, but they're not the best power. Of our adversaries, clearly, it's the Chinese. In the sense of their scale and their scope of what they're able to do, it's much different than what the Russians can do. But there's no one, none of our adversaries today can replace what the Russians are able to do in the information operations space. They are masters at it. And I think that's one of the ways I think about vigilance in the future. I think about how we protect ourselves from that.

Kelly: Let's talk about technology. You focus so much on this. AI is rapidly changing, intelligence collection and analysis also. What do you think is the most dangerous misconception that policymakers have about AI's role in national security right now?

Gen. Nakasone: If we're going to talk about AI, the first thing we need to do is return to the advent of ChatGPT in November of 2022. What have we seen in terms of change? And this is one of the things that I think is important for all of us to realize in what a little over three years, we have seen prompts go to text, to video, to recordings, to reasoning, to deep research. And now to agents. This is the landscape upon which we see AI operating today. I think one of the great misconceptions about artificial intelligence is believing we can just go ahead and put in a prompt and that’s all that’s going to occur. It's not that simple. It still requires a human component to what you're going to do. If you want to be a power in AI, you need four things. You need chips, you need data, you need energy. And the final thing is you need talent. And those are the four components that I think most people don't think about when they think about artificial intelligence.

Kelly: At what point do you think AI stops being an enabler and starts becoming a vulnerability, especially inside military and intelligence decision-making loops?

Nakasone: Artificial intelligence is just like cyber. It’s really just like any capability. It has both its strengths and weaknesses. If we focus on agents, they will able to do all of these things for us. But you're going to want to understand what they're doing, and then protect those agents from those that may try to make the agents do something they shouldn't be doing. One of the things that artificial intelligence shows us is that there are great capabilities here. But there are also incredible challenges with regard to being able to have visibility on them, have control over them, protect them, and then be able to truly understand what they've done.

Kelly: Should the U.S. be willing to accept less explainability in AI systems in exchange for speed and advantage?

Gen. Nakasone: Whenever we talk about a technology, there must be transparency of that technology. We must have a degree of security and feeling of safety that this technology is going to be utilized and that it comports with our norms and values - that it does things we want it to do. This is important. When I think about that, speed is an incredibly important capability of artificial intelligence. But I would also say security is the other ‘S’ that we can't ever forget.

Kelly: What does the next five or ten years look like to you?

Gen. Nakasone: One of the things we don't talk a lot about that I'm very excited about is being able to use artificial intelligence in an enterprise manner, being able to use these models to take a look at code and correct bad code, that is really the responsibility for the vast majority of weaknesses in our cybersecurity posture and is one of the things that we should be able to correct immediately.

The second thing is, wouldn't it be wonderful if we can continue to use artificial intelligence to discover new cures, new medicines for diseases that we have not been able to be able to address in our lifetimes? And the final thing I'm really excited about is using artificial intelligence for education - being able to look at a broad classroom of users – both the smartest and those that are struggling – and giving them the same ability to advance given the fact that this artificial intelligence is almost like a tutor to those students. That's a fairly heady thing that I think about when I think about the next five years.

Kelly: You also sit on several boards and serve as an advisor to a number of companies. I'm wondering from that position, do you see the cyber landscape any differently than you did when you were serving in government?

Gen. Nakasone: One of the things I’ve certainly realized, and I realized it to a degree as the director of NSA and as commander of U.S. Cyber Command, but that I realize even more fully now, is the power of ingenuity within our private sector. If you look at what is being done in places like Silicon Valley and Austin and Seattle and Boston and in Nashville and other places throughout the United States, it's truly amazing. And I say that as we look at our future, one of the things that I always emphasize to audiences is that our government should be focused on the things that we have competitive advantage in. And everything else - we should have our partners do. So, I'll bring that back to the National Security Agency.

No one breaks code or makes code better than the NSA. Everything else, we should have partners with. That's a little bit of my realization as I've made the journey from military officer to private citizen.

Kelly: Now that you’re in the private sector, how do you feel about the dual-hatted role over NSA and Cyber Command?

Gen. Nakasone: My thoughts on the dual hat really haven't changed since I was the commander and the director for six years. And that is within a domain of cyberspace where speed, agility and unity of effort really matter. Having one person that directs both organizations, one that has all of the authorities to do what we need to do to defend and to provide offensive capabilities in cyberspace, and one that has the intelligence components and capabilities that are second to none in the intelligence community, is important. Having one person direct that and say, this is what we need to focus on, is an advantage to the nation, particularly when we have a series of adversaries that at times have larger components than what we do. I think that this is really the secret sauce for what we do in cyberspace.

Kelly: What lessons have you learned from that model?

Gen. Nakasone: I want to share two lessons that I think are relevant for those that are in the private sector. The first is among the best pieces of advice I received early on in my tenure. It was from a retired four-star who said to me, ‘Paul, these two jobs are easy.’ And it was like, you know, day three of my tenure and I could barely find my desk. And he said something that I never forgot. He said, ‘What is it that only you can do that the organizations depend on you to do? And once you figure that out, you'll focus your time on those things.’ It took me a little while to really understand truly what it was that only I could do as both the head of NSA and of Cyber Command. But once I did, that's what I focused on. And that really allowed me to be able to shine a light on the areas that we had to and to get after and understand better the challenges to our nation.

The second piece of advice I received was also really important. And that was that you must be able to communicate. You must be able to talk to a number of different audiences; Congress or the White House or the Secretary of Defense or your own workforce. I really learned very early on that being able to communicate was one of the things that I had to do effectively. And being able to communicate not only with those in government, but also the public sector and for someone who spent his life in the intelligence community, talking in a room of people who were listening and asking questions was something that I had to become comfortable with.

Kelly: NSA is going through a shift since the former commander was dismissed last year and don’t have a confirmed leader yet.

Gen. Nakasone: I'm really excited that Josh Rudd now has been to his confirmation hearings. I would anticipate that he's been voted out of committees, that he'd be confirmed very, very soon. And having a confirmed leader of both organizations is really the true good news story here moving forward. We need to look forward, not in the rear-view mirror, and being able to think about what are the things that he's going to need to have from a broad area of partners to help him be successful. I think about anything that we can do to make his tenure even more successful.

Kelly: When you held those roles, there was really an evolution in the partnerships between the private sector and government. Do you see that evolving under the next director as well?

Gen. Nakasone: I think it must. If you're going to look at having capacity and capability in cyberspace, you must have a series of partnerships with the private sector. And that includes both the National Security Agency and U.S. Cyber Command. But I think the partnerships don't start there. It's also international partners that I think that are really important. I think that there's a series of academic partners. Certainly, we at Vanderbilt University look forward to being a great partner to the new commander and director. But I also think there are a series of partnerships today that perhaps we haven't even thought about. Partnerships with perhaps non-government organizations or partnerships with other entities that have placement and stature within cyberspace that can assist us.

Kelly: You've worked for multiple administrations and you've done a tremendous job remaining very apolitical. In an era of election interference, of deepfakes and information warfare, how do you think the military stays neutral while defending the system? This is something that's on everyone's mind in Washington and you really seem to be very successfully navigating a difficult space.

Gen. Nakasone: First, I think that that the U.S. military and our military officers need to remember what has been an incredibly successful civil-military partnership. And remember that we work for our elected leaders. And I think it's important that we're very, very conscious of anything that we say, whether we're in uniform or out of uniform, that can be construed as being critical or being supportive or anything like that with regards to our political leaders. We have a mission to defend the Constitution.

We also have a focus outside the United States and being able to continue to do that is something that's very, very important to us. And continued civil discourse is one of the things that I really hope continues to improve and being able to listen to people and understand that they may have a radically different opinion than your own. Listening is the first part of understanding. I think that would be one of the things that I hope our future leaders continue to remember.

Kelly: Let’s close with what’s happening outside the U.S. If you had to describe to the average American how serious the threat is from China, how would describe it?

Gen. Nakasone: I think when you consider China or any adversary, one of the things you should measure is what their capabilities are in terms of their military, their economic stature, their informational powers, and even their diplomatic capabilities.

If you look at China today, think about their economy. Fifty years ago, when President Nixon went to China, they had a gross domestic product of $114 billion. Today, it's approaching $18 trillion. And to give you perspective, our gross domestic product in the United States is about $25 trillion. There's been incredible, incredible growth in their economy. Today, they're the number one manufacturer in the world. The next nine countries cannot equal the percentage of manufacturing that takes place in China every single day. Militarily, they have the largest Navy in the world - not the best - but the largest.

If you look at their information capabilities, think about TikTok. Over 60 % of the United States clicks on TikTok every single day to get their news. And then if you look at their diplomatic prowess, they've been able to establish a series of partnerships through the Belt and Road Initiative and being able to obviously bring on several partners that were never ever available to them in the past. This is a nation that has increasing capabilities and has designs not just on being a regional power but being a global power.

That's something that we as Americans need to think very hard about. And if you look at our values and what we stand for, they are dramatically different than what China stands for.

Kelly: Is there anything on your mind that I didn't ask you?

Gen. Nakasone: Let me just come back to what I do as my focus and my passion right now, which is continuing to educate the next generation of young people that are going to be part of our national security apparatus. People ask me whether I’m positive about our future. I would tell you, I am extremely positive about our future because I get to work with some of the smartest young people in America at Vanderbilt University every single day. When I look at the 18 to 20-year-olds, 22-year-olds that are thinking about the opportunities and challenges that face them, this is truly one of the things that I think provides a great dynamism to our nation.

As we close today, I would tell you that I'm incredibly optimistic as I look to the future with the young people who are coming up and I look forward to seeing what they're going to do in their lifetimes.

Read more expert insights into national security in The Cipher Brief. And find out more about The Cipher Brief HONORS Awards happening March 13 in Washington D.C.

Xi Jinping Tightens Grip as China’s Military Purge Deepens

OPINION — In China, the Chinese Communist Party (CCP) “commands the gun”, and Chinese President Xi Jinping controls the one million members of the CCP. In October 2022, Mr. Xi was elected to an unprecedented third term as Secretary General of the CCP and President of the People’s Republic of China.

Mr. Xi succeeded Hu Jintao as Secretary General in November 2012 and immediately proceeded to expel Politburo member Bo Xilai from the CCP and Zhou Yongkang in 2014, responsible for China’s security services and one of nine-members of the powerful Standing Committee of the Politburo. This was the beginning of Mr. Xi’s anti-corruption campaign – and the removal of political rivals.

The anti-corruption campaign continues, with over 115 senior officials investigated in 2025 and reportedly over 60 punished.

But what got the public’s attention was the removal of defense ministers Wei Feng he and Li Shangfu in October 2023 and June 2024. Then in 2025 the removal of General He Wei Dong, Vice Chairman of the nine-member Central Military Commission (CMC), for “serious violations of Party discipline” and Admiral Miao Hua, Director of the CMC’s Political Work Department.

Also removed from the CCP in October 2025 were eight additional senior military officials, to include Lin Xiangyang, former commander of the Eastern Theatre Command responsible for Taiwan; Wang Houbin, former commander of the Rocket Force, responsible for China’s nuclear and missile programs and Wang Chunning, former commander of the People’s Armed Police.

During the 1970s and 80s, both General He Weidong and Admiral Miao Hua were assigned to the 31 Group Army in Fujian Province, responsible for any potential military operations against Taiwan.

And now, in January 2026, Mr. Xi continued with his purge of the military, with the removal of General Zhang Youxia, senior Vice Chairman of the CMC and China’s most senior general and General Liu Zhenli, Chief of CMC’s Joint Staff Department responsible for planning and operations. Both generals are accused of committing severe violations of party discipline and state laws.

General Zhang is also a member of the Politburo and a close associate of Mr. Xi. Their fathers fought together in the Chinese civil war with Mao Zedong’s forces that eventually prevailed in 1949. For Mr. Xi to purge a fellow “princeling” – descendants of revolutionary elders – must have shocked senior officials in Beijing wondering when does this hollowing-out of seniors in the military stop, and if they’re next.

General Zhang. as vice chairman of the CMC, had direct responsibility for military strategies concerning Taiwan. He was responsible for planning for potential conflict with Taiwan. General Zhang was an outspoken proponent of forceful unification, saying the military would “show no mercy” if Taiwan declared independence.

In late December 2025, China’s military conducted large-scale drills around Taiwan – “Justice Mission 2025.” This was the sixth major exercise since 2022, simulating a full blockade of Taiwan, with naval vessels and aircraft testing joint operational capabilities; deploying warships, bombers, and fighter jets to encircle Taiwan. The exercise was designed to test China’s ability to seal off Taiwan’s major ports, while simulating strikes on land and sea targets.

These “gray zone” tactics were meant to intimidate the public and exhaust Taiwan’s defense resources.

It is quite possible that Mr. Xi removed generals Zhang Youxia, He Wei Dong and Liu Zhenli, all members of the 7-member CMC designed for rapid decision-making and China’s highest military command, with Mr. Xi as its chairman, due to disagreements over Taiwan. All these generals, and general Lin Xiangyang, former commander of the Eastern Theatre Command responsible for Taiwan, were responsible for military operations against Taiwan.

Mr. Xi demands loyalty from all CCP and military colleagues. It’s possible that Mr. Xi’s military colleagues were pushing for a kinetic move against Taiwan in 2027, a date that Mr. Xi said China would have the military capability to kinetically move against Taiwan.

It appears to me that Mr. Xi was not prepared for a kinetic move against Taiwan, despite what his military generals were strongly advocating. And when Mr. Xi got push back from his generals, he removed them. In China, the CCP controls the gun, and Mr. Xi controls the CCP.

The author is the former Associate Director of National Intelligence. All statements of fact, opinion or analysis expressed are those of the author and do not reflect the official positions or views of the U.S. government. Nothing in the contents should be construed as asserting or implying U.S government authentication of information or endorsement of the author’s views.

This column by Cipher Brief Expert Ambassador Joseph DeTrani was first published in The Washington Times
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

From Secrets to Sensors: Why Open Source Data Must Drive Modern Intelligence

THE BLUF / COLUMN — The Department of Defense is on a tear to revamp technology for warfighters. Secretary Hegseth signed an AI strategy on 9 January. Prior to that he called for an Enterprise Command and Control Program Office that would provide a real time battlespace picture for military commanders, something that has been talked about for years but never completed. The urgency is clear. The intelligence community must play a large part in this Department of Defense technology transformation if it wants to remain relevant to the warfighter and decision makers. Key for the intelligence community will be to fundamentally rethink its relationship with open-source data. To be most useful for the decision makers and operators, the intelligence community must rebuild itself on the backbone of open-source data and commercial technology.

Not only is data important but because of the volume and complexity of that data, so is the technology that can sift through the data. Public domain data must be the first place to gather trends and threat warnings that feed the many watch centers across the department of defense and intelligence community which should be the basis of the enterprise command and control picture. Much of the technology already exists for sifting through the data; fusing it into one picture will be a feat. The intelligence community, however, must make cultural changes first to accept the importance of the technology and public data, and secondly to acquire the technology and data on a timely basis.

Need for Change

The intelligence community has struggled with adopting the reality that to remain relevant, it must embrace publicly and commercially available data into its threat and warning process and use the powerful technologies that the commercial world is developing to sift through that data. There has been much work in this area across the intelligence community and some of it has been groundbreaking but the work has not been comprehensive, integrated, or fast. There are boutique enterprises that have developed their own high-tech way forward but when it comes to scaling such technology across the intelligence community or within the Defense Intelligence Enterprise, the hurdles are huge. Each intelligence agency claims its own security issues and erects fences against cross intelligence technology modernization. Even organizations like the Defense Innovation Unit or IN-Q-TEL focus on discreet requirements, not the wholesale cultural change needed to bring in the latest commercial technology that can support warning and security. Neither the Director of National Intelligence nor the Office of the Secretary of Defense for Intelligence and Security have been able to lead the intelligence community to making this cultural and technology change a key priority. As the largest part of the intelligence community, the Defense Intelligence Enterprise needs to lead the way in developing a high tech, open source, data rich environment for its customer base. Military commanders need a real-time, complete, and high-quality battlespace picture to quickly make informed decisions, take direct actions, and assess the high volume of potential targets and threats.

The capabilities that are available for plugging into this warning and targeting picture are endless. For example:

Warning Against Biological Events: Technical sensors and human sensors worldwide record biological events and provide data on disease upticks and hazardous environments. Environmental & Biosensors are global and are critical tools for detecting, quantifying, and interpreting dynamic changes in environmental or biological systems. There are multiple crowd sourced disease outbreak platforms. Biosensors, local reporting, and crowdsourcing technologies monitor everything from air and water quality to metabolic and cellular activity in real time. Technology can combine these complex platforms and sensors to read the data and provide intelligence analysts a real time global map of trends ad anomalies, that once fused with other intelligence could lead to early detection of a pandemic, an industrial or environmental bio event, or development of a WMD. Such a real time platform, based on open source data would also support military and clandestine operations by providing information to the operator about the environment they will encounter. Such maps are currently available either through a subscription or to the public but not one that fuses all this data.

Humans as Sensors: Combing through social media to provide on the ground sentiment analysis can help intelligence analysts provide warning of threats or instability or to provide information on how populations are responding to real time events. This commercial tool, used heavily by marketing firms, can augment State Department and other reporting on in country sentiments and provide insights into socio cultural priorities and concerns.

BLOCK Chain Intelligence: Blockchain intelligence can enable proactive disruption and analysis of adversaries by providing data on how they are using virtual assets for revenue generation. This process allows provides a high-level overview of a country's cryptocurrency usage, which could provide valuable insights into the nation’s overall economic health and strategy. It also provides detailed information on an individual or entity’s financial activities that can illuminate patterns and processes. The importance of blockchain analysis was underscored in 2024 when the US Senate Committee on Armed Services recommended that the Department of Defense (DOD) explore blockchain technology to potentially revolutionize national security. In the committee’s 2025 National Defense Authorization Act (NDAA), they instructed the Secretary of Defense to investigate and test potential blockchain applications for DoD.

As the Department of Defense has made clear, commercial solutions for trend analysis, finding anomalies, and providing data for decision makers are abundant. The intelligence community already has some of these abilities. What is missing is the fusion of this data into one picture and the ability to use the tools at scale.

Starting with Cultural Change

In order to provide the intelligence needed for an increasingly complex world, we need to fundamentally change the practice of intelligence to accept the importance of publicly available and commercially available data. Additionally, the intelligence cycle needs to change. The intelligence cycle needs to start with open source information and data. This means that the intelligence community also needs to incorporate the technology and the algorithms that will allow today’s intelligence professionals to see trends, anomalies, and threats in that data. This data then should be fused with intelligence collected by the traditional intelligence disciplines to provide decisionmakers and operators with all the information they need to perform their jobs.

Further, to demonstrate the importance of harnessing the publicly and commercially available data, the intelligence community must develop an open source center that brings together the myriad open source/PAI/CAI and data sifting technologies that industry currently is building. The high-tech center would be the first step for intelligence analysts of all types in building threat and warning analysis and targeting. This center would be a place where the US and its allies could share data and techniques to build a global warning picture. It would be the intelligence community’s beginning of the Enterprise Command and Control picture or the Common Intelligence Picture.

We will need creativity and leadership to move forward with this generational change in how the intelligence community does business. If this major shakeup does not begin soon, the US will lose its edge and remarkable, intelligence driven operations like Absolute Resolve will become amazing stories of American glory that we recount to our grandchildren. The change can happen now

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

The Kremlin Files: Russian Double Agents and Operational Games

THE KREMLIN FILES / COLUMN — There are similarities among intelligence agencies worldwide. All professional services rely on tradecraft to recruit and manage assets. They all operate within bureaucratic systems and ultimately answer to political leaders. At a basic level, espionage tradecraft is a common professional language. However, Russian intelligence services (RIS) differ significantly from their Western counterparts in several key aspects. First, their primary mission is not to serve the interests of the Russian people, nor to protect the country's constitution; instead, their loyalty is to the regime and Putin’s personal political survival. And secondly, in terms of tradecraft, they differ from the CIA and other Western services in their approach and tactics. One of the most important—and often misunderstood—aspects of Russian intelligence is their use of double agents, known in Russian intelligence doctrine as operational games (operativnye igry).

For Russian intelligence, operational games are not just niche skills or occasional counterintelligence tactics. They are fundamental. Double agent operations are central to how Russian agencies define success, justify their importance, and maintain their institutional identity. Whether other collection methods succeed or fail, the RIS reliably and continually default back to operational games. Therefore, understanding how and why the RIS use double agents is essential to understanding Russian intelligence itself.

Before examining how these operations work, it is important to get the terminology right, and something that even experienced national security reporters, espionage writers, and analysts in the West frequently get wrong. The term double agent is often misapplied to describe penetrations of one intelligence service by another. In reality, these are two very different phenomena.

A penetration is an agent who betrays their own service to spy for a foreign power. Aldrich Ames, who recently passed away three decades after he was arrested, was a traitor and a penetration of the CIA by Russian intelligence. He was not a double agent.

A double agent, by contrast, is an intelligence asset who is knowingly and deliberately directed by one service to engage another in espionage. The controlling service uses that agent to feed information (called feed material) —true, false, or mixed—to the adversary. They do so to simultaneously study the adversary’s tradecraft, collection priorities, and decision-making.

In the Russian system, double agents also serve a bureaucratic function: they generate statistics, “success stories,” and operational narratives that demonstrate effectiveness to political overseers and ultimately to Putin himself. Putin knows this; after all, he was a Lieutenant Colonel in the KGB Second Chief Directorate (responsible for Counterintelligence for the USSR), and he later headed the FSB himself.

Need a daily dose of reality on national and global security issues? Subscribe to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

Double agents are used in the West and by the U.S. services, but we don’t lie to our government about the origins of the cases or pretend they are real counterintelligence successes when they reach their conclusion. The distinction is not academic. It lies at the heart of how Russian intelligence thinks about espionage. Every year, the FSB publishes an annual report and claims statistics on hundreds of alleged spies it has caught. The vast majority of them are invented, manufactured, or the FSB’s own double agents. In other words, they are not real cases.

Russian services employ multiple varieties of double agents and operational games. They have many names, including the initsiativnik, which is a false volunteer who often “walks in” to an embassy. Also used is the podstava, or dangle, in which Russian services will use the routine of an intelligence officer, diplomat, or journalist and insert the “dangle” right in front of the target at a gym, reception, or other function to appeal to the target. There are still more different varieties and names for other types of double agents.

These operations are not limited to targeting foreign intelligence services. They are also used against businesspeople, journalists, diplomats, nongovernmental organizations, and even Russian citizens themselves. The objective is often not solely intelligence collection, but also control, as the Russians say, to have the target “pod kontrolem,” or under 100% operational control and influence. That is why the Russians prefer, though not exclusively, to carry out double agent operations on Russian soil. Abroad, they are less confident that the SVR or GRU can fully control their double agent during meetings with the adversary.

The end goal is to ensnare, compromise, manipulate, arrest, or extort targets for recruitment and long-term exploitation. A few examples from history help illustrate Russian intelligence’s fixation on double agents, dating back to its earliest institutional roots.

The Cheka and later the NKVD/OGPU perfected operational games in the 1920s through landmark deceptions such as Operation TRUST. With the TRUST operation, the OGPU (Soviet counterintelligence at the time, another forerunner of the KGB) created a fictitious anti-Bolshevik underground to lure in Western intelligence services and Russian émigrés. TRUST sent intelligence officers to the West, or cooptees, who they intimidated to pose as members of this fake organization that claimed to stand against the Bolsheviks.

The operation ran for years, successfully feeding disinformation to multiple foreign services while identifying, neutralizing, or recruiting their agents. They often lured Russians home to “help in operations” only to have them arrested, interrogated, and usually shot in the back of the head in a Chekist-style vyshaya mera (highest measure) execution. The TRUST culminated in the capture of the famous British intelligence officer Sidney Reilly, one of the most celebrated spies of the era, who was executed in a similar fashion.

That double-agent tradition continued throughout the Cold War, when Soviet intelligence used double agents not merely to mislead adversaries but also to validate its own competence. Kim Philby, while often remembered in the West as a Soviet penetration of British intelligence, was also used as part of broader operational games to shape Western threat perceptions and protect other Soviet assets. Scores of Western intelligence officers or special operations team members were wrapped up in the Soviet Union or Eastern Europe immediately after World War II, the victims of KGB and OGPU/GRU operational games Philby had detailed to the USSR. Most were eventually executed.

In later decades, the KGB ran controlled double agents against Western services to exaggerate Soviet capabilities, mask vulnerabilities, and manipulate counterintelligence priorities. The Soviet KGB ran a wave of double-agents at the CIA in the late 1980s with false feed material to explain the 1985 U.S. intelligence losses. Rick Ames volunteered and compromised a dozen agents working for the CIA and FBI (Ames was not arrested till 1994). The KGB and later SVR used these operational games and false volunteers to protect him, trying to give CIA and the broader U.S. IC reasons why the compromise may have happened (Circle of Treason is a classic read on this period and all the various games the KGB was playing to protect Ames with false feeds to CIA and the FBI).

These operations reinforced an internal belief that intelligence success could be measured by how convincingly one could influence the enemy’s perception of reality. In Russian intelligence culture, the double agent is not an exception — it is the ideal. In today’s FSB, however, as well as their foreign counterparts, the SVR, the double agent too often is used to justify their very own existence, instead of paying dividends in terms of tradecraft learned or secrets protected. Operations like TRUST are mostly a relic of the past. Today, the FSB is too busy entrapping innocent foreigners like basketball players, teachers, and NGO workers.

The U.S. IC and our Western allies have learned over the decades that the FSB/SVR and GRU have presented double-agent cases to their political leadership as if they were genuine agents caught and arrested, all the while the case was simply that they were double agents. They feed statistics from the FSB each year about exaggerated intelligence operations—more than all the services in the world could carry out against Russia—and also claim to have thwarted all of them. These reports reach Putin and the Presidential Administration to justify larger budgets, which in turn breed more corruption and line the pockets of senior and middle managers.

This is not unique to Russia; it is often the case across the former Soviet countries of Central Asia, where many of the services remain close and subservient to the Russian FSB and SVR. These services, often serving despotic regimes, swear by double agent operations because, in many cases and over many years, the only “spies” they can really uncover are those they falsely created under a double agent operation. They use them against a range of unwitting foreign citizens, including in legitimate business practices, to extort them and their companies for money when brought up on false charges.

The practice has been expanded in recent years by the Russian FSB, particularly its counterintelligence division, DKRO (the Department of Counterintelligence Operations), which uses double agents against journalists, businesspeople, and others to trap them and hold them hostage for exchanges with the West. DKRO was responsible for the false arrest and imprisonment of Wall Street Journal reporter Evan Gershkovich before his 2024 swap with the West.

In sum, operational games and the double agents associated with them allow Russian intelligence to shape narratives, manufacture threats, and create the appearance of omnipresence. They are dirty tricks elevated to doctrine. And they remain one of Moscow’s most effective tools for compensating for broader institutional weaknesses.

All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author’s views.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

EU Takes Aim at Tehran: IRGC Terror Listing Opens New Front in Europe’s Iran Policy

OPINION — On January 29, Europe found its voice against Iran’s apparatus of terror. The European Union (EU) announced that it is adding Iran’s Islamic Revolutionary Guards Corps (IRGC) to its list of designated terrorist entities. The EU spent years mulling this step and taking half measures. Now, the EU and its member states must use this new much-needed tool broadly and effectively. The EU’s designation should mark the start of Europe’s campaign against the IRGC, not its end.

Formally listing the IRGC will give Europe important new authorities to limit Iranian attacks and plotting on their soil. The EU’s move also has major symbolic value, particularly at a time when the Iranian regime is under pressure at home and abroad.

The EU previously sanctioned some of the IRGC’s branches, leaders, and operatives. But EU member states resisted taking action against the IRGC in its entirety for several reasons, including European fears of Tehran’s reaction. Iran has long been vocal in its opposition to an IRGC designation, warning in recent days that an EU label would have “destructive consequences.” The U.S. unwillingness to lift its own Foreign Terrorist Organization listing of the IRGC was reportedly a key reason why U.S.-Iran negotiations fell apart during the Biden administration.

The EU designation comes on the heels of the Iranian regime’s bloody crackdown against its own outraged people. The EU’s decision—reached by consensus among its 27 member states—lends Europe’s united voice to the Iranian protestors’ indignation against their oppressors.

The EU action also sends a powerful message to Tehran that it should refrain from conducting attacks on European soil against its perceived enemies, particularly Iranian dissidents and Israeli and Jewish targets. European security officials express great concern about that risk now. Both the IRGC’s deadly Quds Force and Iran’s notorious Ministry of Intelligence and Security (MOIS) have conducted numerous terrorist plots in recent years in Europe, including in Sweden, Germany, Cyprus, and Belgium. Individual European governments have disrupted and prosecuted these networks and issued statements condemning Iranian behavior, but this is the most unified and strongest European stance to date.

With the EU designation, any IRGC assets in Europe are now subject to an asset freeze. It is now illegal to provide the group with funds or resources. The designation also requires EU member states to increase police and judicial cooperation on IRGC-related criminal matters. And the EU will impose a travel ban on IRGC members hoping to visit Europe.

The Europeans should now aim to use these tools vigorously. The IRGC has historically had near global reach, not only with its terrorist cells but with its procurement and financial networks. Uncovering and disrupting the IRGC’s networks and freezing their assets would weaken the corps’ capabilities to rearm, profit, and funnel materiel and finances to its proxies.

Europe can and should do much more to maximize the impact of the designation and impose real costs on the IRGC and its overlords. The EU’s 2013 designation of Hezbollah’s so-called “military wing” offers a good model for how an EU designation can empower both the EU and its member states.

First, the EU should ensure that Europol – the EU’s umbrella police agency – gets a key role in coordinating and supporting IRGC-related investigations across Europe, as Europol has done with Hezbollah. Before the EU’s designation, Europol’s ability to police the IRGC’s operatives in Europe was greatly limited. The IRGC’s many European plots often have a consistent modus operandi, including using criminal actors not associated with Iran to carry out attacks and thus offer Tehran a figleaf of deniability. Europol is uniquely positioned to see the whole picture and share relevant information with all EU member states.

For one model, look to Europol’s involvement in the complex multi-jurisdictional investigation of the Hezbollah financier Mohamad Nourredine, which involved multiple European governments as well as several U.S. law enforcement agencies. In 2018, he was convicted in a French court on multiple charges and sentenced to seven years in prison as part of a multi-country investigation codenamed “Operation Cedar.” Europol could use provide similar support in international investigations against IRGC operatives.

Since 2014, Europol has also played an integral role, along with the United States, in the Law Enforcement Coordination Group, the sole international body dedicated to countering Hezbollah’s terrorist and illicit activity. The EU should empower Europol to do likewise for the U.S.-led Countering Transnational Terrorism Forum, which focuses on Iran-linked terrorism.

Second, European governments must follow up on the EU’s actions and impose their own national bans and designations. Many European countries did just this against Hezbollah, including Germany, Slovenia, Austria, the United Kingdom, and the Baltics.

Take Germany, which shows how national-level actions can strengthen law enforcement and build on Brussels’s actions. In May 2020, Germany formally banned Hezbollah and conducted near simultaneous raids on several Hezbollah-linked organizations in the country. Germany is now prosecuting a Lebanese national allegedly tied to Hezbollah for procuring drone components for the terrorist group – a scheme that also took place in the U.K. and Spain.

The EU’s IRGC designation won’t tip the balance of power within Iran in favor of the protestors, but it can still help reduce Iran’s ability to stage vicious attacks abroad. The EU and its member states must robustly implement these new authorities for them to have the desperately needed effect.

Michael Jacobson, a senior fellow in The Washington Institute’s Reinhard Program on Counterterrorism and Intelligence, formerly served as director of strategy, plans, and initiatives in the State Department’s Counterterrorism Bureau.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

Should Western Tech Giants Partner With Pro-Hamas Network Al Jazeera?

OPINION — A few weeks ago, Al Jazeera named Google Cloud as its primary technology provider for “The Core,” a sweeping program designed to integrate generative artificial intelligence (AI) throughout its production process. The move, which further deepened the relationship between the two companies, should sound alarm bells for policymakers and anyone concerned with the accuracy, credibility, and transparency of the news media and information space, which impacts nearly every aspect of society.

The Core enables more efficient reporting and even drafts scripts that humans generally would otherwise write. Reporters can pull archival material in seconds, generate compelling data visualizations — visual stories — and synthetic images at planetary scale, and automate story planning, all through AI platforms built by Google.

However, it’s not the innovation that’s the problem but rather its use to generate and amplify adversarial state-funded and directed news with no warning labels to its global audience.

The Qatari state funds and oversees Al Jazeera, shaping editorial output. Because of its shared ideology with the Muslim Brotherhood, Al Jazeera’s content often reflects the lens of the Muslim Brotherhood, three branches of which the United States just designated as a terrorist organization. The Qatari outlet also has a history of producing content that glorifies terrorism. Tech companies that help Al Jazeera amplify its content using algorithms, AI, or other methods, advance Qatari foreign policy rather than reflecting independent media assessments on a wide range of worldviews.

Part of the Al Jazeera-Google program is “AJ-LLM,” described as the editorial brain of the system that will be trained on Al Jazeera’s archives and connected to Gemini Enterprise, according to the companies. Al Jazeera is already very prominently cited in large language models (LLMs) like ChatGPT and Claude in questions about the Gaza war, and Gemini could very well follow that trajectory with this expanded partnership.

While one reason Al Jazeera features prominently in LLM answers is because it has no paywall, new partnerships, including Google’s major expansion with Al Jazeera, may fuel its presence even more.

Al Jazeera assures there will be sufficient human oversight in the process. However, Al Jazeera’s current and historic content, with its anti-Western bias that amplifies the likes of Hamas, loaded into its LLM platform, will churn out faster, flashier versions of the same editorial product, in countless formats.

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

When users worldwide ask LLM’s about the conflict, they are frequently fed content from a media company that celebrates Hamas terrorist attacks and frames Israeli self-defense as aggression. Because these AI systems operate as black boxes with limited transparency, audiences may receive algorithmically amplified narratives that systematically favor Hamas and Muslim Brotherhood perspectives while appearing to be the product of neutral technological systems.

In May 2025, Google partnered with the Qatari Government Communications Office and the Al Jazeera Media Institute to train journalists in building digital-focused newsrooms. Participants included news directors, journalists, and representatives from various media organizations across Qatar’s media landscape.

What kind of messages do Al Jazeera trainers convey to journalists and diplomats who take their courses? The case of Muhammed Khamaiseh from the Al Jazeera Media Institute is instructive. In 2018, Khamaiseh posted, “Jews have been known for centuries to be cunning thinkers, and currently, the entire global economic system is under their control.” Khamaiseh had previously celebrated Hamas rocket attacks on Israeli civilians in 2014 and offered affection for Hamas after its kidnapping and murder of three Israeli teenagers. “This is why we love Hamas :D,” he wrote. Ironically, Khamaiseh is the author of “A Guide Avoiding Discrimination and Hate Speech in the Media, published by the Al Jazeera Media Institute.”

Qatar is an authoritarian nation, whose stringent media laws prohibit any criticism of Qatari leadership or policy, making Al Jazeera’s output anything but independent. The Department of Justice has determined that Al Jazeera is owned and directed by a foreign government. Congress has asked Justice to review whether the Qatari government should be required to register under the Foreign Agents Registration Act. DOJ has already required Al Jazeera’s AJ+ to register but the Qatari network has failed to do so.

Egypt, Jordan, Saudi Arabia, the United Arab Emirates, and Iraq are among the countries that have placed bans on Al Jazeera. Some bans remain on the Qatari channel. In addition, despite Al Jazeera posing as a savior of Palestinians, prominent Palestinians have long expressed concerns that Al Jazeera has stirred up regional hostilities and fomented violence, a problem that would be amplified if Al Jazeera’s cleverly designed content is recast as neutral algorithmic outputs. News consumers would be hard-pressed to find examples of Al Jazeera criticizing Hamas’s atrocities.

U.S. regulators should regard AI partnerships with foreign state-directed authoritarian media as they would regard sensitive technologies. They should trigger formal risk assessments. Congress should require companies with AI products to disclose the extent to which foreign state-directed media sources are used in training data, retrieval systems, or generated outputs. Absent such transparency, lawmakers and the public cannot evaluate the scale of foreign state influence embedded in AI-driven information systems.

Google should also require clear labeling when AI-generated news summaries or analytical outputs rely on content from foreign state-directed media organizations. Users should not be left to assume neutrality.

Preventing Americans and the global community from being manipulated by the Qatari state’s anti-Western, pro-extremist Al Jazeera content, even though it may be cloaked in high-tech flash, should be a top priority for both technology companies and policymakers. It’s time to pull back the curtain.

Toby Dershowitz is a senior advisor at the Foundation for Defense of Democracies, where Asher Boiskin is an intern. Follow them on X @TobyDersh and @asherboiskin.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

Inside the $35 Billion Plan to Track Hypersonic Missiles from Space

OPINION — “The Department of Defense’s Space Development Agency (SDA) is developing a new space-based architecture comprised of a large constellation of at least 300-500 satellites in low Earth orbit (LEO) to detect and track potential missile threats. This system will complement other space systems currently providing this capability. SDA is developing this new system in part in response to peer and near-peer competitors that are designing strategic and tactical hypersonic weapons that are not easily detected, identified, or tracked by current space-based missile warning systems.”

That’s a quote from a Government Accountability Office (GAO) report sent to Congress last Wednesday entitled MISSILE WARNING SATELLITES, Space Development Agency Should Be More Realistic and Transparent About Risks to Capability Delivery.

I’ve chosen to write about this report because it contains not only the best description of how complicated and costly just one aspect of missile defense has become, but also it provides the most understandable history of what’s been done up to now, along with the threats we face.

Known within the Defense Department (DoD) as the Proliferated Warfighter Space Architecture (PWSA) – and started in 2020 -- the plan, according to the GAO report, is “intended to provide space surveillance and communications for persistent, timely, global awareness [of missile threats] that is designed to operate in an increasingly contested space environment.”

DoD so far has committed nearly $11 billion to this effort, which is programmed to cost near $35 billion through fiscal year 2029.

While the PWSA deals with tracking an already launched missile and its warhead, there are two other elements of a missile warning system: Detecting the launch and communicating information within elements of the system.

Traditionally, missile threats have been detected and tracked because they are launched using powerful rocket boosters which produce heat and light making them easy to initially see and follow and predict their ballistic trajectories. Infrared sensors on space satellites can detect heat from launched missiles and booster plumes against Earth’s background

In 1970, DoD put in place the first Defense Support Program satellites, which used infrared sensors. These first satellites with infrared sensors, and the infrared systems that have followed, have operated from geosynchronous Earth orbits (GEO), which allow those satellites to stay fixed over a single, longitudinal spot located about 22,000 miles above Earth. This results in each GEO satellite maintaining constant observation of a specific area of the globe and collectively monitoring the entire planet.

In the mid-1990s, DoD developed the Space Based Infrared System (SBIRS) to replace and provide significantly more robust data than the Defense Support Program.

Wednesday’s GAO report said, “In recent years, DoD has identified emerging threats that these [SBIRS] systems may be unable to effectively warn or defend against. For example, Russia and China have successfully demonstrated hypersonic missile capabilities. In addition to new missile threats posed by potential adversaries, DoD has also publicly acknowledged emerging threats to our space assets. For example, DoD reported that China is developing additional counterspace capabilities including directed energy weapons, electronic warfare, and other anti-satellite weapons.”

According to the GAO, “U.S. missile warning satellites currently operating in GEO may be particularly vulnerable to these emerging threats because there are relatively few of them -- making them high-value targets -- and their location above Earth is effectively stationary and predictable.”

Approximately three DSP satellites of the original 23 DSP system remain in orbit with one maybe still operational. In addition, beginning in 2011 there have been six SBIR satellites put in orbit and SBIRS sensors placed on four additional host satellites.

The GAO report said, “SBIRS will soon be followed by the Next Generation Overhead Persistent Infrared (Next Gen OPIR) system, designed as an upgraded replacement for SBIRS, with sensors that are expected to have even greater sensitivity than current SBIRS sensors. While providing some enhanced capabilities, such as greater sensitivity, the Next Gen OPIR system is built around an architecture similar to existing systems now in GEO orbit.

DoD is also developing space-based laser communications technology to support large constellations of satellites for missions, including missile warning and data transport. However, a February 2025 GAO report found that DoD had “made progress in developing this technology, but it also faced delays and other issues -- and hasn't fully demonstrated that it works in space. Despite these challenges, DOD plans to continue to develop and launch hundreds of satellites worth billions of dollars that require the use of laser communications.”

DoD’s plan for the new PWSA missile satellites in LEO, internally referred to as the Tracking Layer, will complement the Next Gen OPIR satellites for what is termed missile warning/missile tracking (MW/MT) functions, and will use laser technology to communicate.

Because satellites in LEO are much closer to Earth than those in GEO, many more satellites are needed in a LEO-based constellation to achieve the same coverage as a single one in GEO.

The missile tracking satellites in LEO are traveling much faster relative to Earth’s surface and therefore each satellite can only observe a small section of Earth’s surface for a short time -- only about 10 minutes. This makes constellation development more complicated if constant global coverage is required.

“Some DoD officials say having a greater number of satellites performing MW/MT in LEO will result in greater resiliency for the constellation as a whole and the capability it provides,” the GAO report says, adding, “For example, if one satellite in a proliferated constellation is damaged -- whether intentionally or by natural environmental effects -- the constellation’s capability is degraded by a smaller margin than if the entire constellation was made up of only a handful of satellites.”

The current plan has been to develop a large constellation of tracking satellites in LEO, along with data transport layer satellites forming a communications network to provide mission data directly that will enable advanced missile tracking from LEO to ground stations.

A tracking satellite, according to the GAO report, is “comprised of a spacecraft – referred to as a bus -- plus other components such as infrared sensors, on-board mission data processors, and communication payloads, together with a ground segment to manage the constellation and receive and process track data to send to the wider DoD and intelligence community.”

There will be some 600 satellites in all, with plans then to replenish each tranche every two years in perpetuity, along with associated ground systems, according to the GAO report. As the LEO-orbiting tracking satellites approach the end of their life, “SDA will deorbit them,” the report says.

SDA has been acquiring tranches of both tracking and data transport layer satellites beginning with a demonstration tranche, called Tranche 0 (T0) that was launched in April 2023. Of the 27 satellites in T0, 19 performed data transport and communications, while eight did missile warning. One additional satellite remained on the ground as a test bed.

Tranche 0 was designed to be a “warfighter immersion” tranche, giving service members the opportunity to work with the systems, understand their capabilities, and to develop operational concepts for their use.

An SDA official told the GAO T0 demonstrated “the ability to track a short-range ballistic missile throughout its flight and into its terminal phase and then transmit raw data to the ground from space.” It also connected the tactical data link network used by NATO, from space to specific ships and military airplanes and established the first satellite-to-satellite demonstration of optical links between two of the four T0 contractors.

In September 2025, Tranche 1 of the PWSA program, put 21 tracking satellites into orbit, followed the next month by another 21 data transport layer satellites. Overall, Tranche 1 is scheduled to consist of 128 satellites for the Transport Layer and 26 for the Tracking Layer.

SDA said back in October 2025, “Beginning in 2027, T1 will provide an initial warfighting capability through the PWSA to deliver regional persistence for tactical military data channels…along with advanced missile tracking and missile warning, and beyond-line-of-sight targeting.”

Wednesday’s GAO report said, “According to SDA, T1 will establish the PWSA ground and operations baseline, or the foundation upon which SDA plans to add capabilities in future tranches. To reduce risk, SDA is taking an incremental approach to delivering these ground operations.”

However the next T1 satellite launches have been delayed to sometime this year.

Wednesday’s GAO report raised significant issues in the ongoing PWSA program.

For example, it said, “SDA had planned to allow the warfighter to provide feedback on capabilities prior to a larger SDA investment in T1 and future tranches, but officials from combatant commands we spoke to told us that they have not been asked to provide feedback on T0 MW/MT demonstrations.”

In a broader sense, the GAO said, “SDA has not taken steps to understand the range of risks to delivering MW/MT capabilities by assessing the technological maturity -- such as by conducting a technology readiness assessment -- of critical technology elements included in its satellite development given required modifications and use in new environments. Absent such assessments, SDA remains overly reliant on technology maturity estimates provided by contractors and lacks key insights to better develop realistic development timelines.”

In short, as with many needed highly-technical and complex defense systems, this new space-based, large constellation of satellites in low Earth orbit to detect and track potential missile threats appears to be developing higher costs and a delay before it is fully operational.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The U.S.-China Economic Cold War Is No Longer Silent

OPINION — For decades, the United States (U.S.) operated under a fatal delusion that free trade with China would liberalize its politics and that the global market was a neutral playing field. We were profoundly wrong. In 2000, the U.S. controlled 37% of global semiconductor fabrication. Today, we control less than 12%, while China is on track for 40% by 2030. While we played by the rules of Adam Smith, Beijing played by the rules of Sun Tzu.

We are now in the midst of a silent asymmetric economic war. China does not have a private sector in the American sense. Under its strategy of Civil Military Fusion, every ByteDance algorithm and every ton of refined lithium is a dual use asset of the Chinese Communist Party. Meanwhile, the U.S. encouraged the atrophy of its industrial base by prioritizing short term profits from outsourcing to China instead of securing our own economic and national security future. The West created this irrational strategic vulnerability where Beijing now controls 80% of refined rare earth supplies and more than 60% of the magnets in actuation systems for the F35.

Recognizing that economic security is national security, the Trump administration has installed a genuine war cabinet for economic conflict. This includes the Treasury and Commerce Secretaries, but the pivot is most visible at the Department of War. There the Deputy Secretary, is a battle- tested private equity leader who left his firm in order to bring his skills to fight and has operationalized a new offensive strategy to link private sector dynamism with state imperatives.

The tip of this spear is the newly chartered Economic Defense Unit or EDU.

Directly overseen by the Deputy Secretary of War and run by another private equity industry specialist in industrial consolidation, the EDU is not another regulator. It functions as an internal merchant bank designed to bypass the Pentagon’s notoriously slow procurement cycles. The EDU has replaced compliance- based bureaucracy with commercial first financing. Its mandate is to generate investable demand signals using the government balance sheet to de-risk private capital investment in the defense industrial base.

Instead of vague promises, the EDU now utilizes Advance Market Commitments. These are binding contracts to purchase critical technologies such as solid rocket motors or autonomous drones before the factories are even built. This transforms government contracts into bankable assets that companies can use to secure private loans. Furthermore, the EDU has restructured acquisition management, replacing narrow Program Executive Officers with Portfolio Acquisition Executives who are authorized to move capital rapidly across capability sets much like a private equity managing partner.

Complementing this is the transformed Office of Strategic Capital or OSC. Once merely an advisory body, the OSC has been re codified by the FY2026 NDAA into a direct capital allocator. It is aggressively bridging the valley of death not just for software but for heavy manufacturing. By offering direct loans and guarantees specifically for equipment finance, the OSC ensures that American companies can afford the high capital machinery needed to onshore production of semiconductors and batteries.

This architecture represents a total departure from the status quo. We are moving from a system that audits costs to a system that finances outcomes. The Army parallel initiative to grant Direct Commissions to Silicon Valley engineers further reinforces this culture shift – destroying the wall between the Pentagon and Palo Alto.

The message to the American private sector is clear. The era of neutrality is over. There is no free market left to win if China ends up owning the building blocks of every major industry. Wall Street and Silicon Valley must partner with the USG not out of charity, but out of necessity.

The administration has built the financial and policy architecture for economic sovereignty. American capital now faces the simplest decision in its history, which is to deploy here and own the 21st century, or deploy elsewhere and become its tenant.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

Greenland’s Worth a Fight and Russia’s Trying to Start One

EXPERT PERSPECTIVE — The “quickest way for Russia to penetrate our naval defenses is steaming from the Arctic to the North Atlantic.” The Greenland-Iceland-United Kingdom (GIUK) Gap is the last place allied forces “have any hope of detecting a Russian sub before it’s in the vast Atlantic barreling toward New York.” These insightful comments were spoken not by President Donald Trump but by fictional President Grace Penn in Netflix’s The Diplomat. By contrast Trump’s rhetoric and attempts to gain leverage on Denmark have been appalling and unhelpful. But Trump and “President Penn” are both right about one thing — although the Arctic island is remote, Greenland’s location makes it fundamental to U.S. and NATO naval intelligence and missile defense missions.

Russia knows this as well and is using the Trump-inspired kerfuffle to drive a disinformation narrative intended to further weaken Euro-Atlantic relations. Kremlin-aligned sources have been circulating social media posts suggesting that Western aid to Ukraine has weakened European countries and that weaponry committed to Kyiv may be redistributed to Greenland. A deepfake of a Danish newscaster stating that Denmark plans to recall all F-16s given to Ukraine to be redeployed to Greenland was circulated by Russian influence accounts and received over 45.3K views on X.

Another video, which received over 254.3K views on X, imitated the Institute for the Study of War and claimed that Europeans siding with Ukraine in 2022 is costing them Greenland now and that NATO will be destroyed soon, thereby forcing Europeans to align with Moscow. This Russian tactic of riffing off legitimate think tanks and news channels to validate Russian lies is essential to making their false pro-Kremlin narratives appear more credible and increase the likelihood of their posts spreading across social media.

Moscow is trying to use the divide between the United States and Europe to sow confusion, degrade support for Ukraine, and rupture NATO. What Putin forgets is that disagreements between allies are common and constructively overcoming them builds stronger relationships. The strategic importance of Greenland demands the alliance work through its disagreement.

There are significant reasons why Russia is trying so hard to split NATO over Greenland. Nuuk holds significant naval intelligence value. Moscow’s Northern Fleet and nuclear submarine HQ are on the Kola Peninsula, located near the Russia-Finland border. For Russian (RU) forces to reach the North and Baltic Seas, and beyond into the North Atlantic Ocean, RU submarines must transit through the GIUK Gap; making the two stretches of water critical for monitoring RU subsea activity, just as “President Penn” demonstrated.

Moreover, the growing partnership between Beijing and Moscow in the Arctic and China’s increasing interest in the region over the past decade should raise red flags for NATO. In 2018, China released their first Arctic white paper, in which they called themselves a “near-Arctic state” and detailed a desire to establish a “polar silk road.” Since then, China and Russia have performed numerous joint air and naval patrols in Arctic waters. Coordination between U.S. adversaries in the High North places an even higher value on NATO Arctic maritime intelligence capabilities.

Greenland is also strategically important for missile defense operations. Nuuk is a prime location for American early warning systems to track intercontinental ballistic missiles (ICBMs) with trajectories that arch over the High North. The Pentagon currently operates a variety of early warning radars and communications systems at Pituffik Space Base in Greenland. These radars work in tandem with systems in Alaska and Canada to provide essential early warning capabilities for U.S. missile defense.

ICBMs launched by Moscow can reach the United States in approximately 40 minutes, offering the Pentagon’s command and control centers, and the president himself, extremely limited time to detect, decide, and respond. This mission set will expand as Russia develops long-range conventional hypersonic missiles that will also use a High North flight route.

Prioritizing and expanding U.S. military radar and communication systems in Greenland will certainly be part of the “underlayer” elements of the Golden Dome missile defense effort, allowing for Russian missiles of all varieties to be detected earlier and provide U.S. and Canadian warfighters additional reaction time.

Russia will always be a malevolent actor and adversary in the High North, and the Kremlin will utilize any advantage and division among Arctic allies to sow disinformation, destabilize alliance efforts, and advance its own interests. Although the political particularities of Nuuk lie in the hands of Greenland, Denmark, and the United States, the geostrategic and deterrence value of the island is shared among all NATO allies; and should be a factor that unifies and strengthens the alliance, not something that divides Western partners and advances adversarial interests.

Rear Admiral Mark Montgomery (U.S. Navy, ret.) is the Senior Director of the Center on Cyber and Technology Innovation and Senior Fellow at the Foundation for Defense of Democracies (FDD), where Emmerson Overell is a project coordinator.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

Export Controls Backfire: The China Innovation Paradox

DEEP DIVE — When the Biden administration rolled out its semiconductor export restrictions in October 2022, the logic seemed airtight: cut off Beijing’s access to advanced AI chips, and you’d put the brakes on China’s tech ambitions. Three years on, that bet looks a lot shakier than anyone in Washington expected.

Instead of paralyzing China’s AI sector, these controls have promoted domestic self-reliance. With no choice but to develop indigenous workarounds and architectural innovations, Chinese businesses are rapidly decoupling AI progress from sheer hardware volume. U.S. policies have undoubtedly bought time, but they have also ushered in a parallel innovation ecosystem totally independent of Western influence.

Now the Trump administration is trying a different tack. By allowing conditional chip exports to approved Chinese customers, complete with revenue-sharing arrangements, the White House appears to be hedging its bets. The strategy banks on maintaining some leverage through controlled access rather than outright denial. Yet critics caution this could backfire spectacularly: American companies might be financing the very Chinese AI capabilities designed to render them obsolete.

Both strategies, it seems, lead to uncomfortable places.

The DeepSeek Shock and Algorithmic Efficiency

A year ago, DeepSeek’s new R1 model sent tremors through Silicon Valley and Washington. The Chinese startup demonstrated AI reasoning capabilities closely mirroring those of OpenAI’s ChatGPT o1, without access to cutting-edge chips restricted by U.S. export controls.

“Algorithmic efficiency is a useful technique that enables developers to achieve reasonable performance compared to frontier models through inference-time optimization—essentially adapting the achievements of others for your own purposes,” Martijn Rasser, Vice President of Tech Leadership at the Special Competitive Studies Project, tells The Cipher Brief. “DeepSeek’s engineering is genuinely impressive, and this ‘fast follower’ strategy is very attractive for price-sensitive, commoditized AI applications.”

By optimizing inter-chip memory bandwidth on less sophisticated H800 chips, DeepSeek achieved competitive performance through algorithmic efficiency rather than brute force. According to the MIT Technology Review, Chinese startups are responding to export restrictions by prioritizing efficiency, resource pooling, and collaboration, thereby gaining an edge over competitors.

The breakthrough, however, should not be overinterpreted, Rasser warns.

“Algorithmic efficiency and raw compute aren’t substitutes at the frontier — you need both,” he says. “Training next-generation foundation models, achieving breakthroughs in areas like protein folding or materials science, and developing the most advanced autonomous systems all require massive compute that efficiency gains alone cannot replicate.”

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

Other analysts see the dynamic playing out along different timelines.

“AI progress is shaped by two concurrent trends: pushing the capability frontier requires ever-greater computing power, yet over time, reaching any given capability level requires less and less computing power,” James Sanders, Research Associate at the Center for a New American Security, tells The Cipher Brief.

While American AI companies continue advancing along the compute-intensive frontier, Chinese firms constrained by chip shortages focus instead on the lower-cost, lower-capability portion of the market.

“If the U.S. continues to maintain its computational dominance, China will likely continue to play a role as a fast follower, rather than leader, in AI capabilities,” Sanders explains.

Smuggling Networks and Systematic Circumvention

Aside from inventiveness under constraints, Chinese companies have also shown remarkable versatility by smuggling goods through shell companies and elaborate smuggling operations. The procurement of chips for Huawei’s Ascend 910 AI processor is one of the most dramatic examples.

According to Congressional testimony, Huawei used shell companies to deceive Taiwan Semiconductor Manufacturing Company into manufacturing approximately 2 million computer chiplets.

In 2024, a smuggling ring operating under the company name “Luxuriate Your Life” reportedly purchased $390 million worth of servers from Dell and Supermicro containing banned Nvidia graphics processing units, then smuggled them into Malaysia for ultimate delivery to Chinese customers. Hundreds of controlled chips have subsequently been sold in Shenzhen markets as vendors trade restricted AI technology.

The dramatic scale of smuggling operations thus raises fundamental questions about enforceability.

“No export control regime is 100% leakproof,” Rasser acknowledges. “But the goal should be making evasion costly, risky, and limited in scale rather than expecting perfect enforcement.”

He contends that the most effective approach is drawing a clear line: semiconductors exceeding certain performance thresholds should not be sold to end users in countries of concern at all, regardless of stated end use.

Sanders takes a more optimistic view.

“America has the ability to reduce AI chip smuggling to negligible levels if it wanted to. It only requires the political will to do so,” he says.

Technology that verifies a chip’s location could reduce smuggling to negligible levels, Sanders argues, noting that Nvidia has reportedly built such a capability and several congressional bills have proposed mandating location verification for exports.

“Even with the level of smuggling we see today, export controls on advanced AI chips are still effective,” Sanders insists. “They impose a large differential cost on China’s AI development and make it much harder for these chips to be obtained and used by adversaries.”

The Self-Sufficiency Acceleration

Perhaps most significantly for long-term strategic competition, export controls have supercharged China’s decades-long quest for semiconductor self-sufficiency. At a February 2025 meeting between Chinese Communist Party Chairman Xi Jinping and technology executives, Huawei founder Ren Zhengfei reported that his previous concerns about domestic advanced semiconductor production had eased due to recent breakthroughs.

A CSIS analysis underscores that Ren stated he is leading a network of more than 2,000 Chinese companies working collectively to ensure that China achieves self-sufficiency of more than 70 percent across the entire semiconductor value chain by 2028.

Rasser is skeptical of the ambitious timeline.

“This timeline is not credible for leading-edge semiconductors,” Rasser observes. “If he means trailing-edge components and packaging, 2028 might be achievable. But if he means the advanced logic chips that power AI training and high-performance computing, it isn’t.”

Chinese firms still can't build the ultra-precise manufacturing equipment needed to produce chips at the most advanced nodes, he points out. But that hasn't stopped Beijing from doubling down. Overall chip investment dipped slightly in early 2025, yet spending on semiconductor equipment jumped more than 53 percent, a clear signal that China is dead serious about building out a complete domestic supply chain.

The Chinese government has channeled well over $150 billion into semiconductor development from 2014 through 2030, according to Semiconductor Industry Association analysis — an investment equivalent to the U.S. CHIPS Act virtually every year since 2014.

The Bifurcation Dilemma

The unintended consequence of U.S. export controls may be accelerating the bifurcation of global technology ecosystems into incompatible, competing supply chains.

Consequently, we are faced with a strategic paradox: Does a China that relies on Western chips but is constrained by American controls pose a lower long-term risk than one that operates in a technologically autonomous fashion beyond American eyesight?

“A technologically autonomous China certainly poses a greater risk of strategic surprise,” Rasser concedes. “But the alternative framing — that we could maintain Chinese dependency on Western technology indefinitely—isn’t realistic. It ignores history, Chinese strategy, decades of mercantilist industrial policy, and the inherent difficulty of controlling technology diffusion over long time horizons.”

The better frame, he suggests, is that export controls buy time.

“The question is what we do with that time,” Rasser continues. “Years of constrained Chinese progress are years during which the United States and allies can extend their own technological lead, build more resilient supply chains, strengthen alliances with key semiconductor nations, and shape the trajectory of AI governance.”

Sanders echoes this assessment.

“China is determined to develop a fully domestic AI chip industry, and will likely eventually be able to do so,” he notes. “The real question is whether we equip China to compete with American AI leadership today.”

The fundamental constraint on Chinese domestic AI chip production, Sanders points out, isn’t the lack of logic chips but access to advanced manufacturing equipment.

“Strengthening and fully enforcing current export restrictions on semiconductor manufacturing equipment is the most important step in preventing China from developing an AI chip industry that could outcompete America’s,” he says.

Yet the competitive landscape extends beyond manufacturing capacity alone.

The Supply Chain War

Leland Miller, co-founder and CEO of China Beige Book, who serves on the U.S.-China Economic and Security Review Commission, however, sees the entire framework shifting.

“The trade war is dead,” he tells The Cipher Brief. “This is a supply chain war. Beijing wants to weaponize supply chains for leverage. Tariffs are background noise now.”

Miller notes that China has advantages in data, talent, energy, and scale. Their weakness remains computing — advanced chips and lithography.

“That’s why H100s matter so much,” he says, referring to Nvidia’s high-end processors. On open-source AI platforms like Hugging Face, Chinese dominance is already evident. “Seventeen of the top 20 models are Chinese,” Mike Kuiken, Vice Chair of the U.S.-China Economic and Security Review Commission, tells The Cipher Brief. “Software plus enough hardware can close gaps. That’s why this moment is dangerous.”

The Trump administration’s December 2025 decision to allow conditional exports of Nvidia H200 chips to approved Chinese customers in exchange for a 25 percent revenue stake represents recognition that absolute denial may be neither achievable nor desirable. Yet Beijing has reportedly discouraged state-linked firms from adopting these chips, while Chinese companies like Huawei and Alibaba continue to advance domestic AI alternatives.

The controls have bought time — China’s AI development has slowed, and the U.S. still holds the edge in cutting-edge tech. The more complex question is whether Washington can consolidate that lead before Beijing circumvents the restrictions entirely, potentially causing an even bigger crisis.

“The goal isn’t perpetual dependency, it’s ensuring that when China does achieve greater autonomy, the strategic balance still favors us,” Rasser concludes.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

The Rise of China's Strategic Soft Power and its Global Impact

EXPERT PERSPECTIVE – The United States is currently mired in a cycle of aggressive trade renegotiations and a transactional foreign policy that has alienated its most critical allies. By perceiving partners as free riders on American defense investments, Washington is increasingly defaulting to raw financial and military coercion, or hard power. While cultural attraction remains a core Western strength, this shift toward transactionalism is allowing the global power balance to tilt decisively in China’s favor.

China has successfully evolved from the world’s manufacturing engine into an innovation powerhouse, with massive investments in research and development now yielding strategic dividends. The old adage, "USA innovates, China replicates, Europe regulates," is being rendered obsolete as Beijing takes the lead in high-tech research, dominates renewable energy supply chains, and weaponizes its monopoly on rare earth materials. This is not just a technological shift; it is the foundation of a new form of systemic influence.

By the Numbers

Soft power, the ability to influence through attraction rather than coercion, is now a primary battleground for Beijing. In its 2010-2015 5-Year Plan, China explicitly identified cultural products like computer animation, books, and social media as strategic priorities, and is expected to spend over $10Bn per year. Today, that strategy is manifest in TikTok, where international audiences are fed a curated diet of technological wonders and friendly diplomacy, while the domestic version (Douyin) remains strictly regulated. This curated reality leverages Western influencers paid to travel to China to marvel at bullet trains and flying cars, effectively masking the tightening grip of government control and persistent domestic poverty.

The silver screen has become a frontier for this historical revisionism. The evolution of Oriental Dreamworks illustrates the point: after the original Kung Fu Panda sparked national soul-searching in China over why a Western studio told their story better, Beijing forced a co-production model. This ensured that subsequent global hits, like The Abominable, which sparked international backlash for including the nine-dash line, served as vehicles for Chinese territorial and cultural narratives. Similarly, the success of The Three-Body Problem on platforms like Netflix signals a shift from passive consumption to the strategic export of techno-optimism, reshaping how the West perceives China’s past and future.

Lately one of China’s most potent soft power assets, however, is its strategic silence. In a world defined by shock events, from the 2025 Indo-Pakistani conflict to the Venezuelan raids to arguing over Greenland, Beijing projects a calculated lack of surprise. While United States foreign policy is viewed as an erratic series of active disruptions, China markets itself as a pillar of stability. By refusing the role of global savior, Beijing avoids the inevitable backlash of interventions while presenting its intentions, most notably regarding Taiwan, as historic certainties rather than chaotic ruptures. This perceived predictability is the velvet glove that makes its authoritarian consistency look like a safe harbor for global markets.

The change in soft power execution (or lack thereof), both by the United States and China, has yielded quantifiable results. A 2025 Pew Research Center survey of 28,000 adults shows the favorability gap between Washington and Beijing closing fast. Even inner circle partners are decoupling: in Australia, importance placed on economic ties with China (53%) has eclipsed the U.S. (42%) for the first time. In Canada, reeling from American rhetoric regarding annexation and the Greenland crisis, favorability for the United States plummeted from 87% to 67%. Spain, Mexico, Brazil and Argentina all view the United States as their highest threat, while the United Kingdom, France, Netherlands, Germany and Sweden think of the United States as their second highest threat, only surpassed by Russia. When the world’s most stable democracies begin to view the United States as a greater threat to their sovereignty than China, the global architecture of power has already moved.

This erosion between the United States and its NATO allies is precipitating a tangible financial and geopolitical divorce. As European pension funds signal a pivot toward non-American assets and gold to hedge against United States volatility, Washington has resorted to hard-power retaliation, to counter rising interest costs on its own federal debt, but risks further alienating allies. This shift is giving rise to a Western middle-power bloc, where leaders from Canada to the U.K. are bypassing United States hegemony to secure autonomous ties with Beijing, most recently shown in a Canadian trade deal with China, and London approving a new embassy before their prime minister is set to visit China next month.

The Domestic Crisis of American Soft Power

The United States faces a disadvantage in this competition that is as much internal as it is external. While cultural attraction remains a Western strength, America is stuck in a cycle of political division and a pervasive internal culture war. This domestic fragmentation has direct geopolitical consequences, creating a soft power deficit by eroding internal stability and the reliability that allies previously took for granted. When a superpower’s domestic policy is defined by institutional distrust and crippling polarization, its foreign policy becomes erratic, swinging violently between administrations and leaving partners to wonder if today’s agreement will survive tomorrow’s election.

In this climate, Washington is increasingly defaulting to financial and military coercion, hard power, to maintain influence. By viewing alliances through a purely transactional lens, the United States signals that its leadership is no longer based on shared values, but on momentary leverage.

The Authoritarian Impact of the Chinese Model

Conversely, China’s authoritarian system provides a strategic soft power advantage by ensuring internal dissent never detracts from international ambitions. While the United States is distracted by internal quibbling over social issues, Beijing’s centralized control allows it to project a facade of unwavering stability and consistency. The CCP’s absolute control over society prevents political in-fighting from slowing its global expansion.

This marketed reliability is a powerful tool. To many developing nations, the Chinese model, which prioritizes state security and economic growth over the perceived chaos of liberal democracy, looks increasingly attractive. China is expertly using this image to mask the reality of structural debt traps and economic coercion they have expertly laid in the Global South, particularly in Africa and Central Asia.

However, this is also China’s greatest weakness. Democratic values, such as a free press, labor rights, data and public privacy and private ownership are values where the West, and America in particular, still is attractive and acts as a magnet. While China might be a partner, they might not be a role model.

A Collision Course with an Existential Vacuum

The Transatlantic alliance is now on a collision course with an existential power vacuum. If the West fails to move past aggressive theater and nurture shared security architectures, it will cede the century to a model that demands compliance in exchange for short-term financial benefits.

For any nation flirting with realignment toward China, the warning is stark: China offers immediate liquidity, but demands a level of sovereign collateral that eventually leaves the partner more vulnerable than it was before the investment began, as Lithuania’s experience with economic sanctions has shown. Old alliances between America and Europe should not be so quickly forgotten. All indications are that Chinese soft power, backed by an undistracted authoritarian state, could eventually be followed by hard power.

Soft power should not be discarded so quickly. There is strength in a shared Western cultural heritage that attracts nations precisely because it avoids totalitarianism. However, if America cannot find a way to resolve its internal dissent and project a unified front, it risks losing the very American Example that once served as its greatest global asset, and part of its allies with it.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

America’s Intelligence Satellites are Proliferating: Their Protection is Not, With Exceptions

OPINION — The pace of U.S. national-security launches over the past several months has been staggering. But buried beneath the impressive cadence is an uncomfortable truth: many of the most sensitive intelligence assets now orbiting Earth remain dangerously exposed to enemy action by hostile actors.

These assets are launched primarily by the National Reconnaissance Office and the U.S. Space Force Space Systems Command, operating under the National Security Space Launch program (NSSL). The government’s private-sector partners - SpaceX and United Launch Alliance (a joint-venture by Lockheed Martin and Boeing) provide the lift capacity using Falcon 9, the soon to enter operations Falcon Heavy (SpaceX), and the newly introduced Vulcan Centaur rocket (ULA).

Congress has long recognized the importance of assured access to space. As the Congressional Research Service notes, U.S. law mandates maintaining at least two launch vehicles capable of delivering any national-security payload to orbit. That policy has worked. The problem is what happens after launch.

Over the past four years, most NRO launches fall into three categories. First are signals-intelligence satellites (SIGINT). Second are large, electro-optical imaging satellites (IMINT) - capable of extraordinary resolution, as the public briefly glimpsed when Donald Trump released an undegraded intelligence image in a startling lapse of operational security. Third are the Starshield (the name of the program) satellites.

Proliferated Architecture represents a strategic shift; its goal is to establish “the largest government constellation in history” consisting of hundreds of satellites with launches planned through 2029. There are roughly half a dozen missions planned for 2026. This project replaces the model of few exquisite, irreplaceable satellites, in favor of resilience through numbers.

That logic is sound - but it applies unevenly.

Proliferation ensures continuity if adversaries degrade or destroy some satellites. Yet the most sensitive NRO platforms - large SIGINT collectors and high-resolution imaging satellites - remain singular, expensive, and irreplaceable. They are also increasingly vulnerable. Both China and Russia are fielding counterspace capabilities that include electronic warfare, cyber intrusion, co-orbital inspection satellites, and direct-ascent anti-satellite weapons.

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

In other words, America is hardening its communications backbone while leaving its crown jewels exposed.

Deterrence in space no longer comes from secrecy alone. It requires active protection: improved space-domain awareness, on-orbit maneuverability, electronic countermeasures, rapid reconstitution plans, and – ultimately - the willingness to impose costs on adversaries who threaten U.S. space assets.

The United States has demonstrated it can launch fast, often, and at scale. The next challenge is more difficult and more urgent: ensuring that the satellites underpinning American military power and intelligence dominance can survive in a contested orbital environment.

Starshield redundancy is a start. Protection of existing assets must be the next step. if a rival has the ability to blind, deceive, or degrade satellites, then a lack of clarity may emerge exactly when clarity is most needed. A lack of clarity in a crisis is a catalyst. In fact, space is crowded, competitive, and, more to the point, contested. The dangers?

First, kinetic anti-satellite weapons (ASAT) and debris. Anti-satellite weapons, such as one that was tested by China in 2007 are some of the most threatening because they have the capability to destroy a satellite.

Second, non-kinetic attacks, like dazzling, jamming, cyber-tampering, and spoofing. The greatest threats on a daily basis are also likely to be non-kinetic, meaning they are temporary or reversible, although still potentially operationally decisive. A threat assessment has found categories of threats such as electronic warfare, cyber, and directed-energy effects that are being developed and employed by hostile nations as part of their counter-space capabilities.

Third, co-orbital proximity operations and grey-zone activity. Proximity operations are activities that are legitimate in themselves. However, the same activities can be used for coercion, interference, and “accidents on purpose.” The issue in this regard is one of attribution. This leads to a gray zone in which norms are important in addition to deterrence. In this regard, the U.S. Space Force has described space domain awareness (SDA) as “the ability to perceive and understand the nature of space-based phenomena to inform decisions.”

The policy should be to combine these elite systems with more distributed architectures: more nodes, more paths, and more means of recovery. Resilience is about the need to ensure that the loss of one satellite’s signal does not cause the end of the entire mission. The Proliferated Architecture (Starshield) program is a step towards that direction. But it’s only one NRO project in place and has redundancies set in place. What can be done to protect other multi-billion satellites already in orbit and not part of a constellation of satellites?

First, apply maneuver, unpredictability and mobility in space, which comes down to strong cyber protection for mission systems and ground networks, encryption and authentication to protect command and telemetry, anti-jamming techniques and alternative communication routes and rigorous integrity checks, such that analysts can rely on the data generated.

Second, engage in rapid reconstitution and continuity of operations including: pre-planned fallback modes, alternate tasking workflows, ground processing surge capacity, and alternatives for reconstituting capability with allied or commercial sources if needed.

When the problem is narrowed down to its core, ensuring the protection of single-operated NRO satellites can be achieved via better access to sensor data and faster decision cycles and a resilient architecture (combination of high-end assets and proliferated assets).

Equally important are end-to-end cybersecurity and integrity controls, debris-conscious operations & sustainability in coordination with civilian agencies such as NASA where necessary and proactive deterrence through resilience and consequence.

NRO satellites are strategic tools, as they reduce uncertainties, detect deception, and enable decision advantage. The threats to these satellites, which are both kinetic and non-kinetic, are rapidly increasing in their sophistication and frequency.

The protection of such satellites has nothing to do with making space a battlefield for its own sake. It has to do with being able to see clearly enough to avoid mistakes that could escalate quickly in space.

The best way to ensure such protection is not through a single technology but through a comprehensive approach that involves situational awareness, resilience, secure data communication, sustainable operations, deterrence and dispersion.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

The 2026 National Defense Strategy: No Surprises but Plenty of Mandate

OPINION — The 2026 National Defense Strategy (NDS) follows closely the 2025 National Security Strategy, as it should. It also falls in line with the Department of Defense’s narrative and the actions they have taken regarding priorities. The NDS has four lines of effort:

Defending the U.S. Homeland - Homeland defense is the top priority, with the Western Hemisphere elevated above other regions. This includes border security, open lines of transportation (Panama Canal and Greenland), counter-narcotics operations, and countering adversary influence. This is not a surprise.

Deterring China in the Indo-Pacific - The approach focuses on deterrence through military strength rather than confrontation, aiming to prevent Chinese dominance while avoiding conflict. The strategy emphasizes expanded military-to-military communication with Beijing to reduce conflict risks. It still cites China’s predatory behaviors and makes clear that China is the second highest priority.

Increasing Burden-Sharing with Allies - The document argues that allies must significantly increase defense spending, pointing to a new global benchmark of 5% of GDP for defense-related expenditures. It also calls on allies to keep watch against threats in their part of the world so that the US can focus on the Western Hemisphere.
Revitalizing the U.S. Defense Industrial Base - Described as a once-in-a-century effort essential for military readiness, providing strength to deter the US from getting embroiled in a war, and, if needed, the ability to produce weapons at scale during crises.

Notable Omissions

The strategy makes no specific mention of or guarantee to Taiwan, unlike the 2022 Biden era strategy which explicitly supported Taiwan's self-defense. It also omits climate change as a security threat, which the Biden administration had identified.
Perhaps, the most concerning issue is that the NDS does not mention Ukraine. It would have been easy to call out Ukraine’s successes against Russia as the example for how the strategy forecasts the behaviors it seeks from our allies. It also characterizes Russia as a persistent but manageable threat, in effect relegating Russia at the end of the day as inconsequential to the US. This underestimates Moscow’s ability to cause havoc beyond Ukraine. It also is much like waving the red flag at the bull. Moscow will not like being considered a minor player on the world stage.

Is Cognitive Warfare Still a Thing?

While the Defense Industrial Base is called out as important as is the need for weapons systems and platforms, there is nothing in the document about increasing activities in the cognitive warfare area. This is an area where the US needs to step up. There are statements throughout the NDS where one can read into the need for cognitive warfare. The NDS talks about providing options in the spaces prior to war and being ready if the US must go to war. These statements support increasing intelligence support and non-kinetic options for decision makers. Specifically, the NDS says:

…this Strategy will ensure that we see things and the choices we need to make clearly.

For decisionmakers to “see things” and understand the landscape and to provide them options or choices they will need a strong intelligence community that can collect the information needed to provide warning and articulate the threats we are facing. This same community will then be able to analyze the adversaries’ responses to choices that we make and help inform decisionmakers on what path might work best.

….including by leading efforts to deter or defend against other, lesser threats

Again, to deter adversaries, not only does the adversary have to fear your kinetic response but also what you can do behind the scene. Additionally, cognitive warfare can prep the battle space, even if we do not ultimately resort to a battle space. Influence operations could play a huge role in deterrence.

· ….partner with ….other federal departments and agencies to reinvigorate and mobilize our great nation’s unrivaled creativity and ingenuity, re-spark our innovative spirit….

This statement seems to be here to support calls for increased irregular warfare activities. Creativity and ingenuity are the hallmark for cognitive warfare and the Department can best support activities within the cognitive warfare or irregular warfare space by partnering with other federal departments and agencies.

Conclusion

There is nothing surprising in the NDS and that is a good thing. If the NDS had not closely matched the National Security Strategy or the direction we have witnessed the Department headed in the last year, something would have been off. What the NDS does do is provide the military and the Defense Intelligence Enterprise with a strategic framework for priorities. The National Intelligence Strategy should follow next. While the regional priorities in a National Intelligence Strategy should not be surprising, it will be illuminating to see the strategic direction that the Director of National Intelligence sets for how the intelligence community should move forward.

The NDS priorities mean that there will be some adjustments to resources. Reporting indicates that there may soon be changes to the unified command plan whereby US SOUTHCOM and NORTHCOM will be combined into an America’s Command. There will also need to be an adjustment to resources, both money and people to be able to fulfill the NDS mandate. Such a change will take time to build. Expertise does not come overnight.

The Department will need to make major changes in acquisition and contracting to be able to develop the capabilities the NDS has called out and in the time frame it demands. It is clear that the Department is moving in that direction.

There are repercussions for our partners and our adversaries. More will be expected of our partners but again, the administration has been clear on that issue and when pressed, our partners have shown that they can step up.

Finally, the NDS is clear that the US is not looking for a fight. However, it is also clear that if our adversaries move in that direction, we will be prepared to push back. We need to make sure that we are and put more focus on cognitive warfare to help us be prepared but also to keep us out of a kinetic fight!

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

China’s Stunning Military Purge – and What It Means For Taiwan

DEEP DIVE – President Xi Jinping’s latest purge of generals has eviscerated China’s military leadership, drawn comparisons to crackdowns carried out by Chairman Mao Zedong a half century ago, and raised questions about China’s military plans for a takeover of Taiwan.

Xi moved in the past week against China’s most senior military official, General Zhang Youxai, and General Liu Zhenli, who heads the Joint Staff Department, which oversees operations, intelligence and training. Zhang and Liu were members of the Central Military Commission, or CMC, China’s most important military body – and Xi’s campaign has now claimed all but two of the CMC’s six leaders (one of whom is Xi himself). Xi’s earlier purges have ended the careers of dozens of lower-ranking generals.

“The PLA’s core command has been mutilated by these purges,” Dr. Zi Yang, an expert on China’s military at the S. Rajaratnam School of International Studies (RSIS), told The Cipher Brief. As for the CMC, he said that “this organization…that is supposed to oversee quality military advice is more or less gutted. Who’s giving Xi advice on running an organization of two million military personnel?”

Imagine an American president firing all but one member of the Joint Chiefs of Staff, along with several other high-ranking generals, while simultaneously preparing for a major military contingency, and you have some sense of what’s happening in China.

Dennis Wilder, who served as a senior CIA official and a top White House adviser on China, called the moves against Generals Zhang and Liu the “most stunning developments in Chinese politics” since Xi’s rise to power – and said the purges would almost certainly affect the timing of any action against Taiwan.

“If Xi had plans for 2027, I think they’re delayed,” Wilder told The Cipher Brief, referring to Xi’s directive that the military be prepared by 2027 to take taiwan by force. “I don't know for how long but they have to be delayed at this point. There's no way that they're ready to take on a major military confrontation in these circumstances.”

Gen. Zhang was widely considered Xi’s most trusted military aide. Former U.S. National Security Adviser Jake Sullivan, who attended a meeting with Zhang in 2024, told The New York Times that he “spoke in an unvarnished way that was typical of a military guy, but also reflective of someone who didn’t feel like he had to be cautious.” Now Gen. Zhang is the latest and most consequential casualty of Xi’s widening purge.

“It’s fair to say this is a seismic event,” Sullivan said. For Xi to “take out somebody who he had such a long history with is striking, and raises a lot of questions.”

Anatomy of a crackdown

On January 24th the Defense Ministry announced that Generals Zhang and Liu had been placed under investigation for “suspected serious discipline and law violations”. An editorial in China’s Liberation Army Daily said the two men had “trampled on” Xi’s authority and “severely undermined the party’s absolute leadership over the military.” Their actions, the paper said, had caused “massive damage” to the military’s political strength and combat readiness. The Wall Street Journal reported that General Zhang has been accused of leaking nuclear secrets to the United States.

Experts had assumed that Gen. Zhang would avoid the purges, given his rare combination of attributes: a decades-long close relationship with Xi; and a decorated record during the 1979 border war with Vietnam.

“Zhang matters, both as a combat-tested veteran – which is a very rare commodity within the PLA – but also because he truly understands war,” Shanshan Mei, a China defense expert at RAND and former advisor to the U.S. Air Force on China, told The Cipher Brief. “He truly understands tactics and morale and real combat issues.”

Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.

Since taking power in 2012, Xi Jinping has prioritized a revamping of the military, which was widely seen as beset by corruption and outmoded thinking. He fired dozens of generals and began an overhaul of the People’s Liberation Army (PLA), which was ultimately led by Gen. Zhang. Xi’s purging of the CMC leadership began in 2023 and culminated in last week’s moves against Zhang and Liu.

Last year, Dr. Zi – the RSIS expert – wrote an article about the purges and argued that Zhang Youxia’s removal would likely trigger a crisis within the People’s Liberation Army (PLA). Now, Zi says, that moment has arrived.

“It's going to have trickle-down effects for sure to the operational level,” Zi told The Cipher Brief. “All of Zhang’s associates are going to be put under suspicion. All of Zhang’s underlings are going to feel the pressure as well.”

What it means for Taiwan – and beyond

Experts told The Cipher Brief that the latest ousters will likely have several immediate effects: a drop in PLA morale; less high-level risk-taking and innovation; a disruption in decision-making – involving everything from procurement to high-tech modernization to actual priorities and battle plans; and an almost-certain delay in any military operations against Taiwan.

Ambassador Joseph DeTrani, a former CIA director of East Asia operations, wrote an article for The Cipher Brief in October in which he warned that the high-level upheaval within the PLA might impact decisions involving Taiwan. Now he says that delays are inevitable.

“You’ve got to say this is not going to happen [by 2027],” Amb. DeTrani told The Cipher Brief. “And if it is, you have got to wonder, what sort of planning and what sort of leadership would go in? I just don't see how President Xi Jinping could feel even remotely confident that China’s military would be prepared, or is prepared, to use kinetic means to take over Taiwan.”

Zi said that the purging of the two top generals “has clearly damaged the PLA’s operational capacity,” and he, too, doubted that the military could move against Taiwan until the internal turbulence passes and new leadership is put in place.

“Any war in the Taiwan Strait is going to be an extremely complex large-scale military operation,” Zi said. “It will require the mobilization of China’s resources in all realms and mobilization of basically all military services and forces. You need people who are capable and talented in positions to plan and lead these operations.”

Wilder said that while China’s basic military readiness is not in question – “pilots know how to fly their planes…(and) naval and infantry commanders know how to lead their units,” he said – the latest purges will compromise the oversight and execution of any major operations in the near term.

“I don’t think this changes the readiness of PLA forces,” he said. “It’s really about the command structure. I think execution is a problem, because your command structure has been so disrupted.”

That “command structure” has been housed within the CMC, whose only remaining uniformed officer is Gen. Zhang Shengmin, who Zi described as a “political commissar with next to no operational command experience.”

“He’s not a combat veteran,” Wilder said of Zhang Shengmin. “You have to find a general in charge, if you're going to go forward with a plan. Who’s your operational commander?”

Beyond Taiwan, Wilder said the purges risk a broader “paralysis” within the military’s top echelons. “You don't know what's safe anymore, and whether you might be investigated,” he said. “Officers will want to keep their heads down. They won’t want to propose anything. They will simply wait for instructions.” That, he added, will render the military leadership “dysfunctional for a while. It becomes incapable of serious decision-making.”

Experts said decision-making wasn’t a problem for Gen. Zhang Youxia, who was seen as a straight-shooting advisor who wouldn’t hesitate to give Xi less-than-rosy assessments.

“Zhang could give Xi Jinping critical advice and know that Xi would listen,” RAND’s Mei said. “A key question now is: Who is going to give Xi Jinping the Zhang Youxai-style, informed and combat-tested advice, if Xi decides to make any big moves militarily? Who’s going to give him the honest opinion?”

Amb. DeTrani said that morale at lower ranks will be challenged as well.

“It's got to affect the troops,” DeTrani said. “What is the message that Xi Jinping is sending to the troops – that his leaders are all either corrupt or involved in other nefarious activities? It's got to be very demoralizing for the core of the People's Liberation Army.” He said frontline soldiers may go so far as to question their own commitments. “I've been taking orders from these people and told to potentially give up my life to serve the country – and these people are feeding off the trough?" DeTrani said. "They're corrupt and we're hearing that from our supreme leader? How could they expect us to sacrifice so much if they're not invested the same way as we are?”

Who will take their place?

In the near term, all eyes will be on the generals Xi taps to fill the vacancies – and how soon he does so. Wilder said that one of his “best contacts” inside China told him in the wake of the moves against Zhang and Liu that “there’s more coming. There are going to be other generals that go.” Any further bloodletting would suggest an extended period without a fully reconstituted top brass.

Whenever Xi chooses to fill the top-tier positions, he will presumably be looking for loyalists who also bring experience and expertise. But experts said that the trickle-down effect of the purges means that many candidates may be tainted by association to the ousted generals.

“In China, when you take down one person, everything about that person is wrong,” Mei said. “Who is going to replace Zhang? We keep looking one level down, to the theater commanders and political commissars. But many of these people were Zhang Youxian proteges. You take him out, it doesn’t mean that you will have a big collection of qualified, loyal military leaders ready to take over.” She added that among China’s ten theater commanders, “at least 4 or 5 are Zhang Youxian’s people.”

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

Several analysts referenced Mao’s 1950s “Red” versus “Expert” ideological formula, in which fealty to the Communist Party (i.e., “Red”) was prized above technical skills. The ideal citizens were "Red and Expert" – people who brought both elements to their work.

“The real question is, can he find the loyalists he needs in those jobs?” Wilder said. “Does he have a slate of candidates? I would presume he cannot leave these positions open for too long.”

“My gut feeling tells me that Xi is valuing loyalty over professionalism,” Zi said. “A military professional may tell you things that you don’t want to hear. If he cannot find someone who is both ‘Red’ and ‘expert,’ he is going to choose someone who is loyal.”

Zi and others added that whoever lands in these positions will have to tread carefully.

“They will have to be extremely cautious about their behavior, their words, they must carry themselves in a more subservient way,” Zi said. “Maybe even total obedience to Xi’s will and Xi’s mind. Because you don't want to put yourself in the same position as Zhang. And they won’t have anything like his capital.”

Outside China, watching with interest

Officials in Taiwan said this week that they were closely monitoring what they called “abnormal shifts” within China’s senior military leadership. That said, Defense Minister Wellington Koo projected a nothing-has-changed approach, saying Taipei would not relax its guard, and noting that China’s war games have continued and Beijing has not changed its position vis-a-vis Taiwan.

Mei, Zi and Wilder all raised concerns about another regional flashpoint: The South China Sea. In their view, Xi may seek to quiet domestic unease about the PLA – and send the rest of the world a message – by initiating a smaller-scale conflict involving those disputed waters.

“I would worry about the South China Sea, because Xi might want to prove that he’s still strong,” Wilder said. “So what do you do? You pick on a small guy. I’d worry about the Philippines. I think we’re going to have to watch for muscle-flexing of some sort.”

Zi voiced the same concern, suggesting Xi might seek a “rally-the-flag” operation in the South China Sea – a “small conflict that might be viewed as easy pickings.”

As for the U.S., the chaos in China’s military leadership offers at least one benefit: the gift of time, as Xi maps out his next steps, and Washington and its Asian allies consider the range of contingencies involving Taiwan.

“You've got a wonderful opportunity,” Wilder said. “Number one, you have time that you didn't have before. We have all these Indo-Pacom plans, we're trying to get AI in the field, drone swarms into the field. It gives us a longer timeline for working with the Japanese, the Philippines, the Australians. That's the good news.”

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

Signs of Trouble from Venezuela's Regime Could Be Subtle at First

OPINION / EXPERT PERSPECTIVE — Turmoil in Minneapolis and the unprecedented friction within NATO over President Trump’s effort to secure control over Greenland have, predictably, displaced headlines about Venezuela in much of the daily press. But there have been at least a number of important statements from the U.S. and one disturbing statement, reportedly, by Venezuela’s interim president since the U.S. apprehended Maduro and his wife.

”Now, this is not the end. This is not even the beginning of the end”. Winston Churchill, 1942

On January 20^th, in a press conference, President Trump said he was considering a role for Venezuela’s democratic opposition leader, Nobel laureate Maria Corina Machado. This was a very encouraging statement. The opposition has the support of the vast majority of Venezuelans. As has been widely reported and well documented, they won the July 24 national election by an enormous margin despite regime efforts to undermine their campaign.

Maria Corina Machado is the leader of the opposition and a national hero. She is committed to rebuilding her country’s democracy and to reconstructing Venezuela’s dysfunctional and corruption-ridden economy. She is pro-American, pro-private sector and open to foreign direct investment.”

The regime, now being led on an interim basis by Delcy Rodriquez, held on to power after the July 2024 vote through intimidation. The Venezuelan public knows this. And, despite assurances of cooperation to President Trump, there are already signs that the character of this authoritarian regime’s approach to governance has not changed. The regime moved quickly after the U.S. removed Maduro to squelch public expressions of relief that Maduro had been taken into U.S. custody. Left to their own devices, Delcy Rodriquez and company will do everything in their power to consolidate their hold on power. Indeed, this is clear from Rodriguez’s recent public statement that she has had “enough already of Washington’s orders over Venezuelan politicians.”

Integrating Maria Corina Machado into the transition process would reassure her supporters and help to counter the impression that the U.S. is indifferent to the plight of the Venezuelan democratic opposition. It would also contribute to the establishment of the kind of security on the ground that the American oil majors have said must be achieved before they commit to the immense investments necessary to resurrect the country much diminished and dilapidated oil sector.

President Trump says the U.S. will manage the receipts for Venezuelan oil sales and direct some of that money back into Venezuela. Good but these funds should be channeled mostly into the hands of the opposition rather than the regime. Indeed, the last thing that should be done with the oil receipts is giving them to the regime. The regime’s managerial incompetence and corrupt practices are precisely what caused the effective collapse of the economy! As I and others have noted in the past, oil production in Venezuela has shrunk by two thirds since Hugo Chavez was elected. Things got even worse under Nicolas Maduro. The Venezuelan economy contracted by around 70 percent between 2013, when Maduro assumed the presidency, and 2023.

The Trump administration’s decision to work with remaining elements of the Maduro regime’s leadership cadre was and remains understandable. The U.S. wants to avoid the mistakes we made after the fall of Saddam Hussein in Iraq. The regime’s remaining leaders, however, are never going to be willing partners in the reconstruction of, Venezuela if that means empowering their adversaries – as Delcy Rodriguez’s recent comment makes clear. They are counting on the U.S. losing interest or being distracted by other crises. The United States needs to be prepared to counter this heretofore unstated impression.

The U.S. considered this a criminal regime before Maduro was apprehended. Rodriquez and the ministers of Defense and Interior were all a part of Maduro’s inner circle. They are miscreants who will revert to their previous patterns of repression and malfeasance absent close vigilance by the U.S. and the democratic opposition. This is why President Trump’s decision to get American diplomats back into the country and name a tough, experienced ambassador to lead the Venezuelan interest section presently located in Bogota was so important.

The U.S. has a long list of issues to work through with the Rodriquez team. Following Maduro’s capture, Rodriguez, on behalf of the regime, agreed to work with the U.S. to avoid further U.S. military action. We will need to watch carefully to be assured that commitments are met. We should also communicate persuasively that the U.S. is willing to act forcefully again if the circumstances warrant it.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Inside Trump’s New ‘Board of Peace’

OPINION — “Donald J. Trump shall serve as inaugural Chairman of the Board of Peace, and he shall separately serve as inaugural representative of the United States of America…The Chairman [Trump] shall have exclusive authority to create, modify, or dissolve subsidiary entities as necessary or appropriate to fulfill the Board of Peace’s mission…The Chairman [Trump] shall at all times designate a successor for the role of Chairman. Replacement of the Chairman [Trump] may occur only following voluntary resignation or as a result of incapacity, as determined by a unanimous vote of the Executive Board, at which time the Chairman’s [Trump’s] designated successor shall immediately assume the position of the Chairman and all associated duties and authorities of the Chairman.”

Those are quotes from the charter of the new, so-called Bureau of Peace (BOP) established by President Trump and signed January 22, at Davos, Switzerland by Trump for the United States and the leaders or representatives of 19 other countries.

On January 16, White House announcement of BOP said the organization would provide “strategic oversight, mobilizing international resources, and ensuring accountability as Gaza transitions from conflict to peace and development.”

However, six days later the BOP charter that President Trump released at Davos described its purpose in Chapter I this way: “The Board of Peace is an international organization that seeks to promote stability, restore dependable and lawful governance, and secure enduring peace in areas affected or threatened by conflict.”

No mention of Gaza, as BOP’s sole focus, but rather the far broader “areas affected or threatened by conflict.”

BOP’s expansion to a worldwide peacekeeping role provides President Trump with a new way to involve himself in international affairs, not just while he is U.S. President, but even after he leaves the White House.

I will discuss below how President Trump sees all this happening and what it may mean. First, however, it’s worth seeing how BOP’s charter, gives its Chairman, Trump, total power over the organization even beyond what’s mentioned above.

For example,, the charter says. “Membership in the Board of Peace is limited to States invited to participate by the Chairman…Each Member State shall serve a term of no more than three years from this Charter’s entry into force, subject to renewal by the Chairman…The Executive Board shall be selected by the Chairman…shall serve two-year terms, subject to removal by the Chairman and renewable at his discretion…[and] shall be led by a Chief Executive nominated by the Chairman and confirmed by a majority vote of the Executive Board…Decisions of the Executive Board shall be made by a majority of its members present and voting, including the

Chief Executive. Such decisions shall go into effect immediately, subject to veto by the Chairman at any time thereafter.”

Beyond that, Chairman Trump, under the charter, shall convene BOP meetings, establish their locations, must approve the agendas and the persons from all states attending those meeting.

Individually, the charter says Chairman Trump, “acting on behalf of the Board of Peace, is authorized to adopt resolutions or other directives, consistent with this Charter, to implement the Board of Peace’s mission.”

As Chairman, Trump can also “dissolve [BOP] at such time as the Chairman considers necessary or appropriate, or at the end of every odd-numbered calendar year, unless renewed by the Chairman no later than November 21 of such odd-numbered calendar year.”

The charter says, “The Executive Board shall provide for the rules and procedures with respect to the settling of all assets, liabilities, and obligations upon [BOP’s] dissolution,” but remember, decisions of the Executive Board are “subject to veto by the Chairman at any time.”

In short, the BOP charter gives Trump total control over the organization and all its activities.

At last Thursday’s press conference introducing BOP, Trump said, “This Board [BOP] has the chance to be one of the most consequential bodies ever created and it's my enormous honor to serve as its chairman. I was very honored when they asked me to do it. We had an idea to do it, and then they came. They said, "You be the chairman."

Trump never explained who “they” were.

Although 50 nations had been invited to join BOP, only 19 showed up to attend last Thursday’s announcement. Major Western allies, such as Canada, France and Germany have balked and voiced concerns that the body is designed to replace the United Nations.

Trump, who just recently had the U.S. withdraw from many U.N. organizations, said at last Thursday BOP press conference, “I've always said the United Nations has got tremendous potential, has not used it, but there's tremendous potential in the United Nations and you have some great people at the United Nations, but so far it hasn't.”

He repeated, “There's tremendous potential with the United Nations and I think the combination of the Board of Peace with the kind of people we have here coupled with the United Nations can be something very, very unique for the world, for the world.”

It is worth noting that the Trump approved as the BOP seal something in gold that’s very similar to that of the U.N. seal.

Trump’s son-in-law Jared Kushner, who helped put together BOP and is a founding member of its Executive Board, said at last Thursday’s event, he had put together a plan for rebuilding Gaza with the help of the U.N. as the Security Council had originally voted.

But then Kushner added, “We've worked very, very well with them, this is why you need a new organization like the Board of Peace to work with the U.N.”

Kushner specifically thanked U.N.’s Under-Secretary-General for Humanitarian Affairs and Emergency Relief Coordinator, Tom Fletcher, who it turns out gave an interview to Sky News at the time of the BOP announcement.

Fletcher insisted, “The U.N. is not going anywhere…We’ve got to get out there, end wars, save lives, and we’re doing that.” Asked if Trump’s organization would replace the U.N., Fletcher responded, “Now I think we’re seeing America wanting to play a part in ending some of these conflicts and they want us [the U.N.] to be as effective as we can be.”

Fletcher then gave a description of what I judge he sees as Trump’s different way of looking at how he, Trump, works with world leaders.

Fletcher said. “There’s a difference between the old school statecraft that’s familiar to many people here at Davos and a sort of real estate craft, which is coming into this conversation now, which is more transactional. It’s very focused on results, not process. It’s focused on personal relationships and not always institutions. Yes, there’s an aspect of cliff-hanger and jeopardy to it. We never quite know what’s coming next, but it is part of the conversation. And if it can save lives and it ends wars then that is fine.”

To me that is roll-the-dice diplomacy – in effect gambling on national security and foreign policy outcomes. Remember, Trump’s Atlantic City ventures that started in the 1980s. By 2004, all three Trump casinos and Trump Hotels & Casino Resorts Inc. were bankrupt.

Trump, has rolled the dice on Venezuela, let’s see how that turns out. And hopefully, BOP won’t be like Trump’s casinos, although right now it does not look to me like a good gamble.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Russia’s War Economy Lifeline: Inside the Sanctions Evasion Network

DEEP DIVE — Nearly three years into the most comprehensive sanctions regime ever imposed on a significant economy, Russia’s defense industrial base has not just survived — it has expanded at a rate that has stunned Western officials.

In spite of Western import controls, Moscow maintains wartime levels of military production by using shell companies, third-country middlemen, and financial workarounds.

In early 2026, the war will enter its fourth year, and Russia will still have access to critical battlefield technology that was banned by Western authorities. These components power the Lancet loitering munitions hitting Ukrainian positions, Kalibr cruise missiles striking infrastructure, and electronic warfare systems jamming NATO communications.

Throughout 2025, Russia produced an estimated 250,000 artillery shells monthly — 3 million annually — according to NATO intelligence, while manufacturing over 1.5 million drones and more than 2,400 cruise and ballistic missiles per year. President Vladimir Putin claimed in April that Russia’s defense industry more than doubled production of weapons, communications, reconnaissance, and electronic warfare systems over the previous year, with ammunition production increasing more than 22-fold since 2022.

NATO Secretary General Mark Rutte also assessed in January 2025 that Russia has fully switched to a “war economy” and produces, in three months, the weapons and ammunition that the European Union makes in a year; a production advantage enabled by sanctions-evasion networks spanning three continents.

“Evasion of Western restrictions has helped Russia ramp up production of certain military equipment and munitions, such as cruise and ballistic missiles, to a greater degree than Western governments initially expected,” John Hardie, Deputy Director of the Russia Program at the Foundation for Defense of Democracies, tells The Cipher Brief.

The Turkey-UAE-China Triangle

Three countries have emerged as critical nodes in Russia’s procurement network. Over the past year, Turkey, the United Arab Emirates, and China continued to dominate Russia’s sanctions evasion infrastructure, collectively accounting for 86.2 percent of total battlefield goods shipments and 78.6 percent of critical components shipments to Russia.

The trade patterns reveal how entrenched these channels have become, and how enforcement efforts under the Trump administration have largely stalled. In the first nine months of his administration, President Trump imposed no new sanctions on Russia and declined to join the UK, EU, and other allies in targeting Russian evasion networks. Only in October 2025, after canceling peace talks with Putin, did the Trump team impose its first direct sanctions on Russia, targeting oil giants Rosneft and Lukoil while threatening secondary sanctions primarily against India, despite China being the largest importer of Russian oil globally.

“China is by far the most important enabler of that evasion,” Hardie explained. “China serves as both a direct supplier of critical inputs — such as CNC machines, microelectronics, and nitrocellulose — as well as a jurisdiction for Russian illicit procurement of Western products.”

China remains the dominant supplier, accounting for up to 90 percent of Russia’s microelectronics imports. By August last year, Beijing exported a record 328,000 miles of fiber-optic cable and nearly $50 million worth of lithium-ion batteries to Moscow in a single month. According to Germany’s Foreign Ministry, up to 80 percent of Russia’s sanctions circumvention now involves Chinese entities. Russia is paying the price for this dependence: Chinese suppliers charged Russia an 87 percent markup on sanctioned goods between 2021 and 2024, compared to just 9 percent from other suppliers.

In addition, the UAE has become the primary transshipment hub, with electronic component exports to Russia growing more than fifteenfold since the invasion. Dubai-based companies supply everything from aviation parts to Starlink terminals, which Russian forces buy for around $2,200 each. By mid-2024, UAE imports of EU airplane parts hit 23.6 million euros — a fifteenfold jump — while Turkey’s climbed by a third to 12.7 million euros, even as Russia’s direct purchases fell to zero.

Central Asia’s Shell Company Explosion

Central Asian states have become essential transit corridors, with Kazakhstan and Kyrgyzstan serving as primary hubs. Throughout 2025, these channels have grown more sophisticated rather than diminished. From 2021 to 2022, Kyrgyzstan’s exports to Russia exploded by 250 percent, with machinery exports to Russia spiking by 41,000 percent — a figure that “cannot be attributed to market demand” but represents “economic statecraft hidden in plain sight,” according to analysis published in June 2025.

Russian buyers keep setting up shell companies in Kazakhstan to purchase electronics and drones from Europe, China, and the United States, then ship them home to Russia’s defense industry. Throughout 2025, Kazakhstan became one of Moscow’s primary backdoors for sanctioned goods. Moreover, Russian marketplace OZON has invested significantly in logistics infrastructure across Kazakhstan, Kyrgyzstan, and Armenia to consolidate parallel-import cargo.

The diversions are obvious. Landlocked Kyrgyzstan continues importing EU maritime navigation equipment with no plausible domestic use — equipment destined for Russian naval systems. Over the course of last year, Western authorities intensified enforcement. In June, the UK warned businesses in five countries that those aiding sanctions evasion would face sanctions themselves.

In October, the EU’s 19th sanctions package targeted eight financial institutions in Tajikistan, Kyrgyzstan, the UAE, and Hong Kong for facilitating circumvention, while four banks in Belarus and Kazakhstan were designated for using Russian payment infrastructures. In January 2025, the UK published enhanced guidance identifying 15 high-risk countries, including Armenia, Kazakhstan, Kyrgyzstan, China, the UAE, and Turkey, for which exporters must conduct enhanced due diligence.

When asked how difficult it is to distinguish legitimate trade from sanctions evasion in Central Asia, Ambassador Daniel Fried, a forty-year career diplomat and Distinguished Fellow at the Atlantic Council, acknowledged the complexity.

“Such action is labor-intensive but worth the effort,” he tells The Cipher Brief. “We should go after the most impactful technologies and targets.”

The Yuan Lifeline: Russia’s Financial Engineering

Meanwhile, the Chinese yuan props up Moscow’s parallel financial system. As of November 2025, 99.1 percent of Russia-China trade settles in rubles and yuan — up from less than 2 percent before the invasion.

When major Chinese banks like Ping An and Bank of Ningbo stopped accepting Russian payments in mid-2024, smaller regional banks stepped in to fill the gap. These “burner banks” can shut down and reopen under new names if sanctioned.

The workaround was part of a broader effort to rewire Russia’s financial system away from the West.

The share of Western currencies in Russian trade decreased from 87 percent to 18 percent between January 2022 and December 2024. Yuan and ruble filled the gap, eliminating Western oversight from the financial system.

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

Energy exports remain the bedrock. Beijing became the anchor buyer for Moscow’s hydrocarbons, with crude oil shipments exceeding 108 million tonnes in 2024 — a 30 percent increase since 2022. The Power of Siberia pipeline is reaching full capacity of 38 billion cubic meters annually.

China-Russia bilateral trade hit $245 billion in 2024, more than double 2020 levels, with 99.1 percent now settled in yuan and rubles as of late 2024, creating a sanctions-resistant corridor completely insulated from dollar oversight. Though trade dipped slightly in early 2025 — Russian officials projected around $220 billion for the year due to market adjustments — the financial architecture remains entrenched, with the yuan accounting for 99.8 percent of Moscow Exchange foreign currency trading after summer 2024 U.S. sanctions targeted the platform.

The Enforcement Challenge

There are structural limitations to Western enforcement. The EU lacks the capacity to check each and every export to a third country. Washington’s secondary sanctions strategy aims to catch violators, but effectiveness is uncertain.

Fried suggested targeted measures to disrupt these supply chains. Western enforcement faces structural limitations.

“Targeted sanctions and penalties from the Commerce Department,” he noted. “These are labor-intensive and only partially successful at best, but partial success can have an impact.”

The January 2025 sanctions package targeted nearly 400 entities across more than 20 jurisdictions. Throughout 2024, 70 percent of U.S. designations were Russia-related, with almost 33 percent targeting entities outside Russia — China accounting for 36 percent of third-country designations.

“This is not to say Western sanctions and export controls are useless,” Hardie underscored. “They do make life harder and more expensive for the Russian defense industry. And they have a greater effect on products with obvious military uses, e.g., radiation-hardened “hips for satellites. Sanctions also hamper Russian defense exports, which are an important source of revenue for the Russian defense industry.”

Chinese compliance is particularly complex. Beijing publicly respects Western sanctions yet operates on a principle of “everything not banned is allowed.” Smaller Chinese companies and regional banks keep supplying Russia while staying just within the letter of Chinese law. Beijing tolerates the arrangement as long as it doesn’t constitute a technical violation.

Hardie noted that enforcement strategies must be sustained to be effective.

“Aggressive, consistent sanctions enforcement — i.e., designating third-country companies and banks supporting the Russian defense industry — is important and should be coupled with diplomatic pressure on foreign governments to crack down on sanctions busting,” he said.

However, political will appears inconsistent.

“Whereas the Biden Treasury Department routinely issued Russia sanctions enforcement packages, the Trump administration hasn’t issued a single one,” Hardie observed. “The Trump administration is especially reluctant to punish Chinese entities involved in Russia sanctions evasion, as it doesn’t want to strain relations with Beijing.”

Hardie also emphasized the role of the private sector.

“Western companies need to be good corporate citizens and invest in strong due diligence, which isn’t always the case,” he said. “One idea FDD has been working on is to require U.S. companies to perform’ enhanced due diligence for shipments of sensitive goods to countries known to be high-risk jurisdictions for Russian evasion.”

The result is a war economy that has adapted to intense pressure. Russia has expanded its defense industry despite sweeping sanctions, leveraging enforcement gaps, asymmetries in global trade, and non-Western intermediaries that facilitate transactions for profit.

Yet, analysts warn that structural strains are increasing.

“While there is evidence for both trends, the stresses on the Russian economy are becoming larger,” Fried noted. “The Soviet experience is instructive; the USSR managed to continue its priority programs through the end, but the overall economy deteriorated little by little, and then all at once.”

For these gaps to be closed, secondary sanctions risk must be dramatically increased, import quotas must be imposed on third countries, or Russia must be granted access to critical technology at a higher cost and with greater complexity.

Hardie, however, warned against relaxing pressure at a critical moment.

“When you need leverage to get Moscow to accept a peace deal, that’s hardly a smart time to make life easier for the Russian war machine,” he added.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

They're Coming for Our Kids: How Extremists Target Children Online

OPINION — September is National Preparedness Month - when we check our emergency kits, review evacuation routes, and prepare for natural disasters. But this year, as I sat in conference rooms at the Eradicate Hate Global Summit in Pittsburgh, I couldn't stop thinking about a different kind of storm brewing in our communities. One that doesn't announce itself with weather alerts or sirens.

It targets our children in their digital third spaces - Discord servers where they chat with friends, Instagram feeds where they scroll for hours, Reddit forums where they seek community, gaming platforms where they unwind, and the sprawling ecosystem of social media where teenagers spend most of their waking hours.

In 2024, teenagers accounted for up to two-thirds of ISIS-linked arrests in Europe, with children as young as 11 involved in recent terrorist plots. But Islamic extremists aren't the only ones hunting in these digital spaces. White supremacist groups, neo-Nazi organizations, and other far-right movements have turned every corner of the internet where young people gather into potential recruitment centers.

What unites these predators across the ideological spectrum isn't their beliefs - it's their understanding that vulnerable children make easy targets. And while they've perfected their hunting techniques, we've dismantled our defenses.

The State Department issued a call for proposals in July 2025 to fund programs preventing terrorists from recruiting young people online. One month later, they canceled the entire initiative due to funding cuts. The very expertise needed to design and manage such responses had been dismantled when my office - the Office of Countering Violent Extremism - was shuttered along with similar prevention teams across the federal government.

We're watching the storm approach, and we're sending the meteorologists home.

The New Hunting Grounds

Every platform where teenagers gather has become a recruitment center for extremist movements. Neo-Nazi groups use gaming chats to spread white supremacist messaging. Islamic extremists exploit social media algorithms to target vulnerable youth. Far-right militias recruit through conspiracy theory forums. Anti-government extremists find followers in survivalist communities.

The tactics mirror those used by online predators - build trust, isolate targets, gradually introduce radical ideas, and exploit vulnerabilities. A teenager struggling with social isolation logs into Discord seeking connection and community. Instead, they find recruiters who validate their frustrations while slowly introducing conspiracy theories, hate-filled content, and calls for violence.

The progression is methodical. First comes the meme that seems edgy but harmless. Then the private message offering "real truth" about current events. Next, the invitation to a smaller, more exclusive group where radical content flows freely. Finally, the encouragement to take action—whether spreading propaganda, targeting individuals, or planning violence.

These aren't random encounters. Extremist recruiters study adolescent psychology, identifying kids who show signs of depression, social anxiety, or family conflict. They understand that teenagers are naturally questioning authority and seeking identity—normal developmental phases that can be exploited.

History's Warning Signs

This exploitation of youth isn't new - only the technology has changed.

The Hitler Youth movement systematically recruited children through youth organizations. The Red Army Faction in 1970s Germany drew from disaffected university students. The Irish Republican Army found fertile recruiting ground among marginalized teenagers in Belfast.

What these historical cases teach us is that extremist movements succeed when they fill voids left by failing institutions. When young people can't find meaning, purpose, or belonging through legitimate channels, they become vulnerable to those offering simple explanations for complex problems.

Today's digital environment amplifies these vulnerabilities exponentially. Where previous extremists recruited face-to-face in specific locations, online recruiters can reach millions simultaneously, test messaging in real-time, and operate across borders with minimal detection risk.

The Programs We Dismantled

The prevention infrastructure dismantled over the past year wasn't theoretical—it was saving lives.

At the State Department, our team worked with tech companies to identify recruitment tactics and develop content policies that protected legitimate speech while removing extremist material. We helped content moderators recognize subtle grooming techniques that avoid automated detection.

The Center for Prevention Programs and Partnerships at DHS built relationships with schools and community organizations to identify early warning signs. Their approach was therapeutic, not punitive—providing intervention resources that addressed underlying issues rather than criminalization.

At the FBI, specialized teams tracked recruitment networks and distinguished between teenage edginess and genuine threats. The Department of Health and Human Services funded research into psychological vulnerabilities that informed prevention strategies.

All shared common principles: early intervention beats prosecution; community solutions work better than federal enforcement; understanding radicalization psychology is essential for prevention.

The Disinformation Amplifier

What makes today's threat environment particularly dangerous is how disinformation amplifies extremist recruitment while major platforms fail to enforce their own policies.

As I write this, Houthi-linked arms dealers openly sell weapons on verified X accounts, advertising Kalashnikovs and equipment marked "Property of U.S. Govt." The Tech Transparency Project identified 130 Yemen-based accounts advertising weapons, some with verification checkmarks. X even ran advertisements beneath these posts, generating revenue from terrorist-linked content.

A teenager exposed to election fraud conspiracies becomes more susceptible to political violence messaging. Young people fed disinformation about minority communities become easier targets for white supremacist recruitment. Disinformation serves as a gateway drug to radicalization.

The Cost of Inaction

At the Pittsburgh summit, I heard from parents whose children had been radicalized online, officers investigating cases without prevention resources, and community leaders watching young people disappear into digital hate.

One mother found extremist content on her 14-year-old son's computer. When she sought help, local resources that might have provided intervention had lost federal funding. A police officer described investigating a high school attack plot that might have been prevented if early warning systems remained operational.

These costs are measured in broken families, traumatized communities, and young lives destroyed by preventable radicalization.

What Preparedness Really Means

We don't wait for hurricanes before planning—we build early warning systems and maintain emergency capabilities. The same logic should apply to extremist recruitment.

We need systems detecting concerning behavioral changes before they become threats. We need intervention addressing psychological vulnerabilities before recruiters exploit them. We need community responses providing support when families encounter these issues.

The good news: we know what works. Community-based prevention programs have demonstrated success in interrupting radicalization. EXIT programs in Germany and Sweden help individuals leave extremist groups through mentorship and psychological support. The Against Violent Extremism network connects former extremists with at-risk youth. Montreal's Centre for the Prevention of Radicalization Leading to Violence has successfully intervened in over 1,000 cases through family counseling and community partnerships.

The Path Forward

Rebuilding prevention infrastructure requires immediate action and long-term commitment.

Congress must restore funding for prevention programs at State, DHS, FBI, and HHS. These aren't luxury programs—they're essential public safety capabilities protecting vulnerable citizens.

We must rebuild scattered expertise by bringing prevention professionals back from think tanks, universities, and private companies through sustained investment commitments.

We need stronger partnerships between agencies, tech companies, schools, and communities. Prevention works best at multiple levels simultaneously.

Parents and educators need training to recognize early warning signs. This means providing basic digital literacy and threat awareness to identify concerning behavioral changes.

Finally, we need counter-messaging strategies competing with extremist propaganda for young people's attention—empowering communities to tell better stories about identity, purpose, and belonging.

Field Notes

Prevention vs. Reaction: Preventing one radicalized individual costs approximately $30,000. Investigating, prosecuting, and incarcerating them after violence costs over $3 million—not counting human costs to victims and communities.

Community Resilience: The most effective programs work through trusted institutions—schools, religious organizations, sports teams, youth groups. Federal resources can support but can't replace local relationships and trust.

Reader Challenge

Check Your Circle: Talk with young people about their online experiences—not to interrogate, but to understand their digital worlds.

Support Local Programs: Find prevention resources in your community. School counselors and youth organizations often spot concerning trends before law enforcement.

Practice Digital Hygiene: Model good information consumption. Fact-check claims before sharing them. Ask questions about sources when your teen shows you "shocking" content. Demonstrate critical thinking by saying "That sounds concerning—let's look up where this information comes from" rather than immediately reacting emotionally. Young people learn more from observation than instruction.

As I flew home from Pittsburgh, I thought about my children and their digital world. The threats they face aren't visible from satellites or predictable through models. They emerge from the intersection of human psychology and technology in ways we're only beginning to understand.

But September's preparedness lessons still apply: early warning, community response, and sustained vigilance. The storms targeting our children won't announce themselves with sirens, but they can be detected, understood, and prevented—if we're willing to invest in the tools and expertise necessary to protect what matters most.

Cipher Brief Expert Dexter Ingram also publishes on Substack Code Name: Citizen

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

The Next FATF Test: Can the West Demand Results from Pakistan?

OPINION — In the shadow of Mexico City's historic Palacio de Bellas Artes, global financial watchdogs will convene in February 2026 for the Financial Action Task Force (FATF) Plenary and Working Group Meetings. In conference rooms far removed from South Asia’s violence, Pakistan will once again present itself as a responsible counterterrorism partner, armed with compliance reports, legislative amendments, and assurances of reform. On paper, Pakistan’s financial regulations increasingly resemble those of many developing democracies. On the ground, however, the networks that finance and enable terrorism continue to adapt and operate with troubling resilience. The widening gap between form and function is precisely what Western policymakers must confront as FATF prepares its next round of assessments.

The Compliance Illusion

Pakistan’s removal from the FATF grey list in 2022 was widely portrayed as a success story. Officials pointed to new anti-money laundering laws, terrorist financing prosecutions, and institutional reforms as evidence of a course correction. FATF itself acknowledged technical improvements, yet it also emphasized that effectiveness, not legislation, remains the ultimate benchmark. That distinction has proven critical.

Open-source reporting and documented financial intelligence patterns suggest that terrorist organizations such as Jaish-e-Mohammad (JeM) and Lashkar-e-Taiba (LeT) have not been dismantled but rather modernized. Recent documents reveal how these UN-designated outfits exploit humanitarian crises, such as the Gaza conflict, to funnel funds into terror activities. Under the guise of aid appeals and mosque reconstructions, figures like Hammad Azhar, son of JeM leader Masood Azhar, and Azhar’s brother Talha al-Saif orchestrate campaigns using digital wallets like EasyPaisa, SadaPay, and JazzCash, aggregating micro-donations and cryptocurrencies to evade detection. These efforts aggregate micro-donations and cryptocurrency transfers, often employing fragmented wallet structures and chain-hopping across platforms to avoid detection. Funds have reportedly supported militant infrastructure, including the establishment of more than 300 Mosques and the reconstruction of locations historically linked to LeT training facilities damaged during India’s 2025 Operation Sindoor.

This pattern reflects more than opportunism. Pakistan’s legal framework may align with FATF’s 40 recommendations on paper, but operational enforcement remains deeply inconsistent. Sanctioned individuals such as Hafiz Talha Saeed have led public rallies in Lahore under police protection, issuing threats against Indian Prime Minister Narendra Modi. In 2025, senior Pakistani legislature Rana Muhammad Qasim Noon reportedly visited militant-affiliated reconstruction sites alongside local officials, revealing overt collaboration between state and non-state actors. Recruitment drives disguised as religious gatherings, often coordinated with Jamiat Ulema-e-Islam networks, have featured speeches praising Osama bin Laden and al Qaeda, delivered by JeM commander Masood Ilyas Kashmiri at facilities such as Markaz Shohada-e-Islam in Khyber Pakhtunkhwa.

Together, these cases point to a long-standing “management” model of extremism. Militant groups are not dismantled but rebranded, with political fronts such as the Pakistan Markazi Muslim League contesting elections while violence is normalized as a political instrument. As Greece-based policy analyst Dimitra Staikou has argued, this model exports instability through regional alignments and shields militancy behind formal democratic processes.

Why Mexico City Matters

The February 2026 FATF meetings come at a moment when Pakistan’s engagement with the United States and Europe is deepening even as its internal security situation deteriorates. Militant violence has surged significantly, driven by attacks from the Tehrik-e-Taliban Pakistan and Baloch insurgent groups. Rather than prompting a clean break with all forms of militancy, this instability risks reinforcing the proxy logic that FATF scrutiny is meant to dismantle. For Western policymakers, the danger lies in conflating cooperation with convergence in security priorities. Intelligence sharing, access agreements, or economic partnerships do not necessarily reflect aligned counterterrorism priorities. As I argued previously in The Milli Chronicle, Pakistan’s strategic incentives continue to reward selective tolerance of militant actors, particularly those oriented toward India. FATF’s effectiveness framework exists to test whether states are willing to disrupt these incentives, not simply mask them with procedural compliance.

FATF’s 2025 Comprehensive Update on Terrorist Financing Risks underscores the urgency. The report highlights a marked increase in hybrid digital methods, consistent with Pakistan-linked entities shifting from banks to fintech platforms to evade oversight. Although Pakistan exited the grey list in 2022 after four years of economic strain, FATF President Elisa de Anda Madrazo warned in October 2025 that the removal was “not bulletproof,” citing unregulated digital transactions as a continuing vulnerability.

Mexico City should therefore serve as a turning point. US and EU delegations should press for outcome-based evaluations focused on sustained investigations, verifiable asset seizures, and the dismantling of facilitation networks. Particular scrutiny must be directed toward digital payment systems, informal charities, and micro-donation models that exploit regulatory blind spots. Western governments should also coordinate more closely to monitor cross-border flows linked to high-risk jurisdictions, ensuring that Pakistan’s reforms translate into measurable disruption rather than rhetorical reassurance.

Conclusion: Choosing Substance Over Stability Theater

Pakistan will argue that renewed scrutiny risks destabilizing a fragile state. That argument has been persuasive before, and it has failed before. Stability built on tolerated militancy is not stability at all; it is deferred risk. Western capitals should therefore anchor their engagement around two imperatives.

First, international partners should move beyond accepting legislative reforms and instead condition high-level diplomatic, security, and economic engagement with Pakistan on verifiable enforcement outcomes. This means tying cooperation to demonstrable actions such as sustained terrorist-financing prosecutions, asset freezes against UN- and US-designated individuals, and the disruption of digital fundraising networks linked to groups like JeM and LeT.

Second, Washington and Brussels should treat Pakistan-linked terrorist financing as a transnational financial integrity threat, not a regional security issue. This requires enhanced monitoring of fintech platforms, mobile wallets, charities, and micro-donation systems used by diaspora-linked networks in Europe and North America. FATF has repeatedly warned that terrorist groups increasingly exploit digital payments and new financial technologies to evade traditional controls. The EU and US should expand joint typology sharing, require higher due-diligence thresholds for transactions linked to high-risk jurisdictions, and protect activists and journalists targeted by transnational repression tied to Pakistan’s security apparatus.

In Mexico City, Pakistan will speak in the language of compliance and reform. Beyond the conference halls, the true test will be whether the networks that finance violence are finally dismantled or quietly allowed to endure. If Western governments choose substance over symbolism, this moment can mark a turning point. If not, the paperwork will pass, and the risks will return—more adaptive, more opaque, and more dangerous than before.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

Russia is Targeting Civilians in Ukraine

OPINION — The United Nations Human Rights Monitoring Mission in Ukraine reported that 14,383 civilians were killed in Ukraine, 673 of them children, as of late 2025. Russia has intensified attacks on Ukraine’s power grid, generating facilities, and heating infrastructure, in efforts to disrupt electricity, heat, and water services – especially in winter. Clearly, Russia is targeting Ukraine’s civilian population.

The mayor of Kyiv, Vitali Klitschko, recently told Reuters that Kyiv, with a population of 3.6 million people, has only about half the electricity that it needs as it faces its most severe wartime energy crisis, following waves of Russian attacks on its infrastructure.

As Russia’s invasion of Ukraine enters its fourth year, Ukrainian casualties are estimated at around 400,000, with civilian casualties rising, according to the United Nations.

The Laws of War are clear: intentionally targeting civilians is prohibited; civilians should never be the objective of an attack. Even more specifically, a combatant should avoid or reduce harm to civilian infrastructure.

The International Criminal Court has accused Russian President Vladimir Putin of war crimes for the unlawful deportation and transfer of Ukrainian children from occupied territories to Russia, while a few UN entities, and other civilian organizations monitoring the war in Ukraine, maintain that Mr. Putin is also guilty of the indiscriminate bombing of civilian infrastructure.

It’s clear: Russia has repeatedly targeted Ukraine’s power grid, generation facilities, and heating infrastructure, aiming to disrupt electricity, heat, and water services – especially in winter. These attacks are not isolated to the Kyiv, but, rather, part of a large, coordinated plan to target all regions in Ukraine.

Ukraine has reported tens of thousands of energy infrastructure facilities have been damaged since 2022, damaging generation plants, substations, heating plants, and transmission lines. And at least 18 major combined heat and power plants have been destroyed or seriously damaged, according to the International Atomic Energy Agency.

Russian strikes have left hundreds of thousands of people with no central heating during sub-zero weather, a widespread development throughout Ukraine. Indeed, officials and humanitarian groups are warning that millions of Ukrainians are at heightened risk this winter due to lack of heat, electricity, and water amid the intense cold. UN officials described the situation as a worsening humanitarian crisis.

Russia has systematically targeted civilian energy and heating infrastructure, not just military sites, with repeated missile and drone strikes aimed at power plants, grids, and heating systems, affecting thousands of facilities. The result is widespread blackouts and heating loss for civilians, especially during harsh winter with sub-zero temperatures, creating a serious humanitarian situation.

Mr. Putin’s strategy is to target civilians with the intensification of bombings against Ukraine’s infrastructure that provides heat, water, and electricity to the Ukrainian people. These are violations of the Laws of War, and the International Criminal Court should immediately commence with hearings on Russia’s indiscriminate bombing of civilian infrastructure, resulting in the death of thousands of Ukrainian civilians. Clearly, Mr. Putin is targeting Ukraine’s civilian population, a war crime.

Joseph R. DeTrani

The author is the former associate director of national intelligence. All statements of fact, opinion or analysis expressed are those of the author and do not reflect the official positions or views of the U.S. government. Nothing in the contents should be construed as asserting or implying U.S. government authentication of information or endorsement of the author’s views.

This column by Cipher Brief Expert Ambassador Joseph DeTrani was first published in The Washington Times

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

I just want to read the news

Get the news and only the news!

Guardian

Back to top

Kaupunki

Back to top

Yle

Back to top

CNN

Back to top

Hesari

Back to top

Al Jazeera

Back to top

New York Times

Back to top

Reuters

Back to top

NPR

Back to top

The Cipher Brief

Norman T. Roule

General Paul Nakasone (Ret.)

The Authoritarian Impact of the Chinese Model

A Collision Course with an Existential Vacuum

Back to top