The Cipher Brief

It may seem early to be drawing lessons from the U.S.-Israeli war against Iran, but one of the world’s most powerful militaries has already reached some conclusions.

China’s People's Liberation Army (PLA) has published a list on social media under the heading "Five Lessons From U.S.-Israeli Strikes On Iran" – ranging from what it called the "coldest reality" of "superior firepower" to the need for "self-reliance," the dangers of "blind faith in peace" and the "deadliest threat" of an "enemy within." Experts said the unusual public message was likely intended for multiple audiences – the PLA rank and file, the domestic public in China, and for the U.S. and the West as well.

“I was surprised that China would put something like this out there for the public’s edification – usually they keep things very close to the vest,” Ambassador Joseph DeTrani, a former CIA director of East Asia Operations, told The Cipher Brief. “The messages are clear: we’re taking care of the ‘enemy within’ — anyone who disagrees with us inside – and we see the ‘superior firepower’ of the U.S. and the perils of a ‘blind faith’ in peace. So we’d better get our act together.”

The Cipher Brief asked several experts on China and its military to assess the broader meaning of the PLA’s “lessons” – and what they may portend for Taiwan and other contingencies.

“It’s kind of a revelation of what they’re thinking and feeling, and I think the objective is to alarm internally,” Orville Schell, Director of the Asia Society’s Center on U.S.-China Relations, told The Cipher Brief. “It’s surprising that they’ve articulated these publicly, in such a stark way.”

The five lessons

The “Five Lessons” were posted by “China Military Bugle," a multimedia messaging system run by the PLA News Media Center. The Bugle posts to domestic platforms in China and to global sites including X, Facebook, Instagram, and YouTube. The post was presented as a graphic with text in both English and Mandarin Chinese, and in its entirety, it amounted to a mere 27 words:

Deadliest Threat: The Enemy Within
Costliest Miscalculation: Blind Faith in Peace
Cruelest Paradox: The Illusion of Victory
Coldest Reality: The Logic of Superior Firepower
Ultimate Reliance: Self-Reliance

Taken together, experts said the lessons serve simultaneously as a critique of the U.S., a warning against complacency within PLA ranks and in Chinese society generally, and a message for the rest of the world: Don’t underestimate China’s strength and resolve.

“There are many messages here, in these ‘lessons,'” Shen Dingli, a Shanghai-based international relations expert, told The Cipher Brief. “One message is that the writer thinks Chinese have to be very realistic and trust nobody. Another is, let Chinese be serious about the lethality of the American weapons. And the writer thinks that as Chinese people, they should not be so innocent to believe that America is peace-loving.”

Experts said the “blind faith in peace” was a reference to Iran’s ill-fated negotiations with the U.S., and the “logic of superior firepower” an acknowledgement of the ferocity of the U.S.-Israel attacks.

The war against Iran began just two months after U.S. forces removed the leader of Venezuela, another ally of China, and experts said that the two seismic events – different as they are – may have prompted the PLA post.

“The lessons sound more like a message for China itself rather than for others,” Yun Sun, Director of the China Program at the Stimson Center, told The Cipher Brief. “The implied message is a hardline position on the U.S. and a criticism of the American fake promise of peace. The PLA is using this line to indoctrinate its own armed forces about the constant need to prepare for war and not to trust Americans.”

“What they’re basically saying is, we can’t be weak,” Amb. DeTrani said. “They’re saying, unless there’s strict discipline, unless we all march to the same tune and we all understand the importance of protecting our vital issues, we will be abused.”

Schell and DeTrani both noted that China has a history of closely studying other nation’s wars for such lessons, often hunting for clues as to how a future U.S.–China conflict, likely centered on Taiwan, might unfold.

No specific military theaters are mentioned in the PLA “lessons,” but experts said any messaging about war and military preparedness from Beijing carries meaning for Taiwan. In this context, the five “lessons” can be read as a warning against overconfidence within the PLA (“Illusion of Victory”); a reminder that any U.S.–China negotiations won’t necessarily preclude sudden military action (“Blind Faith in Peace”); and acknowledgment of the power and high-tech sophistication of the U.S. military (“Logic of Superior Firepower”).

“The message for the PLA is, ‘Yes we can dialogue with people, and we can dialogue them to death – but don’t for one minute think that you’re going to get anywhere,” Schell said. “And a second message is, ‘they’re out to get us and we have to be reliant on ourselves in every way possible.’”

The “deadliest threat”

Perhaps the most interesting – and cryptic – of the PLA “lessons” was the first, which read in full, “Deadliest Threat: The Enemy Within.”

It’s a concern that experts say is reflective of a longstanding fear of dissent within China – and heightened by evidence that betrayals in Iran had allowed for infiltration by the Central Intelligence Agency and Israel’s Mossad.

“Clearly Israel has taken advantage of people inside Iran who are willing to betray their country,” Shen said. “There must have been traitors inside Iran. This was an ‘enemy within.’ So that is a lesson for China.”

Yun Sun echoed the point. “The ‘enemy from within’ refers to the many traitors willing to work with the Israelis,” she said. “That’s also a reference against any dovish illusion within China about the U.S.”

Sun and other experts also noted that the PLA “lessons” were posted in the midst of Xi Jinping’s unprecedented purge of senior military officers – a years-long campaign that has recently gutted the highest echelons of PLA leadership.

“I immediately thought of Xi Jinping and the purges that are ongoing in the People's Liberation Army and beyond,” Amb. DeTrani said. “To Xi and to China, that’s an ‘enemy within.’ The message is that unless we are united, unless we all march to the same tune, unless we’re in sync, we will be vulnerable…‘Enemy within’ speaks to some of the logic behind the purges.”

“In the People’s Liberation Army, there are so many corrupt officials, and our leader keeps cleansing them,” Shen said. “But the fear is, how can the leaders be sure that corrupt people will not sell secrets to China's enemies? How can this country be sure it does not also have an ‘enemy within’?”

The U.S. – not a “paper tiger”

Experts told The Cipher Brief that two elements of the Iran war have likely surprised China the most: The fact that it was launched while negotiations were underway; and the ferocity of the joint U.S.-Israeli operations.

“I think they are surprised by the war,” Schell said. “They’re used to America being more wishy-washy, and not going so quickly to the gun.”

DeTrani agreed that attacking during a negotiation likely surprised Beijing, as did Trump’s bravado in taking out two foreign leaders – Venezuela’s Nicolas Maduro and Iran’s Supreme Leader Ayatollah Ali Khamenei – in less than two months.

“I think they may have been surprised with that, and also some of the statements from the president saying that we will have a hand in deciding what the new leadership will look like…and that we’re looking for unconditional surrender,” Amb. DeTrani said. “These things probably surprised China, and made them wonder: is there a message for issues that are close to them, like Taiwan and the South China Sea?”

A clear takeaway, Shen Dingli said, was that the U.S. isn’t a “paper tiger,” as some Chinese officials have suggested. “President Trump says he doesn’t want war, and that he has settled 8 conflicts, and he wants the Nobel Peace Prize,” Shen said. “This is one side. But he has another side – he can ruthlessly execute a war. He can send a Delta Force to Venezuela. He bombed Iran last June. And he bombed Iran again. So in China, after seeing such frequent use of deadly weapons, one has to have a serious look at the superior force of the U.S. The U.S. is a real tiger. Not a paper tiger.”

The PLA’s “Illusion of Victory” lesson, Shen said, is a warning against complacency within the PLA.

“If the U.S. can so easily target the Iranian leader [Ali] Khamenei, would the U.S. know where all the Chinese leaders are?” he said. “This could be a sensitive concern – the intelligence, and also the military capability to penetrate deep sites – with its earth-penetrating, bunker-busting weapons.”

A message for Washington

If the PLA’s lessons carry a message for the U.S., it may be that American policymakers shouldn't be overconfident either – despite their strength and the upheaval underway in China’s military.

“The external message – and it’s interesting that it comes in advance of the Trump summit with Xi – is that there are elements in the government that want to go on record that they are not going to be easily convinced of our good intentions,” Schell said. “I think it’s a warning also – a ‘Don’t tread on me’ kind of warning to the West.”

The message to the U.S., Amb. DeTrani said, is clear: “We’re united, we’re militarily strong, you will not be able to abuse us any longer. We are ensuring that we’re all in sync – we know what our objectives are and what our national security interests are.”

Beyond the five lessons, experts say the war brings both challenges and potential benefits to China. One “win” for China may come if the U.S. gets bogged down in the region, and expends more of its military resources.

“The US is depleting its shrinking arsenal in the Middle East,” American Enterprise Institute senior fellow Dan Blumenthal wrote on Wednesday. “The fact that, four years into the Russia-Ukraine war, the U.S. faces munitions shortages for weapons systems that matter in a potential China-Taiwan scenario—from air and missile defense interceptors to Tomahawk cruise missiles—is nothing short of scandalous.”

But Blumenthal also noted that the war may unnerve Beijing. “It will enhance their concerns that Trump is an unpredictably ruthless power broker,” he said. “Xi Jinping will view him as a force to be reckoned with who is not signing on to the idea that America is declining or will back away from a fight.”

Or, as the PLA might put it, China must respect the “logic of superior firepower” – and avoid “blind faith in peace.”

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

How GEOINT Can Sustain US Advantages in Africa

OPINION — Africa presents a range of security, economic, and humanitarian challenges to US national security that the Intelligence Community must stay ahead of even as Washington looks to refine its strategy for the region. Creative use of geospatial intelligence (GEOINT) is one way to make this happen. Commercial remote sensing and geospatial analytics have significantly expanded coverage and revisit rates across the African continent, enabling sustained monitoring of infrastructure development, environmental stress, and security-relevant activity even in areas with limited physical access.

Complex African Undercurrents

Africa watchers know well that a core complication in following the continent with few resource commitments is that challenges and opportunities are persistent, geographically dispersed, and rarely confined to a single subregion.

North Africa and the Sahel—from the Atlantic to the Mediterranean to the Red Sea—illustrate how African dynamics create a complex nexus of US security and commercial concerns that intersect with Europe and the Middle East. Extremism, maritime chokepoints, energy infrastructure, and military modernization hold implications beyond the continent itself.

Central and Southern Africa are at the heart of the increasing US focus on critical minerals. This includes the recent US deal with Congo on mineral access—Congo produces more than 70 percent of the world’s cobalt—and the sustained US investment in the Lobito corridor, a critical infrastructure project spanning 1,300 kilometers from Zambia to Angola. Most recently, the US proposed a critical mineral trade bloc, which would include key producers from the region.

Eastern Africa is host to the largest US military base on the continent, located in Djibouti—also home to China’s only major overseas military base—where US forces carry out operations across the Red Sea and sustained military strikes in Somalia. Kenya, meanwhile, is a Major Non-NATO Ally and in December signed a $2.5 billion health cooperation framework with the US, a cornerstone of Washington’s more than $11 billion commitment to overhauling how it awards assistance to African countries.

African Dynamics Require Agility

These realities reinforce a long-standing requirement: sustaining continental-scale awareness and early warning during periods when Africa is not a top policy priority, while preserving the ability to re-engage quickly when conditions change. Importantly, we must achieve this without falling into a defeatist trap of “settling for less because it just feels easier—not because it is strategically sound.” We must know when to ramp up and when to ratchet back.

For example, even while the National Security Strategy offers a concise priority list on Africa, our ability to ameliorate conflict and foster mutually beneficial trade relationships is subject to strategic competition around weapons procurement, energy and resource projects, and foreign infrastructure development—including civilian infrastructure repurposed for military use—all of which are observable and assessable through GEOINT without requiring persistent on-the-ground presence.

Environmental stress across the Sahel, Horn of Africa, and North Africa is ever-present. The resulting population movements, economic plight, and conflict dynamics often emerge gradually rather than through sudden shocks, a sweet spot for GEOINT. For example, while desertification and drought are longstanding areas of focus for Africa watchers, persistent flooding that we can monitor from space creates mass displacement–4 million displaced in 2025 alone—and destruction of agriculture and healthcare facilities, hindering the very self-help approaches Washington is encouraging across Africa.

Intelligence Community findings have pointed to African security challenges that are broadly demographics-based and develop incrementally below the threshold of sustained international attention. This increases the risk of surprise and compressed response timelines. In this context, GEOINT becomes less a surge capability and more a continuity mechanism, enabling awareness with resources such as human geography mapping to keep tabs on possible conflict hotspots.

Africa at Scale: A Continental-Sized Intelligence Gathering Chore

Africa's enormity makes staying abreast of threats and opportunities a daunting task, even when resources are most abundant. GEOINT helps to provide the US with the ability to discriminate in our coverage by choosing where and when we need information. Even with GEOINT as a tool, the continent makes up 1/5th of the globes land area, making it a big task.

This file is made available under the Creative Commons CC0 1.0 Universal Public Domain Dedication

Implications for US Government and Industry Partners – Finding Resilience with GEOINT

GEOINT is not a silver bullet, but it does offer a relatively low-resource opportunity for persistent, baseline awareness. National Geospatial-Intelligence Agency (NGA) officers are exceedingly enterprising in their ability to task the constellation of imagery assets in a way that is not an extra tax on the system but instead piggybacks on planned areas of coverage. As NGA augments its capabilities with AI, automation provides increasing windows to create intelligence insights at cost savings. Below is a sampling for the general reader and touches just the basics of what GEOINT can offer.

GEOINT enables ongoing monitoring of agreements, insecurity, infrastructure, and environmental trends across Africa without forward deployment, expanded aid programs, or sustained senior-level engagement, making it well suited to periods of constrained attention. Indeed, the US Embassy in Kinshasa last year noted intelligence sharing as a core area of focus for monitoring implementation of the US-brokered peace accord in eastern Congo, a clear opening for GEOINT.

GEOINT creates rapid knowledge discovery between periods of focus. This function is resource-efficient because it allows policymakers to develop context and targets quickly when fast-moving requirements emerge in areas not typically covered with other intelligence sources. For example, the US in 2025 for the first time conducted precision strikes against ISIS-aligned militants in northwest Nigeria; the US Commander of AFRICOM subsequently confirmed US Intelligence Surveillance and Reconnaissance cooperation with Nigeria.

Innovations in GEOINT can help us prepare for unexpected requirements. NGA’s ongoing efforts to build a Foundation Digital Twin “will allow users to immerse themselves in a 3D representation of the operational environment and interact with geospatial mission data in the software package of their choice.” Even as we move forward with less presence in tough- to-reach African outposts, this evolving technology can provide clarity for operational success, such as with recent Embassy evacuations on the continent.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Future of War Is Now: What Washington Needs to Hear from the Battlefield

OPINION — The February snow was over a week old but still piled heavy on the roads and sidewalks of Independence Avenue, the kind of stubborn Washington winter that refuses to yield to DC’s imperium, turning the capital's marble grandeur into a grey, grimy obstacle course of frozen slush and ice-crusted curbs. We had back-to-back meetings on the Hill, the kind where you wear a suit and choose your words carefully and try to translate the chaos of a modern battlefield into something a Senate staffer can fit onto a one-pager. Later that afternoon I was due to speak at the Veterans Forum for the 5th Annual Ukrainian Week, another room full of people trying to bridge the distance between policy and new realities.

I have been working in Ukraine since 2019, first as an active Green Beret advising in an official capacity, then after leaving that service, directing special operations on the ground and more recently carrying hard-won lessons back to NATO before they are forgotten or overtaken by the next news cycle. That is what brought me to Washington, and it is what this article is about. I write it alongside friends from the humanitarian and policy world who came to the same fight from very different directions. We come from different backgrounds and often speak with different vocabularies, but common cause in Ukraine forged a shared set of concerns and a purpose. DC has been threaded through this work for all of us in ways I never anticipated, but I will be honest: moving through it in a blazer instead of body armor never quite feels right. My natural habitat is not a briefing room. It is not a Hollywood set, where I spent time advising filmmakers like Sean Penn on how war actually looks and sounds and smells. It is not a think tank conference room or a war journalist's interview chair, and it is certainly not the back of a cab crawling past the Capitol.

And yet there I was, wedging myself out of a DC taxi in front of the Rayburn House Office Building, my service dog Mad Max bounding out ahead of me into the slush, when I heard the unmistakable sound of dress pants surrendering under pressure. The seam goes. Completely. Standing on Capitol Hill in a split suit, cold air rushed in where composure once lived and the surrealism of the last few years landed all at once. But our meetings wouldn't wait. And that surrealism belies the dire urgency which brought me here with like-minded friends and colleagues: the future of war is now, the time to prepare was yesterday, and the clock is running fast.

The urgency is not theoretical. In a wargame run last May called Hedgehog, ten Ukrainian drone operators running Delta (the Ukrainian equivalent of the US military's battlefield management platform ATAK) defeated two NATO battalions in a matter of hours, an outcome that would take a conventional NATO peer force weeks to accomplish, if it could be accomplished at all. The United States was not there to witness it firsthand.

Those of us who have been there in Ukraine for years have been trying to close that distance. In August 2025, a drone pilot and former US Special Operator from my team, writing under the callsign "Xen," warned in The Cipher Brief that drone warfare has already rendered Western military doctrine obsolete, and that without urgent restructuring of how the US military trains, procures, and integrates autonomous systems, America risks being catastrophically outpaced. Last fall, our team provided security and frontline access to humanitarian and fact-finding delegations whose reports carried the alarm further. Dr. Douglas Davis, Bert Watson, and Mike Hightower, writing from the rubble of a Shahed strike in Dnipro, laid out the tactical urgency — a narrow window to supply critical material before Russian pincer operations sever the Donbas — while warning that a horizontally linked axis of China, Iran, North Korea and other proxies is out-innovating Western procurement at every level. A companion piece in the Kyiv Post by Dr. Davis argued the broader strategic case: that Ukraine's military-technology ecosystem and decentralized clandestine network position it to actively degrade China's global proxy architecture in ways the US legally and diplomatically cannot. All three pieces arrive at the same conclusion: supporting Ukraine decisively is not charity, not regionalism, and not a distraction from the China threat. It is the most cost-effective security investment America can make against the very network of adversaries that underwrites Russia's war and drives the broader contest between authoritarianism and the free world. And the window to make that investment and to reap our dividends is closing.

I’ve assisted colleagues in developing these pieces in part because Western media coverage has often lacked accurate, timely, and complete reporting on these issues. I’ve also given interviews to a handful of journalists committed to illuminating these gaps, including David Kirichenko. His reporting, informed by extensive frontline experience, is among the few efforts that accurately and comprehensively document the doctrinal changes unfolding in real time, from the soldier-as-engineer reality at Chasiv Yar to Ukraine’s evolving “drone wall,” and the AI-enabled and fiber-optic systems now reshaping the battlefield.

The numbers tell the story. Ukrainian aerial and naval drones costing hundreds or thousands of dollars are destroying Russian systems worth millions. At Avdiivka, Ukrainian units averaged one Russian killed every 6.5 minutes, while persistent drone surveillance , defense and strike capabilities stripped Moscow of meaningful aerial freedom along much of the frontline. The result is a battlefield that in many ways looks less like modern maneuver warfare and more like World War I: dense surveillance, constant attrition, and lethal exposure to anything that moves.

Meanwhile Kyiv has scaled drone production into the millions, demonstrating that battlefield advantage now flows less from exquisite platforms and more from rapid innovation, mass production, and real-time doctrinal adaptation. Countermeasures will inevitably emerge, but the structural advantage favors the side that can iterate fastest, produce at scale, and absorb those doctrinal shifts as they happen.

The implications for NATO should be impossible to ignore. Ukraine is rewriting the playbook of modern warfare in real time, while most Western militaries still train and equip themselves as if the sky is largely empty and the battlefield permissive. It isn’t, as has become clear over the past week as Iranian Shahed drones saturate the skies of the Middle East. The next war will belong to the side that can produce cheaper autonomous systems at scale, adapt doctrine at the speed of software, and treat every soldier not just as a warfighter, but as an operator, engineer, and innovator on a battlefield saturated with drones.

But we did not come to Washington to warn about alarms already sounded. We came to propose solutions. Our adversaries in Russia, Iran, China, and their proxies have already internalized these lessons. Here is what we’ve proposed.

Why What Exists Is Not Enough

The drone training that currently exists in the American military and law enforcement pipeline touches almost exclusively on how to fly and arm a drone. These are Level One tasks or the equivalent of a flat-range rifle qualification course. They test one individual skill and stop there. What they do not teach is planning, full mission profiles, field craft, or the combined arms understanding of how a drone interoperates with the broader fight around it.

Consider the rifle as an analogy. Qualifying on a flat range validates marksmanship, one key task. But it does not teach a soldier how to employ that weapon in combat. Stalking into position, camouflage on movement and in position, movement techniques, barrier usage, target effects, rates of fire, suppressive versus sustained fire, target selection, bounding techniques: these are the individual tasks that collectively determine whether a rifle is carried to the fight or actually used in it. Marksmanship alone is the beginning, not the end.

The same logic applies to drones, and the gap between where training currently stops and where it needs to go is vast. An FPV drone is now as common in the hands of a Ukrainian infantryman as an M4 carbine is in the hands of an American one. Drone employment can no longer be treated as a strategic-level asset or a specialist skill set. It must be incorporated into doctrine at every level, from the individual soldier to the theater commander.

The point at which a soldier effectively employs a weapon system in combat requires mastery of three things in combination: individual core soldier skills, technical proficiency with the system, and battle drills. A battle drill is a collective action rapidly executed without applying a deliberate decision-making process, the kind of deeply rehearsed, muscle-memory response that kicks in when there is no time to think. React to Contact. Squad Attack. These are drilled into every infantryman's subconscious through grinding repetition. They work because everyone in the element knows their role, knows the SOP, and has trained to the point where the action is automatic.

Most SOPs, however, are written in blood. Combat lessons are only truly learned on a two-way range, where the outcome of one force against another can be accurately assessed. Training field hypotheses are not battlefield truths. NATO's Hedgehog wargame in Estonia last spring demonstrated this with devastating clarity. America and NATO are currently disconnected from real-world battlefield truths in drone warfare, and without a program designed to extract and transmit those lessons continuously, there is no way to close that gap.

What We Are Doing About It

We are learning modern drone warfare techniques in real time, through the blood sacrifices of the Ukrainian front. With a constant pulse on the front line and joint operations with Ukrainian SOF units, we continuously extract current tactics/techniques/procedures (TTPs), SOP developments, and technology validation from a live, evolving fight against a near-peer adversary. Our instructors rotate in and out of theater on a continuous cycle: deploy, extract lessons, return stateside to instruct American SOF and law enforcement, take leave, return to Ukraine. Repeat. In doing so, we have already proven the only model which can keep pace with the monthly-evolving modern drone warfare environment.

The Full Spectrum of What Modern Drone Warfare Requires

To train for modern drone warfare, instruction must cover the full spectrum of the fight. That means understanding drones by type (FPVs, quadcopters, hexacopters, heavy lift platforms, fixed wing, bombers versus kamikazes, ISR variants) and knowing which system delivers which effect under which conditions. It means understanding how drone sectors of fire interlock, how systems can be dual-tasked, and what the limiting factors are when they are. It means understanding combined arms drone warfare: how to mass firepower and tasking, how ISR feeds targeting, how battlefield assessment informs maneuver.

It means planned employment, the operator techniques and TTPs required to move a system within range of a target, employ it effectively, and retrograde. It means react-to-contact drills for unplanned engagements. It means understanding communication systems across fiber, radio, SATCOM, and autonomous navigation, and knowing the real-world limitations of each. It means thermal mitigation, electronic warfare, and signals intelligence awareness: understanding your own signal footprint, capturing enemy video feeds, and knowing how signals security measures create either vulnerability or protection.

A brief example illustrates the depth of what is available. FPV drones are sacrificial kamikaze systems, not designed for ISR or sustained intelligence gathering. They work best in combination with another platform. A heavy lift bomber, with a robust stabilized camera, longer loiter time, and higher operating altitude, provides a complementary attack method if the FPV fails, a battle damage assessment platform following engagement, and a persistent intelligence-gathering asset that monitors both enemy and friendly maneuver and front-line trace. Pairing an FPV with a second FPV is a less preferred option, limited by the sacrificial camera quality and reduced loiter time, but viable in a react-to-contact scenario.

A react-to-contact battle drill built around these systems looks like this: return fire, get down, seek cover, get online with the soldiers left and right, call the three D's: distance, direction, description. The rear element, not decisively engaged, immediately deploys two FPVs: one hunter, one spotter. The spotter confirms the reported information and maintains awareness of friendly front line trace and maneuvering elements. The hunter finds targets of opportunity and selects an attack angle. Spotter and hunter work in conjunction to assess battle damage, with a standing task of conducting a follow-on attack if required.

That is one battle drill. One grain of sand in a desert of untapped battlefield experience.

Tailoring the Lesson to the Audience

Effective instruction must also be audience-specific. What applies to a Marine platoon's doctrine does not translate directly to Army maneuver warfare. What a conventional infantry unit needs is not what a Special Forces team preparing for unconventional warfare in a denied environment requires.

For Green Berets deploying worldwide to train and advise partner forces, the calculus shifts substantially. Foreign weapon systems become central to the curriculum. Low-cost drones available on the open market that can achieve desired combat effects become invaluable knowledge. Resistance warfare will incorporate drones from this point forward. Chinese, Russian, Iranian and Ukrainian technology will be present in future conflicts around the globe regardless of scale. Questions that matter in that context are different: What is available now? How is it employed? How do you defend against it? How do you operate in a small team, in a denied country, in airspace you do not control?

Staffing a former Green Beret as team leader on each rotation into theater addresses this directly. It brings language proficiency, cultural awareness, an unconventional warfare trained mind, and a leader experienced in building programs of instruction for both American and foreign forces.

Regular overlapping rotations of a nine-person instructor team, drawn from combat arms veterans across all branches of the military, is the most efficient mechanism available for digesting battlefield-learned information and translating it into doctrine-aligned, audience-specific instruction. That is not a claim made lightly. It is the product of years of doing exactly this work, on the front lines where the lessons are being written in real time. And properly funded, at a cost amounting to less per annum than a handful of Patriot missiles, it could be paradigm shifting. But it is only the start.

The problem is buy-in, scale, and consistent support. A handful of dedicated volunteers cannot revolutionize the entire US military alone. We have thus far moved faster than contracts or legislation could keep up with, and the inconsistency of that support has its own cost: volunteers burn out, move on, and take their hard-won knowledge with them, decoupling the gains made and resetting the clock. The bidirectional lane between US and Ukrainian industry and military is in urgent need of widening, not closing. Policymakers, senior military officers, lobbyists, and defense technology experts must push hard to make efforts like ours official. Given that there is no political will to deploy hundreds or thousands of uniformed advisors and liaisons into Ukraine, contracting is not a workaround. It is the only viable path to ensuring America does not fall further behind.

The clock is running, as is evident today with the unfolding escalations in and around Iran. 3 American F-15s were just shot down by friendly fire in Kuwait in part due to skies saturated with cheap long range Iranian drones. Across what were once considered “safe zones” in the Middle East, embassies and high-rises are beginning to look more like scenes from Kyiv than the calm rear areas they once were.

So today, that cold February air rushing through the split seam in my suit on Capitol Hill just weeks ago now feels less like metaphor than diagnosis. We are not approaching a crisis. We are already standing in one, pants down, exposed, our adversaries long through the door while we are still fumbling with the handle. The second hand keeps moving. But it is no longer counting down to a warning. It is counting the seconds of our indictment.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

After the War and After Putin: Three Potential Succession Scenarios for Russia’s Modern Tsar

THE KREMLIN FILES / COLUMN — Recent weeks have seen seismic shifts in the world’s authoritarian landscape: from the dramatic removal of Venezuela’s long-standing strongman to the sudden death of Iran’s supreme leader amid escalating conflict. These events have fueled speculation about the broader fate of entrenched autocrats, and, invariably, within that group lies Russia’s own iron-fisted ruler. When, if ever, might Vladimir Putin answer for his crimes over decades in power, and could the Russian people ever revolt against his regime?

The short answer is that a popular uprising in Russia is still highly unlikely. The FSB and other Russian security services hold a tight grip on power. Democratic opposition and the intelligentsia within Russia were largely expunged or fled the country over the past two decades. But that very unlikelihood of overthrow underscores why the puzzle of Putin’s succession is both urgent and consequential, even for Russians. This is an especially salient issue now, as peace talks grind on to end the war in Ukraine. That conflict has long been central to Putin’s self-styled legacy, and continues to shape his hold on Russia.

Speculation about Putin’s health and who might succeed him has circulated for years, in a manner reminiscent of the late Soviet period, when the infirmities of aging leaders were whispered but never openly acknowledged. If and when the war in Ukraine ends, such speculation will almost certainly intensify. Putin has long viewed the war, and the reassertion of Russian control over Ukraine, as central to his place in Russia’s long continuum of rulers. No doubt Putin hopes to be revered one day, despite atrocities committed by his troops, as “Vlad the Great.” Only Joseph Stalin and Russia's longest-reigning Empress Catherine ruled Russia longer than Putin.

Rumors have periodically surfaced that Putin, who turns 74 in 2026, has Parkinson’s disease, or that multiple “doubles” are deployed for public appearances. Theories abound that he has these doubles because, behind closed doors, he is gravely ill. Yet for more than a decade, most of these claims have proven unfounded. Putin has made a point of countering them with carefully choreographed displays of vigor: judo matches, ice hockey games, and the now-iconic images of him riding bare-chested on horseback. Still, the rumors persist, echoing an older Russian and Soviet tradition in which succession is opaque and fraught with uncertainty. And so the question lingers, increasingly unavoidable: what comes after the war for Russia’s leadership, and, what comes after Putin?

For Russians, all the speculation on the health of the state’s leader is a familiar theme from Soviet times. This was especially true in the 1980s, when a series of General Secretaries of the USSR passed away within a few years of one another. Soviet citizens grew accustomed to state TV channels going blank and playing Tchaikovsky’s Swan Lake, one of the most famous pieces of classical Russian music, without commentary. It was the recurring sign for the average Russian/Soviet citizen that, “Well, another of the old guys has passed, so let’s see who comes next.” Sooner or later, Swan Lake will again return to Russian state TV channels, and a successor will pick up the reins.

Intelligence agencies around the world are undoubtedly forecasting internally for their governments. However, ultimately, no one knows for sure what Putin’s succession plan is—if he has one—except the modern Russian tsar himself. Remembering historical precedent may be useful for predictions of how this may play out. Putin certainly has absolute power, like a tsar, and, in the case of the Romanovs, succession for 300 years of Russian history was determined by the family line. Since 1917, when Nicholas II was forced to abdicate, the leadership of the Soviet Union, and then Russia, has been defined less by democracy than by a “preferred candidate.” Traditionally, the regime worked out this candidate, or a small ruling element within it, and then the Russian, and previously Soviet, people were asked to acquiesce and rubber-stamp the selection with a sham vote.

This is, in fact, what happened when Stalin passed away in 1953. NKVD head Lavrentiy Beria attempted to take control, but was shot by General Batitsky, who was loyal to the heavily decorated World War II “Hero of the Soviet Union” and future Minister of Defense, General Georgiy Zhukov. Zhukov and the military had the support of others in the ruling circle. None of them could tolerate the idea of Beria, a known pedophile, torturer, and murderer of millions under Stalin’s purges, bringing a new terror for the Soviet people.

The ruling circle collectively agreed on Nikita Krushchev as the successor, and the military was only too relieved to not be under the guillotine of Beria and the NKVD, which had purged their ranks so heavily. The NKVD was reorganized into the KGB, but retained much of its mission. The Soviet people were asked to validate the choice by sham votes of the Communist Party, then, and for decades to come. This was the Soviet model, in which a ruler was chosen by consensus within the inner circle, the Politburo.

This will also likely be the Russian model after Putin, particularly if he does not leave a firm successor in place, but with some crucial distinctions. There is no Politburo any longer, but the siloviki, or “strongmen,” who control the primary security services and ministries. Who would likely be a successor candidate the siloviki could coalesce behind, or whom Putin might strongly suggest they endorse?

THREE SCENARIOS WHO MIGHT RULE RUSSIA

There are three possible scenarios worth reviewing: intelligence-driven succession, based on the security services and their choice; military-driven succession, based on a General or other candidate from the military (like Zhukov, who was widely popular after World War II and many thought for a time would succeed Stalin); or an unexpected successor, one that Putin may have ordained in private, or still will.

The most likely immediate successor to Putin, even if only an interim one, will likely come from his closest circle of siloviki, with whom he served in the KGB and who have remained close to him throughout his entire career and long reign. Nearly all of them are veterans of the KGB or the security services. The head of the Federal Security Service (FSB), Alexander Bortnikov, is probably the top candidate in the event of a sudden succession or health crisis. He heads the internal protective service that guards the regime, and whose loyalty Putin prizes the most. Bortnikov holds the rank of General of the Russian Army, the equivalent of a five-star general in the U.S., while never having served in the armed forces.

Putin gave Bortnikov that rank to ensure he is respected and revered by the entire state apparatus. So his case for succession is clear, and he also has his own troops—the FSB special operations elements, including Alpha, Vympel, and three other special operations teams, which are respected and feared by the government and the Russian people. Bortnikov could also call on aspects of the 200,000-strong FSB Border Guard troops if needed to help consolidate power in the event of a sudden succession or civil turmoil. But Bortnikov is Putin’s exact age, and his succession would likely be short, raising the problem faced in the 1980s, one old man after another.

Other possible successors and former intelligence comrades of Putin in this line are increasingly being speculated about. One could be Nikolay Patrushev, former Secretary of the Security Council and former head of the FSB. Another candidate would be Sergey Ivanov, also on the Security Council now, another former senior FSB leader and former Minister of Defense. Patrushev and Ivanov are both closely trusted Putin advisors, and both were also two of the hawks most in favor of the full invasion of Ukraine. They might be chosen to ensure that Putin’s plans for Ukraine, incorporating the occupied regions, and potential further aggression and plans for it, are not abandoned, at least for a few more years of their potential rule, if selected. But if Patrushev or Ivanov were to be the successor, they would be a short-term one, given their age. Turning to other aged cronies sets Russia up for another 1980s-style scenario: one elderly leader ruling for a few years, dying, and setting the stage for another white-haired ruler. Putin knows that the issue contributed to the decline of the USSR during that period, along with many other endemic failures.

The next category of successor could be a General or a leader of the military, but there is no obvious candidate right now. Former head of the Defense Ministry and the Armed Forces, Sergey Shoigu, was once widely respected in Russia because Putin had anointed him to roles groomed for succession. He was feted at military parades in full dress uniform and seen riding celebratory white horses. For Russians, this put him on par with beloved Generals like Zhukov, or Field Marshal Mikhail Kutuzov, the strategic genius who outmaneuvered and defeated Napoleon's invasion in 1812. Shoigu was portrayed as such in Russia for years, and before his defense roles, he served as head of the Ministry for Emergency Situations for many years. This also showed him featured in the scenes of many natural and man-made disasters across Russia. The regime portrayed him as the state fixer and helper.

But Shoigu’s reputation took a significant hit with the Ukraine war. Russians all recall that during the failed Wagner mutiny and leading up to it, Shoigu was one of two people whose necks, literally, Yevgeniy Prigozhin wanted. Prigozhin was Putin’s former cook and oligarch who led the mutiny and set out for Moscow with 20,000 Wagner mercenary troops, to hold Shoigu and Chief of the Russian General Staff Valeriy Gerasimov responsible. Prigozhin famously screamed on Russian TV, demanding that Shoigu be held to account, and repeatedly cursed and derided Shoigu and Gerasimov in public. Russians will not forget that, nor has Putin. Shoigu is likely no longer a viable candidate.

No other military candidate stands out as a likely successor to Putin, as might be the case in other dictatorial regimes where the military holds power, not so in Russia, and even less so after the attempted Wagner mutiny, which saw far too much possible empathy from the armed forces. Putin has empowered the FSB to quash any other potential challenge from his armed forces. He also strengthened the forces of the FSB and Russian national guard with more heavy weapons (to fight back more competently if any other military unit ever challenges the regime) after the Wagner aborted coup attempt. Ultimately, a successor cannot be found in the ranks of the military.

The third and final category of Putin's successor, and one that many Russia watchers and experts point to as a possible historical precedent, might be someone we don’t know about yet but who Putin has quietly endorsed, or still will. The idea of an unexpected heir may appeal to Putin because President Yeltsin similarly anointed him as head of the FSB, and then selected him as interim Prime Minister when Yeltsin essentially gave up power and stood down in 1999. Putin was relatively unknown at the time, but his being blessed by Yeltsin helped initially. The rest of his popularity came after a series of alleged Chechen terrorist bombings of apartment complexes, bombings which many suspected the FSB itself might have been behind. Much like the burning of the Reichstag in Nazi Germany, Putin used the apartment bombings to launch a massive war in Chechnya, consolidate power, and strengthen his comrades in the FSB. That hardening of the FSB and Russian intelligence within Russian society has continued in the 25 years since.

AN UNEXPECTED, AND YET UNNAMED HEIR?

So if not the FSB or other siloviki from Russian intelligence, where might that unexpected heir come from? There is a slight chance that Putin may choose an actual heir, one of his children. Putin’s only official children are his daughters, Katerina and Maria, from his wife, Lyudmila, whom he divorced in 2014. But both daughters are now in their early forties, and neither keeps much of a public profile. There are rumors of sons from Putin, including two possible young sons from the former Olympian and Putin's girlfriend, Alina Kabaeva, who is almost thirty years younger than him. But neither is yet a teen, and both have lived substantial parts of their lives abroad. They are not in a position to succeed even if they are legitimized later in the eyes of the Russian state and public.

One viable family member who has drawn attention within Russia is Anna Putina (actual surname Tsivilyova) who is his cousin, and now a Deputy Minister of Defense. She was given lucrative state enterprises over the past two decades to benefit herself and the family, and has continued to rise within the circles of power. But is Russia ready for a female president? Some argue that in Soviet times, the Soviet Union was more progressive than the U.S., at least in its earliest years, with women helping lead important ministries for the new Soviet state. But modern Russian society has returned more to its sexist roots, with almost all the siloviki in the top organs of the state surrounding Putin being men.

If Anna Putina is a possible successor, she will have to get past a bunch of Putin’s “rebyata,” his buddies and comrades from the security services, like Bortnikov, Ivanov, Patrushev, and others. A more viable candidate and extended family of sorts for Putin might be Dmitriy Patrushev, currently a Deputy Prime Minister and son of Putin’s close comrade Nikolay, mentioned above. Dmitriy has the right family connections, if not Putin’s name, and he is no doubt considered extended family for the leader. He is 48 years old, setting him up for a long rule over Russia, just like Putin preferred for himself. The young Patrushev has the proper lineage, age, and patronage to make him a prime candidate. Another candidate is Alexey Dyumin, a former Putin bodyguard whom he made governor of Tula and now a senior official on the Security Council. There are other “adopted sons” like this in the younger generation whom Putin could push forward to lead.

Ultimately, the Kremlin watch will have to continue for now, with no clear line of succession laid out for Putin. But there is one reason to expect the succession issues to come to a head in the near future. Putin set out with the Ukraine war to right what he claimed was a historical wrong. In Putin’s fiction, Ukraine was always a part of Russia, and the dissolution of the Soviet Union, as he frequently termed it, was the “greatest geopolitical disaster of the 20th century.” In fact, Ukraine has been a far greater disaster for Russia; hundreds of thousands of Russian lives and state resources were wasted on the war. But most Russians don’t know that and can’t see it in the absence of any free press.

The end of the war, whenever it comes, will be heralded as a grand success for Putin. It may give him the final medal on his chest, making him assured enough to feel he can start to plan and announce his succession. When he does, one thing is sure: whoever follows Putin will not likely be a reformer. There will be no loosening of the reins on the Russian people. Freedoms will not come, state oppression will continue, and corruption will continue to drive the regime and state. There are too many holds on those very freedoms, and too many potential contenders holding the ropes to allow any loosening. When Swan Lake is played again on Russian TV, Russians—and the West—will have nothing to celebrate.

---------

All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author’s views.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

America’s “Exquisite Class” Weapons Shortage

OPINION — “We just concluded a very good meeting with the largest U.S. Defense Manufacturing Companies where we discussed Production and Production Schedules. They have agreed to quadruple Production of the ‘Exquisite Class’ Weaponry in that we want to reach, as rapidly as possible, the highest levels of quantity. Expansion began three months prior to the meeting, and Plants and Production of many of these Weapons are already under way. We have a virtually unlimited supply of Medium and Upper Medium Grade Munitions, which we are using, as an example, in Iran, and recently used in Venezuela. Regardless, however, we have also increased Orders at these levels.”

That was President Trump in a Truth Social message last Friday afternoon following a White House meeting he had with the chief operating officers of BAE Systems, Boeing, Honeywell Aerospace, L3Harris Missile Solutions, Lockheed Martin, Northrop Grumman, and Raytheon – as he said, among the nation’s major defense contractors.

I’m focusing on Trump’s statement for two reasons. The first is that he admits the U.S. is running low on what he calls “Exquisite Class” weaponry, and although he doesn’t name them I will shortly describe a few, and add some Trump ignored.

But more important I want also to re-emphasize as I did last week that President Trump – for whatever reason – has suddenly turned his back on peaceful diplomacy as a way to settle international disagreements and, on his own, begun using the U.S. military first in the raid that grabbed Venezuelan President Nicolas Maduro, and now in a war against Iran that will cause untold numbers of dead and wounded and cost billions, if not trillions of dollars.

Ironically, his Friday meeting with top defense contractors took place at a time when he has announced plans to seek a dramatic 33 percent, $500 billion, increase in next year’s fiscal 2027 defense spending – to $1.5 trillion. That reminds me of Russian President Vladimir Putin’s last year need to put Russia on a wartime economy since his 2022 invasion of Ukraine has turned out to be more than a several week effort.

Like Putin, who has called his Ukraine invasion as a “special operation,” Trump for a time tried to refer to his attack on Iran as a military “operation” rather than a war. Trump often avoids saying it’s a war, probably because he has so far not sought nor received authorization from Congress.

Trump’s goal, however, has never been as clear as Putin’s – which was to restore Moscow’s total control over the Kyiv government. Trump has swung from preventing Tehran from having a nuclear weapon to possessing no ballistic missiles to regime change and back again.

One big difference from Putin is that Trump has Israel as an active partner and neither he nor Israeli Prime Minister Benjamin Netanyahu wants to put their own troops on the ground in Iran.

But there could be a time when Trump and Netanyahu differ on continuing these full scale attacks on Iran from the air.

That may be where the question of munitions comes into play, at least for the U.S. What Trump referred to as “Exquisite Class” weapons, whose production Trump said need to be quadrupled, are among the offensive and defensive systems being employed in the Iran fighting.

For example. during last Thursday’s Center for Strategic and International Studies (CSIS) event on the Iraq War, Tom Karako, director of the CSIS Missile Defense Project, identified what I believe are among the very “Exquisite Class” weapons Trump wants quadrupled in production.

The three systems Karako talked about were the Terminal High Altitude Terminal Defense (THAAD) used to destroy short-, medium-, and intermediate-range ballistic missiles inside and outside the atmosphere; the Patriot missile system whose PAC-3 MSE interceptors destroy tactical ballistic and cruise missiles as well as aircraft; and Tomahawk long-range, up to 1,500 miles, subsonic, offensive cruise missiles

Speaking about Friday’s White House meeting between the President and defense contractors, Karako said, “Our estimates of what our inventories need to be for our various contingencies are dramatically too low.” Karako based that on what the U.S. contributed to the Ukraine war, used over past years against the Houthis in engagements in the Red Sea and Yemen, and as the U.S. Operation Midnight Hammer, part of Israel’s 12-day war against Iran last June.

Karako went on to say, independent of current fighting, “They [meaning the Trump administration] want to go from about 96 THAADs a year to 400. They want to go from 650 [PAC-3] MSEs to over 2,000 MSEs a year – factory MSE. They want to go from – I think we requested 57 Tomahawks last year [to over 1,000].”

Karako added, “Fifty-seven. Like, that’s what we use in an afternoon on just sort of mowing the lawn with terrorist strikes sometimes. [Deputy Defense] Secretary [Stephen] Feinberg wants to go to over 1,000 Tomahawks per year. That is the munitions ramp that we have been waiting for.”

I should point out the long-term agreement with Lockheed-Martin to increase PAC-3 MSE production calls for a guaranteed level for purchases from the Pentagon for interceptors, which allows the company to invest in expanding capacity, including adding workers, advanced tooling, and upgrading facilities.

Increased production doesn’t happen overnight. Lockheed-Martin has estimated it will reach the goal of 2,000 by 2030.

On Wednesday, Michael P. Duffey, Under Secretary for Acquisition and Sustainment told the House Armed Services Committee of the agreement with Lockheed Martin to quadruple the annual production capacity of THAAD interceptors. The company said it is planning a multi-billion-dollar investment over the next three years to expand THAAD production, which today occupies more than 340,000 square feet of production space and employs over 2,000 to support component fabrication to final assembly.

As for Tomahawk cruise missiles, Duffey said the Raytheon division of RTX agreed within the next few years to increase production capacity to 1,000. In the past, it has taken up to two years to build a single Tomahawk because of its complex, specialized components.

According to media sources, the military had over 4,000 Tomahawks before the attacks on Iran began. Within the first three days, some 400 Tomahawks were used against Iranian targets.

Then there is the cost of Trump’s Iran war. Elaine McCusker, former Deputy Under Secretary Defense (Comptroller) in the first Trump administration and now at the American Enterprise Institute, told the Wall Street Journal last week that in the first four days she estimated the cost at $11 billion of which $5.7 billion was for fired interceptors and another $3.4 billion for bombs and missiles.

With talk circulating last week that the White House was preparing a supplemental bill of up to $50 billion to pay for the Iran war costs, House Speaker Mike Johnson last Wednesday told reporters he hadn’t heard yet about a specific funding level, but that “we’ll pass a supplemental when it’s appropriate and get it right.”

Meanwhile, President Trump continues to change and even raise the goals of his Iran bombing offensive.

When it began, February 28, he called it a campaign to “eliminate the imminent nuclear threat,” and to gain “freedom” for the Iranian people. By last Friday, Trump was asserting in a Truth Social message the expansive “there will be no deal with Iran except UNCONDITIONAL SURRENDER! After that, and the selection of a GREAT & ACCEPTABLE Leader.”

As I wrote in my most recent column of Trump, “The man who just months ago saw his future as chairman of an international Board of Peace, now looks like he might rather be a rogue Policeman of the World.”

This past Sunday, New York Times columnist Nicholas Kristoff, writing about the Iran war, quoted former-Sen. J. William Fulbright (D-Ark), in when Fulbright was chairman of the Senate Foreign Relations Committee, Kristoff wrote that in 1966 Fulbright wrote that the U.S. role in the Vietnam War – which he opposed – represented “the arrogance of power.” Fulbright had added, “Power confuses itself with virtue and tends also to take itself for omnipotence.”

I ran two Senate Foreign Relations Committee investigations in the 1960s for Sen. Fulbright, including one on the use and misuse of American military power abroad.

I can confidently say that a Chairman Fulbright would by now have voiced public opposition into Trump’s Iran war and initiated a thorough Foreign Relations Committee investigation into how it came about and how it could be brought to an end. Fulbright then would schedule public hearings so that everyone, here and abroad, would have an opportunity to know what was going on.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Drone War’s Real Problem Isn’t Technology — It’s Speed

OPINION — When Steve Blank and I sat down over coffee a decade ago and realized that the customer discovery process in Lean was identical to what I'd been doing with the Rapid Equipping Force in Afghanistan, neither of us imagined we'd still be making the same argument in 2026. But here we are.

The Department of War has just executed the most ambitious acquisition reform in 60 years. Portfolio Acquisition Executives have replaced PEOs. JCIDS is dead. The Warfighting Acquisition System rewards speed to delivery. These are real reforms, and they implement nearly every recommendation the defense innovation community has made for the last decade.

And they are about to repeat the most expensive mistake of the post-9/11 wars.

Here's why.

The Counter-Drone Fight Is Not a Technology Problem

Everyone in Washington is talking about the counter-UAS challenge as though it's an engineering puzzle. Build a better jammer. Field a cheaper interceptor. Develop AI-enabled target recognition. The technology shelf is full: directed-energy weapons at $12 per shot, drone-on-drone interceptors with over 1,000 kills in Ukraine at $14,500 each, electronic warfare systems that can defeat commercial flight controllers.

The technology works. The process for getting it to the warfighter does not.

A new drone variant appears on the battlefield every week --- built from commercial parts, open-source flight software, and components available on Amazon and Alibaba. A firmware update that defeats your jammer costs nothing and takes hours. Your counter to that update, through even the reformed acquisition system, takes months.

This is not a technology gap. This is a cycle-time gap.

And I've seen this exact gap before.

I Had This Problem. It Was Called the IED.

From 2010 to 2013, I led the Army's Rapid Equipping Force during the height of the counter-IED campaign in Afghanistan. The structural parallels between that fight and the current counter-drone fight are not approximate. They are exact.

Both threats share five characteristics that make them resistant to conventional acquisition:

Cheap, dual-use components. IED parts were globally available commercial products. Drone components are identical --- flight controllers, autopilot software, motors, all commercially sourced. A Shahed-pattern drone costs ~$20,000. An FPV kamikaze costs a few hundred dollars. We engage them with $400,000 Stingers.

Knowledge that proliferates faster than countermeasures. IED construction techniques spread through informal networks faster than JIEDDO could field counters. Drone designs spread even faster --- through open-source repositories, commercial supply chains, and state-sponsored proliferation from Iran to the Houthis, Hezbollah, and Russia.

Modular adaptation at near-zero cost. Every time we fielded a jammer, the adversary swapped trigger mechanisms within weeks. Drones are modular the same way. New radio, new software, new flight profile --- all outside any formal process. The adversary's development cycle runs in days. Ours runs in years.

Tactical variation that defeats one-size-fits-all solutions. At the REF, we learned that the pressure-plate IED in Helmand Province was a fundamentally different problem from the explosively formed penetrator in Baghdad. Different triggers, different emplacement, different defeat mechanisms. The C-UAS threat has identical variation. A Houthi one-way attack drone flying 1,500 km is nothing like an FPV kamikaze at the platoon level, which is nothing like a Chinese autonomous swarm. Washington wants a consolidated solution. We made the same mistake with IEDs.

5. The institutional reflex to throw technology at a systems problem. We spent over $75 billion on counter-IED. We stood up JIEDDO. We lost that fight anyway. As War on the Rocks concluded last November: drones are "IEDs that fly now." The failed counter-IED framework should not be replicated. But that is precisely what is happening.

The Real Problem: Nobody Owns the Front End or the Back End

Steve and I have spent the last decade teaching the same lesson: the quality of your solution is determined by the quality of the problem you choose to solve. Or as Einstein reportedly said, if given one hour to save the world, spend fifty-five minutes understanding the problem and five minutes on the solution.

The Pentagon's C-UAS response addresses the last 5 minutes of the equation, not the first 55.

The Department has invested heavily in the develop and deploy phases. JIATF-401 was stood up last August to proliferate counter-drone capabilities. The Army runs biennial industry competitions. DIU scouts commercial technology. The PAE reform consolidates requirements, contracting, testing, and sustainment under a single portfolio leader. These are the middle phases of the innovation cycle, and they are getting real investment and real attention.

But nobody is doing the other four things:

Detect --- Nobody is persistently monitoring how the drone threat evolves at the tactical edge. There are no forward-deployed problem discovery teams embedded with operational units, scanning for how the adversary adapted since last week. The REF & AWG had these teams. They no longer exist.

Define --- Nobody is scoping the specific problem each unit faces with enough precision to drive useful solutions. A PAE leader at headquarters, no matter how empowered by the new reforms, cannot see the distinctions that matter without ground truth from the fight. Requirements still originate from within the institutional system --- headquarters staffs, Service-level assessments --- not from soldiers and Marines observing the problem in context.

Missing also is a Fusion Cell that collects the inputs from the operational force, industry and the labs and executes the discovery required to confirm we are working on actual problems (not symptoms) and the required speed to solve them.

Assess --- Nobody is systematically measuring whether fielded C-UAS systems actually work against an adversary who adapts after every engagement. We field systems and declare victory. Without assessment, there is no feedback loop. Without a feedback loop that anticipates adaptation, you cannot out-cycle the adversary.

Distribute --- Nobody is ensuring that what one unit learns reaches every other unit facing the same threat at operational speed much less delivers that same assessment to industry. The Asymmetric Warfare Group used to do this with forward deployed embeds, rolling assessments back into TRADOC schoolhouses. That function was absorbed by the Center for Army Lessons Learned, which operates at institutional tempo --- months --- not operational tempo.

Three of six phases of the innovation targeting cycle have no organizational owner. The reforms built a faster engine. Nobody built the steering.

The PAE Reforms Are Necessary but Insufficient

Let me be clear: the PAE restructuring is genuine progress. Consolidating authority under a single portfolio leader eliminates the handoff delays between requirements writers, program managers, and testers that killed tempo under the old PEO structure. The new Capability Trade Councils can make real-time tradeoffs. Killing JCIDS removes the most ossified layer. These are serious reforms.

But they widen the scope of who writes requirements without changing where the inputs come from.

At the REF, we didn't just have streamlined requirements authority --- though we had that. I could validate a requirement and commit funds on the spot. The REF's real advantage was something else entirely: forward-deployed teams generating requirements from direct observation of the fight. Any soldier, from private to four-star, could submit a problem via a one-page 10-Liner. We aimed for 90-day solutions and sometimes delivered in 72 hours. We transitioned 170 programs into production and leveraged $150 million into ten times that through partnerships. Our Expeditionary Lab at Bagram fabricated prototypes in days.

That wasn't just fast acquisition. That was problem curation at operational speed --- sourcing problems from the field, validating them through direct observation, and converting them into actionable problem statements before committing resources to solutions.

The Army disbanded the REF and the Asymmetric Warfare Group in 2021. It has not replaced either. We eliminated our most effective problem-detection and solution-distribution capabilities just as the drone threat was accelerating.

What Needs to Happen: The Innovation Targeting Cycle

The solution is not recreating the REF or AWG. It is ensuring that all six phases of the innovation cycle have organizational owners, dedicated resources, and a shared operational tempo.

I call this the Innovation Targeting Cycle[1] [2] [3] , modeled on the F3EAD process --- Find, Fix, Finish, Exploit, Analyze, Disseminate --- that JSOC used to dismantle terrorist networks in Iraq. Gen. Stanley McChrystal’s Joint Special Operations task force went from one raid a month to ten raids a night not because it got better technology, but because it collapsed the cycle time between intelligence and action. Every raid generated the intelligence for the next one. Every completed cycle made the next cycle faster.

The same logic applies to innovation. Six phases --- Detect, Define, Develop, Deploy, Assess, Distribute --- run continuously by a fusion cell, each rotation generating the input for the next. A 70% solution fielded in weeks, assessed against operational reality, with findings distributed across the force and fed back into detection of the next problem.

The PAE reforms provide the authorities and organizational structures for Develop and Deploy. The Innovation Targeting Cycle provides the front end and back end that connect the warfighter's reality to those authorities.

Each PAE needs four things the current reforms don't provide

Forward-deployed Problem Discovery Teams --- small, cross-functional teams embedded with operational units, sourcing and curating problems from direct observation. Not technology scouts. Problem scouts. These don’t need to be organic to the PAE.

Fusion Cells — that collect all the sensor data from the field, industry and labs and do the due diligence to ensure we are working on the right problems at the right tempo with the right expected outcomes.

Rapid operational assessment --- built into the cycle, not conducted as a post-mortem months after fielding. Every deployment of a C-UAS capability should generate data: did it work? Did operators adopt it? Did the adversary adapt? That data feeds the next rotation.

Lateral distribution at operational speed --- what one unit learns must reach every other unit facing the same threat before the next engagement, not the next rotation. Our institutional schoolhouses operate at institutional tempo. The drone threat operates at commercial tempo.

The Bottom Line

The Department has reformed how it acquires. It has not reformed what it acquires, whether it worked, or who else needs to know.

In the counter-drone fight, that gap is not academic. The adversary doesn't need to out-technology us. He only needs to out-cycle us.

We proved with IEDs where that leads. $75 billion. Two decades. We lost.

The same fight is here again. The technology is better this time. The process failure is identical. You don't beat an adaptive threat by building a better mousetrap. You beat it by running a faster, smarter cycle --- one that starts with understanding the problem, not building the solution.

That's the lesson of Lean. That's the lesson of the REF. And if the Pentagon doesn't learn it this time, the drones will teach it the hard way.

Pete Newell is the former director of the U.S. Army's Rapid Equipping Force and CEO of BMNT. He co-created Hacking for Defense with Steve Blank and is the author of "The Innovation Targeting Cycle: Time-Sensitive Innovation Fires Inside the Continuous Innovation Cycle"

Not a Subscriber+Member? Let's fix that and get you even deeper access to expert-level national security insights.

Are you Subscribed to The Cipher Brief on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Interceptor Math: How Iran’s Drone Swarms Strain U.S. Defenses

Western intelligence assessments indicate that Iran’s ballistic missile arsenal has been cut in half - from roughly 2,500 projectiles down to approximately 1,200, with only 100 serviceable launchers still operational. For a regime that spent decades building its missile program as the cornerstone of regional deterrence, the depletion represents an existential crisis and much of it’s effectiveness now comes down to math.

What makes Tehran’s predicament acute is the abandonment by traditional backers. Russia has ceased arms shipments while providing intelligence to help Iran target U.S. forces, according to multiple U.S. officials. China, facing confrontation with Washington over Taiwan, has quietly distanced itself from Iranian crude purchases. The result is an Islamic Republic that is more isolated than at any point since the 1980s, with its conventional deterrent crumbling and options narrowing to a single dangerous path.

Arsenal Depletion and Russia’s Intelligence Lifeline

Dr. Andreas Krieg, associate professor at King’s College London, tells The Cipher Brief that while the drop from roughly 2,500 ballistic missiles to closer to 1,200 is significant, “this is not a ‘disarmed Iran’ story.”

Iran still has weapons, but can no longer sustain weeks of intensive missile attacks, forcing it to rely more heavily on cheaper drones and carefully ration its remaining high-end missiles for maximum political impact.

What Iran lacks in replenishment, Russia has partially offset through intelligence. U.S. officials say Russia has been providing Iran with targeting information since the war began, including the locations of U.S. warships and aircraft. The assistance reportedly also includes imagery gathered by Moscow’s sophisticated satellite constellation.

Subsequently, Iran has been making precise hits on early warning radars and command infrastructure, patterns consistent with intelligence-sharing. Iranian drones struck a CIA station at the U.S. Embassy in Riyadh and killed six U.S. service members at a facility in Kuwait.

Rosemary Kelanic, director of the Middle East Program at Defense Priorities, tells The Cipher Brief that Russia and China can still help Iran beyond arms shipments.

“Either might help Iran with targeting by clandestinely providing satellite and other intelligence. Some evidence suggests that Russia helped the Houthis with targeting Red Sea shipping in recent years,” she notes.

The Drone Factor: Mass Production Versus Interceptor Economics

Beyond missiles, Iran’s real staying power lies in its vast drone arsenal. Israeli intelligence officials estimate Iran maintains more than 10,000 Shahed drones in storage. Robert Tollast of the Royal United Services Institute puts the figure even higher at “tens of thousands.” Some estimates suggest Iran may possess as many as 80,000, though such figures remain difficult to verify.

The economics, however, favor Tehran. Each Shahed-136 costs between $20,000 and $50,000, while interceptors cost exponentially more. For every dollar Iran spends, the UAE, for one, pays approximately $20 to $28 to intercept. Moscow has reportedly established a factory capable of producing 310 drones per month.

If Tehran sustains output approaching 400 drones daily, a figure cited in recent intelligence estimates, then annual production would exceed 140,000 units. Such capacity requires distributed manufacturing across multiple sites, a model Iran developed during the Iran-Iraq War in order to reduce vulnerability.

But Iran’s ability to keep launching depends on suppression efforts. The question isn’t just stockpile size - it’s whether Iran can protect launch sites and coordinate mass attacks while under continuous bombardment.

The Interceptor Crisis

As a result of America’s own supply problem, Iran’s drone advantage is amplified. Last June, American THAAD interceptor stocks were depleted by 25 percent. Officials at the Pentagon privately acknowledge that replenishment timelines extend into 2027.

Miguel Miranda, founder of the Southeast Asian monitoring service, Arms Show Tracker, tells The Cipher Brief that while “CENTCOM can airlift fresh missile interceptors and even more Patriot batteries as needed, the problems are the emerging missile and air defense gaps in friendly countries and their own defenses.”

He also observes that while there seems to be real success by CENTCOM and Israel in destroying the heavier Khorramshahr and Ghadr-class MRBMs, Iran’s most powerful medium-range ballistic missiles capable of striking Israel and carrying multiple warheads, “the visuals for these are very limited.”

“One week into this mess, we do not have a clear picture of the Iranian missile arsenal,” Miranda told us.

Michael Rubin, senior fellow at the American Enterprise Institute, tells The Cipher Brief that Washington’s supply chain issue represents “strategic negligence going back decades.”

“After the missiles and drones are depleted, and it does not appear Iran is holding any in reserve, then not only are regional states safe, but the U.S. and Israel can begin close air support operations,” he observes.

Yet the interceptor shortage cuts both ways. Kelanic underscores that “limitations on interceptors likely play an outsized role in Iran’s overall strategy,” pointing out that while the U.S. and Israel can continue fighting without top-tier interceptors, they will suffer higher casualties.

“Iran’s leaders recognize that if the war evolves into an attrition conflict, a battle of wills more than a battle of capabilities, Iran could have the upper hand, because the stakes are existential for Iran but not for the United States,” she said.

It’s a war of ammunition math, not just technology. Krieg explains the THAAD drawdown matters “because missile defense is a magazine contest, not a pure technology contest.” Iranian planners, he predicts, will exploit this with “missile math: using low-cost drones and decoys to trigger high-value intercepts, and reserving ballistic missiles for moments that maximise political impact.”

The UAE, for one, reported that 65 of 941 Iranian drones detected fell within its territory, damaging ports, airports, hotels, and data centers.

Moscow’s Constraints and Beijing’s Calculation

While Russia provides intelligence, it cannot provide the weapons Tehran desperately needs. Russia’s relationship with Iran has long been a cornerstone of its Middle East strategy. Yet, the Kremlin, consumed by its protracted war in Ukraine, now finds itself unable to deliver military support. MI6 assessments indicate Russian arms exports have effectively halted, with production lines committed to Ukraine.

Russian President Vladimir Putin faces a paradox. Elevated oil prices above $100 per barrel, driven partly by Middle East instability, boost Russian revenues. But meaningful military intervention would require diverting resources from Ukraine or exposing force depletion to NATO intelligence. Russia’s posture has become rhetorical support without substantive backing. Arms shipments have dried up, replaced by intelligence sharing.

China’s calculus proves even more complex. Iranian crude accounts for 13 percent of China’s oil imports. Still, Beijing faces an uncomfortable reality. The Strait of Hormuz remains vulnerable, and continued procurement risks a crisis with Washington as Taiwan tensions reach their highest levels in decades.

As the Trump administration challenges Chinese ambitions in the Pacific, Beijing cannot afford to engage in multiple confrontations at once. As Chinese energy companies reduce their exposure to Iran, they are looking for alternatives in Russia and Gulf countries.

Krieg argues that “the lack of Russian resupply and China’s reluctance to jeopardize Gulf relationships increases Tehran’s sense that it cannot ‘outlast’ the West conventionally through replenishment.”

“This isolation makes the nuclear program more valuable as an insurance policy: not necessarily to sprint to a bomb immediately, but to sit closer to the threshold so that regime survival looks too costly to challenge,” he explains.

The Nuclear Trump Card

Faced with a depleted conventional arsenal, absent Russian resupply, and Chinese abandonment, Tehran has increasingly concentrated resources on its nuclear program. Western intelligence agencies monitoring Iranian facilities report accelerated enrichment activities and renewed weaponization research.

The Iranian government has grown increasingly explicit in its nuclear messages, suggesting that its nuclear program represents an existential guarantee of the regime’s survival. Despite this, expert assessments of Iran’s nuclear trajectory differ sharply.

Rubin points out that the late Supreme Leader Ali Khamenei “could never compromise on Iran’s nuclear program because he could not forfeit it and explain to his base that their sacrifice, as Iran lost $2 trillion in lost revenue due to sanctions and lost opportunities, was worth it.” He also warns that while Tehran’s bluster is primarily about leverage, “Iran might not be able to explode a fissile device, but it can make a dirty bomb.”

Kelanic, meanwhile, notes that Israeli intelligence has so deeply penetrated Iran’s security services that the regime has little chance of weaponizing without detection.

“Iran’s only nuclear leverage is the knowledge of where its HEU stockpiles are, coupled with the implicit threat that nuclear materials could fall into worse hands than the current regime if the country splinters into chaos,” she asserts.

HEU, highly enriched uranium, is weapons-grade nuclear material. Essentially, Iran’s bargaining chip is the threat that if the regime collapses, its nuclear stockpiles could end up with even more dangerous actors, like terrorist groups or warlords.

Yet Krieg sees Iran’s acceleration primarily as leverage and survival hedging.

“The pattern fits a long-standing approach. Move closer to the threshold, protect stockpiles and facilities, compress breakout timelines, and keep ambiguity high so that opponents face deterrence without Tehran crossing a line that would trigger overwhelming retaliation,” he says. “In an existential war, the probability of a last-resort dash is higher than in normal times, especially if leaders conclude the conventional balance cannot preserve the regime.”

Yet Kelanic emphasizes that Tehran retains options beyond ballistic missiles.

“Iran can mass-produce drones, which so far have caused significant damage. Iran can also harass oil shipping in the Persian Gulf with limpet mines attached by speedboats,” she cautions. “There are many low-tech, low-cost ways Iran can retaliate in the region.”

Cut off from Russian weapons and Chinese support, Iran’s nuclear program has become its most valuable bargaining chip, both to deter attacks and to potentially trade for the sanctions relief it desperately needs to rebuild its conventional forces.

How Long Can This Last?

President Trump stated the war was initially projected to last 4 to 5 weeks, adding that the U.S. has “the capability to go far longer.” But that timeline could depend on factors neither side controls. Iran must protect manufacturing sites under bombardment while American forces maintain tempo with finite interceptor stocks and mounting domestic pressure.

Tom Sharpe, a former Royal Navy commander, warned that “if the Iranians unleash everything - go hard and fast if the regime feels threatened, then eventually the U.S. will run out of THAAD and Patriot interceptors.” Yet Iran cannot expend missiles recklessly; once depleted, the regime becomes defenseless.

History offers sobering precedents. The Soviet invasion of Afghanistan began as a six-month intervention; it became a nine-year quagmire that accelerated the USSR’s collapse. It becomes a question of whether Tehran calculates that it can survive by hoarding resources and hoping America breaks first, or if it is driven by existential desperation.

“The most realistic interpretation,” Krieg concludes, “is that Iran is using the nuclear program to regain bargaining power now, while keeping weaponization as an option of last resort if it believes the state is facing collapse.”

Are you Subscribed to The Cipher Brief on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

The War’s Next Phase: Five Indicators That Matter Most

EXPERT PERSPECTIVE – I’m always reluctant to comment on current events, as it feels a bit like being an armchair quarterback, but I have been asked about different parts of the ongoing conflict as people are trying to get their arms around what’s happening. So I thought I’d just offer up how I personally frame it for my own understanding and formulation of insights, on what we’re witnessing.

General Miller’s comments were originally published on his LinkedIn platform and are republished in The Cipher Brief with his permission. You can read the original post and follow General Miller’s updates on LinkedIn.

This was always going to be a very complex campaign, and different from Midnight Hammer and Absolute Resolve, which were complex in their own right.

I’m confident in our military and the leaders orchestrating this difficult fight, as evidenced by their display of overmatch in the initial phases of the operation. Historically, when we go after symmetric targets, we achieve success, so while those remain important, it’s the less symmetric aspects that take us down the path of “branch plans” rather than “sequels”.

I am watching our ability to intercept both missiles and Shahed Drones. The Shahed has been a challenge and recognized concern for some time and I have written about those challenges before. The Shaheds are relatively inexpensive, have substantial range and are accurate. What I don’t know is the inventory available but I suspect they are plentiful. A friend of mine from the UK refers to them as the “flying IED”.

Who’s Reading this? More than 500K of the most influential national security experts in the world. Need full access to what the Experts are reading?

I’m also watching energy flows from the region and traffic in the Straits of Hormuz. Not only does this have global economic implications, but it could also imply operational considerations if the U.S. Navy has to be used to get traffic moving. But as I understand history, the Straits have never been fully closed - challenged, yes - but not brought to a standstill, so it’s worth watching as we enter day 8 with little to no traffic.

The Kurds, who I actually know well, at least the Iraqi and Syrian Kurds, are an unknown right now in terms of how they shape events on the ground and the resulting aftermath, but support to them will likely cause operational plans to adjust. And ultimately, this is about understanding the human interactions on the ground.

Sentiment in the region does matter, therefore I read the Grand Ayatollah Sistani’s statement very closely and while he has condemned the war in Iran, he hasn’t crossed a redline that he could have in issuing a Fatwah against our servicemembers. But information and influence definitely matter and this is something I’d be looking to counter or at least compete in the information space, as rapidly as possible.

Lastly, I’m watching all of the casualties because those will matter as this progresses.

As I think through this, inevitably I know that the aftermath is going to be the real challenge determining how this all turns out, and it will require some serious statecraft.

I fully appreciate that there are many more variables, and they will create branch plans -war tends to do that - these are just my basic organizing principles around a complex endeavor. This is more about “how to think” about the conflict and not necessarily “what to think”.

Not a Subscriber+Member? Let's fix that and get you even deeper access to expert-level national security insights.

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Cheap Drones, Expensive Consequences: The New Economics of War

OPINION --

The democratization of drone warfare

When Ukrainian soldiers began destroying Russian tanks with inexpensive quadcopters, the economics of warfare shifted suddenly. At the same time, Iranian drones appeared on Middle Eastern battlefields ranging from Yemen to Lebanon, while non-state actors such as the Houthis and Hezbollah started their own aerial attacks. Airpower, formerly the sole domain of advanced militaries, is fast becoming available to a considerably broader spectrum of entities. The proliferation of drones, which are increasingly powered by artificial intelligence, is altering combat in ways that governments are only beginning to comprehend.

For most of the twentieth century, airpower was one of the most costly components of military strength. Fighter jets, strategic bombers, and advanced missile systems necessitated massive financial investments, highly skilled personnel, and sophisticated logistical support networks. Only great military forces had the ability to sustain these capabilities.

Drone technology is changing the equation.

Commercial drones are readily available and becoming increasingly powerful. With little changes, they can be used for monitoring, targeting, and even direct attacks. Artificial intelligence is also helping to improve these systems. Drones may use AI to recognise objects, track targets, avoid obstacles, and navigate complex settings. Analysts often refer to the marriage of AI and drones as one of the most significant technological developments in modern warfare, particularly in debates about autonomous weapons systems and emerging military technologies.

The end result is a new type of aerial capability that is less expensive, more adaptable, and much more accessible than traditional airpower.

This change is already evident in some wars.

In Yemen, the Houthi movement has extensively deployed drones to assault military targets and crucial infrastructure in Saudi Arabia and the Gulf. Drone strikes on oil installations and airports highlighted how low-cost unmanned technologies might impose strategic consequences on much wealthier countries. Analysts have documented how the Houthis have constructed a developing drone arsenal capable of long-range assaults using very simple technology, as revealed in a West Point Combating Terrorism Center on the Houthi drone program.

Hezbollah has also improved its drone capabilities with Iranian assistance. Drones have been deployed for surveillance activities around Israel's borders, and unmanned technologies are rapidly being integrated into military plans. Israeli authorities have repeatedly warned that Hezbollah's drone weapons may be a significant factor in any future conflict between the two sides. Reports on Hezbollah's developing drone capacity and Iranian help have received a lot of attention in evaluations of Iran’s expanding unmanned aerial vehicle strategy.

Militant terrorist organisations have also shown how quickly drone technology spreads. During its territorial control over Iraq and Syria, ISIS used commercially accessible drones to conduct reconnaissance and drop explosives on hostile forces. These devices were rudimentary in comparison to the military drones deployed by advanced powers, but they were effective enough to disrupt battlefield operations and highlighted how quickly civilian technology might be weaponized. Researchers looking into the Islamic State’s drone program discovered how ISIS modified off-the-shelf drones for war usage.

Perhaps the most striking example of drone warfare today is the war in Ukraine.

Both Ukrainian and Russian military rely heavily on drones for reconnaissance, artillery targeting, and direct attacks. Ukrainian soldiers and volunteer units have integrated small commercial drones into nearly every aspect of battlefield operations. Cheap quadcopters are used to pinpoint enemy positions, direct artillery fire, and carry explosives to armoured vehicles. According to analysts at the Royal United Services Institute (RUSI), drones have become one of the conflict's distinguishing aspects.

Artificial intelligence is rapidly being used to evaluate drone footage, identify targets, and enhance battlefield coordination. In several occasions, drones costing only a few thousand dollars damaged tanks and military equipment worth millions of dollars. The enormous disparity between cost and efficacy is changing the economics of combat.

Another revealing example is emerging along the Afghanistan–Pakistan border.

Pakistan has a nuclear arsenal, a huge conventional military, and is investing heavily in modern technologies such as artificial intelligence and surveillance. Yet militant groups operating in the Afghanistan–Pakistan region have increasingly experimented with drones for reconnaissance and potential attacks. Recent reporting has highlighted rising tensions and cross-border clashes between Pakistan and Afghanistan, demonstrating how the spread of low-cost drone technology could change the dynamics of conflict between stronger states and weaker actors, as reported in coverage of Pakistan–Afghanistan border tensions and militant activity.

The ramifications of this transformation are substantial. Pakistan's military remains far more strong than the militant organisations operating in the region. However, with the widespread use of drones, even loosely organised insurgent networks can increasingly pose a threat to military and border infrastructure. This parallels a larger trend in modern warfare, in which technical spread enables weaker actors to attack bigger ones in novel ways.

Regional powers are also expanding their drone capabilities.

Iran has one of the largest drone programmes in the Middle East. Iranian drones, such as the Shahed series, have emerged in a number of regional conflicts and have been given to friendly forces throughout the area. These techniques enable Tehran to exert influence through allies and proxies rather of depending just on conventional military deployments. Analysts studying Iran’s growing drone industry and regional strategy believe that these systems have become an important component of Tehran's military plan.
Drones have played an important part in surveillance operations and military strikes in recent confrontations between Iran, the United States, and Israel. Both Washington and Jerusalem have made significant investments in advanced unmanned systems designed to operate in disputed situations. Artificial intelligence is increasingly integrated into these platforms to improve targeting, navigation, and operational coordination.

The strategic consequences of this technological transformation are significant.

First, drones significantly reduce the cost of military might. Traditional airpower necessitates expensive aircraft, skilled pilots, and extensive logistical support networks. Drones, on the other hand, may frequently be created and deployed at a far lower cost. This enables smaller nations and non-state entities to project influence in ways that were previously unimaginable.

Second, drones quicken the pace of fighting. Artificial intelligence enables drone systems to analyse data and identify targets more faster than human operators can. While this can bring tactical advantages, it also raises the possibility of fast escalation during military emergencies.

Third, the spread of drone technology is making warfare more unpredictable. As more actors gain access to drone systems, the number of participants capable of conducting aerial operations expands. Insurgent groups, militias, and regional powers can now deploy technologies that were once limited to major military forces.

This raises difficult policy questions.

One of the most significant problems is the increased autonomy of drone systems. While most drones still require human supervision, artificial intelligence is allowing systems to do increasingly complicated tasks autonomously. This has triggered a global debate over whether autonomous weapons should be regulated or outlawed.
Critics say that machines should never be trusted to make life-threatening judgements without human supervision. International humanitarian law compels fighters to distinguish between civilian and military objectives and to use force proportionately. Ensuring that autonomous systems follow these rules remains a significant problem.

Yet the military advantages of drones make it unlikely that governments will abandon them. Military powers around the world are investing heavily in new generations of unmanned systems, including drone swarms capable of coordinating attacks autonomously.

Drone warfare is thus expected to become an increasingly important aspect of modern conflict.

The democratisation of drone warfare is one of the most significant developments in military relations in decades. Airpower is no longer the sole domain of advanced nations. From rebel organisations to regional powers, an increasing number of entities now have the capability to conduct aerial operations.

Policymakers will face the challenge of controlling this shift while avoiding the most destabilising outcomes.

Artificial intelligence and drone technology are more than just new tools for conflict.

They are changing who can fight, how wars are fought, and how conflicts progress.

And the world is only starting to grasp the ramification.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

Iran: War, the Abraham Accords, and the Psychology of Its Leadership

OPINION – As the war between Iran and America (plus Israel) enters its second week, a close examination of its asymmetric and higher-order effects is more critical than ever. Competing media narratives have failed to understand and appreciate both America’s and Israel’s rationale for attacking Iran using pre-emptive strikes, as well the logic and reason behind Iran’s forceful, asymmetric response to the decimation of its senior clerical leadership – and what this means for the entire Middle East going forward.

President Trump’s boldness, following his military strike on Venezuela and capture of its leader Nicolas Maduro in January 2026, has a ‘Reaganesque’ quality and resolve. The same might be argued for President Trump’s earlier (e.g. January 2020) targeted assassination of the head of Iran’s IRGC Quds Force, General Qassem Soleimani. For adversary foreign opponents of President Trump, January has often been the cruelest month. But as President Reagan learned after his 1986 strikes against Libya and its late leader, Muammar Qaddafi, things don’t always proceed as planned, and higher-order effects and ‘black swans’ must be considered.

While the Trump administration has shown confusion at times, and has not articulated its war messaging well, I suspect that what President Trump hoped for, more than the elimination of Iran’s nuclear program, its missile programs, and its expert of terror abroad, was a new Iranian leadership that would somehow, eventually, become part of his legacy and vision of peace - his signature achievement in the Middle East, the Abraham Accords.

But understanding this also leads to a paradox, and it explains why Iran has attacked those allies which (in the GCC, plus Saudi Arabia and Israel) who had signed onto the Abraham Accords. For Iran’s clerics, the Abraham Accords represent, even more than Israel or America, an existential threat to their theocracy and vision for the Islamic Republic of Iran. President Trump’s dreams and hopes for peace in the Middle East, following this most recent attack on Iran, while admirable and singularly aspirational, may no longer be realistic.

The killing of the Supreme Leader Ayatollah Khameini, who had the blood of tens of thousands of Americans, victims of terrorism in the Middle East and around the world, and yes, Iranian citizens on his hands, was a necessary act. But it ignores not only the depth of his hatred for America, Israel, and the West, which no obituary can capture, but the ideology – velayat e faqih – which sustained him and the clerical leadership since 1979. The late Ayatollah Khameini was hardly the smiling, avuncular grandfather as depicted in a recent media report, but a determined, ferocious, and ideologically, driven adversary, for whom martyrdom would always be a preferred outcome to making a deal with the hated devils – Israel and America. Unlike his predecessor and founder of the Islamic Republic, Ayatollah Khomeini, Khameini would never allow himself to drink from the ‘poisoned chalice’ to make peace with the enemy.

The asymmetric nature of Iran’s response to the current attacks by America and Israel, are not, as depicted in some western media and think tank circles, mere acts of desperation, but more likely, part of a more drawn-out strategy of hybrid warfare tactics. In this sense, the Iranians have utilized their own doctrine, but appear to have learned from the Ukraine war, that an emboldened, hardened enemy can use drones, missiles, cyber-attacks, economic warfare, higher oil prices, the closure of the Hormuz Straits, and effective propaganda to achieve partial levels of parity with a much more powerful opponent.

The killing of its leadership makes peace with America a very hard sell for Iranian hardliners, who hate Israel and America, now more than ever. And there are NO Iranian moderates in the current, surviving government. Possible successors, such as the leader of Iran’s Supreme National Security Council, Ali Larijani, remain die-hard hardliners. The attacks on Iran’s leadership, while tactically bold, ignored two fundamental truths: (1) the built-in, multiple structures of redundancy in Iran’s government, e.g. the Office of the Supreme Leader; the Assembly of Experts, the Guardian Council; the Supreme National Security Council; and the massive power of the IRGC, embedded throughout Iranian political, economic, and social structures; and (2), the doctrine of clerical rule, embedded in the Iranian Constitution. While President Trump has offered negotiations to his Iranian interlocutors – and it is likely that some discussions continue between special envoy Steve Witkoff, Jared Kushner, and their Iranian counterpart, Foreign Minister Abbas Araghchi, this is not the time for successful negotiations. We have often fallen prey to false thinking, in that Iranian government officials, even when educated in the West, and appreciative of western culture (ex: Larijani is a scholar of philosophy and of Immanuel Kant), will somehow ‘be’ more western, or amenable to western concepts of ideology, reason, and justice. They are rational --- but in their own way.

Not a Subscriber+Member but need access to the national security content that the experts read? Let's get that done.

In going to war with Iran, understanding their psychology, and that of the leadership, is more critical than ever. Iran is not Venezuela. Nor is it Syria. Their system is more resilient than we reckoned. We forget, at our peril, that the Iranian regime lost over 1 million citizens during the 1980-1988 Iran-Iraq war. And it recently slaughtered over 30,000 of their citizens, innocent protesters, in matter of a few days during January. For those tragic victims, January is indeed the cruelest month.

There are other variables worth considering. Iran is a complex, pluralistic, and conservative – especially the middle-class bazaaris and small business owners - society, over 90 million citizens, well-educated, and connected with the outside world. While it’s a civilization going back thousands of years – this too is part of Iran’s national pride – it is also a youthful society, with over 50% if its population under the age of 35.

The Iranian government will draw a key conclusion from this war, as did the Ukrainians and the Libyans (of course, North Korea’s Chairman Kim Jong-un is smiling): that had they had nuclear weapons, this war would NOT have happened. The worst-case scenario- this is our nightmare, and a huge challenge for our intelligence community - is that Iran could now say, “We don’t need to build a nuke. We can buy it, along with a few long-range ICBMs, such as the Hwasong-20, which can reach the shores of America. From whom? From North Korea, obviously, which needs cash, badly so.” Stopping such future proliferation will remain our (and Israel’s) biggest challenge.

Bottom line: the war with Iran has emerged as way more complex than seen at first glance, and the higher order effects are both fascinating and chilling. So, as 2026 continues, all eyes are once again, on President Trump. It’s his move, again. Given his and America’s prestige on the line, there is now, more than ever, no margin for error. Understanding Iran’s next generation of leaders, and their psychology, is crucial to prevail.

Dr. Kenneth Dekleva served as a Regional Medical Officer/Psychiatrist with the U.S. Dept. of State from 2002-2016 and is currently the CEO of Blackwood Advisory Solutions LLC and Professor of Psychiatry, UT Southwestern Medical Center, Dallas, TX. The views expressed by Dr. Dekleva are entirely his own and do not represent the views of the U.S. Government, the U.S. Dept. of State, or UT Southwestern Medical Center.

Who’s Reading this? More than 500K of the most influential national security experts in the world. Do you have deep-experience in national security and something to say? Drop us a note at info@thecipherbrief.com.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

A Quiet Peace in the Caucasus Could Change the Balance of Power

COLUMN/THE BLUF: A momentous event is happening that is receiving little fanfare in the U.S. but could have major long-term implications for regional stability, save lives, and change geopolitics and trade in the south Caucasus area.

The peace deal signed at the White House between Armenia and Azerbaijan last August could reverse a trajectory of bloodshed and hatred between those two countries and replace those cornerstones of their relationship with peace, prosperity and stability.

It could start a new trade route to Europe that bypasses Russia. This would leave Moscow, which has manipulated politics in that part of the world for centuries, out in the cold. There is still a long way to go but the dynamics are positive, and the time is right to make this happen.

Iran knows that and last night, Azeri authorities say that Tehran attacked the Caucasus with drones – an allegation that Tehran denies. According to the Azeris, the attack Included the Azerbaijani region of Nakhchivan, an area that is cut off from Azerbaijan, bordered by Armenia and Iran - and a region that is a key part of the Trump peace proposal for Armenia and Azerbaijan.

Not a Subscriber+Member but need access to the national security content that the experts read? Let's get that done.

The modern wars between Armenia and Azerbaijan center around Nagorno Karabakh, an enclave in Azerbaijan that has been inhabited largely by ethnic Armenians for centuries. The wars have claimed the lives of over 30,000 people, most of whom were civilians. An estimated 400,000 Armenians from Azerbaijan and 600,000 Azerbaijanis from Armenia and Karabakh were displaced as a result of these modern wars which started in 1988 as the Soviet Union was breaking apart and centuries old hatreds came out, inflamed by Russia.

I was an analyst at CIA in 1988 and spent my days writing about and briefing policy makers about the Armenian and Azerbaijan conflict over Nagorno Karabakh. I spent a lot of time trying to explain why the two sides were fighting over this mountainous area that has no oil or minerals of much worth. It was hard to explain to practical U.S. policy makers how the Russians set up this conflict as a way to keep control over their Muslim and Christian neighbors.

The current peace agreement between Armenia and Azerbaijan is something I never expected. If it lasts, it will allow these two countries to focus on their economic growth and stability instead of wasting blood and treasure on centuries old hatreds instigated by their neighbor.

The conflict over Nagorno Karabakh goes back 1000s of years. The land was inhabited by Armenians probably since the 1st millennium BC as part of the Kingdom of Greater Armenia.

In 1724, Peter the Great encouraged the Armenians who were aligned with Russia, to take over territory all the way to the Caspian Sea which had been part of the Safavid State, evidence of Russian encouragement of bad relations between these neighbors even then.

The Russian generals were encouraged to displace the Azerbaijani population in any way they could. Under the terms of the Turkmenchay Treaty, 40,000 Armenians were resettled in Azerbaijan. By 1829 in the Peace Agreement of Edirne, 90,000 Armenians who had been living in the Ottoman Empire were also resettled in Azerbaijan by Russia, largely in Nakhchivan, Yerevan, and Karabakh. This was Russia’s way of converting and subduing the Muslim population in the area.

Even then, Russia played with ambiguity, largely siding with Armenia but holding out hope to Azerbaijan that its population would retake territory loss to ethnic Armenians. Armenia maintained Karabakh which was rich in Armenian cultural history, churches, and monuments until 1921 when the Soviet Union assigned the region to Soviet Azerbaijan as an autonomous oblast. The Soviets kept the two republics from widespread bloodshed over the territory, officiating territorial disputes and occasional dustups.

The first modern Karabakh war started in 1988. The war did not happen overnight. We saw it happening piece by piece. An attack at this intersection, transportation routes between Baku and Stepanakert, the capital of Karabakh, blown up and then bus depots where fuel was stored, blown up. None of it made headlines but as the analyst on this issue, it kept me busy.

By 1991, Armenia and Azerbaijan were in open conflict. Because of the Soviet oversight of the predominantly Armenian region, the oblast had a degree of self-governance. With the Soviet Empire fractured, the Armenian population feared marginalization under Azeri rule and sought unification with the Republic of Armenia.

When Azerbaijan declared its independence from the Soviet Union and decided to take away some of the enclave’s autonomy, the mostly ethnic Armenian population voted to secede from Azerbaijan.

Full-scale fighting over the succession erupted in the late winter of 1992. International mediation by several groups failed to bring resolution and in the spring of 1993, Armenian forces captured Azerbaijani territory located outside the enclave. By 1994, the Armenians were in full control of most of the enclave and held approximately 9% of Azerbaijan's territory outside the enclave.

Some 600,000 ethnic Azerbaijanis had been displaced. A Russian-brokered ceasefire was signed in May 1994. Karabakh would be administered by Azerbaijan but controlled by Armenian forces and called itself the Republic of Artsakh. The Russians were the peacekeepers.

This uneasy peace lasted about 6 years.

In 2020, the next “Karabakh War” war began. This was a 44-day conflict which dramatically altered the regional balance of power. Azerbaijan, supported by Turkey, launched a successful offensive, reclaiming significant territory. Russia did not support Armenia militarily, but the conflict concluded with another Russian-brokered ceasefire and the deployment of Russian peacekeepers to monitor the demarcation line.

By 2023, Azerbaijan intensified its control over Karabakh and launched another offensive. This led to the Russian peacekeepers leaving the region, the closing of the Russian-Turkish monitoring station in Agdam, the migration of some 100,000 ethnic Armenians, and the dissolution of the Republic of Artsakh.

The situation remained tense with intermittent armed attacks, roadside ambushes, border skirmishes, and more deaths. Under that canopy, the second Trump administration began its own negotiations with Armenia and Azerbaijan.

By March 13, 2025, Armenia and Azerbaijan announced that both parties had agreed on all terms of a peace agreement framework which included Armenia giving up claims on Nagorno Karabakh. U.S. Secretary of State Marco Rubio characterized the announcement as “historic,” while European Union High Representative Kaja Kallas described it as “a decisive step.” I agree on both counts.

On August 8, 2025, a summit took place in Washington, D.C., where President Trump hosted Armenia’s Prime Minister Nikol Pashinyan and Azerbaijani President Ilham Aliyev at the White House and announced a peace agreement signed by the leaders but still to be ratified by the parliaments of Armenia and Azerbaijan. There are 17 articles in the agreement. One of the high-profile parts of the agreement is the Trump Route for International Peace and Prosperity (TRIPP). This new route is expected to connect mainland Azerbaijan with its exclave, Nakhchivan, through Armenian territory. This changes trade routes for the Caucasus and Central Asia. The completion of the route would allow the passage of people and goods across Azerbaijan and the broader Central Asia to Europe without needing to travel through Russia or Iran.

Iran and Russia have condemned the role of the United States in the proposed TRIPP project as an encroachment. Another important factor for regional politics is that Russia was not involved with this peace treaty, and Russian peacekeepers are no longer on the Armenian or Azerbaijani territories.

Need a daily dose of reality on national and global security issues? Subscribe to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

Following up on the historic White House summit, Vice President J.D.Vance visited Armenia and Azerbaijan in February. While there he said, “Peace is not made by cautious people. Peace is not made by people who are too focused on the past. Peace is made by people who are focused on the future.”

Vance’s trip to Armenia and Azerbaijan and the deals he brought with him show that the administration is taking this peace seriously. In Baku, Vance signed a strategic partnership charter covering economy and trade, energy, connectivity, artificial intelligence, digital development, security, and defense.

In Armenia, the U.S. pledged support on nuclear energy, computer chips and drones. The U.S. is also holding Azerbaijan to account, emphasizing support for democratic institutions and the rule of law in their security agreement with Baku.

What’s Next

I have studied this part of the world for over thirty years. My children, who were born while I was writing intelligence pieces on the ongoing war in Nagorno Karabakh now have children.

My hope and wish is that my grandchildren will only read about the bloody history of the region and that they will be able to experience a new chapter in cooperation that brings prosperity as a major trade route from Central Asia and the Caucasus to Europe. I tend to be an optimist, but the time is right for this type of agreement if all parties stay focused on the end game. We cannot let these historic events get drawn into the fight with Iran.

The U.S. has an agreement for development rights for the corridor which would allow Armenia, Azerbaijan and the Central Asian states to bypass Russia and Iran for trade routes. The U.S. must be a good steward of those rights and ensure that all neighboring countries are acting in good faith.

Right now, Russia is preoccupied with Ukraine and its own crumbling economy. The world must keep an eye on any attempts by Russia to once again encourage enmity between these two states and stop any such efforts immediately. Iran too, on the border of these two countries, is clearly trying to draw in anyone it can to divert from the U.S. - Israeli strikes and must not be allowed to divert progress in the Caucasus. Turkey is a winner in this exchange, as the major western hub for trade and Ankara needs to play a positive role, including with Armenia.

The agreement represents a significant shift in Armenian foreign policy, moving away from traditional reliance on Russia toward closer ties with Western institutions, the United States, and even Turkey. Armenians need to be rewarded for their courage. Azerbaijan, already winning after the attacks against Karabakh in 2024, remains in a strong position but must be encouraged to focus on democracy.

A southern trade route that brings oil, gas, and agricultural goods to Europe through the Caucasus and Turkey is a win for this part of the world and will change the dynamics between the Caucasus and Central Asia and Russia. This is a once in a generation opportunity that the U.S. and Europe should continue to champion.

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Nuclear Expansion and Conditional Diplomacy: North Korea’s New Strategy

OPINION – At the 9th Congress of the Workers’ Party of Korea, held every five years, North Korea’s Kim Jong Un left the door open for engagement with the U.S. and reaffirmed hostility with South Korea.

The seven-day congress replaced over 40% of senior officials with younger loyalists, including Mr. Kim’s sister, Kim Yo Jong, promoted to General Affairs Director of the Central Committee. A new five-year economic plan emphasized self-reliance and national development. It included ambitious targets for grain production and industrial output, emphasizing ideological cohesion.

The congress codified North Korea’s status as a permanent nuclear-armed state, emphasizing further nuclear expansion and modernization. It also stated that North Korea’s conventional forces would be upgraded.

A new concept referred to as “Haekpangasoe” (nuclear trigger) was formalized and according to the Korean Central News Agency it is an integrated nuclear crisis response system designed to ensure that the national nuclear shield could be operated promptly and accurately at any moment, ensuring responsiveness to perceived threats. Thus, North Korea’s nuclear deterrent now includes a pre-emptive nuclear strike capability.

North Korea formally reaffirmed hostility toward South Korea, designating it the “first hostile state” and institutionalized severed ties, effectively discarding their long-standing policy of reunification. This was North Korea doubling down on their “two hostile states” doctrine.

While clearly emphasizing antagonism toward South Korea, Mr. Kim suggested openness to talks with Washington, but only if the U.S. accepts North Korea’s nuclear status and abandons its “hostile policy” toward North Korea.

There is speculation that President Donald Trump’s scheduled visit to China in April to meet with China’s President Xi Jinping would be an opportune time for Mr. Trump to again meet with Mr. Kim, this time in Beijing or Pyongyang. Their initial meeting in Singapore in 2018 was relatively successful, with a joint statement committing both countries to establish a new relationship in accordance with the desire of the peoples of the two countries for peace and prosperity, with North Korea committing to work towards complete denuclearization of the Korean Peninsula. The 2019 summit in Hanoi failed when Mr. Trump ended the meeting abruptly when Mr. Kim would only include his plutonium reactor at Yongbyon in exchange for the lifting of sanctions. A brief symbolic meeting at the DMZ later in 2019 did not include a substantive discussion of sanctions relief for denuclearization.

Much has happened since North Korea’s 8th Party Congress in January 2021. Complete and verifiable denuclearization is now off the table. In 2022, North Korea had officially enshrined the right to use pre-emptive nuclear strikes to protect itself from an imminent or perceived to be an imminent attack. The 9th Party Congress has now memorialized the Haekpangasoe nuclear trigger doctrine, ensuring that nuclear weapons can and will be used in response to perceived threats. And South Korea, despite efforts of the Lee Jae-Myung government to improve relations with North Korea, is viewed by North Korea as their “most hostile entity”, renouncing reunification and institutionalizing the “two hostile states” doctrine, while keeping the door open to another summit with Mr. Trump, if the U.S. accepts North Korea as a nuclear weapons state and discontinues its “hostile policy” toward North Korea.

Equally important is the June 2024 comprehensive strategic partnership between North Korea and Russia and their mutual defense treaty, with North Korea providing over 12,000 troops to support Russia in its war of aggression against Ukraine. In addition to troops, North Korea is also providing Russia with artillery shells and ballistic missiles and reportedly receiving missile and nuclear assistance from Russia.

The situation on the Korean Peninsula is tense, with a nuclear North Korea, aligned with Russia and China, viewing South Korea as the enemy. And given North Korea’s emphasis on tactical nuclear weapons and its doctrine dealing with the pre-emptive use of nuclear weapons, efforts to deescalate tension on the Korean Peninsula are necessary.

Mr. Kim’s comment at the 9th Party Congress that North Korea could “get along” with the U.S. -- and apparent willingness to again meet with Mr. Trump – could be the only viable option for defusing the potential for conflict on the Korean Peninsula.

Another meeting with Mr. Kim does not mean the U.S. has to accept North Korea as a nuclear weapons state. It means we don’t have to put denuclearization up front in our discussions with North Korea. We do, however, must talk about sanctions relief, economic development assistance, peaceful nuclear energy and a path to normal relations when there is progress on human rights in North Korea. And in return, North Korea will have to agree to a moratorium on nuclear tests, fissile material production for nuclear weapons, and medium and long-range ballistic missile launches. Eventually, denuclearization on the Korean Peninsula will have to be discussed, but that could be after a decade or longer of negotiations.

Another summit between the leaders of the U.S. and North Korea is in the interest of peace and stability in East Asia.

Joseph R. DeTrani

The author is a former associate director of national intelligence. All statements of fact, opinion or analysis expressed are those of the author and do not reflect the official positions or views of the U.S. government. Nothing in the contents should be construed as asserting or implying U.S. government authentication of information or endorsement of the author’s views.

This piece by Cipher Brief Expert Ambassador Joe Detrani was first published by The Washington Times

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Constitutional and Strategic Fallout of Trump’s Strike on Iran

OPINION — “[Iran’s Supreme Leader Ali] Khamenei, one of the most evil people in History, is dead. This is not only Justice for the people of Iran, but for all Great Americans, and those people from many Countries throughout the World, that have been killed or mutilated by Khamenei and his gang of bloodthirsty THUGS. He was unable to avoid our Intelligence and Highly Sophisticated Tracking Systems and, working closely with Israel, there was not a thing he, or the other leaders that have been killed along with him, could do. This is the single greatest chance for the Iranian people to take back their Country.”

That was a Truth Social message posted by President Trump at 4:37 pm last Saturday, just some 14 hours after Trump’s initial taped 2:57 am early morning announcement that the U.S. had begun air attacks against Iran was released over X social media.

In that first taped message, Trump had said, "Finally, to the great, proud people of Iran, I say tonight that the hour of your freedom is at hand. Stay sheltered. Don't leave your home. It's very dangerous outside. Bombs will be dropping everywhere. When we are finished, take over your government. It will be yours to take. This will be, probably, your only chance for generations. For many years, you have asked for America's help, but you never got it. No president was willing to do what I am willing to do tonight. Now you have a president who is giving you what you want, so let's see how you respond.”

I believe Americans will come to regret what their president, Donald Trump, said he was “willing to do tonight,” for the Iranian people, which was to kill their leader, as bad as he was, along with other senior Iranian leaders. Perhaps only a few of us older people remember the mid-1970s scandal over CIA plots to kill Fidel Castro that led to congressional hearings.

The Trump administration should remember that U.S. plotting and carrying out the killing of adversary leaders could easily generate attacks against American presidents and/or senior leaders.

I also do not believe this is the way U.S. military forces should be used against countries or their leaders that do not pose an imminent danger to American forces abroad or the U.S. homeland --with prior approval of Congress.

What President Trump has done is to initiate a war. He said it himself in that first February 28 statement: “The lives of courageous American heroes may be lost, and we may have casualties. That often happens in war.”

Trump recognizes this is a war, however, under the U.S. Constitution, only Congress is supposed to be able to declare war. I recognize this provision has often been violated by Presidents in past years, but it’s one that needs new support, primarily from Members of Congress themselves.

As I write, the situation on the ground in Iran is unclear, as are the real objectives of President Trump.

Trump told CNN’s Jake Tapper yesterday “I don’t want to see it go on too long. I always thought it would be four weeks, and we’re a little ahead of schedule.” On the other hand, Trump also spoke yesterday to ABC News’ Jonathan Karl who reported that somebody within the Iranian government has reached out to Trump. “I asked him who it was,” Karl said and Trump said, ‘I probably shouldn’t tell you’ but it was, you know, somebody who had survived. And somebody, he added, is no longer reporting to the Supreme Leader.”

Did some Iranian with authority really reach out to the Trump administration? Sad to say with this President you don’t know what’s true or false.

Iran state television press has reported a three-person leadership council has been named under Article 111 of Iran’s constitution to temporarily replace the late-Supreme Leader Khamenei. It includes Iranian President Masoud Pezeshkian, a senior cleric and Guardian Council jurist member Ayatollah Alireza Arafi, and head of the Iranian judiciary Gholam-Hossein Mohseni-Ejei.

The Iran constitution calls for a clerical assembly of 88 Guardian Council-vetted Shiite clerics, elected by the public, to appoint a new supreme leader by simple majority.

Al Jazeera reported yesterday that Iran Foreign Minister Abbas Araghchi said that the constitutional machinery of succession was already turning and Iran could potentially elect a new supreme leader within one or two days. The country has begun a 40-day mourning period for Ayatollah Khamenei.

I also should mention that Reza Pahlavi, exiled son of Iran's last Shah, Mohammad Reza Pahlavi, was on Fox News yesterday and said, “I am ready to go to Iran as soon as possible. I would like to be there whether it is before the regime collapses or right after it collapses."

Last Saturday, the day the U.S. and Israeli attacks began, Reza Pahlavi had an op-ed in The Washington Post in which he said he had a detailed road map and transition plans for a post-Khamenei Iran and, “many Iranians, despite facing bullets, have called on me to lead this transition.”

Although it has received little mention over the past few days, it was an August 1953 coup, engineered by the U.S. and United Kingdom that overthrew the Iran government of then-Prime Minister Mohammad Mosaddegh and consolidated power in the hands of then-Shah Mohammad Reza Pahlavi. He, in turn, took a dictatorial turn and was deposed in 1979 during the Islamic Revolution led by Ruhollah Khomeini.

It is hard to believe that the Trump administration would try to bring back the Iran monarchy, at a time when older Iranians still resent the publicized U.S. CIA’s role in deposing of Mosaddegh.

Trump also bragged yesterday about how successful the U.S. military operation has been. “We’re knocking the crap out of them,” Tapper said Trump told him, adding the President said, “I think it’s going very well. It’s very powerful. We’ve got the greatest military in the world and we’re using it.”

Karl reported Trump said, “Nobody else could have done this but me.”

I bring up Trump’s growing affection for war over peace, because Trump has recently begun saying he wants to increase next year’s Fiscal 2027 Defense Department (DoD) budget by $500 billion – putting it at an amazing $1.5 trillion for the year.

It is unclear where all that added money would be spent – although it might indicate Trump sees other foreign countries or leaders he might want to attack, or at least threaten.

The man who just months ago saw his future as chairman of an international Board of Peace, now looks like he might rather be a rogue Policeman of the World.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Who's reading this? 500K+ dedicated national security professionals. Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because national security is everyone’s business.

The Hormuz Standoff: Global Energy Flow Severs After 'Epic Fury' Strikes

The Hormuz Standoff: Global Energy Flow Severs After 'Epic Fury' Strikes

As tensions in and around Iran proliferate, the narrow waterway between Iran and Oman has become the pressure point where geopolitics meets global energy security.

The Strait of Hormuz is a geographic choke point where global energy security rests on a razor's edge. At its narrowest, the waterway spans just 21 miles, forcing roughly 20 million barrels of oil, nearly a fifth of global daily consumption, through shipping lanes only two miles wide. It is the world's most vital artery, and as of this weekend, it has been severed.

(Photo by Bedirhan Demirel/Anadolu via Getty Images)

Following the launch of Operation Epic Fury on February 28, tankers have been forced to drop anchor in the Gulf of Oman, paralyzing nearly 20% of the world's petroleum supply. Operation Epic Fury — a massive, high-stakes gamble by U.S. and Israeli forces — ripped through a target list spanning from the industrial hubs of Isfahan to the core of Tehran. The strikes targeted the compound where Supreme Leader Ayatollah Ali Khamenei was killed. By early Saturday, the IRGC had hijacked maritime radio frequencies, broadcasting threats that turned the shipping lanes into a dead zone.

Though Iran's Foreign Minister later stated there was no plan to close the Strait completely, shipping data showed maritime traffic largely paused, and an oil tanker was attacked off Oman's coast Sunday.

The threat calculation has grown more urgent as U.S. intelligence assessments indicate Tehran maintains between 5,000 and 6,000 naval mines, with the capability to seed the Strait at rates up to 100 mines per day through its fleet of submarines. A handful of deployed mines would paralyze the Strait. Global insurers will pull coverage the moment ordnance is confirmed, forcing tankers to drop anchor or turn back. For Gulf producers, storage tanks will reach capacity within days, likely forcing a total cap on well production by the end of the week.

"The IRGC has naval bases to the North and South of the Strait of Hormuz that could deploy sea mines in a matter of hours," Iranian military analyst John Wood tells The Cipher Brief.

But whether Iran's sea mine arsenal proves to be a potent threat to United States forces and global interests in Hormuz is yet to be seen.

During the 1988 Tanker War, Iran deployed approximately 150 mines in the Strait of Hormuz. One of which nearly sank the USS Samuel B. Roberts, a guided-missile frigate. The mine that struck the Roberts was World War I vintage, demonstrating that naval mines need not be sophisticated to prove effective. Since 1950, mines have inflicted 77 percent of U.S. ship casualties, a higher damage rate than any other weapon system.

The challenge for Tehran, however, lies not in the mines themselves but in deployment. Iran operates only three Kilo-class submarines capable of laying the more complex EM-52 rising mines, and its fleet of approximately 20 Ghadir-class midget submarines. Each carries just four mines via torpedo tubes and has a relatively short range when operating in stealth mode.

Iranian commanders aren't necessarily looking for a traditional naval standoff in the Strait. Instead, they've rigged an economic tripwire. The goal isn't to sink the U.S. Fifth Fleet but to make the price of any confrontation too high for the global market to stomach.

A mine-clearing operation would require at least a month to establish a safe corridor, during which Gulf oil production would halt, storage facilities would fill, and producers would be forced to cap wells.

The Global Energy Chokepoint

Approximately 21 percent of global petroleum liquids pass through the Strait of Hormuz, making it the world's most critical oil transit chokepoint. Saudi Arabia, the UAE, Kuwait, and Iraq depend on the Strait for virtually all their seaborne crude exports.

"There are over 150 tankers bottled up to the North of the Strait of Hormuz," Wood explains, referring to tankers unable to transit. "Insurance companies are canceling policies altogether. If you sink a fully loaded VLCC, that could be up to an approximate $40 million loss."

A Very Large Crude Carrier can transport up to 2 million barrels of oil, enough to supply a medium-sized refinery for weeks. At current market prices, a single loaded vessel represents a cargo value exceeding $140 million, making the insurance exposure catastrophic if even a handful of ships are damaged or sunk.

If the IRGC manages to seed the lanes, the resulting supply shock won't be measured in days but in weeks. The Navy maintains a limited fleet of dedicated mine countermeasure vessels, a force structure analysts consider insufficient for the scale of potential mining operations in waters where Iran could sustain deployment campaigns for up to six months using its mine stocks and submarine fleet. Tehran's strategic advantage lies in asymmetry: deploying mines requires minimal resources at rates of up to 100 per day, while clearing them demands painstaking work under fire from coastal anti-ship missiles, swarm boats, and drone strikes.

Norm Roule, who served as the National Intelligence Manager for Iran at the Office of the Director of National Intelligence and spent 34 years with the Central Intelligence Agency, tells The Cipher Brief that, despite concerns, contingencies have been in place for decades.

"Do you think Donald Trump is going to sit back and let the Iranians mine the Persian Gulf? I don't," Roule says. "If anybody splashes something in the water, we'll open all the gates of hell on them."

Any Iranian attempt to physically deploy mines would likely trigger immediate U.S. military retaliation against Tehran's naval assets and coastal infrastructure before a minefield could be established.

Roule emphasizes the intelligence dimension: distinguishing between defensive mine deployments in Iranian territorial waters and offensive operations targeting international shipping lanes becomes critical, as striking mines within Iran's waters could constitute an act of war regardless of their intended purpose.

"You need intelligence on what they're dropping," he says. "If they deploy something in their own waters, are they defensive or offensive mines? If you attack them in their waters, you're starting a war."

Current Military Posture

Yet the window for Iranian mine deployment may already be closing as U.S. forces maintain round-the-clock surveillance and strike capabilities positioned to interdict any large-scale mining attempt. Roule dismisses concerns about American response capabilities, noting American naval forces maintain a substantial forward presence with two carrier strike groups supported by more than 150 aircraft and dozens of warships.

"They're already there," he insists. "Aircraft can take off from the USS Abraham Lincoln and be over targets within minutes. Our geospatial assets are almost certainly monitoring for unusual Iranian activity."

That surveillance appears to have already shaped operational targeting: the initial wave of U.S.-Israeli strikes targeted not only nuclear and leadership sites but also Iranian naval infrastructure, with President Trump stating the operation aimed to "destroy the country's navy." This suggests Washington sought to neutralize mine-laying capabilities before they could be deployed.

Should Iran deploy mines despite U.S. interdiction efforts, the Navy would need to send minesweepers through the narrow shipping lanes, demonstrating safe passage to reassure commercial traffic and insurers.

Iranian Calculations

Yet Tehran faces its own constraints in executing a Strait closure, as halting energy flows would inflict economic damage on Iran itself and key trading partners whose support the regime cannot afford to lose.

The oil market's immediate response has reflected both fear and hedging: at least 150 tankers have dropped anchor in open Gulf waters beyond the Strait of Hormuz rather than risk transit. Despite the disruption, oil prices remain below $100 per barrel, and neither the United States nor major Asian consumers have tapped strategic petroleum reserves.

Gulf producers had anticipated potential disruptions: Saudi Arabia maximized throughput on its East-West pipeline to Red Sea ports, while the UAE pushed additional volumes through its Fujairah terminal on the Gulf of Oman, bypassing the Strait entirely.

"Short term, oil could jump $10–$15 as markets react," Roule projects. "But unless tankers are sunk, or there are major hits on infrastructure like Kharg Island or Abqaiq, this is likely temporary. Oil might remain in the high $60s or low $70s, with a short-term bump."

Tehran's strategic logic centers on economic leverage rather than military victory: forcing a disruption severe enough that global pressure on Washington to de-escalate outweighs the costs Iran absorbs from halted oil exports. The gambit depends on speed, inflicting maximum economic pain before the U.S. can establish alternative supply routes or before domestic Iranian shortages undermine regime stability.

"If I'm Iran and I shut it down, I'm doing it to hurt the U.S. and the global economy so that the world pressures Washington to ease up," Roule asserts.

The tankers currently anchored in Gulf waters face a bureaucratic obstacle: insurance underwriters have either pulled coverage entirely or raised premiums by 50-60 percent, while administrative processing could mean vessels remain idle for a week or more, even if military tensions ease.

"I'm not sure Iran has the time to create the strategic impact it wants," Roule surmises. "What people overlook is the tremendous amount of food and commodities that keep the region's economies going. If the Iranians shut the Strait of Hormuz, they're choking not only their oil economy but also their broader economy: iron, basic materials, things they need to keep industries running."

China's role complicates Tehran's calculus. In 2025, China bought over 80% of Iran's crude exports, with a quarter of its entire national energy supply currently funneling through the Strait. A deep freeze on transit forces a brutal trade-off: Beijing must either double down on its Tehran partnership or pivot to save the manufacturing engines that prevent a domestic crash.

This creates a high-stakes "economic veto." Chinese refineries and factories can't weather a long-term shutdown, and Tehran's economy — stripped of other buyers by sanctions — has no pulse without Chinese cash. This shared vulnerability tethers Iran. They can only push the West so far before they sever the very lifeline keeping the regime solvent.

The Escalation Threshold

Washington's willingness to strike preemptively rather than wait for mines to be deployed marks a fundamental shift in decades of deterrence doctrine. Roule places current tensions within a broader historical framework: multiple U.S. administrations prepared military options against Iran, yet consistently chose restraint. Trump represents the first president willing to execute those strikes.

U.S. intelligence detected Iranian forces loading naval mines during the June 2025 conflict, though the mines were never deployed. This suggests Washington's surveillance capabilities and demonstrated willingness to strike preemptively may deter Tehran from attempting large-scale mining operations.

The compressed geography of the Strait, shipping lanes just two miles wide flanked by Iranian coastal batteries and missile sites, means response times are measured in minutes, placing a premium on the extensive training U.S. naval forces have conducted for this scenario.

"It's a small area," Roule adds. "When something is fired, there's not a lot of time. Our Navy has practiced this extensively. There's a lot of experience there."

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

After the Strikes: Is Iran on the Brink?

U.S. and Israeli forces intensified their unprecedented military campaign against Iran over the weekend, striking strategic military, political and leadership targets deep inside Iranian territory in what officials are calling a coordinated effort to degrade Tehran’s war-fighting capabilities and disrupt its regional influence. The offensive, involving long-range missiles, fighter jets and precision airstrikes, followed days of escalating tensions and marks one of the most dramatic expansions of military action in the Middle East in years.

Iran’s Supreme Leader Ayatollah Ali Khamenei and multiple senior commanders were reportedly killed in the initial phase of the strikes, a development confirmed by Iranian state media and acknowledged by U.S. and Israeli leaders. The death of Iran’s paramount authority has thrust Tehran into political uncertainty, even as the campaign rolls on with bombardments of ballistic missile sites, naval facilities and command infrastructure.

Tehran has launched retaliatory missile and drone attacks against Israeli and U.S. military bases throughout the region, resulting in casualties on both sides and raising fears of a broader, protracted conflict. The Pentagon has confirmed American service member deaths, and Israeli officials report civilian casualties from Iranian strikes.

The flurry of military operations has drawn global attention, with world powers urging restraint even as regional allies recalibrate their defense postures. Against this backdrop of war and strategic jockeying, Cipher Brief COO & Executive Editor Brad Christian spoke with former National Intelligence Manager for Iran, ODNI Norm Roule about what else we need to keep in mind on the heels of the U.S. and Israeli strikes. Their conversation has been lightly edited for length and clarity. You can also watch the entire interview on The Cipher Brief’s YouTube Channel.

Norman T. Roule

Norman Roule is a geopolitical and energy consultant who served for 34 years in the Central Intelligence Agency, managing numerous programs relating to Iran and the Middle East. He also served as the National Intelligence Manager for Iran (NIM-I)\n at ODNI, where he was responsible for all aspects of national intelligence policy related to Iran.

Christian: What are you not seeing right now that's top of mind for you?

Roule: That's a great question. That's the intelligence officer's question because what's in the news is something that everyone talks about, but what's not in the news is what a good intelligence officer looks at. So, first things that we're not seeing right now. What we're not seeing yet would be any efforts by the Iranians to attack energy targets in the Gulf. We've seen some efforts by Iran to disrupt flows of transportation in the Strait of Hormuz. There have been some announcements by the IRGC, but they have not undertaken mining operations, speedboat operations, submarine operations. So, the Iranians appear to be, as of now at least, interested in maintaining the flow of oil and the food and other supplies upon which they and the other Gulf states depend through the Strait of Hormuz. So that's number one.

We're not seeing Europe stand with the United States in the same way that it has in the past. And this is important because in many ways, what the United States is doing is in Europe's interest. It's not just that the nuclear negotiations have been something that Europeans have focused on for many years, but the progression of Iran's missiles would obviously threaten Western Europe. The improvements of MRBMs [Medium-range Ballistic Missile] would threaten Germany, France, and England. Terrorism through the Quds Force has impacted Europe far more often than the United States, but the proliferation of ballistic missiles to the Houthis has severely impacted the trade of the Mediterranean states in the Red Sea.

The United States Navy has done exceptional work in pushing back on the Houthis, but you've not seen France, Germany or the United Kingdom stand up and support the United States. In some ways, this is similar to what Chancellor [Friedrich] Mertz reportedly stated regarding Israel last year, in that Israel was doing Germany's dirty work or Europe's dirty work regarding Iran. The Europeans are focused on whether this is a legal operation under international rules and I do worry that following this, maybe people will look back and ask whether Europe was standing with the United States appropriately during this event.

Christian: Retired Admiral Jim Stavridis said this weekend that if the Iranian regime feels that it's at the end of its rope, and I'm paraphrasing, “I expect them to go big in terms of their response”. Is the fact that you're not seeing some of the things that you mentioned indicative of the fact that the regime may not feel that it's at the end of its rope, or how should we interpret that?

Roule: A great question. Let's look at some of the missile attacks that are being fired on the GCC [Gulf Cooperation Council] and the drone attacks. Iran fires missiles against the GCC for two reasons. First, it's hoping to strike Americans and kill as many Americans as possible to create a political problem for the president with the American people.

Second, it hopes to damage as much of GCC property and kill GCC personnel so that the GCC countries themselves will press the United States to end the conflict. But the number of attacks that have been conducted by the Iranians against the GCC have been comparatively few thus far. That could change. The Iranians have used missiles and we've seen a number of Shahed drones used against civilian targets in Bahrain and in the Emirates. We've seen attacks in Saudi Arabia against Riyadh, the eastern province, that have been repelled - by the Emirates, Qatar, Kuwait, as I mentioned Bahrain - all the GCC states save for Oman itself. But you would have expected to see a more intensive attack against those countries. If Iran was indeed going all out, they would have gone for saturation attacks. They would have gone for a combination of missiles, drones, and cyberattacks all at once against those targets to really have a destructive impact for that final end of the world message. That's not occurred.

There could be two reasons for this. The first is that the United States has destroyed launchers, personnel, command and control, and has prevented them from conducting attacks with the intensity that the Iranians might wish.

The second is that the Iranians are trying to extend these attacks over a period of time so that they can maintain psychological pressure against the United States, Israel, and the GCC over the course of this conflict. It's possible there's even a mixture of these two things. The only problem with that second theory is that if you're the Iranians, that's a pretty gutsy move to think that you're going to be able to retain missile launchers, missile capacity, and that the United States and the Israeli aircraft - hunting for these things right now is not going to destroy these in the next 15 minutes. So, this is not just a stranded asset. This is probably a use or lose moment for the regime. I think what we're looking at in this regard is that if the Iranians thought they were going to go out, they might try to do something in a significant way. But the absence of that activity could be reflective of what the U.S. has done to prevent that thus far with its attacks on command and control and the launchers, etc.

Christian: There's a lot of talk about what the possibility of regime change, however that is defined, and how that could take shape. The president has issued a message to the IRGC, imploring them to lay down in their arms and receive immunity. He issued a message to the Iranian people saying, in effect, that when we're done with this operation, this is gonna be your chance, perhaps the only chance for generations to take over your country. What are you going to be looking for, assuming that there has to have been some sort of messaging, cooperation, organization with Iranian resistance or a group that might be supported to sort of move into a leadership position, should the government as we know it fall?

Roule: Let's talk about a couple of different things. First, regime change can only be accomplished by the Iranians themselves, especially in an air campaign. What we can do is we can degrade the coercive tissue that constrains the Iranian people, and then they themselves have to act against that system if they choose to do so as their capabilities permit. There is another issue here, and that is that it's going to be counterintuitive. You need to retain some sort of discipline and structure within the IRGC because if you were to, and I'm just throwing out a number, if you were to remove the top 10% or 500 personnel in the IRGC, you have thousands of hardline personnel who would be capable of inflicting horrific violence against unarmed protesters and you need someone to exert control and discipline over these personnel, to keep them in their barracks, keep their weapons under control. So, you need structure on the Revolutionary Guard itself to remain intact. Now in terms of groups, I'm unaware of a group that has sufficient control and influence over the entire country that it would be able to on day

one after the supreme leader left this earthly veil and Iran's president would step in and suddenly command the popular support of the Iranian people. That individual needs to stand up and you need to then see how the street responds. That's a crowd action that needs to appear. And that won't be known until it's known. That's something that you just need to see that the people need to come out. And that can't be measured in advance. There's no polling that will show that. That's not an intelligence question. That's a mystery for the Iranians themselves, even for the people themselves, because at the moment that happens, they're going to have to judge their personal security and how they feel about the individual at that time. When that occurs, that's going to be a test of the remaining security structure and how they respond to that person.

There's another challenge here. The Iranians have to have agency. They have to have their own fate in their own hands. That's not the U.S.'s responsibility. We are to help them whenever possible, stand up and remove the coercion. You have to ask such questions. Would we provide air cover if the military continued to attack them? Would we provide air cover if the

military conducted bloodbaths? Would we attack military units in the long term? I mean these are questions that might come down the road, but if not, this is an internal issue and it may be messy, it may even be unpleasant. Politics is this way and we want to we hope it doesn't become another Libya situation but that is up to the Iranian people to choose their fate.

Christian: Following the U.S. military operation to remove Nicolas Maduro from Venezuela, we've seen a rather unique approach that the U.S. has taken towards working with the former regime of Venezuela in ways that probably were unthinkable before that. mean, It’s certainly drawn a lot of criticism from people who say we left a repressive regime in place, but the United States is working with them and has sent top officials including CIA Director John Ratcliffe to Venezuela. Is it possible that there are lessons that may be applied from how we're working with Venezuela in a future Iran scenario?

Roule: Absolutely, and indeed it's not unique to the Trump administration. Former Secretary of State Dr. Condoleezza Rice has stated famously, that we are not an NGO, we are a country. Our interests in Iran as laid out in the Trump administration's 2025 national security strategy are uniform across administrations. We want to make sure they don't have a nuclear weapon, that they're not threatening their neighbors and ourselves with missiles, terrorism, proliferation of militias, destabilization of maritime choke points, such as the Strait of Hormuz and the Babel Mandab. These are things that touch our core national security interests and those of our partners. Beyond that, we start getting into nation building, which the Trump administration certainly will eschew and deeply oppose anyone who suggests that we spend any time on that.

At the same time, as we look at dealing with that country, you will have individuals such as the Obama administration who would say, look, if we have a nuclear deal with these people and lift sanctions, that's the first step to show maybe we can be trusted and then we'll build into something else. And then as sanctions are lifted, maybe that will allow the people to gradually become a kinder, gentler entity.

Well, why can't that work with sanctions being lifted by the Trump administration in a deal with a post-attack government as well? Following this issue in a hypothetical scenario, where the government says, we're not going to rebuild the nuclear program, we're not going to expand our missiles, we're not going to proliferate militias and terrorists, and the Trump administration

says we're going to provide you with substantial sanctions relief - well, that would be far more than the Obama and Biden administrations could have ever hoped to have achieved under JCPOA and JCPOA-like agreements. And then it would, in essence, have been the same process.

We hope this leads to a reform of the government over time, and it would be tested and it could apply. We could see the addition of new sanctions and we would heavily monitor it and we would have an ability to watch their behavior and respond with sanctions or other diplomatic pressures as we see fit if they fall back. So, there is a process here, just as we could apply that process to Venezuela, where the commander of Southcom has also visited and the secretary of energy. So, we have a process that is building up. And remember, under JCPOA, we had Secretary of State John Kerry meet with his Iranian counterpart on Syria to see if cooperation could work there. It didn't work, but we tried. Cooperation on hostage exchanges. Some would say it worked or didn't, depending on your position, but we tried. Well, the Trump administration is trying in Venezuela. We could try the same thing in this situation.

Christian: What do you think we’re looking at here in terms of a timeline? Do you think this is going to be something that is a very short operation?

Roule: A British prime minister was once asked after giving his plans for his foreign policy, what might stand in the way of those plans. And he famously responded, events, dear boy, events. That's the challenge we face now. What we've seen so far is that the United States military and the Israeli military have performed superbly. We clearly have exquisite intelligence, extraordinary technical capability, magnificently trained personnel who have performed with courage and with great skill, and we have significantly damaged Iran and achieved what you would hope to achieve in that initial foray into a country - suppressed air defense. I think the next phase is the hammer against a variety of different types of targets.

How the Iranians respond after that will be a weird science of how the political dynamic plays out with remaining personnel. So that's a chemistry of different people, personalities, where they're located, how they interact, what psychological pressures exist. You're going to have the issues of what enormous events occur, what buildings are taken out, unrest that may occur or not occur, what military units respond or don't respond. These types of things are going to change the dynamic. In any case, we're looking at days, certainly. I'm certain the Trump administration does not want to see this turn into weeks or a timeframe beyond that.

I expect as this goes forward, the Gulf partners - who have historically had superb relations with multiple levels of Iran's polity and society - will be able to engage individuals as communications are reestablished with Iran. They will find out whether anyone wants to engage and see if anyone of substance rises from the ashes and is able to say, ‘I'm in charge and I'm willing to make a deal. I'm willing to be reasonable’.

The trick is that person is going to have to prove one thing: they're going to have to prove they have authority and a capacity to influence events. There are plenty of people who will say, ‘I am the person who can make things happen and I need nothing - Long pause - except a squadron of F-18s, $500 million and 600 American passports.’ It's the person that you can turn to and say, ‘Okay, so tomorrow, what can you make happen in Tehran at three o'clock?’

Now, when some gulf leader or someone can come up and say, this entity, this person, this group, this structure has risen and they can do this to, they've shown this and they want to make a deal. That's where you start seeing a conclusion come forward or at least the prospect of a conclusion. But it's impossible to make that prediction. And if someone says they can do that, they should start predicting lottery numbers.

Secretary Colin Powell was quite a brilliant and an extraordinary man. I enjoyed working under him and around him. I learned so much from him. I did disagree with him on one famous point. He often said, “If you break it, you own it.” I disagree.

If you break it, there's nothing to own. There's nothing here to own. There will be no structure and we need to know that going in here we won't own anything. There will be nothing there. We'll have to build the structure - or they'll have to find some kind of structure.

The second is how do you want this to end? Don’t go in unless you have an end game confirmed. I think that's an admirable goal. I don't think that's achievable. And I think that's often now used as a way of saying that you can't do this because you can never guarantee that Iran will never have this perfect thing set up in advance. All we can guarantee is that we're going to defeat our adversary, defend our personnel, defend our partners, and have in place a team and an architecture that's able to structure through the inevitable moments when the plan fails the first contact of battle.

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Breaking Down our "Red October" Moment for AI

OPINION -- In the climax of the 1990 movie “The Hunt for Red October”, the Soviet captain of the V.K. Konovalov makes a fatal error. Intent on destroying the defecting Red October submarine, he orders his crew to deactivate the safety features on his own torpedoes to gain a tactical edge. When the torpedoes miss their American target, they do exactly what they were programmed to do: they find the nearest large acoustic signature. Because the "safeties" were off and the weapon was no longer "fit for its purpose," it turned back and destroyed the very ship that launched it.

As the Department of War (DoW) moves to integrate "frontier" AI models into the heart of national security, we are approaching a "Red October" moment. The recent debate over Anthropic’s engagement with the Pentagon isn't just about corporate ethics - it's about whether we are handing our warfighters tools with the strategic safeties off.

As the former Chief AI Officer of the National Geospatial-Intelligence Agency (NGA), I believe the greatest risk we face is the lack of a sophisticated, mission-aligned framework to judge these models before they reach the field.

To avoid the fate of the Konovalov, we must transition to "fit-for-purpose" evaluation, a commitment to rigorous existing standards, and the realization that in national security, high quality is the only true form of safety.

The Fallacy of the General-Purpose Model

In the commercial sector, a model that "hallucinates" a legal citation or generates a slightly off-brand image is a nuisance. In a theater of operations, those same errors are lethal. We must stop judging AI in the abstract and start judging it based on its specific intent.

While generalist models might be suitable for orchestrating workflow, the work should be performed by "expert" agents, or better yet, functions and APIs that only do what you ask and have been tested and accredited for that function.

Both the creators of these models and the DoW must co-develop a Test and Evaluation (T&E) framework that moves beyond general "alignment" and into statistical reality. This framework must; statistically score quality and accuracy against the specific variables of a mission environment and accredit models for specific use cases rather than granting a blanket "safe for government" seal of approval.

Need a daily dose of reality on national and global security issues? Subscribe to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

We should not expect a general frontier model to perform perfectly in autonomous targeting if it wasn't trained for it. We need precision instruments for precision missions. The government’s primary duty is to ensure that the warfighter is handed a tool that has been subjected to rigorous, transparent, and statistically sound evaluation before it ever enters a kinetic environment.

The Standard Already Exists

We do not need to invent a new philosophy of governance for AI; we simply need to apply the high-bar standards the DoD has already established for autonomous systems. The benchmark is DoD Directive 3000.09, "Autonomy in Weapon Systems."

The directive is explicit in its requirement for human agency, stating:

"Autonomous and semi-autonomous weapon systems will be designed to allow commanders and operators to exercise appropriate levels of human judgment over the use of force."

This is the standard. It requires that any system—whether a simple algorithm or a complex neural network - undergo "rigorous hardware and software verification and validation (V&V) and realistic system developmental and operational test and evaluation (OT&E)."

Avoiding the WOPR Scenario

We have seen the fictional version of a failure to follow this standard before. In the 1983 classic movie “War Games”, the military replaces human missile silo officers with the WOPR (War Operation Plan Response) supercomputer because the humans "failed" to turn their keys during a simulated nuclear strike. By removing the human in the loop to increase efficiency, the creators nearly triggered World War III when the AI couldn't distinguish between a game and reality.

Join us March 13 in Washington D.C. as we present The Cipher Brief HONORS Awards to former NSA and Cyber Command Director General Paul Nakasone (ret.), former Chief of MI6 Sir Richard Moore, former Senior CIA Officer Janet Braun, former IQT CEO and Investor Gilman Louie and Washington Post Columnist David Ignatius.

We should view the National Security Memorandum (NSM) on AI, published in 2024 as the modern guardrail against this cinematic nightmare. The NSM’s explicit prohibition against AI-controlled nuclear launches is not a new rule, but rather the 3000.09 standard applied to the most extreme case. If our standards work for our most consequential strategic assets, they must be the baseline for accrediting frontier models in any mission-critical capacity.

The Law is Not Optional

As we lean into this new technological frontier, we must remind ourselves that the Law of Armed Conflict (LOAC) remains our North Star. The principles of distinction, proportionality, and military necessity are absolute. AI is not an "alternative" to these laws; it is a tool that must be proven to operate strictly within them. We follow the law of armed conflict today, and the AI we build must be engineered to do the same - without exception.

Good AI is Safe AI

There is a common misconception that AI safety and AI performance are at odds and that we must "slow down" performance to ensure safety. This is a false dichotomy.

Good AI - high-quality, high-performing AI - is the safest AI.

A model that achieves the highest standards of accuracy and reliability is the model that best safeguards the user. By insisting on a statistical "fit-for-purpose" accreditation rooted in DoDD 3000.09, we ensure our warfighters are equipped with systems that reduce error, minimize collateral risk, and provide the mission assurance they deserve. In the high-stakes world of national security, "good enough" is a liability. Only the highest-standard AI can truly protect the mission and the men and women who carry it out.

I do believe the "Super-Human" computer is on the way, and as smart as that model will be, we should never give it keys to the silos.

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Purpose-Built or Perilous: Congress Faces a Critical FBI Headquarters Decision

OPINION – Congress is weighing a decision with critical National Security implications for generations to come: where to locate the next FBI headquarters? The current headquarters, the Hoover Building, is long past its sell-by date, and there is general agreement it needs to be replaced.

The new headquarters, wherever it is located, must deal with a fundamental threat. It will inevitably be a high-priority target for terrorists, spies, and cyber criminals. That means the single most important consideration must be the safety of the men and women who work there; secondarily, the security of highly sensitive investigative and national security data held inside; lastly, the security of adjacencies - both human and physical. That kind of security requires more than a strong building. It requires a safe location to meet current and evolving threats.

Unfortunately, the frontrunner for the new headquarters fails those crucial considerations. We can do better--much better--than refurbishing the Ronald Reagan Building and International Trade Center. The vulnerabilities have been known for over two decades.

The April 19, 1995 bombing of the Murrah Federal Office Building in Oklahoma City prompted new security measures for federal office buildings. Independent security consultants warned that the Reagan Building’s sprawling 11-Acre complex, mixed-use design, convention space, vast underground parking garage left it vulnerable to terrorist attacks. The September 11, 2001 terrorist attacks confirmed that the FBI needed a new headquarters complex - one that satisfied Interagency Security Committee (ISC) Level V protocols - the highest security standards for nonmilitary federal facilities.

A retrofit of the 30-year-old Reagan Building will fail to meet the physical and cybersecurity requirements of Level V.

The Reagan Building is a quasi-public building in the heart of downtown Washington, DC, designed as a center for international events and public use. Its architecture is antithetical to Level V due to features such as a one-acre glass atrium roof, famed sky lights, and open access to surrounding buildings and Metro.

The urban density of the Reagan Building surroundings creates permanent vulnerabilities that will never satisfy Level V Security. The Reagan Building is in the DC core, which exacerbates security risks to itself and adjacent federal and civilian activity: the District’s Wilson Building, Department of Commerce, Willard Hotel, Freedom Plaza, 14^th Street artery and in closer proximity to the White House. No amount of retrofitting will change these physical adjacencies.

Nearby high-rise buildings provide clear vantage points for hostile actors. The required standoff distances from blast threats can never be met. Nor can the Reagan Building adequately be shielded from line-of-sight surveillance, infrared detection, or electronic signal collection. And, the one acre of glass in the atrium skylight provides an easy drone threat.

A pedestrian tunnel under 14th Street, a popular food court, Metro access, and public garage connectivity undermine perimeter control, as well. Additionally, the Reagan Building cannot provide the square footage for the redundant power infrastructure mandated for a national security headquarters, including a separate utility plant and multiple independent grid connections. Moving FBI here shows a grave disregard for the safety and security of federal personnel, citizens, and national intelligence.

The Real Tab: GSA’s FY 2026 prospectus estimates roughly $1.4 billion for design, construction, and FBI fit-out, but omit the costs of: temporary housing during construction, maintaining Level V-compliant interim facilities, and the likelihood of future leased space if full consolidation proves impossible within the fixed footprint of the Reagan Building. Outdated estimates and assumptions do not reflect the complexity of Level V security or the rapid evolution of cyber and surveillance threats.

The Time to Act is Now: Congress needs to remove the Reagan Building from consideration and insist on a purpose-built solution. The FBI needs a campus-style headquarters with adequate standoff distance, full perimeter control, redundant power and communications, and infrastructure flexible to adapt to evolving threats. Over 23 years ago, a bipartisan report was issued, using the attacks on the Murrah Building and World Trade Center as background, as well as GAO, DOJ/OIG, and Independent Security reports with similar conclusions. But nothing has happened.

Since our first article appeared in The Hill, Frank Keating, Oklahoma Governor at time of the Murrah Building Bombing, responded to us with, “The Murrah tragedy was a wake-up call. Now, thirty years later it doesn’t look like any lessons were learned.” A former Ambassador shared, “The State Department's post Benghazi worldwide building requirements are very unfriendly to retrofitting buildings for occupation by State personnel whether or not a SCIF is involved. The Bureau will be the target like the Marines in Beirut.”

If lawmakers want to ensure the FBI remains the world’s premier law enforcement and counterterrorism organization, they should demand a headquarters that is purposefully built from a national security perspective, not a retrofit of a building never intended to be a secured facility. Let’s, finally, do this right

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

The Transparency Challenge: Europe’s Defense Supply Chain Blind Spot—and Why the Pentagon Went to War Footing

EXPERT PERSPECTIVE — In this issue we will discuss how the security of the defense industrial base (DIB) has moved from a logistics concern to a Tier-1 strategic threat. While the U.S. has transitioned to an interventionist model to decouple defense supply chains from Chinese control, the European defense ecosystem remains opaque. For investors and procurement officers, European discounts are no longer about market fragmentation; they are a reflection of material insolvency.

Welcome to The Iron Triangle, the Cipher Brief column serving Procurement Officers tasked with buying the future, Investors funding the next generation of defense technology, and the Policy Wonks analyzing its impact on the global order.

Let’s examine trends in European defense technologies and how one misstep shaped U.S. policy.

The Transparency Crisis: A "Black Box" in European Procurement

A critical friction point for policy wonks is the data asymmetry within the European Union. Unlike the U.S., where the Defense Production Act (DPA) and Section 232 investigations provide the Pentagon with deep visibility, European authorities are struggling with Prime Opacity.

Major European defense Primes are systematically under-reporting their reliance on critical materials for defense technologies, namely refined Gallium, Germanium, and Antimony. Reporting these dependencies risks forced redesigns that threaten profit margins on multi-decade contracts, creating hidden debt for investors. A European drone startup may look attractive on paper, but its entire production line may be one Chinese export license away from total seizure.

European procurement officers are awarding contracts to firms that cannot guarantee material provenance, creating systemic vulnerabilities. For example, in June 2025, a series of high-performance drone components—deployed with NATO-enhanced Forward Presence (eFP) battlegroups—relied on high-purity Dysprosium and Terbium magnets from China. Procurement Officers accepted European-made certifications from Tier-1 contractors who had simply assembled components in the EU. These firms had not disclosed that their suppliers were purchasing 92% of their high-spec magnets from Chinese state-owned entities.

When Beijing introduced its Second Wave of export restrictions in April 2025 (retaliating against U.S. tariffs), it selectively halted licenses for the specific magnet grades required for these systems. By July, production lines stalled across Germany and France. More critically, the NATO units on the eastern flank had the platforms, but no spare parts or replacement units for the systems meant to deter Russian hybrid incursions.

It was a supply-chain betrayal: Europe discovered 'Made in the EU' was sometimes just 'Assembled in the EU,' like rare-earth IKEA kits. This chilling operational lesson immediately clarified the Pentagon's decision to shift from a global Free Market posture to one of State-Directed Resilience.

The American "War Footing" Model

As of early 2026, the Pentagon and the White House are executing a three-pillar approach designed to decouple the DIB from Chinese control.

Pillar 1: Components, Not Capabilities (Mid-Stream Reshoring)

While previous strategies focused on final capabilities, the new pillar, led by the Office of Strategic Capital (OSC), focuses on chokepoint components that enable those capabilities. Instead of just buying more hypersonic missiles, the U.S. is using DPA Title III to subsidize the mid-stream processing of materials that go into them. By controlling the bottom of the supply chain, the U.S. ensures that even if a startup develops a brilliant AI decision-aid, it isn't forced to use Chinese-refined precursors to build the hardware it runs on.

Pillar 2: Finance, Not Innovation (The "Sovereignty" Moat)

The second pillar shifts the government's role from a customer to a strategic investor. The U.S. has recognized that innovation is plentiful, but China-free capital is scarce. For example, the SBICCT Initiative, a partnership between the DoD and the Small Business Administration, provides low-cost, government-backed credit to private investment funds that agree to invest only in Sovereign-Cleared technology. This creates a financial safe harbor, allowing defense tech startups to scale without having to accept venture capital from Chinese-linked entities, which would disqualify them from sensitive programs under the 2025 Decoupling Acts.

Pillar 3: Lending, Not Spending (Industrial Scalability)

The final pillar replaces one-off innovation grants (which often fail to bridge the Valley of Death) with long-term debt and loan guarantees for industrial infrastructure. In late 2025, the OSC launched its first direct loan products for defense-related manufacturing, allowing companies to build the China-free factories needed for mass-producing sensitive technologies without diluting their equity. By acting as a lender of last resort for high-risk manufacturing infrastructure, the U.S. government ensures that the Golden Dome is built in American foundries using American machines, rather than relying on globalized supply chains that remain vulnerable to Beijing’s export licenses.

Fast-Track Domestic Permitting

Finally, Policy wonks should note the success of the FAST-41 initiative, which, as of late 2025/early 2026, aggressively fast-tracked more than 50 critical mineral projects. By categorizing lithium, antimony, and rare earth mines as covered projects, the U.S. is compressing the time it takes to get domestic minerals into the defense supply chain—often moving from application to groundbreaking in under three years, compared to the 10-15 year timelines still seen in Europe. This allows U.S.-based startups to source compliant materials at a predictable cost, a luxury their European peers do not have.

My Take. This is the section where I get to discuss what excites me about this topic or technology.

It is unfortunate that some European defense technology companies misled buyers into believing that their supply chains were China free. With Russian gray zone activities, namely drone incursions, at an all time high the impetus for prioritizing production over provenance was strong. If I can be a narcissistic American, our government’s insistence that Europe takes responsibility for their security may have driven companies to new heights of urgency.

It seems likely that most European defense technology companies continue working to break dependence on China while also accurately reporting continuing dependencies. Readers must understand that many of the materials which would enable China free manufacturing are simply not yet available.

The short-term pain that U.S. restrictions are causing inside our own defense ecosystem is having a disproportionately negative short-term impact on the domestic sprint for advanced capabilities, especially drones. Fortunately, this is happening at a time when we are not engaged in great power conflict–when advanced capabilities would be more critical.

Conclusion

The Transparency Challenge is the new Tier-1 strategic threat, where Europe's reliance on opaque supply chains—exposed by the catastrophic failure of "Assembled in the EU" drone components—inspired the Pentagon to abandon a Free Market posture for a State-Directed Resilience model. This American "War Footing" is successfully building a China-free foundation by prioritizing mid-stream component processing, creating a "Sovereignty Moat" of capital, and providing long-term debt for industrial scalability, all while fast-tracking compliant domestic mineral sources—a luxury their European peers still lack. The U.S. government is solidifying a systematic pathway toward defense technology dominance, perhaps based on lessons learned by our EU counterparts. But the core question remains: Can this pathway break China’s near total monopoly before the advanced technologies it enables become absolutely critical?

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Where crime and terror meet: Australia’s illicit tobacco market

OPINION – The unearthing of IRGC’s involvement in Australia’s firebombing incidents in 2025 has subsequently brought into question - the extent by which overseas terrorist groups and Australian domestic organized crime are in sinister collaboration. Although the firebombings occurred in 2025, the facilitation of terrorist financing by the efforts of criminal proceeds have long been understood. With illicit tobacco being a staple and incredibly lucrative commodity in the Australian criminal underworld, spurred by the nation’s expensive excise tax, its profound role in terrorist financing is a pressing issue for Australia to further investigate, especially in light of the IRGC discovery.

From late 2024, Australia experienced a series of arson attacks against Jewish-affiliated enterprises, of which two were linked to the IRGC by the Australian Security Intelligence Organization (ASIO) in August 2025. The first incident involved a firebomb attack on the Lewis Continental Kitchen in Sydney in October 2024 coordinated by Sayed Mohammad Moosawi, a former chief of the Nomads motorcycle gang. The second incident involved a firebomb attack on Adass Israel Synagogue in December 2024, which resulted in over $20 million in damages.

In response, ASIO head Mike Burgess pinned the attacks on the IRGC, attesting that the group utilized proxies to operationalize these attacks. Previously, the IRGC has been listed as a terrorist entity by other Western states, namely Canada and the United States. While the attacks did not ultimately result in terrorism charges in Australia, the IRGC’s involvement would shed light on the looming crime-terror nexus, the symbiotic relationship between terrorism and organized crime that is festering in the nation. Understanding this interplay of crime and terror is crucial for counterterrorism efforts in Australia to proactively deter the future threat of terrorism on their soil.

In recent years, the illicit tobacco market has been a rampant issue in Australia, with an economy of approximately $10 billion annually. The market is propagated by the nation’s expensive excise tax on tobacco which compels users to turn to illegal avenues to procure the commodity, ultimately driving the lucrative underground market even further. At A$1.49 per 0.8 gram stick, increased in September 2025 or A$40, or US$26 for a pack of 20 cigarettes, the prices of tobacco is exorbitant compared to other Western countries such as Canada at an excise duty rate of CAD$0.19 per stick and an “average” pack costing between CAD$15.36 to $19.75 as of April 2025. In addition to an estimated loss of $7 billion in excise revenue, this illicit market is known to facilitate terrorist financing operations, being listed as a substantial financier to offshore terrorist groups by the Australia Criminal Intelligence Commission (ACIC). In relation to the firebombing attacks, the discovered crime-terror ties is a warning for Australian stakeholders to address the nation’s excise tax policy which would, in turn, strategically cripple terrorist financing.

Further linkage between illicit tobacco and terrorist financing has been discovered by Australian authorities. Prior to the two firebomb attacks between 2024 and 2025, Australia had already been experiencing a long string of firebomb attacks, linked to illicit tobacco kingpin, Kazem “Kaz” Hamad. Hamad, who was deported from Australia to Iraq in 2023, was believed to be involved with 150 arson attacks targeting tobacco shops across Melbourne. Notably, he was linked to the arson attack on the Lux nightclub in November 2024 where perpetrators of the incident drove a blue Volkswagen Golf. According to a joint report by the Australia Federal Police (AFP), the ASIO, and the Victoria Police, the same vehicle was allegedly used in the Adass Israel synagogue firebombing and a shooting in Bundoora, both of which happened on the same night. Given this linkage, the IRGC may be a key benefactor to the Hamad’s affluent illicit tobacco trade while members of his criminal network will commit violence to appease this overseas client of theirs. By leveraging these networks, the IRGC can employ an outsourcing approach to inflict damage on adversaries while maintaining a guise of plausible deniability.

The IRGC’s methodology, which is a form of hybrid, or asymmetrical, warfare, is a staple in the organization’s playbook which has been observed before in its plan to attack targets in Sri Lanka and the United States in 2024. The IRGC utilized drug trafficker Farhad Shakeri, who held a strong network of organized criminals in both Sri Lanka and the U.S. Shakeri planned to use his criminal contacts to bomb the Israel consulate in Colombo and Arugam Bay, assassinate Israeli tourists in both locations, and also assassinate President Donald Trump in the U.S simultaneously during the first anniversary of Hamas’ 7 October 2023 attack on Israel. However, his plans were later thwarted by law enforcement and intelligence communities of both Sri Lanka and the U.S.

Following the discovery of the IRGC involvement, the Albanese government removed the Iranian ambassador from the country along with the suspension of its embassy in August 2025 while finally listing the IRGC as a terrorist entity. Operationally, this new designation may bolster the Five Eyes’ information sharing with Australia while granting the nation a legal framework to pursue terrorism charges against IRGC-affiliated activity. Additionally, Australia has ramped up its law enforcement efforts to dismantle the illicit tobacco market. New sets of laws have been implemented in 2025 by Queensland and New South Wales to tackle illicit tobacco operations along with drug busts such as in Operation Xray Modred which led to the seizure of approximately $53.8 million worth of tobacco across 17 different storage facilities. The operation is regarded as one of the largest busts in Queensland history. Overall, Australia’s stringent measures and due diligence in crippling the illicit tobacco market demonstrates its strong commitment to reduce criminality and terrorism alike.

However, while enforcement efforts are effective, it is paramount for Australia to consider policy changes to tobacco excise to not only reduce user dependence on illegal sources but cull domestic terrorist financing operations. One policy option that has been discussed by the nation’s largest tobacco wholesalers was to temporarily freeze the increase in tobacco prices. Doing so would create a window for government and law enforcement to deliberate on viable solutions while preventing the situation from worsening. Reduction of excise may lead to complications such as a potential drop in fiscal budget. However, given the tremendous loss of revenue due to the black market as discussed, conversion of illegitimate users to legitimate users as a result of improved policy may create fiscal opportunities for the Australian government instead.

Moreover, preventing tobacco use may contribute to the reduction of the illicit market which does not require touching excise tax. Through a whole-of-society approach such as anti-tobacco education or promotion of healthy lifestyles, Australia may minimize the demand for illegitimate procurement of the product, thus inadvertently mitigating the terrorist financing problem.

Conclusion

The IRGC’s asymmetrical operations in the Australian firebombing incidents emphasize the ever-present need for counterterrorism and national security stakeholders to employ criminological perspectives to unravel the crime-terror nexus. It must be understood that terrorism does not begin with an attack, but rather an established logistical and financial foundation before that. Given organized crime groups’ vast access to lucrative contraband such as illicit tobacco in the case of Australia, terrorist organizations will utilize them for financing opportunities. Given this, restricting distribution of illicit markets will result in considerable mileage in counterterrorism efforts. As crime and terror become a conjoined threat, law enforcement and national security efforts must be just as, if not more, collectivized to counteract them. Australia must not only rely on domestic enforcement efforts and foreign policy decisions to cripple the capability of nefarious actors, but also curb the demand for the rampant illicit tobacco market by changing to its excise tax policies and discouraging product usage. By accomplishing this, the nation can remain optimistic as it positions itself to strategically fight against both crime and terrorism.

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Revisionist History – Aliens, Secrets and Conspiracies

OPINION – Over a decade ago, I was a public official and was at one of our commission meetings on the coast of California. A fellow commissioner and I decided to take a long lunchtime walk along the coast. As we chatted, we realized we had both worked on several of the same very classified programs. His involvement was in acquisition and finance, while mine was more deeply connected to the engineering development of the project and hands-on with the operators on site.

We Got Our Advanced Technology From Aliens
While we both were discreet about not talking about specifics, we recognized the projects we had worked on. So you can imagine my surprise when he turned to me and casually said, “You know this technology came from aliens.” I laughed, thinking that obviously he must be joking. But as we continued walking he continued on, claiming, “You know the equipment you worked on and stuff that followed came from our secret alien investigation site at Wright Patterson Air Force Base. All we did was reverse engineer Alien technology.” This time I stopped in my tracks and looked at him to see if he was smiling. I was puzzled as he looked dead serious. He explained that there was no possible way we could be doing what we were doing using existing technology. Before I changed the subject I asked him how he knew this, he replied with absolute sincerity, “I was head of acquisition on the program. I was briefed on the project. That’s what they told us and they swore us to secrecy.“

I really didn’t know how to process this. He was really a smart and level-headed guy. In fact he was the mayor at the time of Rancho Palos Verde. It took me a mile or two into our walk to rethink everything I knew about the project (even then it had been in decades past), including having sat with a few of the engineers (some strange, but not aliens) as they were designing the system (with me trying to keep up with the revised blueprints in document control), and then watching the system being built and assembled. While it had required incredibly creative engineering, and applying technology on a scale so massive no commercial company could afford it, this system was built by smart people with no aliens involved. But he was equally convinced they were. Over our time together on the commission we took more walks, had lots more to talk about, but we never broached the subject again.

Every once in a while, for the next few years, I puzzled on how he could have been so sure of something that I was sure was completely wrong.

We Did Tell Them It Was Aliens
Fast forward 15 years, and my world view of that conversation was upended when I read in the Wall Street Journal that the Department of Defense had been running a disinformation campaign, briefing finance and acquisition people that the technology for these classified programs was coming from aliens. (Take a minute and read the article.)

All of a sudden our coast-side conversation from a decade and a half ago made sense to me. Most of our most compartmentalized programs have different levels of what was called “need to know.” I never paid much attention as I was read all the way into the technical and operational details of these programs. I vaguely knew that others got fewer details, but as I was just discovering, others had received active disinformation. In a few cases, security officers were even using fake photos and documents to create the Alien cover-story for secret-weapons programs.

It turns out my fellow commissioner had been briefed by the U.S. government that it was Aliens, and he went to his grave believing it so.

Are you going to believe me or your lying eyes?
What’s interesting is what happened after the news came out that the Alien story was government disinformation. A large percentage of people who were briefed, now “doubled down” and believed “we got the technology from Aliens” even more strongly – believing the new information itself was a coverup. Many dismissed the facts by prioritizing how they felt over reality, something we often see in political or religious contexts. (“Are you going to believe me or your lying eyes?”)

I wondered how my friend would have reacted.

Secrecy, Disinformation, and a Higher Power
While on its face this is an amusing story about secrecy, it’s really about the intersection of the secrecy’s impact on society and its role in misinformation, manipulation, the creation of cynicism and mistrust, and our need to believe in a higher power.

Manipulation
An example of secrecy used for manipulation in the 20th century was when the National Security Agency Venona project unmasked Soviet spies in the U.S. Even though this was one of the nation’s most secret programs, the FBI leaked its findings to Joe McCarthy and Richard Nixon. They used this classified knowledge to manipulate the American public, fueling McCarthyism and Richard Nixon’s career. 50 years later, when Venona was made public historians substantively revised the history of U.S. Cold War politics.

In the 21st century Social Media misinformation (e.g. Chinese and Russian influence campaigns, Qanon conspiracies) will look like toys next to the AI-driven manipulation that’s about to come.

Cynicism and mistrust
Secrecy created 75 years of cynicism and mistrust, when the U.S. began launching highly classified reconnaissance balloons (story here), and later the U-2 and SR-71 spy planes. These top secret projects gave rise to decades of UFO sightings. Instead of acknowledging these sightings were from classified military projects the Department of Defense issued cover stories (“you saw weather balloons”) that weren’t believable.

Governments and companies have always kept secrets and used misinformation and manipulation. However, things stay secret way too long – for many reasons – some reasonable (we’re still using the same methods – reconnaissance technology, tradecraft, or, it would harm people still alive – retired spies, etc) or not so reasonable (we broke U.S. or international laws – COINTELPRO, or it would embarrass us or our allies – Kennedy assassination, or the Epstein files).

Secrecy increases the odds of conspiracy beliefs. Because evidence can’t be checked, contradictions can’t be audited, a government “cover-up” becomes a plausible explanation. People don’t tolerate “I don’t know” for long when stakes are high (stolen elections, identity, national crises, the meaning of life, or what happens when we die). That vacuum gets filled by the most emotionally satisfying model: a hidden “higher power” concealing information and controlling events.

Summary
Just as social media replaced traditional news sources, AI-driven summaries of current events are likely to replace our understanding of the world around us. What happens to trust when AI manipulates human’s tendency to embrace conspiracy theories? Who will define the truth in the brave new world?

And by the way, I’m still pretty sure we didn’t get it from Aliens.

This piece was originally published by Steve Blank here.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because national security is everyone’s business.

Why Russia’s War Effort Signals Strategic Decline

OPINION — “Despite claims of battlefield momentum in Ukraine, the data shows that Russia is paying an extraordinary price for minimal gains and is in decline as a major power. Since February 2022, Russian forces have suffered nearly 1.2 million casualties, more losses than any major power in any war since World War II…After seizing the initiative in 2024, Russian forces have advanced at an average rate of between 15 and 70 meters per day in their most prominent offensives, slower than almost any major offensive campaign in any war in the last century. Meanwhile, Russia’s war economy is under mounting strain, with manufacturing declining, slowing growth of 0.6 percent in 2025, and no globally competitive technology firms to help drive long-term productivity.”

That’s a quote from Russia’s Grinding War in Ukraine, a Center for Strategic and International Studies (CSIS) analysis brief by Seth G. Jones and Riley McCabe, released January 27, which says that “a close look at the data suggests that Russia is hardly winning [its war against Ukraine],” and, even more interestingly, that “Russia is increasingly a declining power.”

Jones, President of CSIS’ Defense and Security Department, and McCabe, Associate Fellow in CSIS’, Warfare, Irregular Threats, and Terrorism Program, not only assess that “Russia’s overall progress on the battlefield, especially in the last two years, fall decisively short of Moscow’s goal to militarily conquer Ukraine,” but also that “Russia’s economy is showing signs of strain, and long-term productivity looks bleak.”

Let’s start with the Jones/McCabe analysis of the military situation and below look at their view of Moscow’s economic situation.

While saying assessing casualties and fatalities in wartime is difficult and imprecise, and various sides have incentives to inflate or shrink the numbers for political purposes, Jones/McCabe write that “According to CSIS estimates, Russian forces suffered nearly 1.2 million battlefield casualties, which include killed, wounded, and missing, between February 2022 and December 2025…There were roughly 415,000 Russian casualties in 2025 alone, with an average of nearly 35,000 casualties per month. In addition, there were roughly 275,000 to 325,000 Russian battlefield fatalities between February 2022 and December 2025.”

Compared to the past, the CSIS analysis showed, “Russian battlefield fatalities in Ukraine are more than 17 times greater than Soviet fatalities in Afghanistan during the 1980s, 11 times greater than during Russia’s First and Second Chechen Wars in the 1990s and 2000s, respectively, and over five times greater than all Russian and Soviet wars combined since World War II.”

The CSIS team attributes the high Russian casualties and fatalities to such things as “Russia’s failure to effectively conduct combined arms and joint warfare, poor tactics and training, corruption, low morale, and Ukraine’s effective defense-in-depth strategy in a war that favors the defense.”

Specifically the CSIS analysis says, “Russia’s attrition strategy has accepted the costs of high casualties in hopes of eventually wearing down Ukraine’s military and society. On the battlefield, Russia has utilized dismounted infantry to wear down and attrit Ukrainian lines, along with small first-person view (FPV) drones, artillery, glide bombs, and other stand-off weapons. Russian units have routinely conducted advances using small squads of troops, often poorly trained, that are supported by armored vehicles or light mobility vehicles. Higher Russian headquarters frequently order these forces to advance toward Ukrainian positions to conduct reconnaissance by drawing fire. If Ukrainian positions are positively identified, Russian soldiers may be sent forward to attack positions, which are further mapped and then targeted with artillery, FPV drones, and glide bombs. These tactics have led to high fatalities and casualties.”

The Ukraine side is also given credit for “their defense-in-depth strategy in a war that has largely favored the defender. Ukraine has used trenches, dragon’s teeth (anti-tank obstacles), mines, and other barriers—along with artillery and drones—to attrit advancing Russian soldiers and vehicles. The eastern front line, for instance, continues to be saturated with drones. As a result, vehicle movement is difficult within 15 kilometers of the front line. Infantry soldiers must instead march to their positions for 10 to 15 kilometers.”

One result has been Russia’s slow rate of advance. According to the CSIS analysis, “Russia’s gains since it took the initiative in January 2024 are far smaller than the large territorial shifts seen earlier in the war. At the peak of the initial invasion in March 2022, Russian forces seized roughly 115,000 square kilometers in less than five weeks, but by April 2022, Ukraine had retaken more than 35,000 square kilometers. By November 2022, Ukraine had retaken approximately 75,000 square kilometers, including through successful counteroffensives around [the Ukraine cities] Kharkiv and Kherson.”

Although the Russian economy has held up better than expected following U.S. and other Western country sanctions imposed after Russia’s invasion of Ukraine in February 2022, strain on its economy is starting to show.

The CSIS analysis says, “In 2025, Russian manufacturing declined at its fastest rate since March 2022, with contractions in output and new orders, a rising labor shortage, and a decrease in input buying.Overall, Russian manufacturing suffered seven consecutive months of contraction in 2025, with production levels declining for ten consecutive months. In addition, consumer demand weakened and inflation was high.”

Jone/McCabe write there is also a labor crunch, a drop in oil revenues with lower global prices, with 2025 economic growth slowing to 0.6 percent, while the International Monetary Fund estimates that Russia’s growth would remain slow, at 0.8 percent, in 2026.

The CSIS team also says Russia faces a capital problem. Unable to borrow on international markets, the Kremlin has borrowed at home and raised taxes to finance the Ukraine war. Roughly half its budget is spent on the armed forces, the military-industrial complex, domestic security, and debt service.

“While the war sustains jobs and industrial activity,” the CSIS team says, “it produces few lasting assets or productivity gains. Higher taxes burden the civilian economy, which is already suffering from double-digit interest rates and significant labor shortages. Tank factories are working overtime, but automobile producers have cut shifts.” Ammunition, uniforms, and fortifications contribute to current GDP, but they do not improve long-term welfare or capital formation.

According to Jones/McCabe, “Russia also faces one of the most severe demographic challenges among major economies, with a shrinking and aging population, low birth rate, high mortality rate (especially among working-age men), and high rate of emigration among skilled workers.”

One example where the CSIS analysis finds Russia falling behind is in Artificial Intelligence (AI). It points out that Russian President Vladimir Putin once predicted, “Artificial intelligence is the future not only of Russia but of all of mankind. . . . Whoever becomes the leader in this sphere will become the ruler of the world.”But it then states, “Russia today is a bottom-tier AI power. It ranks 28 of 36 countries in the overall strength and development of its AI ecosystem—or AI ‘vibrancy’ -- according to Stanford University. The top-performing Russian AI model trails even older iterations of OpenAI’s ChatGPT and Google’s Gemini.”

Even worse, not a single Russian company is among the top 100 technology companies in the world by market capitalization, while the U.S. leads the pack.

As for the space race, where Russia was once a leader, Roscosmos, the state corporation in charge of the Russian space program, carried out only 17 orbital launches in 2025, according to the CSIS analysis. That compares to 193 U.S. orbital launches and 92 by China. Russia’s space industry also suffered an accident in December 2025 that caused severe damage to the launch pad Russia uses for sending astronauts and cargo to the International Space Station. In addition, a 2018 Soyuz rocket carrying two astronauts failed as it headed to space; the emergency abort system carried the two to safety.

There has also been a decline inside Russia in popular support inside Russia for the war. According to polls cited by CSIS, in May 2023, 57 percent of Russians believed that most people in their inner social circle supported the war, compared to 39 percent who opposed the war. By October 2025, 55 percent of Russians in their inner social circle opposed the war, compared to 45 who supported the war.

All thi, however, has not appeared to have affected Putin, who, according to the Jones.McCabe analysis “remains undeterred by the high casualty and fatality rates, and Russia’s economic downturn is unlikely to bring the Kremlin to the negotiating table—at least on terms that would be acceptable to Ukraine or Europe.” They say, “Putin may be willing to accept the high casualty and fatality numbers because most of these soldiers are from such regions as the Far East and North Caucasus—and not politically vital areas for him, such as Moscow and St. Petersburg.”

In addition, the Jones/McCabe analysis finds, “President Putin and the Russian government have been adept in conducting an aggressive disinformation campaign that has convinced some policymakers, including in Washington, that Russian victory is inevitable, despite substantial evidence to the contrary.”

The CSIS team attributes that to Russia having “boosted its funding for state-run media in 2026 by roughly 54 percent, indicating a commitment to intensified information warfare. The Kremlin’s propaganda machine is designed to sustain domestic support for the regime and its war against Ukraine, as well as to convince key foreign audiences that the war has been successful and needs to continue.”

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because national security is everyone’s business.

Building the Talent Pipeline for America’s Security Future

OPINION – Public service, at its core, is bigger than government service alone. Serving one’s country takes many forms, and in a time when the federal workforce is shrinking, recognizing the breadth of these opportunities is critical.

In my roles as an adjunct at Texas A&M’s Bush School, an alumni council member at the University of Denver’s Korbel School, and a contributing alumnus at the University of Southern California’s Global Policy Institute, I find myself fielding an increasing number of students who are grappling with how to navigate the future.

We have been here before. After the Cold War, the so-called “peace dividend” led to reductions across government, yet the need for talented, dedicated individuals remained. Today, too, the demand is high, and the pool of students and young professionals aspiring to serve their country is deep. The three universities that have invested in me also continue to invest in carving paths for students to serve in a wide range of roles.

Government itself is the most traditional route. Agencies may be smaller than in the past, yet as the senior generation transitions out, opportunities abound. Indeed, a cursory look reveals many are hiring. Working at the state and local level opens the aperture even wider; I worked for the state of Colorado and interned for the state of California well before I landed at the CIA.

Teaching, at any level, is an invaluable public service. Educators cultivate the next generation of thinkers, leaders, and professionals, shaping civic knowledge and analytic capacity that are foundational to democratic governance and national security. By equipping students with “deeper learning,” such as reasoning, problem-solving, and even persistence, teachers cultivate civic-mindedness and ensure that public service endures across generations.

Nonprofits also play a vital role. Whether focused on development, security, human rights, environmental protection, or public health, these organizations employ millions of people to perform roles that neither the market nor the government can fulfill. Serving in the nonprofit sector often requires ingenuity, resourcefulness, and a commitment to mission-driven work—traits that translate well into national security challenges.

International organizations provide a global platform for public service. From the United Nations to regional alliances, these institutions facilitate cooperation, conflict resolution, humanitarian response, and development programs. Working in such settings develops core skills, including diplomacy, cross-cultural communication, and policy expertise, all of which are transferable to domestic roles.

Think tanks offer another avenue for impactful service. Analysts and researchers at these institutions produce rigorous, evidence-based insights that influence government policy, public debate, and strategic planning, particularly in national security and foreign affairs. Think tanks combine scholarship with real-world impact, allowing professionals to shape the discourse on pressing issues.

Industry provides opportunities that are increasingly essential to national security. Since joining Leidos as a Director and Account Manager in our Intelligence Sector, I have been humbled by colleagues who dedicate their careers to advancing technology and capabilities that the government cannot, and should not, develop on its own. Furthermore, public-private partnerships are critical to maintaining US technological and security advantages.

Multiple Attributes Open the Way

Our emerging professionals should cultivate a combination of skills, knowledge, and character to pave the way for any of these careers. Excellence, deep expertise, and technology acumen are pillars, particularly as workplace challenges grow more complex and technologically driven. While opinions vary on the most critical traits for young professionals entering public service, I have consistently found a core set of skills and behaviors that open doors to careers. I call them the Five Cs.

Critical Thinking is perhaps the most foundational skill. Critical thinking is learnable, and educational research shows that structured analysis and disciplined writing are among the most effective ways to develop it. A well-reasoned, well-substantiated paper forces the author to evaluate evidence, challenge assumptions, and construct persuasive arguments—exactly the habits that public service demands.

Communication, both written and oral, is inseparable from professional effectiveness. Studies consistently demonstrate that strong communication skills correlate with leadership, policy influence, and organizational success.13 Today, AI tools can assist with drafting, but understanding what makes communication compelling remains a human responsibility—one that requires being able to explain why something works, not merely that it does.

Creativity enables professionals to solve novel and ill-structured problems. Research on innovation in public organizations shows that creative thinking improves adaptability and problem-solving in complex environments, including national security contexts. Future public servants can nurture creativity through interdisciplinary exposure, experimentation, and tolerance for intellectual risk.

Curiosity drives learning, adaptability, and sustained professional growth. Educational and cognitive research links curiosity to deeper knowledge acquisition, improved performance, and long-term expertise development. In a field defined by evolving threats, curiosity is not optional—it is a professional obligation.

Collaboration is essential in environments where no single individual or institution holds all the answers. Organizational research consistently shows that collaborative teams outperform individuals when addressing complex, high-stakes problems. Collaboration transforms individual competence into collective effectiveness, a cornerstone of public service.

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

The Cognitive Battlefield is Now Decisive Terrain

OPINION -- Senior policymakers, military leaders, technologists and narrative strategists had one thing on their minds as they gathered in a Reston conference room last week - how decision advantage, psychological leverage, and narrative dominance are increasingly capable of determining strategic outcomes. Cognitive warfare - once treated as an adjunct to cyber or information operations - is becoming a primary instrument of power and the implications are profound.

Clausewitz wrote that the center of gravity in war is the source of an adversary’s strength. In today’s environment, that center of gravity is increasingly ideological and psychological. Unity and will - both domestic and allied - are strategic assets. Information is not merely a supporting function. It’s a weapon.

The contest unfolding in the gray zone is fundamentally about narrative. Not propaganda in the blunt Cold War sense, but sustained, cumulative influence campaigns that shape how populations interpret reality. These efforts operate across media, social platforms, text messaging networks, gaming environments, and increasingly, AI-driven platforms.

Subtle Corrosion Beats Spectacular Attack

One of the most important insights shared last week centered on the cycle of desensitization. Consider the steady drumbeat of cyber intrusions attributed to China or Russia. Each incident sparks temporary outrage, but repetition normalizes the activity. Over time, the public and sometimes policymakers, stop reacting. Strategic corrosion sets in.

This is cognitive attrition. It does not rely on a single catastrophic blow. Instead, it leverages small, atmospheric messages that accumulate. A fabricated report of a measles outbreak in Ukraine, spread via text messages. Repeated claims that Western institutions are corrupt or incompetent. False narratives injected into local conversations. Individually trivial. Collectively transformative.

The cumulative effect resembles what some participants described as a “cognitive supply chain”- disinformation introduced through multiple channels, actors, and devices over time, reinforcing itself until it feels like truth. In this environment, the question is not simply whether a narrative is false. It is whether the repetition of that narrative alters perception faster than truth can catch up.

If traditional principles of war emphasize mass and maneuver, today’s information battlefield demands speed, scale, and persistence. Speed, because narratives form quickly and harden fast. Scale, because digital transport layers allow messages to reach millions instantly. Persistence, because influence is cumulative. It rewards actors willing to repeat, reinforce, and adapt.

Military leaders are increasingly recognizing that communications is not a peripheral function, it is a commander’s business. Every action or inaction is an information operation. Tone, repetition, and secondary amplification matter as much as initial statements. And dominating that narrative requires dominating the transport layers that carry it. That includes terrestrial networks, undersea cables, satellite infrastructure, and increasingly, space-based assets. Space is not peripheral to information warfare; it is foundational.

Another critical component to consider is that of attribution. In the cyber domain, attackers benefit from ambiguity. If malicious actors can hide behind plausible deniability or if governments can shield them, deterrence collapses. Credible attribution raises costs. It narrows safe havens. It signals resolve.

Some countries are beginning to codify this posture. Latvia, for example, has criminalized election-related fake news and deepfakes, recognizing that information manipulation is not abstract speech but a direct threat to democratic integrity. The United States faces a harder question: are our legal and institutional structures optimized for cognitive deterrence? Or are they still calibrated for a previous era of warfare?

The Rise of Agentic Systems

If the cognitive domain is decisive, technology will be central.

The next frontier is not simply artificial intelligence, but agentic architecture - systems capable of augmenting commander decision-making in real time. The goal is not automation for its own sake. It is better recommendations. Faster synthesis. Clearer visibility.

Architecture matters and open, modular systems are essential. Black boxes are strategically dangerous. Defense institutions need plug-and-play capabilities that allow integration of new tools as threats evolve.

Reliability, not feature proliferation, should guide procurement – think more Amazon.com rather than bespoke. Outcome-based acquisition must replace programmatic inertia. A culture of velocity must supplant a culture of compliance.

In Afghanistan, smaller, foreign terrorist organizations were easier to degrade than deeply embedded, locally rooted movements like the Taliban. Structure mattered. Networks with widespread local integration were far more resilient. The same principle applies to narrative ecosystems. Loosely connected but culturally embedded influence networks are harder to disrupt than centralized propaganda hubs.

If adversaries build durable cognitive infrastructure across diaspora communities, digital platforms, and local influencers, countering them requires more than takedowns. It requires building alternative narratives and actions with comparable persistence and legitimacy. Cognitive advantage requires a network of networks approach (think private-public), operating at the intersections of shared security interests.

Cultural Terrain Is Strategic Terrain

Perhaps the most underappreciated shift in today’s information environment is cultural. Gaming now plays a role similar to Hollywood’s influence after World War II. Streaming platforms dominate storytelling. Media consumption patterns are fragmented and algorithmically curated. Stories remain, as one speaker observed, “the fuel of the human soul.”

For decades, institutions like Voice of America succeeded because audiences sought out American content. The positive narrative of opportunity and possibility carried weight. In today’s environment, focusing solely on countering adversaries may be insufficient. Affirmative narratives about democratic resilience, economic opportunity, and alliance strength remain strategic assets. If the center of gravity is ideological, then cultural confidence is not soft power. It is core power.

None of this is executable without human capital. Building a cognitive arsenal requires building a cognitive workforce - professionals who are fluent in AI, media ecosystems, psychology, geospatial intelligence, and policy. Upskilling is not optional. Institutions must cultivate interdisciplinary talent capable of integrating technology and narrative strategy. They must also accelerate collaboration across government, private sector, and research institutions. And Government is looking to the private sector for training, skill development, and use of advanced technology, methods and applications. The adversary does not operate in stovepipes. Neither can we.

The most important question raised at that conference in Reston may have been the simplest: Are we structured to enact our own strategy?

The United States possesses extraordinary technological and intellectual advantages. But advantages unrealized are advantages lost. If cognitive warfare is indeed the new frontier of power, then institutional adaptation- not incremental reform - will determine success. Speed, modularity, reliable attribution, cultural fluency, and decision-centric AI must move from theory to practice. Because in this domain, the battlefield is not a distant theater. It is perception itself. And perception, once shifted, is far harder to reclaim than territory.

The Pinnacle Conference was hosted by The Information Professionals Association, The National Center for Narrative Intelligence and The Cipher Brief at the Carahsoft Conference & Collaboration Center

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Killing Mencho

Exactly who tracked El Mencho, the world’s most wanted and feared drug lord, to a heavily armed safe house in a remote Sierra Madre town is a secret, for now. The Mexican government has revealed only that its air force and special forces commandos descended on a safe house in the quaint Sierra Madre town of Tapalpa early yesterday, encountered gunfire and returned it, killing four cartel gunmen.

El Mencho, whose real name is Nemesio Rubén Oseguera Cervantes, is the 59-year-old founder and leader of the Cartel de Jalisco Nueva Generación (CJNG). Oseguera was wounded in the exchange of gunfire, loaded onto a Mexican military aircraft and flown to Mexico City. According to officials, he didn’t survive the flight.

Officials announced that they seized “various weapons and armored vehicles… including rocket launchers capable of shooting down aircraft and destroying armored vehicles” as a result of the raid. Such heavy military-grade weapons don’t just materialize without somebody knowing about them. A lot of people, in fact. Who sold them to Mencho’s paramilitary organization? Where did they originate? Are there others? Officials won’t have the opportunity to interrogate Oseguera about the influential people who were on his payroll as he grew his ultra-violent cartel into a global powerhouse.

But according to DEA intelligence, his cartel is worth billions and has a presence in all 50 American states and 40 countries. Some American agents believe the Mexican government never wanted to take him alive. In fact, for most of his career, as he was consolidating his power, Mexican leaders have told the U.S. that their forces were unable to find and arrest him. What changed? Experts believe at least two things.

First, Mexican leaders finally got fed up with El Mencho’s blood-soaked reign. “The CJNG was public enemy number one” for President Claudia Sheinbaum’s administration, Michael Chavarria, formerly the Drug Enforcement Administration’s senior leader in Guadalajara, the Mexican cartels’ original base of operations, told The Cipher Brief. “It’s the one cartel out of favor with President Claudia Sheinbaum, especially as it was responsible for the attempt on the life of Security Secretary Omar Garcia Harfuch, just prior to Sheinbaum’s election.”

Garcia Harfuch, an aggressive, outspoken crime-fighter considered to be Mexico’s second most powerful official, survived a cartel assassination attempt in 2020, when he was Mexico City’s police chief. He became the CJNG’s implacable nemesis.

Second, under pressure from President Donald Trump and the U.S. Congress, Sheinbaum and other top officials started collaborating openly with the U.S. military and intelligence community, an unthinkable event just a few years ago. But that changed with the election of Donald Trump.

The U.S. Navy’s Seal Team 2 arrived in Mexico around Feb. 16, ostensibly for a training exercise with Mexican military counterparts aimed at interdicting Chinese shipments of chemical precursors used to make the deadly opioid fentanyl, which has killed hundreds of thousands of Americans. The timing is noteworthy. According to U.S. officials, Navy SEALs trained elite Mexican navy special forces units that captured, among others, infamous drug kingpins Joaquin “El Chapo” Guzman in 2016 and Rafael Caro Quintero in 2022.

For those operations and many others, DEA agents posted to Mexico and along the border provided intelligence gleaned from scores of paid informants recruited over decades. Many operations failed, apparently because they were compromised, but enough succeeded to convince President Trump, who declared drug trafficking and illegal migration top national security threats, to order the CIA and other U.S. intelligence agencies to step up their intelligence collections aimed at the Mexican underworld. The CIA reportedly added more drone surveillance flights over the border region as a result.

But sharing intelligence with the Mexican government has always been a fraught enterprise. Some plans were slow walked. For others, operational security was compromised by corruption at every level of the Mexican government. Sheinbaum’s predecessor, leftist Andrés Manuel López Obrador, openly disdained U.S. anti-drug efforts and famously said he would treat the crime cartels with “hugs, not bullets.”

“The CJNG established a nation-wide network of corrupt alliances among federal, state, and local police and regional military – sufficient to afford them a degree of protection,” Chavarria told us. The DEA had recruited plenty of human sources inside Mexico over the decades, but agents complained. The problem was getting the Mexican government to use that intelligence to take action against key cartel lieutenants.

Do you have deep experience in national security and something to say? Drop us a note at info@thecipherbrief.com.

In December 2024, as the CJNG’s power inside Mexico and around the world expanded precipitously, the Biden administration raised the reward for El Mencho from $10 million to $15 million.

As soon as he took office for the second time, Trump designated the CJNG and other Mexican cartels as foreign terrorist organizations. Trump himself repeatedly pressed Sheinbaum to allow the U.S. military to mount anti-cartel operations deep in Mexican territory. She always refused. Trump and her team were warned that such incursions would inflame Mexican politicians and likely backfire, damaging Sheinbaum’s ability to work with the U.S.

The compromise seems to have been that all boots visible on the ground and all triggers pulled would be strictly Mexican, while, behind the scenes, U.S. law enforcement, military and intelligence community personnel would provide “intelligence support,” as White House spokesperson Karoline Leavitt posted yesterday on X.

Even though El Mencho has been declared dead, U.S. security experts say the war on the cartels is not even close to being over.

“He died like a dog,” Rep. Dan Crenshaw, R-Tex., a Navy SEAL veteran who has led Congressional anti-cartel initiatives, posted on X yesterday. “Cause for celebration – absolutely - but not a victory lap. Now, more than ever, it is critical to keep the pressure on the Mexican cartels.”

DEA veterans say that El Mencho will be quickly replaced by one of his key lieutenants, probably his stepson, Juan Carlos Valencia Gonzalez, 41, known as El R-3, El JP, Tricky Tres or simply 03. He inherits narco DNA, not just from Mencho, a farm boy-turned-enforcer but, even more importantly from the Valencia clan, who are narco royalty.

“El Mencho married into the Valencia family, taking Rosalinda Gonzalez Valencia as his wife,” says Chavarria, an expert on the Valencias and author of the book Junior, about a DEA penetration of the cartels. “This is a common practice among drug trafficking families – designed to solidify loyalty and to protect against betrayal. Narco intermarriages were and are regularly encountered in Mexico’s underworld.”

“The operation against Mencho is more about cracking the idea that powerful cartel leaders operate with impunity than bringing about the downfall of a cartel,” says Carlos Olivo, formerly DEA’s agent in charge in Guadalajara and assistant agent in charge in the key border city of El Paso. “Mencho had near absolute control in that area of Jalisco and for that to be penetrated and successful shows us that a willing partner can indeed turn the tide in Mexico,” he told The Cipher Brief.

Olivo, an ex-Marine who led a DEA team hunting Mencho until recently and is now writing a book about the CJNG, warns that taking down the kingpin and his successors is “just one pillar. Corrupt politicians and banking and business sectors must be next.”

With the stakes in the billions and powerful, respected families involved in the country’s politics, banking and business sectors, and cleaning up Mexico’s institutions will take more than firepower and good intelligence.

“For us Americans, reality won’t change,” says Chavarria. “Same drugs coming across, because of our demand. Same violence in Mexico. Wash, rinse, repeat. It is a small skirmish victory in a prolonged drug war. There will be more Menchos. On a positive note, however, no kingpin can last forever. They can run but they cannot escape their eventuality. Kingpins fall.”

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Tracing the Evolution of Russian Hybrid Warfare

Russia’s full-scale invasion of Ukraine in February 2022 did not emerge from a strategic vacuum. It was the culmination of over a decade of experimentation in hybrid warfare, and of increasingly rigid assumptions inside Russia’s intelligence services.

From Crimea and the Donbas in 2014, through Syria and a series of covert and deniable operations across Europe and the Middle East, Moscow refined a model of conflict built on scripted roles for its security services and their proxies. Yet the same intelligence culture that enabled early gains with hybrid war in Georgia, Ukraine and elsewhere, also fostered deeply flawed prognostications about the utility of force and Russia’s ability to project power.

This is the second in a two-part series on Russian gray zone, or hybrid warfare. In the first article, Wiswesser analyzes the evolution of hybrid warfare and its practice in the decades leading up to Russia’s intervention in Ukraine in 2014.

Russia’s errors ultimately propelled it into a catastrophic all-out war in Ukraine in 2022. This article, which continues a study of Russia’s path to and through the Gray Zone, argues that tracing the evolution of Russian hybrid warfare through the lens of its intelligence services and their miscalculation is not merely an exercise in post-mortem analysis but a critical step toward more effectively deterring future Russian aggression.

With the intervention in Ukraine in 2014, Russia’s so-called “non-contact” or gray warfare doctrine had its first major operational test for Russia, marking it’s most significant use of hybrid warfare. From their perspective, the Russian intelligence services (RIS) and its military succeeded in stunting the actions of Europe and the U.S. when Russia took large portions of the Donbas and Crimea utilizing “little green men." These were Russian GRU (military intelligence elite units), other Russian military units, and intelligence proxies acting in the interests of the state.

For Russian strategists, non-contact war was effective, and these conflicts laid the groundwork for the planning of Putin’s siloviki and “organs” of power—the FSB, GRU, and Russian Armed Forces - for a much larger invasion of Ukraine just 8 years later. Studying the run-up to Russia’s full-scale invasion in 2022, and its hybrid war plan, can help better prepare NATO for the subsequent potential Russian aggression against the Baltics or elsewhere.

2014-2015: Donbas, Crimea, and Syria

In the second decade of this century, as Russia’s debates over non-contact warfare continued within its military and intelligence agencies, planning started to counter what Russia viewed as undue influence from the West in the Caucasus, Central Asia, and most notably, Ukraine. It was the latter that Russia and Putin always considered unfinished business. Russian planners—initially a small group of Kremlin Siloviki and their staff from various ministries—were aware that their military was not prepared for a full-scale war with NATO and the West. Nevertheless, Moscow believed they controlled the narrative and that gaps in reforms of their military and air force could be offset by the RIS conducting sabotage, subversion, cyber warfare, and recruiting key defectors within the Ukrainian government.

The Ukraine interventions and insurgencies of 2014 carried out by Russia in the Donbas and Crimea were classic non-contact operations using reflexive control and malicious influence through the media. Russia’s narrative was circulated among sympathetic European politicians and elsewhere. The story of little green men and whether they “were or weren’t Russian troops” was propagated through active measures. This and other false stories about supposed Ukrainian fascism and atrocities gained significant traction, especially within Central Asian countries and among Russia’s allies. The narrative effectively prevented any unified response by the West and Europe until the occupation of Crimea and large parts of the Donbas became a fait accompli. For Russia, it was a major success.

Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

At the same time, with a major deployment to Syria to support and back President Assad, the Russian Aerospace Forces (renamed the VKS in 2015) gained valuable experience for its combat squadrons. In Syria, they practiced precision strikes, a key part of non-contact warfare, and demonstrated greater precision (than in Georgia) in the use of air power during strikes. Additionally, in Syria, RIS units like GRU Spetsnaz conducted operations embedded with various factions and partners on the ground.

This deployment gained momentum on the heels of the 2014 Ukrainian operations. It was a classic blend of gray zone operations between intelligence and military units. Syria was also seen as a chance for Russia to bleed green units in preparation for larger wars to come.

In Africa during this same period, Putin’s former cook, then an oligarch, Yevgenniy Prigozhin, used the Wagner Group, a private army, to prop up regimes friendly to Russia. Wagner was one of dozens of private military companies, also known as non-state actors, that Russia was using and continues to use to achieve strategic aims. They acted as mercenaries to repress citizens and dissent, intervening as henchmen for hire across Africa.

Still, there was one overarching strategic goal that Putin and all his services focused on—Ukraine. For Russia and its intelligence services in particular, Ukraine remained unfinished business.

Ukraine War Plans: Prepping the Battlefield

As Russia prepared in the years leading up to the full-scale invasion in 2022, it relied on its version of hybrid warfare, its doctrine of non-contact warfare, and all that it involved: active measures, cyber operations, and efforts to influence the media through reflexive control. In planning, they aimed to combine these measures with a limited air campaign and a significant ground invasion that appeared sufficient on paper but lacked professional soldiers, trained units, and the crucial 3-to-1 (or more) force ratio needed to succeed against Ukraine’s professional military.

Russia’s thinking was enabled by and reinforced from decades of theory on non-contact war, their successes in both Georgia and Ukraine in 2014, and their belief they could pull off an occupation of and complete overthrow of the democratic government of Ukraine. Faulty prognostications by the RIS made Putin sure it would all work.

In the lead-up to the Ukraine invasion in 2022, all three of Russia's main intelligence agencies—the FSB, SVR, and GRU—played prominent roles in Putin's planning and execution of the invasion. These agencies always viewed Ukraine and other former Soviet republics, which they call the “near abroad,” as extensions of Russia. The RIS never accepted its independence and couldn't see Ukraine, in particular, as a separate nation.

The FSB, despite primarily being an internal agency, played an outsized role in planning the "special military operation"—the term they later used to describe the full invasion of Ukraine. The FSB Fifth Service was responsible for “operational information” and was prominent in both 2014 and the invasion eight years later. As the main source of intelligence analysis for President Putin, the FSB Fifth Service provided him with a steady flow of inaccurate reports, which he readily accepted. Many of those same FSB officers were infamously reported in the Russian blogosphere as having “picked out their apartments" in Kyiv before the invasion.

The FSB believed Russia could win in Ukraine. To weaken the battlefield, the FSB used influence operations across Russian-language and international media, working alongside their SVR/GRU colleagues. They were confident it could be effective because, to some extent, they succeeded in 2014 in muddying the waters about the nature of that conflict and how the international community should respond (or unfortunately, not). The West and NATO appeared hesitant to act and were unprepared. For the RIS, they thought it was a "win" they could replicate.

The FSB planned a continuation of these tactics in 2022, aiming to confuse the international focus long enough to ensure a quick victory and regime change in Ukraine. U.S. intelligence sharing and increased NATO awareness thwarted this, at least in part. The Foreign Service (the SVR) supplemented these active measures with its own networks of cooperative journalists, corrupt parties or politicians abroad, and what the SVR calls "useful idiots," whom it could employ as witting or unwitting accomplices to help spread the Russian narrative.

Some experts in the West bought into this narrative, commenting across many media outlets on Russia’s “overwhelming force ratios” along the main axes of advance. Western generals and experts echoed Moscow’s position, repeatedly stating that “unfortunately, Ukraine can’t win.” Early in the war, Russian messaging worked in its favor once again.

Russia’s Military/Intelligence Failures in Ukraine

After practicing Russian military maneuvers in “Zapad” (West in Russian) exercises for several years, in early 2022, Zapad 2022 became the cover for the gathering of forces for the full-scale invasion. But this time, the West—Europe and the U.S.-- were better prepared. U.S. intelligence was shared directly with NATO and Ukraine. Ukraine was readied, and Russia was put on notice that it would not succeed in another gray war followed by an invasion.

This time, and unlike many negative predictions even in the West, the Ukrainians would fight, and Russia would bleed. When the Russians were forced to fight, they fought terribly, incompetently, and it has cost them over a million casualties as the war neared its fourth year.

There are important lessons to learn from Russia’s numerous failures in its operations in Ukraine. This article mainly focuses on intelligence services and hybrid warfare. For the Russian army, however, the widespread use of conscripts and their poor integration into battalion tactical groups with “kontraktniki” (contract soldiers) meant the BTGs were largely effective only on paper. Huge convoys showcasing significant “force ratios” were intended to intimidate Ukraine. Still, their equipment was not ready for combat deployment (for example, the many stories of underinflated tires and trucks running out of gas). The Russian Aerospace Forces lacked sufficient combat-trained pilots with the necessary experience in air campaigns to sustain a prolonged engagement.

For the intelligence services, Ukraine would starkly reveal their shortcomings. Russian Military Intelligence, the GRU planned for substantial roles in what they thought would be a quick victory in 2022. GRU Spetsnaz, or special operations units, were used in the 2022 invasion to a fault, thrown into frontal assaults for which these (claimed) elite elements were not designed. They became cannon fodder literally when the Russian battalion tactical groups (BTGs) could not carry out their planned roles.

Along with other infamous units, the GRU’s Unit 29155 distinguished itself with assassinations and attempted ones, not only in Ukraine but across Europe. They were also behind the 2018 attack on defector Sergey Skripal. But most of their early operations, including attempts allegedly to carry out a fast coup to overthrow President Zelensky, failed. RIS hit squads and teams from the GRU and FSB were sent in to stage what they planned as a coup, following an airborne assault--which also failed--at Hostomel airport outside Kyiv.

Other such operations in the Donbas were thwarted by Ukrainian intelligence. There were special operations units from the FSB deployed throughout Ukraine, including their teams "Alpha" and "Vympel." These FSB units and others were particularly active in the occupied East. Their crimes, including assassinations of local Ukrainian leaders, atrocities against civilians, and torture, are well documented and continue to the present.

The FSB, SVR, and GRU all promised Putin and his planners that they could conduct successful cyber operations to stun and disrupt the Ukrainian response in early 2022. These attacks were blunted primarily by the Ukrainians' own cyber defense capabilities and by early intelligence warnings from the West about the invasion. One example of attempted but failed Russian gray-zone ops is the FSB's Center 16, which is broadly responsible for signals intelligence and intercept operations.

Center 16 hires criminal hackers for the state, an example again of non-state actors (NSAs). The FSB and other RIS units believed they could bring Ukraine to its knees with heavy cyber attacks on the government, and that these NSAs could play a significant role, including Russian organized crime groups. The planned cyber and criminal-assisted coup against Ukraine, like the broader invasion, failed. The RIS's predictions of success were again overly optimistic.

Conclusions: New Gray Zone War Without End

Since 2022, the Ukrainians have fought heroically and successfully defended their nation. Western support has played a key role, and that support should continue. But studying why Russia thought it could win and their doctrine and experience on the same, is key for our country and our allies preparing for the next war.

Understanding the basis for the 2022 invasion, which includes Russia’s doctrine and history, is crucial. Russian war plans relied on the same concepts developed by figures like Sliphchenko, Gareev, and Chief of Staff Valeriy Gerasimov regarding non-contact warfare (as detailed in the first article of this series): a permanent front engaged in information warfare, sabotage, and other actions just below the threshold of actual war.

In the West, we should study our Russian adversaries in their own language, their military writings, culture, and traditions, so we can better counter them. Herein lie the lessons of Russian non-contact warfare, their understanding of hybrid tactics, and why they believed they could win—and still do. These lessons are critically important to prevent the next aggression by Russia. A recent study by the Center for European Analysis highlights that Russia’s strategy involves constant escalation against Europe and the U.S.

A Russian victory—or even a frozen conflict on Moscow’s terms—would validate a decade-long experiment in revisionism by stealth and force. It would signal to allies and adversaries alike that escalation works, that borders are negotiable, and that democratic societies lack the endurance to defend the order they claim to lead. Helping Ukraine prevail is therefore not an act of charity or sentiment; it is a strategic necessity.

For the United States and its allies, the lesson is clear. Supporting Ukraine through to a just and durable outcome is inseparable from preparing for the next evolution of the Russian gray zone. That means investing in deterrence across domains, hardening democratic institutions against subversion, confronting malign influence early rather than episodically, and abandoning the illusion that stability can be purchased through restraint. A nation founded on the belief that freedom is an inalienable right cannot afford strategic ambiguity about whether it will defend those who fight for the same principle.

The gray zone is already contested terrain. The question is not whether conflict will continue, but whether the West is prepared to meet it with clarity, resolve, and the will to win.

---------

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Alliances, Ukraine, and China’s Growing Challenge

EXPERT Q&A — Evelyn Farkas has spent decades working at the center of U.S. national security and transatlantic defense policy. A former Deputy Assistant Secretary of Defense for Russia, Ukraine, and Eurasia, she now serves as Executive Director of the McCain Institute, where she focuses on strengthening democratic alliances and confronting authoritarian threats.

Farkas spoke with The Cipher Brief’s Suzanne Kelly from the Munich Security Conference, where global leaders gathered amid continued war in Ukraine, uncertainty about U.S. commitments abroad, and growing concern over China’s long-term ambitions.

Below are highlights from the conversation, lightly edited for length and clarity.

OUR INTERVIEW

Kelly: With everything going on right now from the Middle East to Ukraine to technology and AI and how that’s going to impact global security overall, what is top of mind for you there in Munich?

Farkas: I think it’s the state of the transatlantic alliance and then beyond that really all U.S. alliances. For me, that’s the thing that matters most. And I think that’s what Europeans and others, even those outside of Europe, especially our Asian allies, are going to be listening for. Are we still united?

Kelly: Secretary Marco Rubio is expected to deliver a message here. What are you hoping to hear from him?

Farkas: I’m hoping he gives a speech more like the one Secretary Gates gave when he was exhorting Europeans to do more to carry the burden of our collective defense. Obviously now it’s urgent. Russia is conducting kinetic attacks on European territory every week. Europeans need to step up.

But beyond that, I hope he reasserts the U.S. commitment to the alliance because it’s in the U.S. interest. It undergirds our way of life, our democracy, our security, and our economic prosperity.

Kelly: Are you seeing any shift in how Europeans are thinking about the alliance?

Farkas: I think there’s a bifurcation. The working-level cooperation is still happening. We’re all working together, whether in government or out.

But at the same time, Europeans are much more distrustful of America. They’re not sure whether they can rely on us, and they don’t understand why our president has taken an approach that has at times been quite hostile rhetorically toward the allies.

Kelly: How are you thinking about the Russia-Ukraine war from Munich?

Farkas: Everything depends on us getting this right, meaning the world community. The Ukrainians are fighting and will continue to fight. They have won this war strategically—it’s just a question of when and at what cost.

Russia cannot conquer and rule Ukraine. They’re weak economically and politically. Their military machine is being squeezed and needs to be squeezed more.

We need increased sanctions on Russia, but we also need to sanction China more because China is allowing Russia to continue the war, not just by buying oil but by providing technological dual-use capabilities.

Kelly: How is Europe thinking about China?

Farkas: I’m a little bit concerned. The Japanese have taken a very strong approach. They’re maintaining deterrence and not pretending they share values with China.

But in Europe, we’re seeing leaders travel to Beijing and hedge. Europeans need to be careful because China is not their friend. China will eat their lunch in a minute, and China is not a democracy. You don’t want to be aligned with that kind of government.

Kelly: Looking ahead, what are the most critical issues to get right now?

Farkas: The most important thing is helping Ukraine bring the message home to the Russian elite and the Russian people that they cannot win militarily and that Ukraine will maintain its sovereignty.

Deterring China is equally important. China is pushing the envelope, and we need to maintain our strength against both adversaries.

Kelly: Final thoughts?

Farkas: We must help Ukraine win and maintain sovereignty, and we must deter China. Those are the defining strategic challenges right now.

Read more expert insights into national security in The Cipher Brief. And find out more about The Cipher Brief HONORS Awards happening March 13 in Washington D.C.

Washington’s Venezuelan Gamble: The Old Guard’s Continued Grip on Power

More than six weeks after United States special forces extracted Nicolás Maduro from Caracas, Venezuela remains under the control of the same intelligence apparatus that ran the regime’s torture networks. Acting President Delcy Rodríguez, who oversaw the feared Bolivarian intelligence service under Maduro, now negotiates sanctions relief with Washington while security hardliners who detained political prisoners coordinate their release.

For much of the U.S. intelligence community, however, it is not about whether Venezuela’s system can be repaired, but rather whether the Trump administration has enough leverage to prevent the old guard from rebranding.

Rather than triggering immediate elections as Venezuelan law requires, the Supreme Court declared Maduro’s capture a temporary absence, allowing Rodríguez to govern indefinitely without a popular mandate.

“The regime used a legal mechanism to maintain institutional control while avoiding an immediate electoral process,” Mauricio Vaquero, country coordinator for María Corina Machado’s Vente Venezuela party in Colombia, tells The Cipher Brief. “The Supreme Court decided she would assume as interim president, but a Chavista Supreme Court, not the democratic legal one.”

In other words, the same loyalist judges who helped Maduro stay in power are now using constitutional loopholes to keep his inner circle in charge.

The Intelligence Network Remains Intact

The security apparatus that sustained Maduro’s authoritarian rule continues operating largely unchanged. Interior Minister Diosdado Cabello, still wanted by American authorities on a $25 million bounty for narco-terrorism charges, controls Venezuela’s coercive forces and armed collectives. His role in coordinating political prisoner releases illustrates the paradox of the current transition.

Foro Penal, Venezuela’s leading human rights organization that has provided pro bono legal assistance to victims of arbitrary detention since 2002, estimates that approximately 711 political prisoners are detained as of mid-February. Releases often come with severe restrictions. When opposition politician Juan Pablo Guanipa was freed on February 8 after eight months of detention, armed men abducted him hours later. He is now under house arrest with an ankle monitor.

“They were released, they reunited with their families, until the enlightened stupidity of some politicians led them to believe they could do whatever they wanted and stir up trouble in the country,” Cabello stated after Guanipa’s re-arrest.

Luis Bustos, the Bogotá-based spokesperson for the Venezuelan opposition party Primero Justicia, tells The Cipher Brief that his party alone has 61 members imprisoned as political prisoners.

“There is still a high risk of getting arrested if authorities are aware that you are happy about the situation,” Bustos continues.

In Caracas and popular zones, armed collectives demonstrate the regime’s ability to maintain social control outside of formal state structures.

“After Maduro’s arrest, a circular went out saying that opposition supporters would be captured and obviously alluding to actions of justice by these groups,” Vaquero insists. “So repression itself has not diminished, not in a constant way, not in a sustainable way.”

Elections: A Constitutional Impossibility

Venezuelan opposition figures and Washington officials increasingly acknowledge that legitimate elections cannot take place in the near term. The electoral system’s corruption under Chavismo extends beyond fraudulent vote counting to fundamental issues of voter registry manipulation and military involvement.

“This government put deceased people to vote,” Vaquero claims. “This government gave identity cards indiscriminately to Cubans, to Russians, to Chinese, to people from FARC, to people from ELN.”

María Corina Machado, the Nobel Peace Prize laureate leading Venezuela’s unified opposition, estimated in early February that transparent elections using manual voting could take place within 9 to 10 months. However, National Assembly President Jorge Rodríguez, Delcy’s brother and key regime interlocutor with Washington, ruled out elections in the near future, citing the need for stabilization.

White House Press Secretary Karoline Leavitt has echoed the administration’s reluctance to commit to an electoral timeline. When pressed on when elections might be held, Leavitt stated: “It’s too premature and too early to dictate a timetable for elections in Venezuela right now.” She emphasized that the administration has “maximum leverage over the interim authorities in Venezuela,” and that “their decisions are going to continue to be dictated by the United States of America.”

The constitutional framework technically allows Acting President Rodríguez to serve 90 days, with a possible ninety-day extension if approved by the Chavista-controlled National Assembly. Temporary absence provisions, however, are interpreted creatively by the Supreme Court, which effectively eliminates any firm deadlines.

A U.S. intelligence official focused on Latin America issues, speaking on background to The Cipher Brief, estimates that credible elections extend well beyond constitutional requirements. The source highlights that comprehensive electoral reform requires dismantling power structures that are still firmly entrenched.

Bustos also underscores that elections might realistically occur as early as next year.

“We need first of all to get a country more stable,” he says. “We need to put our institutions on stronger foundations.”

Without functioning democratic institutions, independent electoral authorities, or international oversight mechanisms in place, any rushed election would ratify the status quo. Under current conditions, elections would not be free or fair because the regime controls voters’ registries and ballots. As long as the same power structure is still in place, cosmetic reforms cannot address this fundamental barrier.

Leverage and Limitations

Despite these obstacles, the Trump administration can drive genuine change by maintaining pressure through its military presence and negotiations over sanctions relief. It appears, however, that the regime is trying to outlast Washington’s attention by complying tactically with American demands while maintaining fundamental power structures.

Paola Salazar, director for Medellín and Antioquia state at Colombia’s government migration agency, Migración Colombia, tells The Cipher Brief that pendular migratory flows between Colombia and Venezuela have remained stable since January 3, suggesting Venezuelans are not yet convinced conditions have fundamentally changed.

Moreover, Alejandro Méndez Hernández, a Venezuelan community organizer in Bogotá, tells The Cipher Brief that trust is still absent, hence migrants are not returning despite Maduro’s removal.

“We have a huge amount of Venezuelans being arrested as political prisoners, who haven’t been released until today, so it’s not building trust,” he continues.

Acting President Rodríguez told NBC News earlier this month that she would hold free and fair elections but declined to commit to a timeline, stating that the schedule would be determined through political dialogue. When pressed about Machado, Rodríguez said she would face legal scrutiny upon any return for calling for military intervention and sanctions.

Secretary of State Marco Rubio has publicly outlined a three-phase approach for Venezuela’s future — stability, recovery, and transition to democracy — though he has declined to provide a specific timeline. During his January 28 Senate Foreign Relations Committee testimony, Rubio emphasized that “the end state here is we want a friendly, stable, prosperous Venezuela, and democratic, in which all elements of society are represented in free and fair elections.”

However, Rubio acknowledged the complexity of the timeline, stating, “We’re not going to get there in three weeks. It’s going to take some time.” In subsequent remarks to reporters, he added that the transition “can’t take forever” and acknowledged there must be progress within several months. However, he cautioned that “this is not a campaign to leave in place the systems currently in place.”

The Diosdado Factor

Interior Minister Cabello represents the most significant obstacle to a genuine transition. With control over security forces, intelligence services, and armed collectives, he possesses the coercive apparatus necessary to maintain regime control independent of formal governmental structures.

“Diosdado Cabello has a price imposed by the United States,” Vaquero explains. “He controls the coercive apparatus and all the internal loyalties. We’ve seen him lately. Every time he appears in Venezuelan media, he looks scared.”

The U.S. intelligence source identifies Cabello as the key figure whose removal or neutralization would be necessary for an authentic democratic opening. As long as Cabello maintains control of security forces, any political transition will be cosmetic rather than substantive.

His control extends beyond formal military and police to encompass armed civilian collectives that intimidate opposition supporters and maintain social control, operating with impunity while allowing the regime to claim official restraint.

Foreign Influence and Regional Implications

The regime’s historical relationships with Iran, Hezbollah, Russia, and China complicate transition planning. Despite keeping a low profile after Maduro’s removal, these actors continue to threaten American national security.

Bustos stresses that the presence of Hezbollah and Iranian-linked entities necessitates an extended transition period.

“The United States certainly knows about it,” he says. “I think that it’s not possible to get them out of the country really quickly.”

The re-extradition of Colombian-Venezuelan businessman Alex Saab in early February, designated by the United States as a key financial operator for Maduro, demonstrates some cooperation from regime elements with American law enforcement.

Saab’s arrest represents a significant test of cooperation with Washington. U.S. authorities accused Saab of moving approximately $350 million out of Venezuela through corrupt contracts, making him central to understanding how the regime financed itself under sanctions. His potential extradition signals Rodríguez is willing to sacrifice even Maduro’s closest financial operatives to maintain Washington’s support.

Nearly 9 million Venezuelans in the diaspora are reassessing their return prospects, yet few are making immediate plans to return. The combination of continued repression, economic uncertainty, and the presence of the same officials who forced their exile creates a wait-and-see dynamic.

Venezuelan passports cost approximately $700 on the black market when available, complicating both legal status abroad and potential return. Embassies and consulates are largely non-functional, creating a documentation crisis that traps Venezuelans in limbo regardless of whether they wish to return home or establish permanent residence elsewhere.

Strategic Implications

There is a fundamental question for Washington intelligence planners: Does the current arrangement represent a genuine transition, or is it simply the regime’s survival under American pressure? Continuing imprisonment of opposition figures and constitutional maneuvers to avoid elections suggest the former.

The official from the U.S. intelligence community notes the regime is maintaining strategic control while ensuring tactical compliance. In the absence of sustained military and economic pressure and clear benchmarks, the current government will likely continue to drag its feet on reforms for as long as possible.

The prisoner release pattern is illustrative. While hundreds have been freed, the process is opaque, reversible, and controlled entirely by Cabello’s interior ministry. As well as gag orders, those released are subject to re-arrest for hypothetical “political activity.”

Meanwhile, Defense Minister Vladimir Padrino’s presentation of a golden baton to Rodríguez at a military parade in February symbolized the armed forces’ continued allegiance to Chavista structures rather than any new democratic order.

Venezuela’s situation tests the Trump administration’s approach to authoritarian transitions. Government policy toward Venezuela currently reflects a calculated preference for energy security over democratic reform. Washington views maintaining regional stability and securing oil access as more pressing strategic priorities than the unpredictable outcomes of rapid political reforms.

The Trump administration’s stated objectives for Venezuela emphasize democratic transition. Rubio told the Senate that Washington seeks “free and fair elections” where “all elements of society are represented,” noting pointedly that “you can have elections all day,” but without media access for opposition and the ability for opposition candidates to run freely, “those aren’t free and fair elections.”

Yet the administration’s actions reveal a calculated preference for energy security over rapid political reform. In the same testimony, Rubio prioritized Venezuela becoming “a friendly, stable, prosperous” partner and ending threats from “Hezbollah and Iran in our own hemisphere.”

Washington views maintaining regional stability and securing oil access as more pressing strategic priorities than the unpredictable outcomes of immediate democratic reforms. This pragmatism risks legitimizing a rebranded authoritarianism, retaining the repressive mechanisms of Maduro’s regime.

However, observers caution that this pragmatism may come at a cost in the long run. By prioritizing energy and migration management, the U.S. risks legitimizing a rebranded authoritarianism that retains the repressive mechanisms of Maduro’s regime.

Former U.S. Ambassador to Venezuela James Story assessed that Rodríguez will play for time, doing “just enough to make it look as if they are complying” while waiting for U.S. focus to shift.

Venezuela’s post-Maduro transition ultimately reveals limitations of decapitation strategies against entrenched authoritarian systems. While removing Maduro eliminated the regime’s symbolic figurehead, the intelligence and security apparatus is intact.

Elections cannot occur in the short term, at least not elections meeting minimal standards of freedom and fairness. There is corruption in the electoral infrastructure, arrests of opposition figures for political activities, and the ability and leadership of those who would suppress genuine democratic opening is intact.

While the current arrangement provides tactical benefits, it also leaves strategic vulnerabilities regarding oil access and preventing a migration surge. The same figures wanted on U.S. criminal charges coordinate government functions. The same security services that tortured political prisoners manage their conditional release. The same armed collectives that intimidated voters patrol neighborhoods.

“Where Diosdado Cabello has been, obviously repression has not disappeared,” Vaquero adds. “It materializes with collectives, with social pressure, with selective judicialization. And obviously, while Diosdado remains in power, there won’t be profound change but rather tactical changes.”

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

Defending the Homeland: Pentagon Shifts Strategy on Drone Threats

OPINION — “This memorandum consolidates approximately ten separate outdated memoranda that were inadequate to address the current, complex unmanned aircraft system (UAS) threat environment. The new guidance affects a culture shift by empowering commanders to unambiguously apply their authority to mitigate threat UAS. Our message is clear, Department of War (DoW) airspace is off limits, and our commanders on the ground have the discretion to defend our airspace against all manner of UAS threats…Expanding the Defensive Perimeter : Grants commanders the authority to extend defensive actions beyond the physical ‘fence line’ of an installation; allows for the adequate protection of covered facilities, fixed assets, and mobile assets; placing trust in the commander and maximizing their flexibility to defend facilities and assets.”

That’s a quote from last Tuesday’s Defense Department (DoD) press release, Fact Sheet: C-UAS [counter unmanned aircraft systems] Policy in the U.S. Homeland. It was issued just hours before the Federal Aviation Agency (FAA) temporarily closed airspace within an 11-mile radius of El Paso International Airport, but after Customs and Border Protection (CBP) personnel on the day before [Monday, February 9] used a classified Pentagon laser system on nearby Fort Bliss Air Base, to shoot down what they thought were drug cartel UAS systems [drones], but turned out to be metallic party balloons.

According to the Wall Street Journal, Defense Secretary Pete Hegseth last month had approved lending the 20-kilowatt directed-energy LOCUST [laser] weapon to CBP for use on the Fort Bliss installation, whose fence line is on the Mexican border.

The CBP test was not coordinated with the FAA and the resultant uproar, which subsequently involved the White House and Congress, marks only the beginning of what I believe will be a series of similar episodes related to homeland protection against suspect UAS drone systems.

An interesting sidelight to last week’s events: The Senate Armed Services Committee was scheduled to have a meeting last Thursday morning with two Pentagon drone experts, Owen O. West, DoD Senior Advisor for Drone Dominance, and Travis Metz, Drone Dominance Program Manager. It was called off at the last minute.

What national security news are you missing today? Get full access to your own national security daily brief by upgrading to Subscriber+Member status.

Drones are becoming smarter, more autonomous and more widespread, and as their uses grow the lines get blurry between legitimate and illegitimate, secure and not secure, particularly in metropolitan areas. There are strict FAA rules that govern drones over 55 pounds or any flown for non-recreational purposes. There are even some FAA requirements for outdoor flying of smaller drones for personal pleasure.

Back on June 6, 2025, President Trump issued an Executive Order (EO) called Restoring American Airspace Sovereignty that dealt primarily with UAS. It said of them, “criminals,

terrorists, and hostile foreign actors have intensified their weaponization of these technologies, creating new and serious threats to our homeland. Drug cartels use UAS to smuggle fentanyl across our borders, deliver contraband into prisons, surveil law enforcement, and otherwise endanger the public. Mass gatherings are vulnerable to disruptions and threats by unauthorized UAS flights. Critical infrastructure, including military bases, is subject to frequent — and often unidentified — UAS incursions. Immediate action is needed to ensure American sovereignty over its skies and that its airspace remains safe and secure.”

Trump’s June 2025 EO also said that the United States must have a secure and strong domestic UAS industrial base and that relying on UAS produced in foreign countries as well as foreign-made UAS critical components pose unacceptable national security risks to the U.S.

As one response, the June EO called for, “The Attorney General, in coordination with the Secretary of Defense; the Secretary of Transportation, acting through the Administrator of the FAA; the Secretary of Homeland Security; the Director of OMB; and the Chairman of the Federal Communications Commission, shall promptly take all appropriate steps…with regard to the creation of the National Training Center for Counter-Unmanned Aircraft Systems (Center), and, upon establishment of the Center, focus initial training provided by the Center on development of Federal and SLTT [State, Local, Tribal, and Territorial] capabilities to secure major upcoming national and international sporting events held in the United States, such as the FIFA World Cup 2026 and the 2028 Summer Olympics.”

By December 2025, the FBI had established the National Counter-UAS Training Center (NCUTC) at Redstone Arsenal in Huntsville Alabama where the Bureau already had cybersecurity, intelligence, and forensic training. Ever since, the NCUTC has been training officers from state, local, tribal, and territorial agencies on how to detect drones using radar, radio frequency sensors, and related technologies. More important, they are trained how to identify whether a drone is authorized or hostile, assess threats, and coordinate responses across various agencies.

During training, the FBI emphasizes that offensive actions against drones only occur when legally authorized, but the rules are complex. The FAA website, to assist law enforcement personnel responding to drone incidents, has created a three-part video series that covers the basics of drone regulations.

An additional response to the Trump June 2025 EO was Defense Secretary Pete Hegseth’s establishment in August 2025 of Joint Interagency Task Force 401 (JIATF 401) to replace the Pentagon’s then existing Joint C-sUAS Office. Operating under the Secretary of the Army, Hegseth’s order said, “JIATF 401 will be a joint activity and established as a jointly manned organization. The Military Services will support JIATF 401 with timely joint manning…This

new task force is empowered with broader authorities, funding flexibility, and rapid acquisition capabilities. Its mission is to strengthen U.S. airspace sovereignty, protect personnel and facilities, and outpace adversaries’ growing drone threats. With joint manning, interagency collaboration, and streamlined governance, JIATF 401 is designed to deliver innovative, mission-ready solutions at speed.”

As an example of cooperation, last Thursday, Army Brig. Gen. Matt Ross, JIATF 401 Director, visited the FBI's NCUTC in Huntsville yesterday. He met with Mike Torphy, FBI acting assistant section chief for UAS and counter-UAS, and discussed security preparations for this summer's soccer FIFA World Cup activities. Ross and Torphy also met with expert instructors who are teaching a specialized course for local law enforcement in each of the soccer tournament's eleven host cities across the nation.

One of the more unusual steps underway in the drone security field was announced by the Federal Communications Commission (FCC) last December 21. It referred to “a [White House] National Security Determination regarding the unacceptable risks posed by UAS and UAS critical components that are produced in foreign countries.”

It added that, “U.S. cybersecurity and critical infrastructure guidance has repeatedly highlighted how foreign manufactured UAS can be used to harvest sensitive data, used to enable remote unauthorized access, or disabled at will via software updates.”

As a result, the FCC has updated its so-called Covered List, which identifies foreign-made communications equipment and services that pose unacceptable risks to U.S. national security, and thus cannot be imported for sale or use in the U.S. The action, taken by the FCC last December 22, prohibited the future imports of both foreign-made UAS and UAS components, but does not affect any previously-purchased drone, nor does it prevent retailers from continuing to sell, import, or market foreign drone models or parts approved earlier in 2025.

I found one of the best descriptions of the drone security dilemma was in a sales brochure entitled Countering UAV Threats, produced by BAE Systems, a leading defense contractor.

The BAE brochure said, “Detecting small and inexpensive UAVs remains one of the most persistent operational challenges facing today’s militaries. These platforms possess small radar cross-sections, produce minimal acoustic and thermal signatures, and often operate at low altitudes within ground clutter. Many are capable of autonomous flight with little or no radio frequency (RF) emission, making traditional detection methods unreliable. Urban and vegetated terrain further complicate detection, as buildings and foliage create blind spots and signal reflections that mask UAV movement. Adverse weather, restricted lines of sight and interference from birds or civilian activity introduce additional uncertainty.”

Then brochre went on, “A connected challenge is distinguishing between hostile and civilian UAVs. Attribution and intent are major challenges, as it is often unclear who controls a UAV and for what purpose it is being used, particularly in grey-zone or proxy scenarios. The compressed decision timelines of UAV operations further complicate matters, as engagements frequently occur in seconds, leaving little room for deliberation.”

Needless to add, last week the Air Force Life Cycle Management Center, Eglin Air Force Base, Florida awarded BAE a cost-plus-fixed-fee $145 million contract for the development, manufacturing, and delivery of Counter Unmanned Aerial Systems weapon systems.

Along with everything else, the drone problem is worth keeping an eye on.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because national security is everyone’s business.

How Cuba's Infrastructure Crisis Is Opening the Door to Foreign Intelligence Networks

DEEP DIVE — On February 13, nighttime light emissions across major Cuban cities had dropped as much as 50 percent compared to historical averages — the latest chapter in a crisis that has seen the island's grid collapse multiple times over the past year.

As desperate citizens in half the country waited in the dark, something else was accelerating along the island's few electrified corridors. Chinese technicians continued installing telecommunications equipment, Russian engineers maintained radar stations, and intelligence operatives from both nations embedded themselves deeper into Cuba's crumbling infrastructure.

Just 90 miles from Florida, Cuba's energy crisis has metastasized from an economic catastrophe into a national security vulnerability. Although Havana struggles to maintain the lights, Beijing and Moscow have come to Cuba's aid not as charitable donors but as strategic opportunists seeking to expand their intelligence-collection capabilities.

The State Department warned just one day after the latest outage that "scheduled power cuts occur daily, and unscheduled outages persist throughout Cuba." The island's thermoelectric plants, many dating back decades, now operate at barely 34 percent of their capacity. In February, five of eight Turkish-leased floating power plants departed Cuban ports after Havana failed to meet payment obligations.

The crisis has intensified dramatically as Cuba's oil lifelines have been severed. Following the U.S. seizure of control over Venezuelan oil operations in early January, Mexico had become Cuba's primary supplier, shipping nearly 20,000 barrels per day through September 2025. Yet, under mounting pressure from the Trump administration, which threatened tariffs on any country supplying Cuba with oil, Mexican President Claudia Sheinbaum announced in late January that shipments had been at least temporarily halted.

The figure had already plummeted to about 7,000 barrels per day, leaving Cuba essentially without oil imports for the first time in years.

The breakdown has created an opening that America's strategic competitors are exploiting with alarming sophistication. From this vantage point, intelligence services can monitor U.S. military installations across the Southeast, track Space Force launches from Cape Canaveral, intercept communications from Southern Command headquarters in Florida, and observe naval movements throughout the Atlantic and Gulf of Mexico.

For Beijing and Moscow, Cuba's desperation has become an important windfall.

Beijing's Digital Footprint Expands

China's presence in Cuba has grown exponentially, particularly in telecommunications and digital infrastructure. In testimony before Congress last May, national security analysts confirmed that satellite imagery identifies at least four Chinese-linked signals intelligence facilities across Cuba — Bejucal, Wajay, and Calabazar near Havana, plus a newly constructed site at El Salao near Santiago de Cuba.

"Cuba's proximity to the homeland continues to make the island an attractive intelligence platform for U.S. adversaries," Connor Pfeiffer, senior director of government relations at Foundation for the Defense of Democracies Action, tells The Cipher Brief. "Within 400 miles of Havana sit the headquarters of the U.S. combatant commands for Latin America and the Middle East, U.S. Special Operations Command, and air bases that regularly host advanced U.S. fighter aircraft."

As Cuban telecommunications companies struggle with outdated Soviet-era equipment and chronic power failures, Chinese firms, particularly Huawei and ZTE, have positioned themselves as the only viable solution. These companies aren't simply selling hardware; they're installing the very networks through which Cuba's limited internet traffic flows.

"Because of this proximity, intelligence outposts in Cuba provide signals intelligence and other capabilities that are invaluable to Beijing and Moscow," Pfeiffer explains.

The El Salao site features a circularly disposed antenna array, a configuration highly effective at determining the origin and direction of incoming high-frequency signals. These installations can track signals up to 9,300 miles, providing Beijing with unprecedented visibility into U.S. military communications and operations.

Meanwhile, MacDill Air Force Base in Tampa, home to U.S. Central Command and Special Operations Command, sits less than 300 miles from Cuban shores. Naval Station Mayport in Jacksonville, Naval Air Station Key West, and dozens of other sensitive military installations across Florida, Georgia, and Alabama all operate within easy range. The advantage over satellite surveillance is stark.

"By contrast to what can be obtained from overhead satellite images and other collection from satellites in low earth orbit whose time passing overhead can be anticipated, the ELINT facilities in Cuba are a constant presence with line of sight to key U.S. facilities," Evan Ellis, research professor of Latin American Studies at the U.S. Army War College Strategic Studies Institute, tells The Cipher Brief.

The infrastructure crisis has made Cuba more dependent on Chinese technical expertise. In February 2025, Chinese Ambassador Hua Xin and Cuban President Miguel Díaz-Canel announced China would construct 55 solar plants by the end of 2025, with an additional 37 planned by 2028. If completed, the network would add over 2,000 megawatts of capacity. However, this dependency gives Chinese intelligence services unprecedented access to Cuban government communications, military installations, and infrastructure systems.

"During the present U.S. military operations in the Caribbean, and in a future U.S. conflict in the Indopacific involving U.S. deployment from bases on the Atlantic seaboard and transit through the Caribbean, the Chinese electronic intelligence gathering facilities in Cuba are well positioned to capture not only things like radio transmissions, but the emissions from U.S. facilities, and the signatures of U.S. ships and other forces," Ellis underscores.

In simpler terms: China's Cuban listening posts can intercept not just what U.S. forces communicate, but the electronic fingerprints of their equipment, from radar emissions to communications arrays and ship propulsion systems. By using these signatures, adversaries can identify specific vessels and aircraft, track their movements, and potentially develop countermeasures to defeat U.S. military technology.

Moscow's Renewed Military Presence

Russia's intelligence footprint in Cuba never entirely disappeared after the Cold War, yet Moscow's activities have intensified dramatically. In March 2025, Russia and Cuba signed a military cooperation agreement that Russian lawmakers ratified in October. Ukrainian intelligence estimates that between 6,000 and 7,000 Cubans are currently fighting as mercenaries in Russia's war against Ukraine — the second-largest foreign contingent after North Korea's approximately 12,000 troops.

Rather than operating out of a single massive facility like the Soviet-era Lourdes complex, Russian intelligence has embedded personnel and equipment within ostensibly civilian infrastructure projects. Russian engineers arrive whenever Cuba's power grid requires emergency maintenance, bringing more than just technical skills. When radar systems at Cuban air defense installations fail, Russian specialists provide upgrades with built-in collection capabilities.

Russia has also leveraged Cuba's energy crisis to deepen military cooperation through increasingly frequent naval port calls in Havana; visits that allow Russian intelligence personnel to rotate in and out without scrutiny.

Not everyone in the intelligence community shares the alarm. Critics argue the threat is being overblown by voices eager to justify increased defense spending or maintain hardline Cuba policies that have failed for six decades. Some policy experts argue the infrastructure crisis actually presents an opportunity. If Washington eased sanctions and provided assistance to Cuba's energy sector, Havana would have less incentive to accommodate Chinese and Russian intelligence requirements.

Yet Ellis rejects the notion that Cuba could credibly reduce its ties to Beijing and Moscow in exchange for U.S. economic relief.

"Although U.S. economic coercion, taking advantage of Diaz-Canel's currently desperate economic state, could facilitate a deal in which Cuba promises to reduce its Cuban or Russian presence, Cuba will promise to comply to the degree that it can without truly breaking those ties to China and Russia, which for it are both ideological allies and partners in its survival," he continues.

The regime's dependency, Ellis stresses, runs too deep.

"Not until there is a sincerely democratic pro-US regime in Cuba will the U.S. be truly secure from the type of extra-hemispheric threats that Cuba, like Venezuela, can host in the Caribbean," he asserts.

The desperation-dependence cycle gives Beijing and Moscow leverage that extends beyond traditional espionage. Cuban officials are not in a position to demand transparency when Chinese technicians install new telecommunications equipment. Moreover, when Russian engineers service radar installations in Havana, the government lacks leverage to refuse requests for expanded intelligence cooperation.

"Without Venezuelan oil aid, the Cuban regime faces acute energy shortages and reduced inflows of much-needed foreign currency," Pfeiffer says.

The Trump administration's successful pressure on Mexico to halt oil shipments represents a calculated gamble—one that leverages Mexico's vulnerability during upcoming trade agreement negotiations. The complete severance could accelerate the regime's collapse—or drive it even more desperately into Chinese and Russian arms.

Strategic Vulnerabilities

The intelligence implications extend far beyond passive eavesdropping.

"The data that could be collected could allow the Chinese to capture particular intelligence transmitted in an imperfectly secure or decipherable fashion, but also just from the signatures, have an idea regarding the composition and state of activity of U.S. forces, their location, and signatures that could allow them to more effectively locate and defeat U.S. systems in combat," Ellis points out.

The worst-case scenarios involve cyber weapons pre-positioned in critical infrastructure, electronic warfare systems that could interfere with U.S. military communications during a crisis, or intelligence networks that could support hostile operations on America’s doorstep. The geographic proximity compounds every vulnerability.

Yet not everyone views American intervention as the solution.

Leon Valencia, a former ELN rebel commander and director of the Bogota-based think tank Fundación Paz y Reconciliación, offers a Colombian perspective that reflects broader Latin American sentiment.

"We do see Cuba more as a victim," Valencia tells The Cipher Brief. "Throughout several peace negotiations, Cuba has been a very important part. For example, the peace agreements with the FARC rebels, signed back in 2016, were negotiated in Cuba. Cuba has always kept its doors open towards us. We are thankful to Cuba, but we wouldn't get involved in military actions; there would be a protest."

Yet Valencia and other regional analysts increasingly believe change in Cuba may be inevitable. Enrique Serrano, a Colombian political analyst specializing in Latin American authoritarianism, sees the current crisis as potentially terminal.

"It's very unlikely that the government in Cuba might survive this year," Serrano tells The Cipher Brief. "I think finally we can change, and especially because Venezuela failed too, and even I think Nicaragua will fail to. Those authoritarian governments like Venezuela, Nicaragua and Cuba, what they try to do in real life is to gain time. They will disappear earlier or later."

Washington's Dilemma

The expansion of Chinese and Russian intelligence capabilities in Cuba presents Washington with a challenge that defies easy solutions.

According to Pfeiffer, "continued U.S. pressure will make it difficult for China or Russia to assist the Cuban regime in getting out of this crisis of their own making."

The infrastructure crisis complicates any potential diplomatic opening. A government desperate to keep the lights on may prove more willing to accommodate Chinese and Russian intelligence requirements than it would under less dire circumstances.

The intelligence collection capabilities that Beijing and Moscow are establishing in Cuba will persist long after the current blackouts end. Once installed, telecommunications infrastructure operates for years or decades. Every blackout pushes Havana closer to Beijing, every grid failure necessitates Moscow's help; each represents an incremental expansion of foreign intelligence capabilities on American soil.

"The opportunities stemming from Cuba's military and political alignment with the PRC, longstanding working relationship with its military and other personnel, geographical proximity, and other benefits, both before and during war, are hard to overstate," Ellis adds.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

Media Literacy Isn’t Enough Anymore

OPINION — For years, media literacy has been treated as the solution to misinformation. I've advocated that position as well.

Teach people to question headlines. Encourage them to check sources. Help them recognize bias and emotional manipulation.

All of that still matters. In fact, it matters more than ever. I often encourage people to think like intelligence analysts when they encounter information online. Pause. Ask who benefits. Look for what is missing. Compare across sources. Pay attention to emotion. Those skills are essential. They are part of being an informed citizen in a digital world. And yet, they are no longer sufficient on their own.

The information environment has changed in ways that place unprecedented strain on individual judgment. AI-generated content now moves at a scale and speed no human can comfortably keep up with. Synthetic images, audio, and video are increasingly realistic. Recommendation engines quietly shape what we see first, what we see repeatedly, and what we never see at all.

Even people who are informed and motivated can feel overwhelmed. Not because they lack critical thinking, but because the environment itself is engineered for constant engagement and reaction. Volume replaces deliberation. Speed crowds out reflection. This creates a subtle but important shift in responsibility.

When every individual is expected to function as a full-time analyst, constantly verifying and filtering, fatigue sets in. Naturally, people disengage. Or they rely on shortcuts. Familiar narratives feel safer. Emotion becomes a guide. Over time, trust erodes, not only in information, but in the idea that careful judgment is even possible.

This is where the conversation needs to broaden. Individual literacy and critical thinking remain necessary. We should continue to teach people how to evaluate information and resist online manipulation. At the same time, we have to recognize that resilience cannot rest entirely on individual effort.

Healthy societies depend on environments that support human cognition. Spaces that allow for pause. Systems that introduce friction in high-risk moments instead of eliminating it. Norms and designs that make room for judgment rather than constantly competing for attention. Freedom has always depended on those moments when humans decide what matters, rather than being swept along by momentum.

In a world optimized for speed and engagement, protecting those moments may be one of the most important things we can do.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

I just want to read the news

Get the news and only the news!

Guardian

Back to top

Kaupunki

Back to top

Yle

Back to top

CNN

Back to top

Hesari

Back to top

Al Jazeera

Back to top

New York Times

Back to top

Reuters

Back to top

NPR

Back to top

The Cipher Brief

Norman T. Roule

Back to top