The Cipher Brief

EXPERT OPINION / PERSPECTIVE — We are currently witnessing a mobilization of technical ambition reminiscent of the Manhattan Project, a realization that data and compute are the new defining elements of national power. I am deeply energized by recent bold moves in Washington, specifically the White House’s launch of the "Genesis Mission" this past November—an initiative designed to federate vast federal scientific datasets for integrated AI training—alongside the real-world deployment of GenAI.mil.

Yet, when I look at the velocity of the commercial sector—from OpenAI launching its dedicated Science division and NVIDIA attempting to simulate the planet with Earth-2, to Google DeepMind aggressively crossing their AI breakthroughs into the geospatial domain—it becomes clear that we are still aiming too low. These projects are not just modeling data; they are attempting to model reality itself. American technical leadership is paramount, but that leadership is meaningless if it is not ruthlessly and immediately applied to our national security framework. We must take these massive, reality-simulating concepts and focus them specifically on the GEOINT mission.

A perfect example of this is that earlier this year, in July 2025, the geospatial world shifted. Google DeepMind released the AlphaEarth Foundations (AEF) model, and through the hard work of the Taylor Geospatial Engine (TGE) and the open-source community, those vector embeddings are now publicly available on Source Cooperative.

From Google

The excitement is justified. AlphaEarth is a leap forward because it offers pixel-level embeddings rather than the standard patch-level approach. It doesn’t just tell you “this 256x256 square contains a city”; it tells you "this specific pixel is part of a building, and it knows its neighbors."

But as I look at this achievement from the perspective of national security, I see something else. I see a proof of concept for a capability that the United States is uniquely positioned to build—and must build—to maintain decision advantage.

Google has the internet’s data. But the intelligence community holds the most diverse, multi-physics, and temporally deep repository of the Earth in human history.

It is time for the United States to propose and execute a National Geospatial-Intelligence Embedding Model (NGEM).

Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.

The Proposal: Beyond RGB

The AlphaEarth model is impressive, but it is limited by its training data—primarily commercial optical imagery. In the national security domain, an optical image is just the tip of the spear. We don't just see with light; we see with physics.

I am proposing that we train a massive, pixel-level foundation model that ingests all of its holdings. We aren't talking about just throwing more Sentinel-2 data at a GPU. We are talking about a model that generates embeddings from a unified ingest of:

Multi-INT Imagery: Electro-optical (EO), Synthetic Aperture Radar (SAR), Infrared/Thermal, Multispectral, and Hyperspectral.
Vector Data: The massive stores of Foundation GEOINT (FG)—roads, borders, elevation meshes.
The Critical Missing Modality: Text. We must embed the millions of intelligence reports, analyst notes, and finished intelligence products ever written.

The Approach: "The Unified Latent Space"

The approach would mirror the AlphaEarth architecture—generating 64-dimensional (or higher) vectors for every coordinate on Earth—but with a massive increase in complexity and utility.

In AlphaEarth, a pixel’s embedding vector encodes "visual similarity." In an NGA NGEM, the embedding would encode phenomenological and semantic truth.

We would train the model to map different modalities into the same "latent space."

If a SAR image shows a T-72 tank (through radar returns), and an EO image shows a T-72 tank (through visual pixels), and a text report describes a "T-72 tank," they should all map to nearly the same mathematical vector.
The model becomes the universal translator. It doesn't matter if the input is a paragraph of text or a thermal signature; the output is a standardized mathematical representation of the object.

The Outcomes: What Does This Give Us?

If we achieve this, we move beyond "computer vision" into "machine understanding."

1. The "SAM Site" Dimension In the AlphaEarth analysis, researchers found a "dimension 27" that accidentally specialized in detecting airports. It was a serendipitous discovery of the model's internal logic. If we train NSEM on NGA’s holdings, we won’t just find an airport dimension. We will likely find dimensions that correspond to specific national security targets.

Dimension 14 might light up only for Surface-to-Air Missile (SAM) sites, regardless of whether they are camouflaged in optical imagery, because the thermal and SAR layers give them away.
Dimension 42 might track "maritime logistics activity," integrating port vectors with ship signatures.

2. Cross-Modal Search (Text-to-Pixel) Currently, if an analyst wants to find "all airfields with extended runways in the Pacific," they have to rely on tagged metadata or run a specific computer vision classifier. With a multi-modal embedding model, the analyst could simply type a query from a report: "Suspected construction of hardened aircraft shelters near distinct ridge line." Because we embedded the text of millions of past reports alongside the imagery, the model understands the semantic vector of that phrase. It can then scan the entire globe’s pixel embeddings to find the mathematical match—instantly highlighting the location, even if no human has ever tagged it.

3. Vector-Based Change Detection AlphaEarth showed us that subtracting vectors from 2018 and 2024 reveals construction. For the intelligence community, this becomes Automated Indications & Warning (I&W). Because the embeddings are spatially aware and pixel-dense, we can detect subtle shifts in the function of a facility, not just its footprint. A factory that suddenly starts emitting heat (thermal layer) or showing new material stockpiles (hyperspectral layer) will produce a massive shift in its vector embedding, triggering an alert long before a human analyst notices the visual change.

The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.

The Intelligence Use Cases

Automated Order of Battle: Instantly generating dynamic maps of military equipment by querying the embedding space for specific signatures (e.g., "Show me all vectors matching a mobile radar unit").
Underground Facility Detection: By combining vector terrain data, gravity/magnetic anomaly data, and hyperspectral surface disturbances into a single embedding, the model could "see" what is hidden.
Pattern of Life Analysis: Since the model is spatiotemporal (like AlphaEarth), it learns the "heartbeat" of a location. Deviations—like a port going silent or a sudden surge in RF activity—become mathematical anomalies that scream for attention.

Conclusion

Google and the open-source community have given us the blueprint with AlphaEarth. They proved that pixel-level, spatiotemporal embeddings are the superior way to model our changing planet.

But the mission requires more than commercial data. It requires the fusion of every sensor and every secret. By building this multi-modal embedding model—fusion at the pixel level—we can stop looking for needles in haystacks and start using a magnet.

This is the future of GEOINT. We have the data. We have the mission. It’s time to build the model.

Follow Mark Munsell on LinkedIn.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

Why the ‘Double Tap’ Incident Matters Far Beyond a Single Strike

EXPERT OPINION — For about a week we experienced significant controversy over the first military attack on alleged narco-trafficker small boats off the coast of Venezuela (and later Ecuador). The controversy began with news that the Secretary of Defense had ordered the Special Operations Command Task Force commander to, “Kill them all.” This was linked to reports that the boat was attacked not once, but twice; the second attack launched with full knowledge that two survivors from the first attack were hanging on the capsized remnants.

Critical commentary exploded, much of it based on the assumption that the “kill them all” order had been issued, and that it was issued after the first strike. Even after the Admiral who ordered the attacks refuted that allegation, critics continued to assert that the attack was, ‘clearly’ a war crime as it was obviously intended to kill the two survivors.

The public still does not know all the details about these attacks. What is known, however, is that Congress held several closed-door hearings that included viewing the video feed from the attacks and testimony from the Secretary of Defense, the Secretary of State, and the Admiral who commanded the operation.

Perhaps unsurprisingly, the reaction to these hearings has crystalized along partisan lines. Democratic Members of Congress and Senators have insisted they observed a war crime and called for public release of the video. Republicans, in contrast, have indicated they are satisfied that the campaign is based on a solid legal foundation and that nothing about the attacks crossed the line into illegality.

What is less obvious than the partisan reaction is how what began as a problem for the administration has ended up becoming a windfall. When Senator Roger Wicker, Chairman of the Armed Services Committee, announced after the second closed door briefing that he was satisfied with the administration’s legal theory and saw no evidence of a war crime, it provided a signal to the administration that this Congress is not going to interfere with its military campaign. Democrats will try: they will continue to demand hearings, they have asserted violation of the War Powers Act and propose legislation requiring immediate termination of the campaign, and they will continue to insist the U.S. military has been ordered to conduct illegal killings. But so long as the Republican majority is tolerant of this presidential assertion of war power, there is virtually nothing to check it. This so-called ‘double tap’ tested the political waters, and it turns out they are quite favorable for the President.

What national security news are you missing today? Get full access to your own national security daily brief by upgrading to Subscriber+Member status.

From a legal perspective, the reaction to this incident has reflected overbreadth and misunderstanding from both ends of the spectrum. For example, characterizing the second attack as a war crime – or rejecting that conclusion – implicitly endorses the administration’s theory that it is engaged in an armed conflict against Tren de Aragua, an interpretation of international law that has been rejected by almost all legal experts. Equally overbroad has been the assumption that the second attack must have been intended to kill the survivors from the first attack – an assumption that renders that attack nearly impossible to justify, even assuming it was conducted pursuant to a valid invocation of wartime legal authority. But even release of the video would be insufficient to answer a critical question in relation to this assumption: was the second attack directed against the survivors, or against the remnants of the boat with knowledge it would likely kill the survivors as a collateral consequence? Only the Admiral and those who advised him can answer that question. And if the answer is, ‘the remnants, not the survivors’, other difficult questions must be addressed: what was the military necessity for ‘finishing off’ the boat? And, most importantly, why wasn’t it operationally feasible to do something – perhaps just dropping a raft into the water – to spare the survivors that lethal collateral effect?

But the true significance of this incident and the reaction it triggered extends far beyond the question of whether that second attack was or was not lawful; it is the implicit validation of the foundation for the legal architecture the administration seems to be erecting to justify expanding the conflict to achieve regime change in Venezuela. In this regard, it is important to recognize that the Trump Administration is implicitly acknowledging it must situate its campaign and any extension of this campaign within the boundaries of international law, even as it seeks to expand them beyond their rational limits. Understanding this consequence begins with two essential considerations. First, the Trump Administration’s consistent invocation of international legal authority for its counter-drug campaign - albeit widely condemned as invalid – indicates that any expansion of this campaign will be premised on a theory of international legality. Second, that theory will have to align with the very limited authority of a state to use military force against another state enshrined in the Charter of the United Nations.

That limited authority begins with Article 2(4) of the Charter, which prohibits a state’s threat or use of force against the territorial integrity or political independence of any other United Nations member state. This prohibition is not, however, conclusive. Instead, the Charter recognizes two exceptions allowing for the use of force. First, military action authorized by the Security Council as a measure in response to an act of aggression, breach of the peace, or threat to international peace and security. Such authorizations have been used since creation of the U.N., one example being the use of force authorization adopted in 2014 to establish humanitarian safe areas in Libya; the authorization that led to the Libyan air campaign. The reason such authorizations have been infrequent is because any one of the five permanent members of the Security Council (the United States, United Kingdom, France, China, and Russia) may veto any resolution providing for such authorization for any reason whatsoever. It is inconceivable the U.S. could garner support for such authorization to take military action in and/or against Venezuela, much less even seek such an authorization.

The second exception to the presumptive prohibition on the threat or use of force is the inherent right of individual and collective self-defense enshrined in Article 51 of the U.N. Charter. That right arises when a state is the victim of an actual or imminent armed attack. Furthermore, the understanding of that right has evolved in the view of many states – and certainly the United States – to apply to threats posed by both states and non-state organized armed groups like al Qaeda.

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

From the inception of this counter-narcotics campaign the Trump administration has asserted that the smuggling of illegal – and all too often deadly – narcotics into the United States amounts to an ‘armed attack’ on the nation. This characterization – coupled with the more recent designation of fentanyl as a weapon of mass destruction – is obviously intended to justify an invocation of Article 51 right of self-defense. As with the assertion that TdA is engaged in an armed conflict with the United States, this invocation has been almost universally condemned as invalid. But that seems to have had little impact on Senators like Wicker or Graham and other Republicans who have indicated they are satisfied that the campaign is on solid legal ground.

To date, of course, the campaign based on this assertion of self-defense has been limited to action in international waters. But President Trump indicated in his last cabinet meeting that he intends to go after ‘them’ on the land – ostensibly referring to members of TdA. So, how would an assertion of self-defense justify extending attacks into Venezuelan territory, and what are the broader implications for potential conflict escalation?

The answer to that question implicates a doctrine of self-defense long embraced by the United States: ‘unable or unwilling.’ Pursuant to this interpretation of the right of self-defense, a nation is legally justified in using force in the territory of another state to defend itself against a non-state organized armed group operating out of that territory when the territorial state is ‘unable or unwilling’ to prevent those operations. It is, in essence, a theory of self-help based on the failure of the territorial state to fulfill its international legal obligation to prevent the use of its territory by such a group. And there have been numerous examples of U.S. military operations justified by this theory. Perhaps the most obvious was the operation inside Pakistan that killed Osama bin Laden. Many other drone attacks against al Qaeda targets in places like Yemen and Somalia are also examples. And almost all operations inside Syria prior to the fall of the Asad regime were based on this theory.

By implicitly endorsing the administration’s theory that the United States is acting against TdA pursuant to the international legal justification of self-defense, Republican legislators have opened the door to expanding attacks into Venezuelan territory. It is now predictable that the administration will invoke the unwilling or unable doctrine to justify attacks on alleged TdA base camps and operations in that country. But, unlike other invocations of that theory, it is equally predictable that the territorial state – Venezuela, will reject the U.S. legal justification for such action. This means Venezuela will treat any incursion into its territory as an act of aggression in violation of Article 2(4) of the U.N. Charter, triggering its right of self-defense.

In theory, such a dispute over which state is and which state is not validly asserting the right of self-defense would be submitted to and resolved by the Security Council. But it is simply unrealistic to expect any Security Council action if U.S. attacks against TdA targets in Venezuela escalate to direct confrontation between Venezuela and the U.S. Instead, each side will argue it is acting with legal justification against the other side’s violation of international law.

What this means in more pragmatic terms is that there is a real likelihood a U.S. invocation of the unable or unwilling doctrine could quickly escalate into direct hostilities with the Venezuelan armed forces. At that point, we should expect the administration will treat any effort by Venezuela to interfere with our ‘self-defense’ operations as a distinct act of aggression, thereby justifying action to neuter Venezuela’s military capability.

It is, of course, impossible to predict exactly what the administration is planning vis a vis Venezuela. Perhaps this is all part of a pressure campaign intended to avert direct confrontation by persuading Maduro’s power base to abandon him. But the history of such tactics does not seem to support the expectation Maduro will depart peacefully, or that any resulting regime change will have the impact the Trump Administration might desire. One need only consider how dictators like Saddam Hussein and Manuel Noriega resisted such pressures and clung to power even when U.S. military action that they had no chance of withstanding became inevitable. Or perhaps the administration will bypass the ‘unable and unwilling’ approach and simply initiate direct action against Venezuela to topple Maduro based on an even more dubious claim of self-defense now that he has been designated part of another foreign terrorist organization.

One thing, however, is certain: the options for extending this military campaign to Venezuela are built upon the feeble foundation that the U.S. is legitimately exercising the right of self-defense against TdA. And now, because of an attack that triggered congressional scrutiny, the administration is in a stronger position politically than ever thanks to Republican legislators endorsing this theory of international legality.

The real issue that was at stake during those closed door hearings was never really whether a possible war crime occurred, although the deaths that have resulted from the ‘second strike’ (like all the deaths resulting from this campaign) are highly problematic. The real issue was and remains the inherent invalidity of a U.S. assertion of wartime legal authority and a congressional majority that seems all too willing acquiesce to an administration that seems willing to bend law to the point of breaking to advance its policy agenda.

Nicolas Maduro is a tyrant who has illegitimately clung to power contrary to the popular will of the Venezuelan people. His nefarious activities and anti-democratic rule justify U.S. efforts to force him out of power and enable restoration of genuine democracy in that country. What it does not justify is constructing a legal edifice built on an invalid foundation to justify going to war against Venezuela to achieve that goal. But now that the Trump administration has tested the political waters, that seems more likely than ever.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

The Push and Pull Between Washington and Beijing in the South China Sea

OPINION — China uses a layered approach in the South China Sea that blends military power, paramilitary forces, legal instruments, and political signaling. Beijing has asserted “historic rights” over most of the waterway in the past two decades or so, via the nine-dash line strategy. This strategy overlaps the exclusive economic zones (EEZs) of several Southeast Asian states. A 2016 international law tribunal convened under UNCLOS ruled overwhelmingly against these claims. However, China rejected the ruling and continues to behave as before, trying to assert de facto control in the area. This strategy is reinforced by the use of 'official maps', textbooks, and diplomatic statements aiming to slowly set down the notion that the territorial waters there are under a Chinese sphere.

In the Spratly and Paracel Islands, China has transformed reefs since the early to mid 2010s into large artificial islands, where it constructs airfields, ports, radars, and missile sites, dramatically expanding China’s ability to monitor and, if necessary, contest and harass surface and air traffic across much of the South China Sea. They also serve as logistics hubs that support the constant presence of Coast Guard, navy, and militia vessels.

China is testing just how much military risk the United States is willing to face in order to protect its regional allies. Their primary target? The Philippines, an avid American ally in the region.

Chinese coercion directed at Manila is carried out daily not just by destroyers but by white-hulled Coast Guard ships and ostensibly civilian vessels organized as a maritime militia. These platforms ram, water-cannon, block, or sideswipe Philippine vessels and increasingly use tools like signal jamming and close-in maneuvers against Philippine resupply missions to Second Thomas Shoal and patrols near Scarborough Shoal. Actions are calibrated to be intimidating, sometimes injurious, but still below the threshold of what most governments would label “armed attack.”

These efforts go beyond short-term tactics. They are strategic in nature. China appears less focused on legal recognition than on practical control. If foreign militaries and commercial operators must factor in Chinese reactions for transiting, fishing, or exploration, Beijing achieves much of what formal sovereignty would deliver.

For Beijing, the South China Sea is part of the “near seas” in Chinese maritime doctrine, making it a defensive bastion that must be secured. But by employing artificial island bases and sending out to sea a number of maritime patrols, China seeks to disrupt American and allied activities in the South China Sea while advancing its own power projection further east and south, into the Pacific and Indian Oceans.

What national security news are you missing today? Get full access to your own national security daily brief by upgrading to Subscriber+Member status.

Control over “blue national territory” is tightly linked to Chinese Communist Party narratives of national rejuvenation. By standing firm in the South China Sea, it bolsters PRC leadership legitimacy and makes compromise politically costly internally. Essentially, Xi Jinping appears to be aiming for a Sino-centric maritime order in which neighboring states de facto - if not de jure at some point - accept Chinese rule as a fact of life and where outside powers operate only on terms that Beijing deems acceptable.

Washington’s declared aims in the South China Sea are the preservation of the freedom of navigation and overflight according to international law.

To achieve these goals the United States uses a combination of naval power, alliance creation and military capability development. The United States Navy ships often come close to Chinese-held land and other maritime areas that China or others claim illegally. It does the latter to demonstrate that America will not tolerate any of these claims. These are high-profile but relatively short-lived operations. The above policy is enforced by the U.S. 7th Fleet (based in Japan). There are also more bases throughout the region in partnership with the Philippines.

Big, complicated exercises and joint patrols with the Philippines, Japan, Australia and others build interoperability as well as signal that any serious conflict would not take place strictly on a bilateral basis.

American officials who point out to the 2016 decision, stress that disagreements must be settled in compliance with international law and publicly reiterate that the United States - Philippines Mutual Defense Treaty pertains to American armed forces, public ships or aircraft coming under attack in the South China Sea. This has been a more frequent trend in recent years.

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

What the U.S. Should Do

The United States should embed U.S. presence in sensitive missions, when Manila consents. Instead of sending out stand-alone destroyer transits, the U.S. ought to incorporate freedom of navigation operations (FONOPs) as part of logistics missions or surveillance patrols and multilateral exercises. Publicly, Washington should continue to declare that significant attacks on Philippine government ships and aircraft comes under the Mutual Defense Treaty. The U.S. should reiterate privately to Chinese officials what responses it may evoke from the United States - economic sanctions, change in military posture, joint deployments - so that Chinese leaders know where they are headed if they keep these tactics up.

In addition to donating patrol boats, the United States and allies should also assist the Philippines and potentially other claimant states in fielding new coastal defense missiles, unmanned systems and integrated maritime domain awareness networks. Such instruments make it easier for frontline states to detect and respond to incursions with both greater speed and credibility.

China likes to negotiate one on one — and that’s when it has its own leverage. The United States needs to cultivate overlapping coalitions rather than a simple hub-and-spoke model. Institutionalize 'mini-lateral' groupings; U.S. - Japan - Philippines and U.S. - Australia - Philippines patrols, exercises, and intelligence-sharing agreements would make it more difficult for China to pressure any one state without having to face several others.

Communication links with Beijing such as political and operational hotlines should be tested to ensure they will work under stress. The aim is to be predictable and resolute, to minimize the chances that miscalculation leads to uncontrolled escalation.

The South China Sea has turned into a laboratory for the interaction among power, law and norms in an age of strategic contention. China’s use of maritime power looks to transform disputed waters into a zone over which China can make effective, if not legally exclusive, rules and enforce them through militarized outposts, continuous presence, and the narrative fiction of historical rights.

U.S. policy has preserved core principles - freedom of navigation and treaty commitments - but has not prevented Beijing from strengthening its position or normalizing gray-zone coercion. Washington’s task is not to contain China in absolutist terms, but to ensure that coercive changes to the status quo do not become the region’s operating default. That requires more concrete deterrence at key flashpoints, deeper empowerment of frontline states, and a denser web of regional cooperation - combined with realistic crisis planning to manage the risks that come with sustained great-power competition at sea.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

This is Perhaps Ukraine’s Most Dangerous Time

EXPERT PERSPECTIVE — Each of my eight trips to Ukraine since retiring from the CIA in the summer of 2023 has been filled with unique challenges. Each time I’ve witnessed first-hand the sacrifices the Ukrainians are making on a daily basis to fight for their country’s independence. And while each trip has been physically exhausting, each one has also been highly inspiring because the Ukrainians are fighting to protect many of the traditional American values that I grew up believing in, including the right to self-determination, liberty and national sovereignty.

But my latest visit to Ukraine was by far the most difficult. Not just because the Russians are significantly increasing their air attacks on Ukrainian towns and cities or because Ukraine is once again going through a very cold winter while facing significant power shortages caused by Moscow’s attacks against energy infrastructure targets. But mainly because for the first time, I heard Ukrainians questioning my country’s commitment to helping them defend their country. Because I heard Ukrainian interlocutors conclude that the U.S. was not a reliable partner and because Ukrainians who are fighting to protect their country, questioned whether the U.S. was willing to abandon support for their cause in order to secure potential business deals with Russian dictator Vladimir Putin and his regime.

Remembering all the Americans I had served with over the years, especially those who made the ultimate sacrifice defending liberty and the honor of our country, it is extremely painful to consider the possibility that my country might choose to placate someone like Putin and, in doing so, turn its back on those who have suffered from Putin’s aggression.

After more than 10 years of being at war, the Ukrainians are clearly fatigued. Russia's constant attacks against civilian targets are taking a toll. Families throughout the country are living without regular access to electricity and are subjected to daily mass Russian drone and missile attacks.

Ukraine's own internal corruption challenges, including the "Operation Midas" investigation, which resulted in the resignation of President Zelensky’s longtime advisor and head of the Presidential Office, Andriy Yermak, have raised questions among many Ukrainians about Zelensky and his Administration. The scandal also opened the door for many of the opponents of continued support to Ukraine to claim that Ukraine is a corrupt country led by corrupt leaders.

Of course, these critics forget that the Midas investigation is actually evidence of Ukraine’s efforts to deal with corruption and a development that highlights Kyiv’s determination to create a more transparent government based on “rule of law” principles. And there is no comparison between Ukraine’s efforts to deal with corruption, and Russia’s lack of transparency and complete rejection of “rule of law” governance.

Ukrainian fears about being abandoned by Washington are linked to the perception that the U.S. is going to end its support for Kyiv. Fears that are amplified by the recent leaking of the "28 Point Plan" that was initially presented to Kyiv by the U.S. as part of Washington’s efforts to bring the war to an end and revelations that the bulk of the plan was written by the Kremlin and then delivered to the U.S. Special Envoy for the Middle East and Russia Steve Witkoff by Russian Sovereign Wealth Fund head Kiril Dmitriyev.

These leaks bore many of the hallmarks of a Russian disinformation campaign, and whether or not the Kremlin leaked this information, there is little doubt that Moscow is using the leaks to undermine the U.S. internationally; to drive a wedge between the U.S. and its allies in Europe; to undermine the morale of the Ukrainian population; and to deceive international and domestic audiences into believing Russian President Vladimir Putin is trying to find a peaceful resolution to the war that he started.

Moscow has worked relentlessly to create the impression in Washington, Brussels and Kyiv - that the Ukrainian Armed Forces are on the verge of collapse, and it is only a matter of time before Putin achieves his military objectives.

The Ukrainians, on the other hand, are trying to counter this narrative and demonstrate that the Russians continue to make minimal battlefield gains while paying a tremendous price in terms of personnel and resources.

While people are tired, few appear ready to surrender or give up. Many equate surrender to betrayal of the memories of those Ukrainians who have died since 2014 fighting to defend the country from Russia.

Putin’s effort to control the narrative on Ukraine is partially linked to his desire to cover up how bad his own hand is at present. Putin does not want the West to focus on how the Russian military continues to struggle to take small amounts of territory, while suffering high casualty rates. He does not want others to focus on Russia’s own struggles with growing financial, economic and social problems that threaten the long-term stability of his regime and the future of Russia itself.

In recent years, the Kremlin has shifted its limited financial resources to the Military-Industrial complex, resulting in cutbacks to social spending and bringing an end to support of critical civilian infrastructure projects. While this policy has resulted in an increase in defense production, it is bankrupting the country and in recent months even Russia’s defense industry has had to implement spending cutbacks. Many factories and production sites across Russia are unable to pay workers and have been forced to reduce their work week to three or four days per week.

The money that Putin was once able to use to incentivize Russians to join the military and fight Ukraine is drying up, forcing him to once again consider mobilization plans, which will no doubt be highly unpopular with many Russians, especially with the “elites” living in the country’s main population centers.

The war has also drained off workers, resulting in significant labor shortages. Putin’s war is threatening to plunge Russia into the chaotic and painful social and economic conditions that the country faced in the early and mid-1990s.

Before leaving on my latest trip to Ukraine, I was asked to speak at an event in Washington D.C. focused on the future of U.S.-European relations. During that event, one attendee told me that recent polling in the U.S. showed that - since President Trump’s January 2025 inauguration - support for Ukraine among Republicans had risen significantly. This claim was supported by a report published by Defense One based on polling conducted by the Ronald Reagan Institute and a previous report published by the Chicago Institute on Global Affairs. These signs are heartening. In a system where the population’s interests should be considered by elected leaders, this means that the United States Government should be continuing its support for Ukraine.

The growing public support for Ukraine should give Ukrainians some hope that the U.S. is not going to abandon them. But it is hard for the Ukrainians to hear that message when it is often drowned out by much more negative news about alleged backroom deals made between Putin’s couriers and individuals close to President Trump and the very real possibility that those couriers are using their access to actively pursue a whisper campaign to influence the President and his policy decisions. That, combined with targeted leaks and distortions of facts to exaggerate the perception that Washington now prefers Moscow to Ukraine and the Europeans is painting a Russian-preferred narrative.

What national security news are you missing today? Get full access to your own national security daily brief by upgrading to Subscriber+Member status.

It is correct when President Trump says that he inherited a terrible situation in Ukraine. I also agree that as the elected leader of the most powerful country in the world, President Trump has a responsibility to try to end the bloody and senseless conflict.

The President deserves credit for trying, although I do not agree with his periodic claims that the Ukrainians, or their President, are guilty of starting the war - or that Kyiv does not want to end the war. Vladimir Putin is guilty of starting the conflict and despite all of President Trump’s efforts and the Ukrainians willingness to try to find a compromise, Putin has continued to make maximalist demands and drag out the conflict in hopes of stealing more of Ukraine’s territory and feeding Russia’s defense industrial complex, which is now the sole functioning part of Russia’s struggling economy.

It appeared President Trump recognized this reality in October, when he canceled plans to meet with Putin in Budapest and levied new sanctions on the Russian Energy sector. Unfortunately, the President allowed Putin to manipulate the U.S. team into thinking Putin was ready to negotiate in November, opening the door to a lot of Russian disinformation and information warfare designed to undermine the U.S., Ukraine and its allies - but not designed to bring the war to an end.

Over the past year, I have seen the level of political infighting within Ukraine increase. During a discussion with one Ukrainian General in September of 2024, the General opined that historically, Ukraine had never lost a war to Russia but had lost many wars to itself. He warned that internal political struggles in the country allowed the Russians to identify and exploit the political ambitions of some leaders and use these ambitions to divide the country and undermine national unity.

Ukraine is again facing the threat of serious internal divisions that the Kremlin will manipulate and use to achieve its military and political objectives. It appears likely that the Ukrainian government will hold elections in 2026, and the U.S. and the West should be ready to help Kyiv protect those elections from Russian interference. There is also little doubt that Russia itself will not hold fair elections in 2026 or as long as Putin remains in power.

As an American, I pray that our elected leaders will not repeat the mistakes made by British Prime Minister Neville Chamberlain when trying to deal with Adolf Hitler. The appeasement of Hitler by forcing allies to cede territories to the Nazi regime in Berlin did not lead to “Peace in our Time”. It led to a much greater and more horrific World War that could have been stopped if the English and French had taken decisive action against Hitler at that time.

To “Make America Great Again”, Americans need to stand up for what is right. Right - is not appeasing Putin. Justice is not allowing Putin to get away with stealing large portions of Ukraine’s territory and then benefit from killing more than a million Ukrainian and Russian citizens in a war that was designed to protect Putin’s personal power and re-establish an empire that has collapsed twice in the last 150 years.

As an American, I pray that we find our way through this very confusing and troubled period, hold the aggressor, Putin, accountable for his crimes, and successfully bring this war to an end while protecting Ukraine’s sovereignty and America’s reputation in the world.

All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author's views.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

What It Means Now that Fentanyl is Designated a “WMD”

OPINION — “There's no doubt that America's adversaries are trafficking fentanyl into the United States in part because they want to kill Americans. If this were a war, that would be one of the worst wars. I believe they killed over the last five or six years, per year, 200-to-300,000 people. You hear about a 100,000, which is a lot of people, but the number is much higher than that. That's been proven.”

That was President Trump in the Oval Office on December 15, explaining why he was signing an Executive Order (EO) designating “illicit fentanyl and its core precursor chemicals as Weapons of Mass Destruction (WMD).”

Notice Trump’s use of the word “war,” and the vast exaggeration of numbers of fentanyl drug deaths in the U.S. -- actually 48,000 in 2024. Also, does anyone really think that the cartels are pushing fentanyl into this country “to kill Americans?” Or is the real reason they are doing it is to make money – as is the case with most drug dealers.

I am focusing on this rather odd EO because to me it is another sign that President Trump is bringing the U.S. military into yet another essentially domestic American problem, drug use. I also see it as the Trump administration regularizing employment of the U.S. military to be a normal response to control civil issues.

Remember, President Trump has employed some 9,000 active and National Guard service members on the U.S. southern border to block what he termed an invasion of illegal immigrants. He has also federalized National Guard troops in U.S. cities like Washington, D.C. claiming they were needed to combat crime, and required hundreds of Marines and originally 4,000 California National Guard personnel in Los Angeles to put down protests against immigration raids.

There was even a military atmosphere in the Oval Office on December 15, because the President used that same meeting to make the first awards of a Mexican Border Defense Medal to 13 Army and Marine service members who provided military support to the Department of Homeland Security and U.S. Customs and Border Protection.

In the Oval Office meeting, Defense Secretary Pete Hegseth explained that the newly-issued medal exactly replicated the 1918 Mexican Border Defense Medal, but that one went to U.S. troops who patrolled the border during 1916-1917, when fear was of a German-inspired invasion by the paramilitary forces of Francisco "Pancho" Villa as part of the Mexican Revolution.

While President Trump said that “to kill Americans” was a purpose of trafficking fentanyl, the EO itself said there was a more complex goal. The EO said, “The production and sale of fentanyl by Foreign Terrorist Organizations and cartels fund these entities’ operations — which include assassinations, terrorist acts, and insurgencies around the world — and allow these entities to erode our domestic security and the well-being of our Nation.”

Here, this EO seeks to link up with one of President Trump’s first EOs, signed on January 20, that designated unspecified cartels as Foreign Terrorists Organizations to make them subject to laws Congress passed in the wake of the September 11, 2001, attacks.

The new December 15 EO goes on to say, “The two cartels that are predominantly responsible for the distribution of fentanyl in the United States engage in armed conflict over territory and to protect their operations, resulting in large-scale violence and death that go beyond the immediate threat of fentanyl itself.”

Inexplicably, the EO does not name those two cartels.

However, the Drug Enforcement Agency (DEA) in its 2025 National Drug Threat Assessment makes it clear who they are by saying, “The Sinaloa and Jalisco New Generation Cartels, in particular, control clandestine [fentanyl] production sites in Mexico, smuggling routes into the United States, and distribution hubs in key U.S. cities.”

Then both the new EO and 2025 National Drug Threat Assessment carry the exact same following sentence: “Further, the potential for fentanyl to be weaponized for concentrated, large-scale terror attacks by organized adversaries is a serious threat to the United States.”

It turns out that back in the 1990s, a number of countries investigated using fentanyl as part of an incapacitating agent, including the U.S. Defense Department. The U.S. dropped the idea because of a margin of safety issue – the difference between a dosage that would incapacitate and one that would kill a person.

However the Russians did create a fentanyl-based incapacitating agent and used it in October 2002, when 40 Chechen terrorists seized Moscow’s Dubrovka Theater and held some 800 people hostage. Russians finally released the fentanyl-based gas to incapacitate those in the theater and it killed some 130 of them.

Fentanyl is an FDA-approved synthetic opioid used medically as a pain reliever and anesthetic. It is close to 100 times stronger than morphine. Two milligrams of fentanyl -- equivalent to 10-to-15 grains of table salt – can be lethal. Unlike other illegal drugs such as cocaine, wholesale traffickers distribute fentanyl by the kilogram, equal to 2.2 pounds.

The DEA has found wide U.S. usage of illicit, manufactured, counterfeit fentanyl pills ranging from .02 to 5.1 milligrams, the latter more than twice the lethal dose depending on a person’s body size, tolerance and past usage.

Fentanyl illegal drug use has been a major problem in the U.S. since 2021 when overdose deaths reached 71,000. But as shown above overdose fentanyl deaths are on the way down. President Trump even recognized fentanyl use had gone down saying in the Oval Office on December 15, “We've also achieved a 50% drop in the amount of fentanyl coming across the border and China is working with us very closely and bringing down the number and the amount of fentanyl that's being shipped…We've got it down to a much lower number.” But Trump added, “Not satisfactory, but it will be satisfactory soon.”

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

The term “weapon of mass destruction” has specific legal definitions, typically tied to nuclear, radiological, chemical, or biological weapons that are designed to cause large-scale death or bodily harm.

Under the Trump WMD EO, implementation calls for Defense Secretary Hegseth and Attorney General Pam Bondi to determine if the U.S. military is needed to enforce 10 U.S.C. 282, a post-9/11, 2002 counterterrorism law covering emergency situations involving weapons of mass destruction.

If they agree the military is needed, under 10 U.S.C. 282 Hegseth and Bondi are to “jointly prescribe regulations concerning the types of assistance that may be provided,” and “describe the actions that Department of Defense personnel may take in circumstances incident to the provision of assistance.”

There are provisions in 10 U.S.C. 282 prohibiting the military from authority to arrest individuals, directly participate in searches or seizures of evidence related law violations or collection of intelligence for law enforcement – but those provisions also can also be waived.

In addition, under the Trump EO, Hegseth is to consult with Secretary of Homeland Security Kristi Noem to “update all directives regarding the Armed Forces’ response to chemical incidents in the homeland to include the threat of illicit fentanyl.”

I go into all these details because I believe something other than fentanyl is involved here. Others are questioning the December 15 EO, such as Andrew McCarthy in National Review on December 20.

McCarthy wrote, “President Trump may despise ‘forever wars,’ but he sure seems to like pretend wars. The point of the fentanyl ‘designation’ is to shore up his case for using military force against drug traffickers — although its relevance to high seas around Venezuela is hard to fathom since fentanyl is neither produced nor imported from there. At any rate, fentanyl, a dangerous drug but one with legitimate medical uses, is a narcotic, not a weapon of mass destruction akin to a chemical or biological bomb.”

Yesterday, Military.com pointed out, “The [December 15] Executive Order does not spell out a specific military mission, and Pentagon officials have not yet stated whether the armed forces will take on a direct role under the new designation.”

Nonetheless, the EO creates yet another new, domestic area for military operations within the homeland, and what emerges needs to be watched.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

Trying to Impose a Loser’s Peace on Ukraine Is a Dead End

OPINION — The fate of territory in eastern Ukraine remains the “most difficult” sticking point in the ongoing peace talks, President Volodymyr Zelensky acknowledged over the weekend as U.S. negotiators held separate meetings with Ukrainian and Russian officials. In pursuit of peace, the Trump administration is pushing Ukraine to bend to maximalist Kremlin demands that Russia has failed to impose militarily, while promising Kyiv “platinum standard” security guarantees to sweeten the deal.

This approach is unlikely to succeed — and may prove harmful. The administration would be wise to focus instead on pressing Russia to soften its terms.

Putin Demands Victory He Hasn’t Earned

As one of his conditions for peace, Vladimir Putin insists that Ukrainian troops withdraw from the roughly 23 percent of the eastern Donetsk region they still control. He vows that if Kyiv refuses, his military will take that territory anyways. Putin seems convinced that Russia eventually can grind down Ukraine’s undermanned forces.

Some U.S. officials have echoed those arguments, apparently believing that pressuring Kyiv into concessions offers the surest path to peace. As President Donald Trump recently put it, Russia is “much bigger” than Ukraine, and “at some point, size will win.” Ukraine is “losing,” Trump contended, so it must “accept” Russian demands. An initial U.S. peace plan released in November, drafted with Russian input, called for Ukraine to cede the remainder of Donetsk, which would become a “demilitarized buffer zone,” which Washington is now pitching as a “free economic zone.”

In fact, it’s anything but certain that Russian forces can conquer the rest of Donetsk. They would need to seize a so-called “fortress belt” of cities and towns, just one of which — Pokrovsk — has taken Russia over a year to capture despite advantages in manpower and materiel. Despite improvements in drone warfare, Russia has remained unable to achieve a major breakthrough. That’s partly due to degraded force quality, which is unlikely to recover while large-scale hostilities continue. Russia can continue inching forward so long as it can recruit enough men to throw into the “meatgrinder.” Since 2023, Moscow has maintained a surprisingly strong recruitment rate thanks to ever-larger financial incentives. But that can’t last forever.

Although Ukrainian forces are weary and short on infantry, they are not on the verge of breaking. Ukraine continues to put up a stout defense, relying chiefly on Ukrainian-made drones to inflict disproportionate casualties. The decline in American aid has hurt. But even a complete cutoff probably wouldn’t trigger a collapse, though it would mean more Ukrainian lives lost and infrastructure destroyed.

In short, Putin is demanding that Ukraine accept defeat despite the inconvenient fact that Russia hasn’t defeated Ukraine on the battlefield and is unlikely to do so. As long as that remains the case, lopsided peace plans will be a dead end.

This is not a “Zelensky problem.” Recent polling indicates that the Ukrainian people still overwhelmingly reject ceding more territory, seen as synonymous with capitulation. Many in the Ukrainian military are understandably loathe to cede defensible terrain for which Ukrainians have bled for nearly four years. No Ukrainian leader will agree to a deal that would mean political suicide. Even if Zelensky did try to capitulate, it could ignite domestic political instability and undermine morale, which Russia would seek to exploit.

Beware Empty Promises

In part to convince Kyiv to swallow territorial concessions, the Trump administration has been surprisingly forward-leaning on security guarantees for Ukraine. Although Washington has made clear it won’t allow Ukraine to join NATO, U.S. officials touted an “Article 5-like” commitment during recent talks in Berlin. This has enthused Ukrainian and European officials, who are rightly concerned Russia will violate any peace agreement it signs.

The White House, though, should take care not to make empty promises. Ukraine must not be left with another 1994 Budapest Memorandum, which gave Kyiv hollow security assurances in exchange for relinquishing nuclear weapons inherited from the Soviet Union.

While the administration has released few details regarding the specific commitments it made in Berlin, press reports indicate elements of the plan are sensible. The Ukrainian Armed Forces would be permitted to maintain a peacetime strength of 800,000 troops and would receive Western training and equipment, defying Moscow’s demand for Ukrainian demilitarization. A U.S.-led international monitoring and verification mechanism would ensure compliance with a ceasefire, and a deconfliction mechanism would work to prevent escalation.

However, earlier media leaks, as well as a European statement released following the Berlin talks, suggest Washington may also be offering a non-committal promise to respond with measures up to and including “armed force” if Russia re-invaded Ukraine. The Trump team says it will grant Kyiv’s request to seek Senate approval to make this pledge legally binding. Even so, the threat of U.S. military intervention lacks credibility. Both Trump and his Democratic predecessors have eschewed direct conflict with Russia over Ukraine. That’s unlikely to change under a future president, especially since Washington is trying to focus on deterring China.

If the White House is betting its bluff won’t be called, it should think again. However the current war ends, it’s unlikely to resolve Russia’s decades-long struggle to dominate Ukraine and reshape the European security order. Moscow will be racing to reconstitute its army, drawing on lessons learned in Ukraine and expanded defense-industrial capacity. Another Russian invasion is a distinct possibility. And if America’s “Article 5-like” guarantee is revealed to be hollow, it could undermine the credibility of the actual Article 5, weakening NATO deterrence.

As another part of the security guarantee package, the Trump administration apparently has agreed to support a British- and French-led multinational force in Ukraine. After hostilities cease, countries from the so-called “Coalition of the Willing” would help police Ukraine’s skies, clear naval mines, and regenerate the Ukrainian army. This would include deployments of Europe troops to Ukraine (though far from the front lines) — an idea which Moscow vehemently opposes. Other than ruling out putting American boots on the ground, the administration hasn’t publicly specified how it would support this force (likely involving intelligence, surveillance, and reconnaissance and possibly other so-called “strategic enablers”). Nor has Washington publicly agreed to provide an air-power “backstop” if that force were attacked. If a ceasefire looks shaky and no U.S. backstop is committed, European countries will be more reluctant to put troops in Ukraine.

Another problem is that tying the force’s deployment to a ceasefire incentivizes Russia to prolong the war. Putin invaded Ukraine precisely to reverse its Westward drift, and Moscow insists that any peace settlement must bar Western troops from the country — a demand that earlier drafts of the U.S. peace plan sought to satisfy. As British scholar Jack Watling has argued, Europe could obviate the Russian veto commencing with air policing and training in western Ukraine now, before the war ends. Yet European capitals remain unwilling to do so, wary of escalation with Russia. That same fear undermines the force’s deterrent value in the first place.

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

Path to Peace

Rather than gunning for a quick but lopsided deal, Washington should patiently focus on shifting the Kremlin’s calculus. Moscow has made clear that its ambitions go well beyond Donetsk. In essence, Putin seeks a settlement that locks Ukraine within Russia’s sphere of influence. Given the maximalist nature of Putin’s demands, peace will remain impossible unless Moscow reduces its expectations considerably. Ukraine will also have to make concessions, including on its NATO aspirations. But Russia is the primary obstacle.

Perversely, pressuring Ukraine to cede more territory could put a deal farther from reach. By attempting to strong-arm Kyiv, echoing Kremlin arguments about the inevitability of Russian advances, and reducing military aid for Ukraine, Washington risks hardening Putin’s intransigence.

The consequences could also extend beyond Ukraine. Since the Second World War, the United States has led the free world in opposing the acquisition of territory by military means. Discarding that now could shake allied trust in America while emboldening adversaries such as China. President Trump is right to push for peace in Ukraine, but the medicine must not be worse than the disease.

So long as Putin is overconfident in his military prospects and feels no sense of urgency to end the war, he is unlikely to make the necessary compromises. The Russian autocrat must be made to realize that more war will bring nothing but pain. The European Union just took an important step by pledging 90 billion euros to shore up Kyiv’s state budget through 2027. The United States should do its part, too. Washington could bolster Ukraine’s bargaining position by surging military assistance, much of which could be financed by Europe. This effort should include support for Kyiv’s air defense and long-range strike capabilities, helping Ukraine endure the winter and impose greater costs on Russia.

In addition, Washington should stringently enforce and build on its recent sanctions targeting Russia’s top oil companies. The Treasury Department should target unsanctioned Russian oil suppliers as well as other entities, vessels, and infrastructure that help bring that oil to market. Western countries could further ramp up the pressure by replacing the Biden-era price cap on Russian oil flows with a full ban on providing shipping or financial services for those exports.

Lastly, Kyiv’s Western partners should encourage the Ukrainian military to fight smarter. Ukraine must stop wasting precious manpower clinging to semi-encircled towns or counterattacking to reclaim insignificant positions. This penchant stems in part from concerns that admitting to battlefield setbacks would discourage U.S. support and fuel calls for territorial concessions.

The Ukrainians aren’t going to give Russia more than it can take by force of arms. Rather than trying to do Putin’s dirty work for him, Washington should put its energies into convincing Moscow to accept realistic terms.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

X’s Location Feature Exposes a Real Problem, but Does Not Fix It

OPINION — A new location transparency feature on X is revealing foreign influence on American discourse just as federal agencies designed to deal with such threats are being dismantled.

Toward the end of November, X began listing account locations in the “About this account” section of people’s (or bots’) profiles. X also can list the platform through which users access the social media site, such as the web app or a region-specific app store.

With these new transparency features, X exposed that major MAGA influencers are likely operating from Eastern Europe, Africa, and Southeast Asia. And while anti-Trump profiles posing as Americans on X haven’t made headlines, the authors found one listing itself in Charlotte, NC that X indicates connected via the Nigeria App Store.

One factor driving foreign accounts to masquerade as domestic political commentators could be commercial gain. Heated political debate, abundant in the United States, drives engagement, which can be monetized. Account owners posing as Americans may also be funded or operated by America’s adversaries who seek to shape votes, increase social divisions, or achieve other strategic goals.

The problem of foreign adversaries pretending to be American is not new. During the cold war, Soviet KGB agents even posed as KKK members and sent hate mail to Olympic athletes before the 1984 summer Olympics. What is different now is the scale and speed of influence operations. The internet makes it dramatically easier for foreign adversaries to pose as Americans and infiltrate domestic discourse.

The past decade provides countless examples of Russia, China, and Iran targeting Americans with online influence operations. In 2022, a Chinese operation masqueraded as environmental activists in Texas to stoke protests against rare earth processing plants. Iran posed as the Proud Boys to send voters threatening emails before the 2020 elections. In 2014, Russia spread a hoax about a chemical plant explosion in Louisiana.

X’s new country of origin feature is a step in the right direction for combatting these operations. Using it, a BBC investigation revealed that multiple accounts advocating for Scottish independence connect to the platform via the Iran Android App. On first blush, this makes little sense. But Iran has a documented history of promoting Scottish independence through covert online influence operations and a track record of sowing discord wherever it can.

Disclosing origin alone paints an incomplete picture. Identifying an account’s location does not always tell you who directs or funds the account. For example, Russia has previously outsourced its attempts to influence Americans to operators in Ghana and Nigeria. America’s adversaries continue to leverage proxies in their operations, as seen in a recently exposed Nigerian YouTube network aggressively spreading pro-Kremlin narratives.

Additionally, malign actors will likely still be able to spoof their location on X. Virtual private networks (VPNs) mask a user’s real IP address, and while X appears to flag suspected VPN use, the platform may have a harder time detecting residential proxies, which route traffic through a home IP address. Sophisticated operators and privacy enthusiasts will likely find additional ways to spoof their location. For example, TikTok tracks user locations but there are easy-to-find guides on how to change one’s apparent location.

The additional data points provided by X’s transparency feature, therefore, do not provide a shortcut to attributing a nation-state or other malign actor behind an influence operation. Proper attribution still requires thorough investigation, supported by both regional and technical expertise.

Social media platforms, private companies, and non-profits play a significant role in combatting online influence operations. Platforms have access to internal data — such as emails used to create an account and other technical indicators — that allow them to have a fuller picture about who is behind an account. Non-profits across the United States, Europe, Australia, and other aligned countries have also successfully exposed many influence operations in the past purely through open-source intelligence.

The U.S. government, however, plays a unique role in countering influence operations. Only governments have the authority to issue subpoenas, access sensitive sources, and impose consequences through sanctions and indictments.

Washington, however, has significantly reduced its capabilities to combat foreign malign influence. Over the past year, it has dismantled the FBI's Foreign Influence Task Force, shut down the State Department’s Global Engagement Center, and effectively dismantled the Foreign Malign Influence Center at the Office of the Director of National Intelligence. These changes make it unclear who — if anyone — within the U.S. government oversees countering influence operations undermining American interests at home and abroad.

X’s new transparency feature reveals yet again that America’s adversaries are waging near-constant warfare against Americans on the devices and platforms that profoundly shape our beliefs and behaviors. Now the U.S. government must rebuild its capacity to address it.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

We Need More Than Just a Command Shakeup in the U.S. Military

EXPERT OPINION — Reports came out last week that claim the Chairman of Joint Staff, General Dan Caine, is preparing a new unified command plan (UCP) that will reorganize and consolidate the regional combatant commands. According to press reports, the proposal, which is to go to the Secretary and the President soon, would combine U.S. Central Command, U.S. European Command and U.S. Africa Command under a new U.S. International Command. U.S. Southern Command and U.S. Northern Command would be combined as U.S. Americas Command. For now, the functional commands, U.S. Cyber Command, U.S. Special Operations Command, U.S. Space Command, U.S. Strategic Command and U.S. Transportation Command and U.S. Indo Pacific Command would remain the same.

If this happens, it would be the biggest command shake up in decades. However, to truly have the greatest effect, more needs to happen than just a reorganization and consolidation of combatant commands. The work to change and upgrade the combatant commands must be more consequential.

For this to happen, these commands must have all the tools at their disposal to develop military relationships and oversee operations in their regions. To be most effective, that means that their intelligence and their interagency arms must be bolstered.

On the intelligence side, Washington should push out the work to the combatant commands that the analysts, targeters and operators are doing in D.C. Before the early 2000s, the combatant commands hired their intelligence professionals through the services. In the early 2000s, the Defense Intelligence Agency (DIA) took over the requirement to integrate all the combatant commands’ intelligence professionals and those professionals became DIA employees.

There has been great success with increased and more consistent training and more sophisticated intelligence work at the combatant commands. More defense intelligence enterprise professionals now have a first-hand understanding of providing support to military activities. However, there is much more work to do in this area. A vast majority of the Washington DIA employees do not have direct experience working with warfighters on tactical issues or have forgotten their experience in this area. There is also often a duplication of efforts on analysis, reporting, and collection between DIA headquarters and the combatant commands.

This all can be streamlined by pushing those DC-based professionals to the combatant commands. DIA headquarters should be small and highly focused on manning, training, equipping, and integrating. The analysts, operators and targeters should be working directly with the warfighters under the direction of the combatant commander or at the Pentagon directly for the Chairman, Joint Staff.

More specifically, DIA headquarters should provide the HR, the training programs, the data, and the technology for the rest of the DIA enterprise to support each combatant Commander and his warfighters directly.

In the early 2010s, there was a discussion in policy circles about how to make combatant commands more effective. A key role for Combatant Command senior leaders is to develop relationships with military partners in their region. This will become more difficult as a Combatant Commander’s geographic outreach grows. Each Commander will need more tools and senior professionals to help develop those relationships. To assist in this and to underscore the need for interagency coordination, Combatant Commands should have dual leadership from the civilian sector and military.

Most regional commands now have a senior foreign policy advisor, usually at Ambassador rank, who advises the commander on foreign relations. This position needs to be enhanced to a true deputy position vice an advisor. At the same time, the combatant commands need senior representatives from major government departments such as the Department of Homeland Security, Treasury, Commerce, and FBI. This will enhance the U.S.’ ability to compete against our adversaries by offering tools to use with foreign governments that are integrated and coordinated across the U.S. government.

The time is right to make more consequential changes to a system that needs to modernize.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

A Blueprint for Next-Generation Defense Production

OPINION — The Pentagon’s push to overhaul its slow, specification-driven procurement system is an overdue acknowledgment that our defense industrial base has become too narrow, too fragile, and too dependent on foreign supply chains. America’s defense establishment is finally waking up to a critical weakness that has metastasized in recent decades: we have drifted away from the industrial might that once formed the bedrock of our economy and allowed us to out-produce any adversary in the world.

While there are many warning signs, one symptom of the problem is unmistakably clear: the United States is not producing what it needs at the speed and scale modern conflict demands. Recent reporting shows the U.S. Army is still struggling to meet its 155mm artillery-shell production goals after years of effort. Across the spectrum—from advanced missile interceptors to something as basic as black powder—we are falling dangerously behind in both production capacity and supply-chain resilience. For now, these shortfalls are appearing in conflicts that don’t directly involve American troops, but the truth is that a major war will see the United States forced to ration materials and munitions, deploying untested prototypes on the battlefield while the defense industrial base races to catch up. We must act now to prevent this from happening.

If we are serious about winning the next war—or better yet, deter it—we must rethink both how we buy military equipment and weapons, and how fast we can make them. We don’t need another half measure or a fully government solution. Instead, the government should leverage the private sector to build a nationwide network of multifaceted, resilient manufacturing nodes that can surge production of everything from drones, vehicles, and body armor to medicine, munitions, and microelectronics in times of crisis, while sustaining production lines for commercial products in peacetime. The power of the U.S. economy can, and should, be leveraged to solve this problem.

This network of production centers, or campuses, would bring together startups and established manufacturers in the same ecosystem, enabling the kind of rapid prototyping, pilot production, and full-rate manufacturing the Pentagon is urgently seeking. Each of these campuses would be designed for flexibility, with modular production capabilities that can be rapidly upgraded, and shared heavy infrastructure such as test beds, utilities, and analytical systems. Furthermore, these facilities would be part of a connected national network, leveraging the regional strengths of each part of the country while avoiding the single points of failure commonly found in today’s highly concentrated manufacturing hubs.

Today, the gap between a successful prototype and real-world production is often a chasm in the defense industrial base. Major firms are often tied up maintaining legacy systems while cash-strapped startups cannot afford to build compliant, capital-intensive factories without production contracts. These startups are often told that contracts won’t come until they prove they can manufacture at scale. So promising technologies stall in a chicken-or-egg limbo while delays snowball. The Pentagon’s renewed embrace of OTAs helps, but money alone won’t fix a physical bottleneck. We need places where cutting-edge firms can scale quickly, and affordably.

A national network of industrial campuses is designed to fill this gap. Under this model, companies wouldn’t pay construction costs up front; lease payments would begin only after they move in and start generating revenue. Layering into the model a certain number of shared facilities—initially funded by the Pentagon—would reduce risk, accelerate development, and dramatically shorten production timelines. Young companies gain room to grow. Established firms gain access to fresh innovation - and taxpayer dollars go further.

This is not a radical idea. It is an evolution of the model that once made America unstoppable. In World War II, factories across the economy—automotive, textile, consumer goods, and more—transformed to support the war effort. That surge capacity happened because the United States had an existing industrial ecosystem ready to mobilize. Today, we no longer have one.

Decades of offshoring, consolidation, and a fixation on short-term efficiency have left our industrial base brittle and full of holes. COVID-19 made that painfully clear when the world’s largest economy found itself dependent on foreign suppliers for PPE and basic supplies. Semiconductor shortages still slow defense and automotive lines. Meanwhile, our adversaries are turning basic industries into warfighting assets. Russian bakeries are producing drones and China is treating its manufacturing capabilities as a strategic weapon while in America, we’ve been treating our manufacturing base like an accounting exercise.

The government must shift course. Manufacturing is a strategic asset—every bit as important as ships, planes, satellites, or submarines. Washington should fund shared industrial infrastructure, de-risk private investment, and let market forces drive efficiency.

The math is simple. In some cases, companies piloting these programs have delivered 4:1 to 25:1 returns on tax dollars, generating major gains for minimal government investments. With a defense budget exceeding $800 billion, the Pentagon can easily afford to invest a sliver of that—well under one percent—to send a clear, unambiguous demand signal to the private sector that America is rebuilding its industrial backbone, and doing it now.

History shows what happens when we do. Modest seed capital during World War II and the Apollo program unlocked massive private investment and generated hundreds of innovations that have come to define the modern age. These campuses would be more than factories—they would be hubs where manufacturers, universities, investors, and federal partners build self-sustaining ecosystems capable of accelerating innovation, fostering talent, and producing critical goods at scale. They would restore American industrial depth, innovation, and flexibility—our most reliable, most underestimated tools of deterrence.

America is racing into the next complex era of great-power competition with a defense industrial base limping along from the last era; one that is simply too small, too fragile, and too slow. We can invent extraordinary technologies, but what use are they sitting in a lab if we can’t produce them at scale? If that doesn’t change, the United States risks discovering—too late—that innovation without industrial power is a hollow advantage.

Rebuilding American manufacturing will be difficult. But the cost of inaction is far higher. A nation with a deep, flexible industrial base can surge production, absorb economic shocks, and outlast any adversary, on the battlefield and the home front. A nation without one is forced to ration weapons, delay deployments, and scramble to keep its supply chains functioning.

We can build this network now or we can wait for a crisis to expose, once again, how fragile our industrial base has become. In the next conflict, the world’s strongest military must be able to depend on its factories to keep up.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief, because national security is everyone’s business.

2025: 10 Events That Changed the World

SPECIAL REPORT — In a turbulent year, one of the biggest national security stories came in the form of a document.

The administration’s National Security Strategy (NSS), released earlier this month, upends longstanding U.S. policy toward allies and adversaries alike. It ranks drug trafficking and illegal immigration as top threats to U.S. security, places a heavy emphasis on the Western Hemisphere, criticizes Europe and downplays security challenges from China and Russia.

Eight years ago, Trump's first NSS said that “China and Russia challenge American power, influence, and interests, attempting to erode American security and prosperity.” The new NSS doesn’t name Russia as a threat to the U.S. – stating instead that “strategic stability with Russia” is a goal of American policy. Europe is presented as a bigger challenge; the U.S. should “help Europe correct its current trajectory,” which the NSS says has been damaged by immigration and a risk of “civilizational erasure.”

As for China, the document focuses on economic competition – trade, infrastructure, and technology. References to Taiwan and the South China Sea come later, and they include warnings that other Asian nations must carry a greater burden; “the American military cannot, and should not have to, do this alone.”

“The north star of great-power competition with China and Russia—around which the first Trump administration built bipartisan consensus—is gone,” Rebecca Lissner, Senior Fellow for U.S. foreign policy at the Council on Foreign Relations, wrote of the new NSS. The objective now, she said, is a “mutually advantageous economic relationship with Beijing.”

Not surprisingly, European leaders were furious about the pivot to a more Russia-friendly posture, and what the European Council President called “political interference” in the affairs of Europe.

Glenn Corn, a former CIA Senior Executive, called the document’s treatment of Europe a “shock.”

“Europeans are not the enemy,” Corn told The Cipher Brief. “And I doubt the Russians will stand side by side with us on the battlefield and support us the way that our European partners have done.”

The new NSS won praise from at least one global capital. Kremlin spokesman Dmitry Peskov said its emphasis on restoring strategic stability with Moscow “correspond in many ways” to Russia’s own vision.

Infographic with a map of the Americas showing the areas where the United States has carried out attacks against alleged drug trafficking boats in the Caribbean Sea and the Pacific Ocean since September 2, 2025, as well as the number of people killed in these attacks, as of December 16 (Graphic by AFP via Getty Images)

Missiles on the Water

While the focus on narcotrafficking was clear from the early days of Trump’s second term, the heavy U.S. military deployments and air strikes in the Caribbean took experts by surprise. The aerial campaign began with a September missile attack on a small boat that killed 11 people; a second strike that day took the lives of two survivors who were clinging to the upturned vessel. The follow-on strike sparked criticism in Congress – including from Republicans – and charges that it might have violated maritime laws.

As of mid-December, at least 25 strikes had followed, including some in the Pacific, resulting in the deaths of more than 90 people alleged to have been smuggling drugs on the water. The Trump administration justified the attacks as necessary to stem a flow of fentanyl – which Trump labeled “a weapon of mass destruction” that has killed tens of thousands of Americans. Legal experts questioned whether passengers in these boats — even if they were found to have been carrying narcotics — could be considered enemy combatants. Others noted that fentanyl and its precursors are sourced primarily from China and Mexico — not Venezuela.

A separate question loomed, as the year wound down: were the strikes a prelude to military action against Venezuela, and its president, Nicolas Maduro?

Beyond the U.S. military buildup, there were several signs in December that a move against Venezuela may be in the offing: reports that the U.S. was exploring “day-after” scenarios in the event of Maduro’s ouster; the seizure of a Venezuelan tanker that was said to be transporting sanctioned oil to Iran; and President Trump’s December 16 announcement of a naval blockade of sanctioned oil tankers from Venezuela.

“Maduro has become the epicenter for a range of activities the U.S. is determined to roll back,” Ambassador Patrick Duddy, Former U.S. Ambassador to Venezuela, told The Cipher Brief. “Seizure of the oil tanker signals that the U.S. has decided to take more active measures to achieve its goals.

Infographic with a map showing the location of strikes carried by Israel against Iran since June 13, 2025, according to data reported by the ISW (Graphic by AFP) (Graphic by VALENTINA BRESCHI,SYLVIE HUSSON,OLIVIA BUGAULT/AFP via Getty Images)

The U.S. and Israel Attack Iran

It would have been unthinkable only two years ago: a U.S.-Israeli war against Iran that provoked almost no meaningful response.

The attacks came in June – Israeli strikes on Iran’s nuclear sites and military infrastructure that were followed by American airstrikes on three nuclear installations. Iran fired missiles at a U.S. base in Qatar but its overall retaliation was minimal, a consequence of earlier Israeli campaigns that weakened Iranian air defenses and its various militias in the Middle East. The 12-day war damaged elements of Iran’s nuclear program and laid bare a tectonic shift in the region: Iran and its “axis of resistance” had been badly weakened.

For decades, war-gaming scenarios had warned that any attack against Iran would carry risks of a conflagration, given the likelihood of a coordinated response from Iran, Hezbollah, Hamas and the Houthi militia in Yemen. Now the paradigm has shifted.

“The U.S. joined Israel in military operations and people thought that had been a red line in the past,” Norman Roule, a former National Intelligence Manager for Iran at ODNI, told The Cipher Brief. “For the nuclear negotiations and other talks going forward, Iran now has to deal with a new world where there is this precedent.”

As the year ended, Iran remained a shell of what it had been, and reports suggested its leaders were conflicted about the way forward. Would the country recognize its weaknesses and move towards a rapprochement with the West — a move that might bring sanctions relief and usher in a new security dynamic in the region? Or would hardliners carry the day, resorting to one of the last levers Iran has – its nuclear program?

“If you're in Iran, you have to make a strategic decision,” Roule said. “‘If we restart the program, will the United States and Israel attack?’ They've got to ask, ‘If we do this, will we survive?’”

U.S. President Donald Trump and Ukrainian President Volodymyr Zelensky meet in the Oval Office at the White House on February 28, 2025 in Washington, DC. (Photo by Andrew Harnik/Getty Images)

Zelensky’s Oval Office Blowup – and the Rollercoaster that Followed

For Ukraine’s President Volodymyr Zelensky, 2025 brought wild swings of fortune, on the battlefield and in the global halls of power.

An Oval Office meeting on February 28 marked the low point – the encounter during which President Trump and Vice President JD Vance berated Zelensky for what they saw as insufficient gratitude towards the U.S. and – in Trump’s words – a failure to understand that Ukraine “has no cards” in the war against Russia.

The meeting “was a horrible disappointment and almost a shock to the system,” former NATO Supreme Allied Commander General Philip Breedlove told us that day. “There was only one winner…and that is Vladimir Putin.”

But fortune’s wheel took turns in Zelensky’s favor. Trump’s subsequent meetings with Zelensky – at the Vatican in April and the June NATO summit – warmed the relationship; the NATO summit itself saw Trump pivot back toward the alliance and its support for Ukraine; and then – in a startling outburst – Trump in July turned his ire towards Russian President Vladimir Putin. “We get a lot of bull**** thrown at us by Putin,” Trump said.

Alas for Zelensky, at year’s end the pendulum looked to have swung back once more. Trump’s envoys were again pushing Russia-friendly peace proposals, which included the surrender of territory beyond what Russia has already occupied. In an interview with Politico, Trump said of Zelensky, “He’s gonna have to get on the ball and start accepting things…cause he’s losing.” It sounded like a gentler version of the treatment Zelensky had gotten on that February day in the Oval Office.

Photo by Wojtek Laski/Getty Images

A Tu-95 bomber aircraft takes off for a night patrol flies out of Engels-2 airbase on August 7, 2008 in Engels, Russia. (Photo by Wojtek Laski/Getty Images)

Operation “Spiderweb” – and What Came After

It was Ukraine’s greatest military success in 2025 – and it happened far from Ukrainian territory. An operation dubbed “Spiderweb” smuggled 117 drone weapons into Russia and unleashed them against several airfields on June 1, damaging or destroying dozens of Russian warplanes. The mission was months in the planning, the drones were smuggled on prefabricated cabins disguised as hunting lodges, and unsuspecting Russians were paid to drive the trucks that moved the cabins.

“Spiderweb” showcased Ukraine's special operations capabilities and was followed by more long-range sabotage. As The Cipher Brief reported, subsequent attacks targeted Russian refineries and other sites tied to the oil sector.

“It’s very impressive,” Balazs Jarabik, a former European Union diplomat and analyst for RPolitik, told The Cipher Brief. The energy-sector attacks, he said, were “making the Russian war effort more expensive, and creating shortages so the Russian people feel the pain of the war.”

By year’s end, Ukraine had carried out an estimated 160 strikes on Russia’s oil sector – the campaign reached as far as the Siberian city of Tyumen, some 1200 miles east of Moscow, and included strikes against vessels alleged to be working in Russia’s so-called "shadow fleet” of tankers carrying sanctioned oil.

“Ukraine’s theory of victory now includes destroying Russia’s energy sector,” Lt. Gen. Ben Hodges, a former commander of U.S. Army Forces in Europe, told The Cipher Brief. “They’ve developed capabilities that can reach great distances with precision, exposing Russia’s vulnerability – its inability to protect critical infrastructure across its vast landscape.”

Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

Palestinians flock to the Netzarim Corridor to receive limited food supplies as hunger deepens across Gaza amid ongoing Israeli attacks and blockade, on August 4, 2025. (Photo by Hassan Jedi/Anadolu via Getty Images)

A Peace Deal for Gaza

It was President Trump’s signature diplomatic achievement: a truce in Gaza reached just days before the two-year anniversary of Hamas’ October 7, 2023 massacre.

The deal’s first phase took hold, albeit in violent fits and starts – the return of hostages, the freeing of Palestinian prisoners in Israeli jails, and a fresh flow of international aid for Gaza. But that may have been the easy part. As the year drew to a close, there were sporadic breaks in the ceasefire, and the fate of the deal’s next phases remained unclear.

The Trump administration’s plan for Gaza included the deployment of an international stabilization force and creation of an international “Board of Peace” (led by Trump himself) to oversee the implementation of the next phases – the transition of governance to Palestinians not affiliated with Hamas, and the beginning of a multi-billion-dollar reconstruction. The deal also included language offering a conditional pathway to Palestinian autonomy over its territories.

But as of mid-December, the announcement of the Board had been delayed, and the New York Times reported that while the U.S. was pressing other nations to contribute troops to a 8,000-member force for Gaza, it had yet to win any commitments. Countries were said to be worried their troops might be ensnared in fresh fighting; and the UN Security Council resolution to deploy the force gave no precise terms of engagement. Nor was there agreement on the makeup of a transitional government.

As these hurdles appeared, reports suggested Hamas was rebuilding its presence in the territory.

“Who’s really calling the shots there?” Ralph Goff, a former CIA Senior Executive, asked at The Cipher Brief’s annual Threat Conference, speaking of the uncertainty inside Gaza. “I remain pretty pessimistic on the idea of any kind of internal governing force being able to compete with Hamas at this point.”

By year’s end, two things were clear: the Gaza ceasefire itself was a welcome achievement after two years of carnage; and uncertainty hung over the truce’s critical next phases. This was one major story that will continue to unfold — with hope but also apprehension — well into 2026.

The commissioning and flag-presenting ceremony of the Fujian, China's first aircraft carrier equipped with electromagnetic catapults, is held at a naval port in Sanya City, south China's Hainan Province, on Nov. 5, 2025. (Photo by Li Gang/Xinhua via Getty Images)

China's Military Boom

China held a “Victory Day” parade in September – its way of marking 80 years since the end of World War II – and it was above all a show of military prowess. 12,000 troops marched alongside an arsenal of newly-minted battle tanks and rocket launchers, drone weapons and hypersonic missiles, and more. It was a fitting symbol for a year in which China turbocharged its military buildup.

As The Cipher Brief reported, China took a “leap forward” in drone weaponry in 2025: a huge new “stealth endurance drone,” mosquito-sized “micro drones,” and the deployment of a new “drone mothership.” The latter, known as the Jiu Tian, was billed as the world’s largest drone carrier – an 11-ton aircraft that is itself an uncrewed aerial vehicle. According to the South China Morning Post, the Jiu Tian can hold 100 smaller UAVs and carry them more than 4,000 miles.

“They have the production, they have large inventory and now they also have the AI,” Dr. Michael Raska, a professor at the Military Transformation Programme at the S. Rajaratnam School of International Studies, told The Cipher Brief. “With all these combined, they have been experiencing a leap forward in the quality and quantity of all their drones.”

China also made leaps in maritime power. In November, the People’s Liberation Army Navy (PLAN) commissioned the 80,000-ton Fujian, the country’s third aircraft carrier and largest to date. A week later came news that the Sichuan, one of the world’s largest amphibious assault ships, would be ready for deployment next year.

Retired Rear Admiral Mike Studeman, a former Commander of the Office of Naval Intelligence, told The Cipher Brief that China had achieved its longstanding goal of building “a world-class Navy,” which had surpassed the size of the U.S. fleet.

“It's not just not in the numbers, it's in the quality,” RADM Studeman said. “These ships are modern by any standard.”

“It's impressive,” another former Rear Admiral, Mark Montgomery, told The Cipher Brief. “They're building a hundred merchant ships for every one we build, and two warships for every one we build.”

The Trump Administration issued an executive order in April to jumpstart the U.S. shipbuilding industry and restore “American maritime dominance,” but experts said the U.S. faces an uphill road. As The Cipher Brief reported, China is on track to have a 425-ship fleet by 2030, while the U.S. Navy currently has fewer than 300 deployable battle-force vessels – a total which may drop as aging ships are retired faster than new ones are put to water.

Police cars are seen on November 17, 2025 close to the railways that were damaged in an explosion on the rail line in Mika, next to Garwolin, central Poland, after the line presumably was targeted in a sabotage act. (Photo by Wojtek Radwanski/AFP via Getty Images)

Europe Wakes Up to the “Gray-Zone” War

2025 was the year when Europe formally recognized – and began to respond to – a growing threat from the east: the so-called “gray-zone” war attributed to Moscow.

These attacks mushroomed in 2025 – from cyberattacks to railway bombings, the cutting of undersea cables to drone incursions into Poland and the Baltic states, and more. Experts said they were designed to be difficult to trace, and non-kinetic, so as not to draw a military response; as The Cipher Brief reported, the Kremlin was likely “aiming to create disruption without triggering escalation.”

But there were also signs that European leaders were waking up to the gravity of the threat.

NATO’s Secretary General Mark Rutte warned repeatedly of the dangers, and the alliance moved to improve detection and deterrence measures.

Nations took steps of their own. Finland acquired hundreds of drone jammers and outfitted border forces with high-end drone detectors; leaders from Poland, the Czech Republic and the Baltic states said they might shoot down Russian aircraft if Moscow continued its provocations; in a September speech to the United Nations, Polish Foreign Minister Radoslaw Sikorski went so far as to warn Moscow that “if another missile or aircraft enters our space without permission, deliberately or by mistake, and gets shot down and the wreckage falls on NATO territory, please don’t come here to whine about it.”

Even nations far from the Russian frontier were waking up to the dangers; Ireland unveiled a €1.7 billion, five-year defense plan that included systems to counter drones and protect undersea cables from Russian sabotage. And in her first public speech, MI6 chief Blaise Metreweli described the gray-zone threat bluntly: “The new frontline is everywhere,” she said.

Writing in The Cipher Brief, former Senior CIA Executive Dave Pitts stressed the need “to change the risk calculation.”

“We need to think of deterrence and response as a team sport - an Article 5 mindset,” Pitts wrote. “Gray-zone attacks that go unanswered reward our adversaries and reinforce the idea that there are more gains than risk…and encourage more attacks.”

Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.

Heavy trucks haul earth and rock at the construction site of Wubian Xiangshang Reservoir on the top of Pandao Mountain in Zhangye, China, on March 3, 2025. (Photo by Costfoto/NurPhoto via Getty Images)

America’s Rare Earth Crisis

Not long ago, rare earth minerals rarely made global headlines. 2025 was the year when that changed. And for the U.S. government, it was also the year in which rare earths took center stage.

Two basic facts underscored the urgency: rare earths are essential building blocks for everything from smart phones to home appliances to cars to all manner of military equipment and weapon systems; and China now produces an estimated 60 percent of the world’s rare earths and processes nearly 90 percent of them. The U.S. Geological Survey said that in 2024, the U.S. imported more than 95 percent of the total rare earths that it consumed.

Those realities spurred multiple U.S. efforts to change the dynamic: deals with Australia and Japan; negotiations with other resource-rich countries, including Congo, Indonesia, Kazakhstan and Malaysia; and threats to annex mineral-rich Greenland. Even the negotiations with Russia and Ukraine reportedly included plans for U.S. firms to invest in rare-earth extraction in Russia.

China’s imposition of rare-earth export restrictions only heightened the concerns – and while those were lifted as part of a deal with Washington, the message was clear: China’s rare-earths dominance now poses a huge problem for the U.S., and gives China a powerful lever in any future negotiations with Washington.

Susan Miller, a Former Assistant Director of the CIA’s China Mission Center, called the rare earth access “vital” to U.S. technology and national security.

“We democracies must do more to assure we have continuous access to these metals, and we also need to start producing more,” Miller told The Cipher Brief. “All democracies must focus on this issue; we must act now.”

Then-National Security Agency Director General Timothy Haugh, FBI Director Kash Patel, Director of National Intelligence Tulsi Gabbard, Central Intelligence Agency Director John Ratcliffe, and then-Defense Intelligence Agency Director Jeffrey Kruse appear during a Senate Committee on Intelligence Hearing on March 25, 2025 in Washington, DC. (Photo by Andrew Harnik/Getty Images)

The Overhaul of the Intelligence Community

Before his return to the White House, Donald Trump promised to remake the U.S. intelligence community (IC). “We will clean out all of the corrupt actors in our national security and intelligence apparatus,” Trump said soon after the 2024 election.“The departments and agencies that have been weaponized will be completely overhauled.”

In 2025, it was a promise he kept.

There were widespread cuts in staffing at the CIA, FBI, and the Cybersecurity and Infrastructure Security Agency (CISA), and the biggest reductions appeared to come at the Office of the Director of National Intelligence (ODNI), which coordinates the 18 agencies of the IC. Roughly 40% of ODNI staff were cut, including the elimination or consolidation of the Foreign Malign Influence Center and some cyber threat units into other agencies.

Other high-level dismissals drew particular attention: National Intelligence Council acting head Mike Collins was fired after presenting an assessment on Venezuela that contradicted the White House line; and NSA Director Gen. Timothy Haugh lost his job after Trump “influencer” Laura Loomer questioned his loyalty to the administration.

Depending who you asked, the changes were a much-needed streamlining of a bloated intelligence apparatus; a reorganization to focus less on Russia and China and more on border security and drug trafficking; or a Trump-driven retaliation against institutions and individuals he had blamed for investigations or views with which he disagreed.

The high-level firings troubled several experts. Jon Darby, a longtime NSA veteran who served as director of operations, told The Cipher Brief he was “very disheartened” by Gen. Haugh’s ouster. “We need an explanation of the underlying rationale,” he said.

Beth Sanner, a Cipher Brief expert who served as Deputy Director for National Intelligence at ODNI, warned of a broader politicization of the IC.

“The intelligence community is not like asking people to hit the easy button and the ‘I agree with you’ button,” she said. “That's not our role. Our role is to say what we think and why we think it…The intelligence community isn't always right. But when done correctly and behind closed doors, I cannot understand why anybody would say that presenting an intelligence assessment that disagreed with policy needed to stop, or was an example of deep state. It's not. And it's really important.”

All that said, the nature of the IC makes it difficult, even at the end of a tumultuous year for the various agencies, to know precisely what the impact of the “overhaul” has been – or will be in the future.

Fingers on laptop. (Photo by Silas Stein/picture alliance via Getty Images)

A Cybersecurity “Watershed”

It seemed like a headline from a science fiction journal. An artificial intelligence system had conducted a large-scale espionage operation.

But it wasn’t science fiction – or fake news. The AI giant Anthropic confirmed the first real-world case of the use of an AI system to do exactly that.

“Today marks a watershed in cybersecurity,” Jennifer Ewbank, a former Deputy Director of the Central Intelligence Agency for Digital Innovation, told The Cipher Brief. “AI has now crossed from tool to operator,” Ewbank said, “blurring the line between human intent and machine execution...a threshold has been crossed.”

Anthropic said that Chinese state-sponsored hackers had exploited its Claude AI system to carry out cyberattacks on corporations and foreign governments in September, and that the hackers had succeeded with only minimal human oversight. Anthropic’s threat intelligence chief said the campaign had targeted about 30 entities, and represented a new level of AI-enabled hacking. The hackers posed as security auditors and successfully breached several systems, accessing privileged accounts and private data before being blocked.

The good news? The number of breaches and scale of the damage appeared small, and no U.S. government agencies were compromised. But the incident gave ammunition to doomsayers who have warned of AI nightmares – and showed that AI is already a valuable tool for hackers and state-backed cyber operations.

Experts called it the latest code-red warning for securing AI systems and deploying effective cyber defenses. As Ewbank put it, “This is no longer a hypothetical threat being researched in a lab.”

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief.

The Next Nuclear Proliferation Crisis Is Already Here

OPINION — Russian President Vladimir Putin has repeatedly threatened that Russia might use nuclear weapons if its sovereignty or territory is threatened, as it enters the fourth year in its war of aggression in Ukraine. The Russian Federation has revised its nuclear doctrine and lowered the threshold for the use of nuclear weapons. And given the lethality of nuclear weapons, the use of nuclear weapons in any large-scale exchanges would kill tens or hundreds of millions of people.

The 1963 Cuban missile crisis brought us close to a nuclear war with the Soviet Union. It was the basis for President John F. Kennedy’s concern that more countries with nuclear weapons would create an unstable world with nuclear war more likely. President Kennedy feared that by 1970 there may be 10 nuclear powers instead of the four – the U.S. Soviet Union, United Kingdom and France – and by 1975 there could be as many as 10 or 20 nuclear weapons states. It would be “the greatest possible danger and hazard to contemplate – a nuclear arms race on a multipolar basis.” President Kennedy’s concerns are the concerns we have today, with the prospect of a nuclear arms race in the Middle East and in East Asia.

The Cuban missile crisis contributed to several arms control efforts, like the Limited Test Ban Treaty (1963) banning atmospheric and underwater tests and the creation of the 1968 Nuclear Non-Proliferation Treaty (NPT). Indeed, the NPT established a global framework for the 190-member counties to stop non-nuclear states from getting nuclear weapons.

There are now nine nuclear weapons states and concern that more countries will seek the resources necessary to produce their own nuclear weapons or to buy them.

In East Asia, North Korea has increased its stockpile of nuclear weapons and the ballistic missiles to deliver these weapons of mass destruction. The Korea Institute for Defense Analysis recently publicly stated that North Korea has between 127 and 150 nuclear weapons and by 2030 they will have 200 nuclear weapons. And given the likely assistance North Korea is receiving from Russia with its nuclear and missile programs, it’s possible that South Korea and Japan, threatened by a belligerent North Korea, will conclude that they need their own nuclear deterrent programs, rather than relying on U.S. extended nuclear deterrence commitments. Indeed, a recent poll in South Korea had over 70% of the people saying they needed their own nuclear weapons program, rather than relying on the U.S. nuclear umbrella.

South Korea and Japan are watching what happens to Ukraine, a sovereign country invaded by a Russia that disregarded its security guarantees to Ukraine, with the 1994 Budapest Memorandum also signed by the U.S. and the United Kingdom. Ukraine gave up its nuclear weapons for security assurances that Russia ignored. Will the U.S. and NATO be there for Ukraine this time, or should Ukraine pursue its own nuclear deterrent?

The U.S. bombing of Iranian nuclear sites Fordow, Isfahan and Natanz in June 2025 was in response to Iran’s continued enrichment of uranium at 60% or higher and Iran’s unwillingness to permit International Atomic Energy Agency monitors to inspect nondeclared suspect enrichment sites. Thus since 2003, when Iran said they ceased their nuclear weapons program, Iran has been a threshold nuclear weapons state, months away from being able to produce nuclear weapons if the U.S. and the European Union didn’t comply with Iran’s demands.

Given this reality, and if Iran produces or acquires nuclear weapons, Saudi Arabia, Turkey and Egypt would rush to create their own nuclear weapons programs. The June 2025 U.S. bombing of these nuclear sites in Iran was an effort to ensure that Iran did not go nuclear, with the likelihood that these countries would also establish their own nuclear deterrent programs.

President Kennedy’s expressed concerns about a nuclear arms race during the Cuban missile crisis in 1962 was prophetic. Sixty-three later, there is real concern by a few non-nuclear-weapon states that they would need their own nuclear weapons to address the nuclear threat from North Korea and Iran, and the rhetoric from Mr. Putin and Dmitry Medvedev, Deputy Chairman of Russia’s Security Council, who warned that Russia is prepared to use nuclear weapons if it faces defeat in Ukraine.

This column by Cipher Brief Expert Ambassador Joseph DeTrani was first published in The Washington Times

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

What Would Follow a Muslim Brotherhood Terrorist Designation?

DEEP DIVE — On November 24, 2025, President Trump launched a process to designate Muslim Brotherhood chapters in Lebanon, Egypt, and Jordan as Foreign Terrorist Organizations (FTOs) and Specially Designated Global Terrorists (SDGTs).

Citing fresh intelligence that these specific affiliates provided material support to Hamas after the October 7 attacks on Israel, the White House gave Secretary of State Marco Rubio and Treasury Secretary Scott Bessent a tight 30-day deadline to produce a formal report. The goal, administration sources say, is to sever the financial arteries — from charitable fronts to hawala networks — that have kept the Brotherhood’s regional machinery alive.

The decision comes at a moment when the Brotherhood’s once carefully cultivated image as the respectable face of political Islam lies in tatters. Days before Trump’s executive order, Texas Governor Greg Abbott made his state the first to label both the Muslim Brotherhood and the Council on American-Islamic Relations (CAIR) as terrorist entities, vowing to target what he called “radical extremists.” Florida Governor Ron DeSantis followed the move by Texas with his own similar executive order. With federal momentum now behind him, the designations threatens to cascade across the region—and potentially beyond.

“Hamas was founded as the Egyptian arm of the Muslim Brotherhood and has made this very clear in its Charter of 1987,” Hans-Jakob Schindler, Senior Director of the Counter Extremism Project, tells The Cipher Brief. “The political statement of Hamas of 2017 did not mention this link specifically, but it also did not state that Hamas would be independent. Hence, Hamas remains part of the Muslim Brotherhood network.”

Roots of a Transnational Shadow

To grasp the stakes, the story must begin in Ismailia, Egypt, in 1928, when schoolteacher Hassan al-Banna founded the Ikhwan al-Muslimin as a movement of Islamic revival and social reform. What started with Quranic lessons and charity work exploded into a mass organization of hundreds of thousands by the 1940s, complete with a secret paramilitary wing, the Special Apparatus, that carried out bombings and assassinations against British forces and Jewish targets. Egypt banned the group in 1948; al-Banna was assassinated shortly afterward, almost certainly by state security.

Heavy-handed crackdowns, periods of accommodation, and notable ideological shifts have defined the Brotherhood’s trajectory since then.

Officially, the Brotherhood renounced violence in the 1970s, and it built an unrivaled network of mosques, clinics, schools, and labor unions. The 2011 Arab Spring briefly catapulted it to power: Mohamed Morsi became Egypt’s first elected president in 2012. Fourteen months later, mass protests and a military coup ended the experiment. Egypt declared the Brotherhood a terrorist organization in 2013, killed more than 1,000 supporters in a single day at Rabaa Square, and imprisoned tens of thousands more. Exiled, splintered, and radicalized, remnants went underground or looked to Gaza.

Fernando Caravajal, executive director at The American Center for South Yemen Studies and an expert in Sudanese affairs, tells The Cipher Brief that the Brotherhood’s ideological flexibility allows it to reemerge in power vacuums, but cautions that the potential United States terrorist designation likely stems from outside interests.

“Notice the timing: these statements came a week after the meeting with Saudi,” he said. “It wasn’t announced during the meeting, so we can’t say Saudis are openly pushing it, but they clearly have a hand behind it because of the timing, because of the content. It mentions Jordan and Lebanon — those are Saudi priorities.”

Riyadh’s priorities center on containing Islamist movements and curbing Iranian influence in the Levant, making Jordan and Lebanon key arenas for Riyadh’s regional security strategy.

Across the region, local chapters adapted in different ways. Jordan’s Islamic Action Front (IAF) became the kingdom’s most organized opposition, running hospitals and schools and holding parliamentary seats. Lebanon’s looser network operates in Palestinian camps alongside Hezbollah. Both insist they are peaceful and gradualist.

“It is important to understand that the relationship between the Muslim Brotherhood and violence is a tactical one,” Schindler said. “It can change at any point if the network feels that violence would be useful for its position and influence.”

Past American attempts to designate the entire Brotherhood collapsed amid pushback from Qatar, Turkey, and some European allies. This time, the White House has chosen a surgical strike. According to Schindler, the White House’s endeavor to focus on individual chapters is an optimal approach because it targets “chapters in countries that have themselves banned and/or designated the Muslim Brotherhood (Egypt, Jordan) and on Lebanon, where the distinction between Muslim Brotherhood and Hamas is hard to make.”

Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

The October 7 Reckoning

The trigger, ultimately, was October 7 and the events that followed. In Lebanon, the most explicit public demonstration came when a Brotherhood-affiliated militia calling itself the al-Fajr Forces fired rockets into northern Israel days after Hamas’s massacre.

“Hamas is the Muslim Brotherhood organization in Gaza and the West Bank. It calls itself such. However, it operates independently,” Nonresident Senior Fellow at the Atlantic Council and Former DHS Deputy Assistant Secretary for Counterterrorism Policy, Thomas Warrick, tells The Cipher Brief. “Its revenues were derived from control of Gaza’s governance: taxes, donations from outside governments, and criminal activities from which it profited. Other MB chapters are small in budgets and manpower compared to Hamas.”

In Jordan, the IAF organized some of the largest pro-Hamas demonstrations in the Arab world.

“The clearest demonstrated ‘link’ between Hamas and the specified Muslim Brotherhood chapters is that a Brotherhood-affiliated group in Lebanon, al-Fajr Forces, launched rockets into Israel following the October 7 2023 Hamas terrorist attack,” Rose Kelanic, director of the Middle East Program at Defense Priorities, tells The Cipher Brief, stressing that “the Muslim Brotherhood is not a terrorist threat to the United States.”

In Egypt, underground networks — despite Sisi’s repression — funneled money and propaganda into Gaza. Yet Schindler specifically highlights Lebanon’s darker role in Hamas’s external operations.

“According to German court documents, the Hamas cell that was arrested in Germany and the Netherlands in December 2023, which had planned and prepared for terror attacks in Germany, was led by Hamas handlers in Lebanon,” he noted. “Given the close connection between Hamas and the wider Muslim Brotherhood network, it is therefore likely that such contacts also exist in Lebanon.”

The real power of the designation, however, lies in America’s arsenal of financial warfare. Once listed, any bank worldwide that touches Brotherhood money in dollars risks losing access to the United States market.

“Disrupting the ability of large-scale extremist and terrorist networks, such as the Muslim Brotherhood, to have unhindered access to the global financial system is, of course, a very effective way to hinder their overall operations,” Schindler explained. “Hence, any country where this access is more restricted is, of course, a problem for such networks as it will increase their operational costs.”

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Allies on the Brink

Jordan is already on edge. Dependent on $1.5 billion in annual U.S. aid and facing street fury over Gaza, King Abdullah II banned the Brotherhood in April 2025 — yet the IAF still functions. While Schindler sees Washington’s possible move as reinforcement that will “aid in the efforts of the Jordanian government in countering Muslim Brotherhood structures in the country,” Kelanic warns of unintended consequences.

“The only scenario I worry about is if the U.S. insists on applying the FTO designation to the IAF, because that amounts to major meddling in Jordanian politics,” she noted. “The last thing the U.S. needs is another failed state in the Middle East.”

Turkey, experts point out, is perhaps the bigger headache. Schinder asserts that Turkey “is indeed an important network hub for Hamas,” in particular when it comes to the group’s financial systems.

“Turkey is in a unique position to pressure Hamas to give up its weapons and power in Gaza and leave the Strip,” he continued. “Unfortunately, so far, the Turkish government does not seem to have done so.”

According to Warrick, “what Turkey will do in response to the U.S. designation is not yet clear.”

“Supporting Muslim Brotherhood affiliates in the region is a core policy of the Turkish government, but President Erdoğan is mindful that his relationship with President Trump is strong and is valuable,” he explained. “The Turkish government is aware of the Trump administration’s hostile attitude towards the Muslim Brotherhood but is not likely to change its approach except in countries that the U.S. government has formally designated Brotherhood branches as Foreign Terrorist Organizations.”

A senior U.S. intelligence official, speaking to The Cipher Brief on background, described the administration’s delicate balancing act.

“The President comes out with a statement where he’s clearly trying not to offend the Qataris too much, but at the same time satisfying the UAE and the Saudis and the Egyptians,” the insider noted. “He’s riding the fence on this but skewing more to the anti-side.”

Washington is particularly wary of antagonizing Doha because Qatar remains a critical mediator with Islamist movements and an indispensable interlocutor in hostage, de-escalation, and regional crisis negotiations. The Qatar-based Brotherhood chapter formally disbanded in 1999, and Doha has repeatedly denied formal support for the Muslim Brotherhood, despite continued investigations indicating the group’s ongoing financial backing and praise from the likes of Hamas.

That same insider predicted domestic ripple effects: “If we suddenly see a ton of states passing laws against the Brotherhood and CAIR, then we start to have some real domestic impacts.”

CAIR has long faced allegations of historical ties to the Muslim Brotherhood because some of its early founders were involved with U.S.-based organizations linked to Brotherhood-affiliated networks, and because it was named as an “unindicted co-conspirator” in the 2007 Holy Land Foundation case. Critics cite these associations as evidence of ideological or organizational overlap. However, no criminal charges were ever brought against CAIR, and no direct operational link to the Brotherhood has been proven. CAIR denies any affiliation, and most of the evidence remains circumstantial, dated, and heavily disputed.

Analysts also point out that Saudi Arabia and the UAE, both of which already list the Brotherhood as terrorists, are quietly celebrating. But not everyone agrees that an FTO designation is a step in the right direction.

“Doing a blanket listing of ‘the Muslim Brotherhood’ is a huge risk for the U.S.,” Caravajal said. “It allows people to be arrested simply for going to the wrong mosque.”

For a movement that has survived bans, coups, and massacres for almost a century, this is only the latest test.

“The problem with designating the Muslim Brotherhood is that it never was a unitary organization or even a franchise organization like Al-Qaeda or Da’esh,” Warrick added. “This is why the solution the Trump administration came up with is the correct one. By working with partners that have already outlawed or sanctioned the Muslim Brotherhood chapters in their countries, the U.S. government can work cooperatively with those countries. This approach also gives some clarity to people in those countries, which groups they need to avoid in order not to be sanctioned by OFAC.”

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business

Anti-Semitism is a National Security Issue: It’s Time to Treat it Like One

EXPERT OPINION / PERSPECTIVE -- Less than three months ago, two people were killed in a terrorist attack on Jewish people in a synagogue in Manchester, UK, on the most solemn day of the Jewish religious calendar.

Three days ago, a large crowd of Jewish people in Sydney, Australia, celebrated Hanukkah on Bondi Beach. Two Islamic terrorists, father and son, fired at them from a nearby bridge. Sixteen innocent Jewish people were murdered, including a Holocaust survivor and a ten-year-old child.

The point of a terrorist attack is that even a relatively contained engagement spreads widespread fear. This is particularly the case with the Jewish community. The background for Jews is centuries of persecution culminating in the indescribable horror of the Holocaust. Even since then Jews for many years have lived in fear.

I was friendly with an Israeli diplomat in Turkey thirty years ago. He could not travel in his own car, hopping around Istanbul instead by taxi (dangerous enough), and no one knew where he lived.

Synagogues and Jewish schools in the UK have the sort of security I was used to in Kabul. There is even a charity trust, CST, dedicated purely to the security of Jewish people here. When a terrorist incident happens, most Jews ask themselves “Are we safe here?”

So, terrorism is working well against Jewish people and western governments need to show that they are serious about opposing terrorism. You can’t have a democracy when terrorism against one community is tolerated. Not least, because assuredly if we give up on the security of Jewish people others will be next. That is why anti-semitism must be seen as a national security imperative.

When the UK united against Islamic terrorism in the aftermath of the murder of 52 Londoners in 2005, we realised that it was not enough simply to pursue possible terrorists and to be prepared for possible attacks. We realised that we needed to understand and combat the hatred that drove these attacks and to stop it infecting vulnerable people who might be tempted by the Al-Qaeda message.

What national security news are you missing today? Get full access to your own national security daily brief by upgrading to Subscriber+Member status.

Much of the focus on the Jewish community since the Sydney attack – and it has been gratifying to see the media at last seriously focused on anti-semitism – has been about the need to “protect” Jews. That was the message of British prime minister Keir Starmer. That is fine but the solution for Jewish people, as the terrorists know, is not about even more security systems around their synagogues and schools, about armoured cars transporting schoolkids around north London or about how safe it is to be publicly identifiable as Jewish. “Safety concerns” have been used to ban an Israeli football team from playing in Birmingham, and non-political Jewish entertainers from appearing in Edinburgh. Jews are likely to conclude that this is no life, and there must be safer places to live: and you have lost your battle against terrorism.

The only solution to defeat this terror is declaring war on anti-semitism. Lots of people will tell me how difficult this would be. How do you distinguish “legitimate” criticism of Israel from criticism that uses conscious or unconscious anti-semitism? Couldn’t a state-backed campaign against anti-semitism have the opposite effect to the desired one, leading to even more isolation and hatred of the Jewish community?

These are serious risks: no one is saying this is easy. But the status quo is no longer acceptable.

One more mass casualty attack – let's say in some European or American city on Passover, 2026 – and the Jewish community is going to be packing its bags. And you have lost your battle against terrorism. Anti-semitism is a national security priority.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

How the U.S. Military’s Top Officer is Looking at the World’s Hotspots

OPINION — “Our [the Joint Chiefs of Staff] job is to present and my job with the Joint Chiefs and others is to present the range of [military] options that this President or any President should consider with all of the secondary and tertiary considerations that go into those options, so that a President can make whatever decision he wants to make -- and then we deliver.”

That was Chairman of the Joint Chiefs of Staff Gen. Dan Caine early in a 30-minute “fireside chat” with CNBC’s Morgan Brennan before an audience at the Reagan National Defense Forum on December 6, at the Ronald Reagan Presidential Library, Simi Valley, California.

I want to analyze Caine’s remarks, because they received almost no public coverage, and as Joint Chiefs Chairman, his stated views are worth recording – as were his predecessors’ during the first Trump administration.

Caine, who is extremely cautious in his public remarks, was originally asked by CNBC’s Brennan early in the chat, “How are you advising the President on Venezuela?” His first answer was, “Carefully,” which drew a laugh, but then he went on with the serious answer above.

I picked that opening quote because most senior military officers would have answered just that they gave options, but in my experience few would have added the part about “all of the secondary and tertiary considerations that go into those options.” In short, I believe what Caine said in giving military options to President Trump, was that he gave both the upsides and downsides of what could happen with each option.

In giving the above answer, Caine went on to say, “I wouldn't want to share any particular advice or options that we're giving, but we present a lot of them.”

Again I would point out that Caine carefully noted he would not spell out any “advice or option” he has given Trump, but the fact that so far the President has not yet followed through on his threat to attack ground targets in Venezuela may be because of the “secondary or tertiary considerations” Caine said would be the outcome associated with undertaking such overt actions.

The public reactions to the 25 narco-boat attacks with their 95 associated deaths has been bad enough. But they also raise questions about where Caine stood on that issue.

In fact, CNBC’s Brennan started the conversation with Caine asking his views about “these Caribbean strikes and the reporting around them.”

Caine diverted from the question saying he was struck by the “sort of loss of confidence in the American military by the American people and that's deeply concerning to me.” He then said he wanted to add one detail to what Defense Secretary Pete Hegseth had earlier told the Reagan Forum about the boat strikes.

That detail, Caine said, was that it was his idea along with Adm. Frank (Mitch) Bradley, the operational commander who ordered the so-called second strike on September 2, “to go up and

share the information that we could share with the Congress.” The two gave classified briefings to leaders of the House and Senate Armed Services and Intelligence Committees, as well as military appropriators, on December 4, according to The New York Times.

Caine told the Reagan Forum they had done it “so that we could continue to sustain and scale that trust that we must earn every day from the American people through the Congress.”

Throughout the 30-minute conversation, Caine avoided talking about Trump administration policy, just two days after Trump’s 2025 National Security Strategy (NSS) had been released.

For example, when CNBC’s Brennan asked, “How do you see the alliance with Europe evolving?” – a controversial subject in the Trump NSS, Caine responded, “We don't do policy in the Joint Force. We execute those policies.”

Caine did recognize the NSS’s new policy emphasis on the Western Hemisphere.

“Protecting the homeland is not just a term that we say anymore. It's a real thing and homeland security is national security,” Caine said. “I won't get into the operational matters, but there's plenty of visible examples…on where we are going to protect our neighborhood and do that pursuant to the things that we're able to do to make sure America is a safe and secure country.”

Caine then added, “We have not, if you look back over the arc of our deployment history over the last few years, we haven't had a lot of American combat power in our own neighborhood. I suspect that's probably going to change. We'll see what we're ordered to do and of course we follow that guidance.”

But Caine did focus on traditional threats saying, “From a military perspective, military alone, our relationships are good in Europe, and I'll let my bosses talk about the policy there.”

What national security news are you missing today? Get full access to your own national security daily brief by upgrading to Subscriber+Member status.

Caine was more open when it came to NATO. “Allies and partners are key and critical to us as we fight together,” Caine told the Reagan Forum. “NATO remains a key important ally for us. They are, I think, going to own European security both through NATO and bilaterally and individually. The military leaders that I talked to are encouraged by the defense spending that's happening inside their countries. I would say, and have said to them, the same narrative around their defense and national industrial bases as we try to scale European defense so Europe can own Europe.”

Caine added, “The SACEUR [Supreme Allied Commander Europe] over there, [U.S.] General [Alexus G.] Grynkewich, is carrying the same message through his EUCOM [U.S. European Command] hat. But that said, allies and partners remain a key part as laid out in the national security strategy.”

When it came to the fighting in Europe, Caine told the Reagan Forum, “I want to be pretty cautious about commenting on Ukraine because of the ongoing negotiations. And I'm mindful that anything that I say could get spun one way or the other. I think, for me, I believe that we always want to be striving for peace and what's happened in Europe there is a tragedy out on the Ukrainian front lines. So I'm going to be pretty cautious given the meetings that are going on.”

He did say, “What the Ukraine industrial base has done to create tens of thousands and hundreds of thousands of drones is extraordinary. Those are the kinds of entrepreneurial lessons that we want to take from that fight.”

Caine also talked of a military lesson from Ukraine.

“It's another case study in the importance of the ability to put air power over a battlefield,” he said. “And when you look at the fixed and frozen lines that we've seen out in Ukraine, it's an opportunity for us to learn about the importance of protecting the force on the ground. And having been one of those guys on the ground earlier in my life, I value greatly the ability to have an air force or some kind of capability that can come in there and put an adversary in a particular place of pain. We haven't seen that out there in Ukraine.”

Caine said, “One of the lessons out of Ukraine is going to be mass. And there's a lot of exchanges going on. And when I think about war fighting in the future, I see a lot of exchanges, both in the kinetic and non-kinetic space, that is probably unprecedented. So we're going to need a high-low mix that we've not seen before…but we are also going to need significantly more attritable [loseable] things that can create multiple simultaneous dilemmas for the commanders on another side of a fight than for us.”

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

While the Trump NSS hardly mentioned China, Caine did.

“When we look at the rise of the Chinese military,” Caine said, “what our goal in the Joint Force is to create multiple simultaneous dilemmas for all of the adversaries around the world, so that they are very cautious and concerned about doing something that would bring any sense of threat to the American people.”

Caine went on, “I think China's competing on the global scale. I know that from the U.S. perspective we've got an economic relationship now that is looking positive and trending fine. We see China still creating a lot of combat capability and capacity at scale, and as the National Security Strategy says, we owe it to the nation to deliver a free Indo-Pacific and a free and safe and prosperous Indo-Pacific. So when I think about actions in the Pacific, mindful of the President's guidance, that's how we think about it.”

As for the Middle East, Caine called it still “critical,” and said, “It's still I think undecided. I carefully watch through the CENTCOM (U.S. Central Command) commander what's happening in Gaza. I remain as always concerned about what Iran's intentions are down there. These are conflicts that have been going on for a long, long, time. I'm hopeful for peace but need to be prepared for any number of eventualities there.”

As for here at home, Caine told the Reagan Forum, “What the American system, as it's been running for a long time now, is really good at is buying behind the technology development curve [emphasis added]. And what we need to do is get in front of the technology development curve. And that's going to require the best of the military, the best of the Congress, the best of the private sector, and the best of not just the defense industrial base, but the national industrial base.

Caine explained, “Back in my life, I ran a small mom and pop machine shop in Denton, Texas, that made parts for America's aerospace and defense industry. And I'll tell you that everybody needs to up their game here.”

He went on, “We have to change the culture inside the [Defense] Department. We have to change the culture inside companies. And I've been in both. So I can see both of these things. We have to create and sustain and maintain competitive forces out there in the market where we are driving innovation in our corporate structures and systems that are going to give better combat capability to the Joint Force.”

In addition, Caine said, “The military and the government need to be better buyers and we have to write better contracts. I am still on step one of my 12-step recovery process from selling to the government when I was a part-timer in the military. I think we have to find a way to share risk between us and the private sector.”

Caine was an unusual choice by President Trump, who had first met Caine back in December 2018 in Iraq. The President claimed during a 2019 political speech he had met an Army officer, “Razin Caine,” who had worn a MAGA hat, said he’d “kill for Trump,” and claimed in Iraq he could defeat the ISIS terrorist group in Syria “in less than four weeks,” three Trump statements Caine later denied in interviews and during his 2025 Senate confirmation hearing.

When I first wrote about Caine last March, I was drawn to the facts that beginning August 2005 he served a year as a White House Fellow at the Agriculture Department and later, from October 2006 to January 2008, was Policy Director for Counterterrorism and Strategy for President George W. Bush’s White House Homeland Security Council. Caine’s last military post before resigning from the Air Force in 2024 was three years as Associate Director for Military Affairs at the CIA.

However, at the Reagan Forum, Caine confessed, “I actually served at the Agency [CIA] twice. One is in my bio, one is not in my bio.” What’s that all about?

Caine clearly is a person the public needs to follow more closely.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Winter is Coming to Ukraine as it Faces a New Kind of War and Uncertainty About a Key Ally

EXPERT INTERVIEW — Ukraine’s President Volodymyr Zelensky was in Berlin on Monday for an intense round of diplomacy with top U.S. and European officials, part of a fast-moving push to find a workable plan to end the war. His meetings follow an unusually long session on Sunday with President Donald Trump’s envoys, Jared Kushner and Steve Witkoff, who claimed significant progress in their discussions.

Meanwhile, a stream of European leaders - including Finland’s president, Britain’s prime minister, France’s president, and NATO’s secretary general are joining the talks. Russia was not invited.

The major sticking point among Western partners remains what concessions Ukraine might be asked to make. Washington has floated the idea of Kyiv giving up some territory Russia has not yet taken, a suggestion Ukraine rejects and most European leaders fear would reward Russian aggression.

Zelensky has signaled a willingness for Ukraine to pause its bid to join NATO if the U.S. provides firm security guarantees against future Russian attacks. European leaders are generally supportive of a deal that allows Ukraine to keep the territory it currently controls while securing long-term protection from Washington.

The mood in Ukraine, meanwhile, is bleak. Former Senior CIA Executives Ralph Goff and Glenn Corn, both of whom are also Cipher Brief Experts, just returned from a 5-day trip in the country. We caught up with them in Krakow, Poland for some on the ground insights about both the mood and maneuvering inside Ukraine, as President Zelensky navigates a harrowing political environment. Our interview has been lightly edited for length and clarity.

THE INTERVIEW

Kelly: Having traveled to Ukraine with you both in the past, I am imagining that this latest trip must have felt like some of the most difficult days that Ukraine has faced in terms of how this war may come to a conclusion. What is the mood like there? What are people talking about?

Corn: The mood in Ukraine is not great. The Ukrainians are very concerned about a number of issues. One, they feel a lot of pressure from the U.S. to make a deal, which many Ukrainians are confused about. They’re trying to understand what's going on. And of course, they're not pleased with their own internal political situation. The Operation Midas corruption scandal was a blow, so there's a lot swirling around and it's clearly impacting the people that we spoke with. They're trying to keep a brave face, given what they're facing. They’ve been at war since 2014, and since February 2022, they've been in a horrific war, a full scale war, and they're just trying to keep their nose above water right now. And as one Ukrainian officer told me, we just have to get through the winter and survive these dark times.

Goff: There's also disappointment amongst our Ukrainian allies with the United States. Not all of it is unexpected, but at the same time they've got this war to fight, so there's a very business-like attitude like, ‘Okay, we're still going to fight this thing’. And what's interesting is that they're not asking for anything new. They’ve made the same requests over and over. They need air defense weapons. There was a night when the Russians launched 84 missiles at Ukrainian territory and more than 500 drones in one night. We heard air raid sirens every night that we were there. The attacks are spread out across the country. It's clearly a campaign of terror by the Russian side.

And at the same time, the nature of the front - the battle - has changed completely from what it was just six months to a year ago. This is not the same war that was fought in 2022 or 2023 or 2024. This is a new war, and so the Ukrainians are asking for air defense weapons. They're asking for money. We can talk later about the idea of getting reparations money from the seized Russian assets, which they need. But at no point have they said they need troops. At no point have they asked for NATO’S Article Five to be invoked. They still want to fight this thing on their own, but they need help from the West.

Kelly: The battlefront has changed so much just in the past few months. Could you describe what it's like now?

Corn: Every Ukrainian we spoke with, whether it was civilians, military people in the defense industry, they all said that this war is being fought by drones, by FPVs [first-person drones] and some artillery. Intelligence is critical, electronic warfare is critical. But the troops on the ground and the concept of infantry has changed completely. The Ukrainians continue to innovate very quickly, but as they've warned for the last year, the Russians are also innovating very quickly and they're scaling that innovation in a way that the Ukrainians can’t because of a lack of resources and maybe a lack of depth.

Goff: That's correct. It is no longer an infantry man's war. The front is changed considerably. For 20 kilometers on either side of the front line, it’s almost a no-go lethal zone for humans. It's all electronic warfare. All drones and counter drones. I spent a day near the Zaporizhzhia front and even 40 kilometers back from the front lines, you're seeing drone netting set up everywhere and military vehicles using camouflage and taking extra precautions. So it’s completely different from when we visited there just a few months ago. But the losses continue.

For instance, in a single day recently, the Russians lost close to 1,300 soldiers. In one day. So Putin is still using pure raw manpower to his advantage, whereas Ukrainians have a manpower shortage. In one month, they recruited over 30,000 fighters, but out of that number, they're lucky if they can produce even a small percent of that. I'm not going to say the number because it's classified, but they're very lucky if they can get a decent number out of that. So it's tough for Ukrainians and they have to conserve their troops. They have to fight in a combat style that preserves human lives.

Kelly: In another way that we know the battlefield has changed, soldiers are now verifying kills or takedowns of targets, whether they're other drones, whether they're tanks on the ground, and they're using points earned from those drone missions to purchase equipment that is then delivered to them on the front. What can you tell us about the other ways in which the battlefield is evolving?

Corn: Battlefield integration has got to be seamless. The Ukrainians are working on that. We've spoken to a couple of people that are directly involved with that, and they're doing an incredible job. And one thing I was struck by during our last two or three visits is that now, more than ever, almost everyone we spoke with in a leadership position has no prior military experience. They're coming from private industry. Bankers, investment bankers. One guy we spoke with was running a tour agency overseas when he came back to fight. Now it’s computer programmers, IT folks, and they're all in the fight now. I spoke with one guy who was in a very senior government position before the war, and he told that he was 47-years-old before he put on a uniform, and he is leading a lot of the innovation stuff, and it's really impressive to see. We heard last time we were in Ukraine in September that the United States needs to pay attention to this and figure out how to integrate civilians into the military structure very quickly like Ukrainians have had to do.

Need a daily dose of reality on national and global security issues? Subscribe to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

Goff: Suzanne, this is all about data integration. This is all about integrating all the information that comes from your airborne sensors, your ground sensors, your human observation, pulling intelligence into that. Tracking the emitters on the Russian side and then putting that all into a combat picture, particularly for the Ukrainians because they're fighting with reduced resources. So like I said, every human life is precious, but every weapon, every shot is also precious. In the old days when an artillery piece could maybe fire a hundred rounds in a day, now because they have to be so careful about being spotted when they're in action, they might fire 30 or 40 rounds. That means those 30 or 40 rounds really have to be on target. So it's all about the data. It's all about data management. And the Ukrainians, as Glenn said, are doing amazing work in that field. The biggest problem is that they're undercapitalized.

Kelly: President Zelensky has been in Europe gathering support from the Europeans as he tries to navigate a complicated series of pressures to end this war. Is the feeling on the ground in Ukraine that that will be enough?

Corn: I would say that the Ukrainians are in a bit of shock to see that the United States seems to be walking away - or their sense is that the United States is walking away. Let's hope that's not the case. But they're concerned that there is a rift between Europe and the United States. I think they appreciate what the Europeans are doing, but almost every discussion we’ve had centers on the fact that they need the United States here. They need the United States to provide some kind of long-term security guarantees. And by the way, the Ukrainians have been saying for over a year that they are ready to come to an agreement. They are ready to be realistic and compromise. It's the Russians that are not doing that. It's the Russians that continue to push maximalist demands and that continue to scuttle the peace process, not the Ukrainians. And the Ukrainians are very frustrated that they seem to be being made the bad guys in this struggle when their country was the one that was attacked. Their cities are being bombed, their children are being killed, their schools are being destroyed, their infrastructure is being destroyed, and they don't really understand what's going on right now. And I hope that we can get back to the position of the United States where we've traditionally been, which is the U.S. standing with people who are fighting for their freedom and their sovereignty against a much larger and more dangerous dictatorship.

Goff: And of course, the recent high-level scandal involving the primary advisor to the President, Andriy Yermak, and his resignation has now been turned around by the Russians who are pointing a finger at this country, and it's resonating within certain circles in the United States. But that's laughable. This is coming from a country - Russia - which is a kleptocracy. Some have said that Ukraine is more corrupt than Russia. That's absurd. Russia is a kleptocracy. It's more like an organized criminal gang than anything else. And the idea that they would accuse Ukraine of being worse than them is crazy. But amongst Ukrainians, I think there's almost this kind of hope that this is some sort of a bad dream that will go away, that America will wake up at some point before it's too late and come riding to the rescue. But at the same time, the pragmatists here realize that maybe that's not going to happen, and it's time for Europe to step up. It's just like Putin gave the Ukrainians their national identity by invading them. The Trump administration is giving Europe the challenge to step up and take charge of their destiny.

Kelly: With Andriy Yermak stepping down as President Zelensky’s chief advisor we know that there's another way of looking at this, which is that Ukraine has set up these independent institutes to investigate and root out corruption at every level and it looks like they’re determined to do that which is an indicator that Ukraine's own anti-corruption efforts are working to some degree, but that message seems to be completely lost.

Corn: Yes. We've heard for a while now, that anyone who knows Ukraine, knows they have a problem with corruption. I've always said that it's baked into their system. The Russians baked this into the system going back hundreds of years, so you have to be realistic. They know it, and they talk about it, and they often talk about it openly. Having worked in Russia, it doesn't happen that way. People don't talk about it. They don't go to the streets and protest without being arrested and basically disappearing or being thrown out of windows. In Ukraine, there is a civil society element here. There is some control over the government, over the presidency, and there has been opposition and resistance to steps that were taken to try and squash the anti-corruption efforts. So, you have to give the Ukrainians credit because they're fighting a war, a horrendous war, and they are also trying to bring the country out of this ugly reality of corruption, which every country has and faces. But to deal with it, when you're in a full-scale war, it's something special. So in my opinion, we need to give 'em credit, and we also need to be clear-eyed and realistic and understand that without the United States' support, they're going to have a hell of a time making the changes that they need to make, and that many, many Ukrainians want to see made. They want their children to grow up in a country which has much less corruption and much more transparency.

Goff: This is a country where national polling has shown that people are more concerned about corruption than they are about the war at present. For the first time, polls have shown that corruption's a bigger problem than the war itself. That shows the awareness of the Ukrainian people. Corruption - we're not trying to downplay it - is a problem, clearly. But there are people who have exaggerated it to the point where if corruption were as bad as some would say it is, they would've lost this war three years ago, because that stuff has to get to the front. It's all going into the pockets of ministers.

Kelly: Has there been anything on this particular trip that surprised you or that you didn't expect?

Corn: Well, I mean for me personally, just I think the shock of the recent release of the National Security Strategy and the sense that somehow Europe is a problem or Europe is the enemy. I don't know if that was the intent of that document, but that worries the Ukrainians, and of course it worries many of our European partners. For those people, I have to say, yeah, we have our differences with Europe, and as an American I've often felt that the Europeans should be doing a lot more, but the Europeans have also done a lot with us over the years, and for all the Europeans out there, for those I've worked with over the years, I am very appreciative of everything that you did to support the United States in many, many hard parts of the world where we served side by side together. So, Europeans are not the enemy, and by the way, we've never done that with the Russians, and I doubt we ever will. I doubt the Russians will stand side by side with us on the battlefield and support us the way that our European partners have done.

Goff: I think my biggest surprise here was the fact that the lights are still on. With all the bombings, like I said, we had air raids every night. Every few nights the pattern seems to be that the Russians husband their missiles and drones so that at least once or twice every five to seven days, they have a massive attack of 50, 60 missiles accompanied by 400, 500, 600 drones. And they're going after the energy infrastructure here. The lights are still on but with reduced power. There are some places that are down to a few hours a day, but you know what? They've still put up Christmas lights. They've still put up decorations. People are still trying to cling to some sense of normalcy for the season to get through this winter, and that just shows that these people are incredibly resilient.

Kelly: What are you sensing will happen next based on who you've talked to and what you've seen since you've been on the ground in Ukraine?

Corn: I think the Russians are not going to make a peace agreement unless they get everything they want, and let's hope that we don't give them everything they want because they don't deserve it, they haven't earned it, and they're not in a position to accomplish it by the means that Putin keeps threatening to do it, which is military force. The Ukrainians have proven that they can hold the line. That's number one.

Number two, I hope that we come around to understanding that basically the right side here is the side of the Ukrainians. The Russians should be ashamed of themselves for what they're doing. They need to stop what they're doing, and we need to stand with the Ukrainians and teach Vladimir Putin a lesson as well as other dictators or potential autocrats like Putin and aggressors, that we're not going to stand on the sidelines, and we're not going to punish those people that try and defend themselves and support those people that aggress other people.

We have common values with the Ukrainians, which I was raised to believe in. I'm not speaking as a former intelligence professional. I'm speaking as an American, whose father served in the Army, whose brother served in the Army, and who dedicated his life to the United States of America. We did that because we believe in the values that the Ukrainians are fighting for right now, every day - in terrible conditions - and we shouldn't abandon them.

Goff: I think we're going to see some type of mobilization, an increased mobilization on the Russian side. Their losses are high while their territorial gains remain low and the Russian economy is faltering and Putin has not been able to browbeat the Ukrainians to give in and come to the table to seek just any deal. Ukrainians will come to the table. This is where I think the administration is making a mistake. The Ukrainians will come to the table if there is a more fair deal. The ideal arrangement will be where both sides are unhappy, but at this point, despite all the negative pressure on the Ukrainians, they're not going to just sign any deal that gets to the table, and that's going to put more pressure on Putin to continue the war. He's got to show some gains. So I think we're going to see some sort of mobilization on the Russian side.

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

The Cipher Brief's Recommended Reads for the Holidays

BOOK REVIEWS & RECOMMENDATIONS -- Welcome to our annual holiday book review and recommendations list, where we highlight some of the terrific books that have been reviewed and featured in The Cipher Brief in recent months. Since our summer newsletter, we've covered and reviewed more than 35 books – often sliced and diced by world-class subject matter experts. In this newsletter, we’ve singled out about a dozen that received our highest four out of four “trench coat” rating. As always, the books reviewed in The Cipher Brief represent an eclectic mix of topics ranging from the history of past wars to the prospects of future ones. We’ve included both fiction and non-fiction faves.

FICTION FAVORITES:

Tops on many folks’ list is The Persian: A Novel by veteran CIA analyst David McCloskey. For this one, we turned once again to Joe Zacks, a veteran of four-plus decades of government service, to offer his take. Zacks writes that The Persian may be the finest of McCloskey’s four spy novels to date (high praise given how well the first three were received). For this one, Zacks calls McCloskey’s novel “a sophisticated and multidimensional depiction of human nature and the motivations that propel people to action. It brings the HUMINT discipline to life, vividly portraying how a sophisticated intelligence service identifies, targets, and ultimately recruits and handles an agent while plumbing the depths of the agent’s psyche and inner conflicts.” To learn even more about the book – and its author – Cipher Brief CEO & Publisher Suzanne Kelly did a debrief with McCloskey in this fun-filled Cover Stories podcast.

To review veteran spy novelist Daniel Silva’s 25^th book, An Inside Job, we turned to a couple of CIA veterans – Anne and Jay Gruner. The latest Silva book brings back skilled art restorer and former Mossad chief Gabriel Allon, in a fast-paced tale involving art theft, European crime and corruption – and a newly elected Pope. The Gruners’ review declares that Silva has once again demonstrated that he is a master of his craft.

While Gabriel Allon, the hero of Silva’s novel, is a fictional former Mossad officer, a genuine Mossad alumni, Yariv Inbar, is also a prolific novelist. His latest book, Behind the Trigger, was reviewed for us by Dr. Ken Dekleva, a novelist in his own right and a former Regional Medical Officer/Psychiatrist for the State Department. With that background, Dekleva was quick to spot Inbar’s skill in describing the human, emotional, and psychological aspects of espionage. The book features two central female characters and a Middle East canvas.

Not all of the novels that won plaudits on The Cipher Brief came from long-time authors. There was the thriller The Moldavian Gambit by first-time novelist Brad Meslin about a man-portable nuclear device that goes missing at the time the Soviet Union was coming apart in the early 1990s and may have fallen into the hands of a terrorist -- and possibly smuggled into Paris. We asked James Lawler, a former CIA officer with deep experience in thwarting rogue state weapons proliferators and the author of several well-received novels himself to review it. Lawler gave Meslin high marks for technical accuracy and heart-stopping story telling. Meslin also joined us on a Cover Stories podcast to discuss what inspired him to write the novel and his sources and methods for keeping readers on the edge of their seats.

THE NON-FICTION BOOKS THAT ROCKED CIPHER BRIEF REVIEWERS:

With Latin American counternarcotics operations much in the news, a timely read is After Escobar: Taking Down the Notorious Cali Godfathers and the Biggest Drug Cartel in History reviewed by veteran government lawyer Terence Check. Written by former DEA agents Chris Feistl and Dave Mitchell with an assist from Jessica Balboni, the book tells the two-year saga in the mid-1990s of the investigation, apprehension, and prosecution of the leading “godfathers” of the Cali drug cartel (aka “Cocaine, Inc.”) one of the biggest multi-billion-dollar drug trafficking enterprises of all time. In his review, Check writes that After Escobar “is really a story about diplomacy, and the power it has as a force multiplier for our law enforcement and military….(showing) the reader the importance of the diplomatic cadre in helping to bring down the Cali Cartel by doing the hard work of negotiating with the Colombian government.”

The criticality of diplomacy was at the forefront of another book this fall. Great Power Diplomacy: The Skill of Statecraft from Attila the Hun to Kissinger by A. Wess Mitchell. The book was reviewed for The Cipher Brief by retired U.S. Ambassador Gary Grappo. In his review Grappo describes the book as “part history lesson and part instruction manual for national leaders and diplomats, reprising the tactics, strategies, methods and actions of previous major state leaders and diplomats who found themselves confronting similar great power contests.” Grappo lauds the book for being a: “resounding reaffirmation of the value and importance of diplomacy as an indispensable component of national power not just in the past but even more so today. The skills of its practitioners may need rejuvenating. But there is no denying that diplomacy ultimately holds solutions to the problems of today.”

Several books we will highlight here offer fresh looks at past history. Let’s start with one from Yale University Press: No More Napoleons: How Britain Managed Europe from Waterloo to World War One. The book was written by Andrew Lambert and one of our most prolific reviewers, Jean-Thomas Nicole, a Policy Advisor with Public Safety Canada, reviewed it. Nicole praised the book for its reminder of “the enduring utility of maritime power, the virtues of restraint, and the necessity of maintaining influence without overreach.” Nicole notes that these themes resonate strongly with today’s global challenges.

World War II and the events that led up to and followed it are often good fodder for books. Among those that stood out for us this year was “The Spy and the Devil” by Cipher Brief expert Tim Willasey-Wilsey. Journalist and author Michael Smith reviewed it for us and called it “one of the greatest untold stories of the Second World War intelligence.” It is the story of a Lithuanian-born ‘Baltic-German’ who ended up working for British intelligence and managed to penetrate the highest Nazi circles prior to the war including having several meetings with Adolf Hitler himself. Willasey-Wilsey also joined us on a Cipher Brief Cover Stories podcast to talk about this remarkable story.

In October, we published a review of The Traitor’s Circle: The True Story of a Secret Resistance Network in Nazi Germany – and the Spy Who Betrayed Them by Jonathan Freedland. Australian writer Susan Gorgioski reviewed it and told us the book reads like a detective novel but tells the real story of a “little-known group of opponents to the Nazi regime in Germany who were willing to sacrifice careers, social position, money, and ultimately for some, their lives.”

And then there was Rain of Ruin: Tokyo, Hiroshima and the Surrender of Japan by Richard Overy and reviewed by former senior CIA clandestine service officer (and Cipher Brief expert) Sonya Seunghye Lim. In her review, Lim praises Rain of Ruin for being a “thought-provoking and disturbing book” and its explanation for “why armed conflicts will continue to plague the world: dehumanizing the enemy, depersonalizing killings by making attacks as remote as possible, and glamorizing combat serve to palliate our collective conscience and to justify the persistence of jingoism.”

But not all the good stuff came from ancient history. CNN anchor Jake Tapper published a book in October called Race Against Terror: Chasing an Al Qaeda Killer at the Dawn of the Forever War. So, we turned to someone with deep expertise – Joe Zacks who was just wrapping up a 42-year career - half in the Army and half as a CIA officer - and whose final post was Deputy Assistant Director of the CIA for Counterterrorism, to review it for us. Perfect credentials to evaluate Tapper’s book which Zacks describes as “ a mix of detective story and legal drama” about a six-year odyssey of tenacious federal prosecutors trying to bring an al Qaeda terrorist to justice.

Some of our best received books were about future intelligence challenges. For example, there is The Fourth Intelligence Revolution: The Future of Espionage and the Battle to Save America by Anthony Vinci. We tapped Cipher Brief expert and principal with the Cyber Initiatives Group Glenn Gerstell to review that one for us. In his review, Gerstell describes the book as examining “the confluence of increasingly complex geopolitical challenges and of global technological advances” and tells us that the conclusion is that “America’s spy agencies must not merely adapt but also dominate this dynamic if we are to blunt (if not defeat) our adversaries.”

But no matter how good the technology is going forward, you’re gonna need people to make it all work right – and they need to be people who can get a security clearance. So, what do you need to know in order to try and do that? Fortunately, there’s a book for that. Trust Me: A Guide to Secrets: Who Gets Them and Why We Have Such a Mixed Track Record with Them by Lindy Kyzer. We trusted retired CIA Deputy Director for Analysis (and current Cipher Brief Expert) Linda Weissgold to review it. Weissgold is also a professor at Texas A&M’s Bush School of Government and Public Service in Washington, DC and says she now recommends the book to her students who want to understand the opaque yet crucial process of getting a security clearance. The book offers practical and philosophical advice that seeks to demystify the process.

While a little harder to give as holiday gifts, there are some podcasts interviews we highly recommend as well, including:

A discussion with Marine and CIA ground branch veteran – and award-winning writer Elliot Ackerman discussing his latest novel Sheepdogs.
A deep dive into North Korean matters with Ambassador Joe DeTrani on his memoir The North Korean Threat: Intelligence and Diplomacy.
A discussion with journalist and Marine veteran Chas Henry about a devastating Pacific cyclone that triggered a horrendous fire at Marine Corps Base in Japan.
And even a book by a publishing expert, Jane Friedman, who offers essential advice on how YOU can write your own book. Get her guide, The Business of Being a Writer, and maybe in a couple of years The Cipher Brief will be carrying a review of your book.

Before we go – we should note that some of our reviewers are really tough graders – and there are dozens of other books we’ve reviewed that came in with slightly under the four trench coat rating that we are certain you would enjoy. So, be sure to check out the complete list of reviews here.

Happy Holiday shopping and reading!

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Echoes of 1940: Learning from an Ally at War and Preparing the U.S. for the Next Fight

EXPERT OPINION / PERSPECTIVE — Eighty-five years ago, as the United States cautiously explored an expanded alliance with Great Britain, our own population was divided. London was already fighting for its very survival, standing alone after the fall of France; Washington was not yet fighting at all. Public opinion tilted toward isolationism, and President Roosevelt had to proceed slowly to avoid losing the support of both Congress and the U.S. public. Yet a year later, the Atlantic Charter was signed with Churchill, publicly declaring a shared stand against tyranny and an alliance that would stand for the rest of the century. But behind the scenes, the two leaders negotiated a deeper exchange: American weapons for British technology.

Through Lend-Lease, the United States sent destroyers and vital equipment to keep Britain in the fight against Nazi aggression. Less understood was what the U.S. quietly received in return: cutting-edge capabilities that would shape its own success once it entered the war. That historical moment holds lessons for today, with America again questioning its commitments abroad, and for the value of learning from a Ukrainian ally engaged in a war we are not fighting ourselves.

One of Britain’s most consequential contributions in 1940 was the technology behind “Chain Home,” an early, revolutionary radar network. A constellation of radio stations sent out beams whose returns revealed the direction, altitude, and approximate numbers of incoming Luftwaffe aircraft during the Battle of Britain. Integrated with human observers and command-and-control stations, the system allowed RAF leaders to deploy their limited squadrons with precision, conserving fuel, protecting pilots, and preserving the nation’s survival. As Churchill famously said of the RAF, “never in the field of human conflict was so much owed by so many to so few.”

That success was not only a triumph of courage but a triumph of rapid wartime innovation and operational learning. And it is exactly the kind of learning the United States must pursue now as Ukraine pioneers new modes of drone warfare against a technologically sophisticated adversary.

Drone warfare in Ukraine today is the chain home radar of our time. Today in Ukraine, that country “owes so much to so few”: drone warrior heroes fighting not only for their country, but for all of Europe and democracy. The drone operators and their innovation are helping Ukraine to stay in the war against overwhelming Russian numbers. The U.S. and other NATO allies have provided large weapons systems like HIMARS, ATACMS, Abrams tanks, and F-16s. All of these systems at one time were supposedly ruled out for Ukraine, only to be provided later. Meanwhile, Ukraine’s own drone industry and innovations have helped it to turn the tide of countless battles.

There has been frustration in the U.S., however, with the support. Many are asking: for all the weapons and funding we have provided to Ukraine, what are we getting back? Defending freedom and fighting Russian aggression for Europe and our allies should be enough for our arsenal of democracy. But it’s a fair question. It is understandable after 20 years of war that the American people want to know what else we are getting if the U.S. is to be so heavily engaged financially and militarily.

One of the things we are learning, and can learn even more ahead, are incredible lessons about the battlefield for our future force. The Army War College has led a multi-year effort to help in a project called “Call to Action: Lessons for the Future Force”. Others in various military training and testing commands across all our services, and our allies, are doing the same.

There are many more lessons to be learned, and not enough resources are being put into the fight. For years, the U.S. embassy and government were limiting the number of official Americans and contractors allowed into the war zone to work with and learn from the Ukrainians. That should end for good, and we should be flooding our ally with experts ready to help, but also to learn. One of the areas we should be drawing a lot more lessons from is drone warfare.

The Russian military and its intelligence services have learned a lot about drone warfare in Ukraine. They have stood up an entire new service of their troops devoted to drone warfare, as well as a drone center called Rubikon, which is changing the battlefield. The Russians are also using drones in gray warfare against NATO countries, to probe their borders, weaknesses at airports, and other facilities across the continent in what has grown in recent months into a wave of drone incursions. This is hybrid warfare practiced by a country and its intelligence services that have a long history of doing so: testing reactions, looking for weak points, antagonizing the alliance to find soft spots, or partners willing to acquiesce to Russian aggression.

In turn, we in the NATO alliance and in the U.S. are slow to adapt. The United States needs to deploy more personnel, more resources, more engineers, and experts into Ukraine to learn all the desperately valuable lessons about the world’s first truly all-encompassing drone war. It is monumental both in scale and evolution. Just as the United States learned valuable lessons about radar, which saved countless American pilots and other lives throughout World War II, we need to learn these important lessons from the Ukrainians about drone warfare before we may find ourselves engaged in a conflict we are not prepared for.

There are three salient lessons for those who are studying the war and how it has evolved just in the past four years. These are areas the U.S. should focus more resources on. The first lesson that we need to study from the Ukrainians involves the electromagnetic space on the battlefield and electronic warfare (EW). American soldiers have never operated in a battle space so encumbered by all manner of electromagnetic jamming, as is taking place every day across the battlefields of Ukraine. Cyber operations, both enabling and disabling various systems, command and control, and what is called “PNT” or the precision navigational systems of all manner of weapons— all are being jammed and interfered with on an unprecedented scale in the EW space.

The second lesson we need to understand and learn from are the ingenious innovations and adaptations that the Ukrainians, in particular, have carried out with their drones. Ukraine stood up an entire industry to build millions of the very smallest type of drones designed to target an individual Russian soldier in a trench, to much larger mother drones to carry other drones, deliver supplies, and even carry out strategic strikes like those against Russian bombers at airfields, taking off from “conex” shipping containers. These are remarkable operations and feats that we can mine for lessons from our Ukrainian allies. We are well behind their innovation and acquisition curve.

Third and finally, the most important lesson we need to learn from the Ukrainians is how to fight a war where we might be out-manned and out-gunned. That is not something the American people could have imagined for nearly a century. But Russia’s aggression is stark and unprecedented. Add to it the prospect of a potential war with China over the Taiwan Strait looming, which the Chinese are preparing and training for, also at an unprecedented level. They and the North Koreans are sharing weapons’ components and helping Russia evade sanctions. And in the case of the latter, North Korean soldiers are dying for Russia on the battlefield. They are getting the know-how and learning the lessons from Russia.

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

We are at a point where all of China’s conventional forces, with very few exceptions - on the land, sea, and air (save for nuclear forces)- outnumber the United States. China has a larger land army, a larger navy now by volume of surface vessels, and a Chinese Air Force that rivals our own and NATO’s airpower. Many will argue correctly that the Chinese do not have the experience of decades of combat, as our pilots do, nor the expertise of our sailors and soldiers on the ground. But as many famous generals have noted in history, “quantity has its own quality.” This is also a lesson from Ukraine, as overwhelming numbers of Russian troops are wearing down the front lines of Ukraine in the east. Overwhelming numbers of drones and artillery, as well as missile strikes combining in multi-vector attacks—all these are also making a significant impact on the battlefield.

We would be wise to engage with and learn more from our Ukrainian partners, just like the United States did 85 years ago from our British allies, before we were forced into war. It forged a “special relationship” that has stood for a century. We can hope for the same with our Ukrainian brothers and sisters fighting now against aggression in no less of a challenge to all of democracy than the Nazis were to Europe. Putin and his Chinese allies are out for world domination; make no mistake, we have to learn the lessons to prepare to fight and support our allies fighting again.

While we, supporters of Ukraine, hope this war will end soon, we also need to prepare for the next war. As Churchill said then, we should: “gather strength for the morning. For the morning will come. Brightly will it shine on the brave and true; kindly upon all who suffer for the cause; gloriously upon the tombs of heroes. Thus will shine the dawn.”

The dawn will come, but so will night again. We should learn from the Ukrainian heroes who have suffered through all the nights of this war, not doubt their commitment to freedom, nor our own obligation to support them.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Russia is Waging a Sabotage Shadow War on Europe

DEEP DIVE — In the darkness of night on November 15, a massive explosion ripped through a stretch of the Warsaw-Lublin railway line close to Mika, Poland, severing a critical logistics route used to ship military equipment and aid eastward from Warsaw toward the Ukrainian border.

The blast, caused by a C-4 explosive device, damaged the tracks and a passing freight train’s wagon floor, halting rail traffic and sending ripples of alarm through Poland, one of Ukraine’s staunchest allies.

Polish authorities quickly confirmed sabotage, charging three Ukrainian nationals — Oleksandr K., Yevhenii I., and Volodymyr B. — with executing the plot under Russian direction. The incident was not a lone act but part of a growing wave of covert operations targeting railways, ports, and pipelines across Europe, aimed at undermining support for Kyiv.

Ivana Stradner, a research fellow at the Foundation for Defense of Democracies, characterizes these actions to The Cipher Brief as Russia “waging a long, low-cost pressure campaign that targets not only the battlefield but everyday life across EU countries.”

Polish prosecutors outlined the operation’s chilling precision. In September 2025, Volodymyr B., arrested on November 20 and charged on November 22, drove Yevhenii I. to the sabotage site for reconnaissance, enabling the selection of the explosive placement. Oleksandr K. and Yevhenii I., the primary perpetrators acting on behalf of Russian intelligence, planted the device and a metal clamp intended to derail a train, then fled to Belarus, where Poland’s extradition requests remain pending.

Immediately following the attack, Foreign Minister Radoslaw Sikorski characterized it as “state terror.” Warsaw closed Russia’s last consulate in Gdansk, and thousands of soldiers were deployed nationwide to protect critical infrastructure. The Kremlin, nonetheless, rebuffed the accusations as “Russophobia” and vowed to retaliate by severing Polish diplomatic ties. This exchange of moves points, however, to a larger trend: the use of subtle, sophisticated attacks aimed at crippling Ukraine’s supply lines without triggering a full-blown escalation.

Proxies in the Shadows: Recruiting the Unwitting

Moscow’s strategy for sabotage is built on proxies, using local citizens and displaced people to carry out attacks and maintain Russia’s plausible deniability. The situation in Poland is particularly disturbing, where the involvement of Ukrainian nationals exposes an aggressive recruitment campaign aimed at vulnerable youth from their war-torn home country. Ukrainian security services have documented a sharp rise, reporting that Russian operatives have entrapped over 170 minors in the last 18 months, often luring them through Telegram channels disguised as job boards or casual chats.

The recruitment base consists of migrants from Eastern Europe and Russian-speaking citizens of countries where the sabotage operations are carried out. They are often individuals with criminal histories or financial problems. What begins as innocuous tasks — snapping photos of buildings or mailing postcards — escalates to planting bombs or torching vehicles, often with payments that seem too good to refuse.

Head of Ukraine’s National Police Juvenile Prevention Department, Vasyl Bohdan, described the ploy’s subtlety: “For the most part, the children don’t understand what is happening, or that it’s very serious.” Experts note that Russian operatives often begin by masquerading as sympathetic figures to build trust with their targets. Once the relationship is established, they leverage compromising material to secure compliance through blackmail. In one recent instance in Ivano-Frankivsk, two teenagers were promised $1700 each and thus embedded a device that detonated remotely, killing one and maiming the other.

“Russia’s intelligence services use Ukrainians inside NATO states because it blurs the political story and creates deniability, especially since many recruits are young, economically vulnerable, and have no prior ideological profile,” Natalya Goldschmidt, CEO of Lightning Associates LLC, a strategic geopolitical consulting firm focusing on Russia, Eurasia, and Latin America, tells The Cipher Brief. “Most of the initial interactions now happen through encrypted apps and seemingly low‑stakes’ tasks, such as taking photos of infrastructure, moving small packages, or counting vehicles, which makes these pipelines hard to spot before an operation moves from reconnaissance to action."

Ukraine’s countermeasures have gained traction, with police and NGOs flooding schools and camps with warnings, partnering with celebrities like boxer Oleksandr Usyk to drill home the dangers. Reports of attempted recruitments have surged to 74 this year, and successful cases have plummeted, as Bohdan noted: the number of successful child recruitment cases has decreased “exponentially over the past year.”

According to Goldschmidt, Moscow’s hybrid operations and cognitive warfare are most effective against a Europe already fragmented by domestic political crises, economic fatigue, and unresolved debates over migration and identity.

“The most worrying escalation over the next year or so is not one spectacular act, but a carefully timed cluster of incidents that together amount to a strategic shock: rail disruptions and warehouse fires at a critical moment for aid to Ukraine, damage to energy or data links in Northern Europe, and Russian drones killing or seriously injuring someone on NATO territory, all wrapped in enough ambiguity to delay a unified response,” she cautioned.

This proxy model extends well into Europe.

In October, Romanian intelligence smashed a parallel operation by arresting two Ukrainian citizens. The pair had smuggled bomb components — incendiary devices disguised in car parts and headphones — into Bucharest, targeting the Nova Post headquarters, a Ukrainian courier firm moving vital aid. In addition to thermite and barium nitrate, the packages included counter-surveillance measures, exhibiting classic Russian tradecraft. According to investigators, the duo is part of a wider network acting under Moscow’s direction, which has allegedly targeted Nova Post sites in Poland and elsewhere.

The threat became clearer that same week when Poland detained eight suspects tied to planned infrastructure attacks. Officials in Europe attribute these coordinated operations to Russian elite formations, notably GRU Unit 29155. General Andrei Averyanov leads the unit and is part of a dedicated sabotage hub under General Vladimir Alekseev, which marshals over 20,000 Spetsnaz operatives.

Hybrid Echoes: Testing the Article 5 Threshold

The sabotage wave laps at diverse shores, blending old-school explosives with cutting-edge disruptions to fray Europe’s logistical sinews.

There have been several cases of undersea fibre cable damage or destruction in the Baltic under murky circumstances, prompting high-level investigations. From Germany to the Nordic states, prosecutors and security services have reported a pattern of suspected sabotage in fires and parcel-incendiary incidents that have scorched logistics hubs and defense manufacturing sites.

At the same time, GPS and navigation jamming across the Baltic and northeastern Europe has surged — European ministers and national regulators report daily interference that has disrupted flights and aviation operations, and they warn of substantial economic impacts. In September, mass drone overflights and cross-border incursions, including a large wave of drones into Poland and a 19-September violation of Estonian airspace by MiG-31s, prompted NATO consultations and temporary airport closures in the region.

These disruptions, while seemingly tactical, tie directly into a broader strategic calculus aimed at testing NATO’s unity and response mechanisms.

The strategic heart of the issue is NATO’s collective defense clause. Stradner also notes that, “Vladimir Putin has been candid about his desire to discredit NATO’s Article 5 in which members pledge to treat an attack against one ally as an attack against all.” She argues that because Putin, “Trained as a KGB operative, is well versed in so-called ‘active measures,’” his goal is to challenge the alliance.

Alexander Graef, Senior Policy Fellow at the European Leadership Network, however, contends to The Cipher Brief that “the actual impact of these sabotage acts on the flow of aid to Ukraine remains extremely limited.”

In his view, the activities are primarily aimed “less at disrupting logistics than at influencing public opinion in Western societies by trying to convince voters that further support for Ukraine carries unacceptable risks.” He stresses that this strategy “rests on a misreading of Western threat perceptions,” as such actions tend to “reinforce the opposite conclusion: that Russia is a growing danger and that support for Ukraine, as well as investment in defense, must increase further.”

“The Article 5 threshold remains deliberately high. Invoking it requires consensus within the North Atlantic Council. It is hard to imagine such agreement emerging in response to low-level sabotage, ambiguous incidents, or non-lethal disruptions,” Graef said. Therefore, Moscow does indeed appear to be “calibrating its operations to stay well below that line. Still, it is not achieving its intended political effects.”

George Barros, Russia Team & Geospatial Intelligence Team Lead at the Institute for the Study of War, concurs to The Cipher Brief that Russia is “boiling the frog and NATO member states have so far elected to not treat Russian acts of war against them as they truly are.”

“Russia has already passed the threshold with its sabotage actions, manned aircraft airspace incursions, and missiles entering the airspace of Poland and Romania. Russia seeks to normalize this activity so that NATO de facto approves a new normal, in which case we don’t treat Russian acts of war seriously,” he noted. “The West has far too long allowed Russia to operate against us with relative impunity. The West must seize the strategic initiative from Russia and begin imposing dilemmas on Russia.”

Yet even as these operations escalate, analysts say Russia is careful to keep them calibrated just below the line that would trigger NATO’s collective-defense clause.

The problem with Article 5, as experts observe, is that the ‘hybrid’ qualities of ambiguity and deniability – which, it is feared, Russia would manipulate to come close to the Article 5 threshold without reaching it – can paralyze the institutional and political mechanisms of collective defense.

“Putin does this all the time. It’s the same pattern — gray-zone hybrid operations run out of the GRU,” former CIA station chief Daniel Hoffman, tells The Cipher Brief. “Operating against enemies on foreign soil with impunity and facing no repercussions. They’re sending a message.”

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Fortifying the Front: Europe’s Counteroffensive

While concerns over Russian interference deepen, Europe tries to fortify its infrastructure. In response to September’s airspace breaches, EU defense ministers accelerated deployment of a “drone wall” along the eastern flank.

To harden against airspace violations, Graef advises that measures must be tailored, noting that while airspace violations require increased internal coordination, harmonized rules of engagement, and improved information sharing, sabotage is primarily the responsibility of “police, counterintelligence services, and judicial authorities.”

He maintains that if Russia’s objective is to weaken European support, then “demonstrating political unity is in itself an important countermeasure.”

Maksym Skrypchenko, nonresident scholar in the Russia Eurasia Program, points out that, from Kyiv’s purview, European governments’ measures to protect infrastructure are catastrophically insufficient.

“Russia is several steps ahead, while Europe is acting reactively rather than proactively. Russian embassies remain operational, and Russian tourists continue to travel, which is being exploited not only for information gathering and influence operations but also for sabotage,” he tells The Cipher Brief. “European countries need to start with basic steps: acknowledge that they have a single major threat. Once this acknowledgment happens, the next step should be decisive action – ceasing the purchase of Russian energy resources, blocking Russia’s shadow fleet, expelling Russian diplomat-spies, strengthening infrastructure protection, and investing in acquiring Ukrainian anti-drone systems, to name a few.”

While some analysts discuss limited, deniable counter-sabotage in response, Graef warns that “such activities carry significant risks.”

“They can easily fuel an action–reaction cycle without generating meaningful deterrent effects,” he asserted, highlighting that the focus should remain on strengthening resilience, improving attribution, and coordinating clear response thresholds rather than “entering a covert tit-for-tat that neither deters nor stabilizes.

In the face of this persistent, multi-layered threat, Stradner believes the ultimate answer lies in deterrence through strength.

“We should not fear escalations as kindness is weakness for Putin, and he only understands the language of power,” she noted, underscoring that the consequences of continued inaction and ambiguity in the face of Moscow’s “new generation warfare.”

“Until NATO resolves the lack of clarity regarding Article 5’s threshold for acts of aggression warranting collective defense, Russia will continue to sabotage without the consequences of all-out war, and the Western response to this hybrid war will remain reactive and insufficient,” Stradner added.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Why an Unmanned Mission May be Most Effective in Venezuela

OPINION — Wars are increasingly fought by unconventional means. A recent example is Ukrainian insertion of unmanned aerial systems (UAS) to attack Russian airfields, launched from civilian outfitted trucks. The Israeli pager attacks are another example of leveraging unconventional means to achieve an outsized effect. Both examples demonstrate that unconventional methods can not only disrupt enemy forces and destroy key objectives, but also achieve tremendous psychological effects and by saturating the airspace, limit an adversaries ability to mount offensive operations.

While the U.S. continues a conventional military buildup off the coast of Venezuela, the lessons from the Ukrainian and Israeli conflicts may be prescient: the US can achieve most of our policy objectives with limited or no ground forces deployment into Venezuela. The authors assume the current U.S. administration’s objectives are centered on regime change without conventional warfare.

Venezuelan forces may be well-prepared for guerilla warfare. Reports are circulating that Russian “advisors” have been dispatched to Venezuela, and it is likely that the Venezuelan army is incorporating Russia’s lessons from Ukraine into their preparation. American forces meeting a small, well-prepared drone force could lead to unacceptable casualties, a prolonged conflict, unnecessary escalation, and international embarrassment.

We suggest, therefore, that if intervention in Venezuela is forthcoming, the U.S. should adopt a strategy centered on unmanned systems. Modern combat in Ukraine and Israel provide a viable model.

Our proposed strategy suggests leveraging a combination of UAS and unmanned ground vehicles (UGV) to weaken the Maduro government’s internal support, and hasten favorable conditions for peace - again, assuming “regime change” or negotiated peace are the desired endstates.

How the U.S. Military Thinks of War

The U.S. Military uses a six-phase planning model to describe the progression of an operation or campaign. This continuum begins with Phase 0: Shape, which involves continuous peacetime activities to influence the operational environment and prepare for contingencies. As an operation develops, the force moves to Phase I: Deter, demonstrating capability and resolve to dissuade, followed by Phase II: Seize Initiative once hostilities begin, gaining access and advantage. The core combat phase is Phase III: Dominate, which involves applying overwhelming combat power to defeat the enemy force. The final stages, often requiring significant force commitment for irregular warfare, are Phase IV: Stabilize, focusing on securing the operating area and providing security, and Phase V: Enable Civil Authority, which transitions security and control back to legitimate local governance to establish a lasting peace. Technologies are used in every phase as a strategic force multiplier.

Proposed Unmanned Systems Strategy

Phase 0 should begin immediately. This phase would be centered on information collection around the capital, Caracas, and the economic epicenters, Venezuela, Maracaibo, Valencia, and Barquisimeto, as well as oil refineries, given their central importance to the Venezuelan economy. Significant real-time intelligence collection could be achieved by leveraging High Altitude Long Endurance (HALE) aircraft coupled with pervasive small, ground-based sensors. UGVs would provide long-term, ground-based multi-disciplined intelligence collection capabilities, leveraging commercial off-the-shelf technologies (proven effective in Ukraine) to reduce risk of exposing sensitive or proprietary technologies.

The assessed trigger for escalation would be a breakdown of negotiations over a change of government. Subsequent operations would focus on precision degradation and infrastructure interdiction, designed to be quick, minimize political fallout, and avoid direct engagement with Venezuelan forces. Generally, operations would seek to scale between Phase 1 - Deter, and Phase 3 - Dominate, to apply and then relieve pressure on the Venezuelan government and population as needed to degrade political will and popular support. Operations should be carefully crafted, and targets thoughtfully selected, not just for military effect, but for their psychological and political impact.

Aerial and Electronic Warfare Dominance

The first actions would be entirely aerial, focused on blinding the Venezuelan government and shaping persistent intelligence, all while demonstrating the ability to dominate without causing significant destruction. The U.S. could suppress air defenses using high-altitude, stealth drones, and specialized EW drones to undermine government influence and degrade command and control. Targets would include Venezuela's air defense systems, mostly Russian S-300VM and Buk-M2E missile batteries, and radar networks. Key locations would be targeted with precision-guided munitions or overwhelmed and jammed by EW drones before kinetic strikes to establish air superiority for subsequent UAS waves.

What national security news are you missing today? Get full access to your own national security daily brief by upgrading to Subscriber+Member status.

Targeting Command and Control

The U.S. could leverage loitering munitions and specialized communications relay and jammer UAVs to target key military and government communication nodes, high-frequency transmission sites, and satellite ground stations. Small, inexpensive UAS could be coupled with highly mobile UGVs to extend range, and to achieve precise sequencing, impressing urgency and conveying the message that the Maduro government is inept. By severing communication links between the military high command and field units, the U.S. could cause decentralized chaos, which would degrade the will to fight. Unmanned surface vehicles (USVs) and unmanned underwater vehicles (UUVs) could contain Venezuelan forces, targeting the fleet to deny freedom of movement.

Given instability in Venezuela and the Maduro Government’s demonstrated willingness to enter into discussions, well-sequenced escalation and deescalation may provide the necessary impetus to achieve the desired effect. Minimizing destruction up to this juncture reduces the subsequent burden of rebuilding, which would increase popular support for a replacement government. Minimizing damage would also reduce the likelihood of causing unintended regional instability through large-scale human displacement.

With their extended battery life and ability to recharge with onboard solar panels or from civilian power sources, UGVs provide an ideal baseline for extended operations, providing prolonged ground-based intelligence and surveillance. Information from onboard sensors, long-term intelligence collection, could provide timely battle damage assessments, and would shape planning for subsequent operations.

Well-Timed Precision Strikes

Small UAS loaded with precision explosive and cyber and EW payloads could be loaded onto UGV and transported deep within the country, where they would be staged for well-timed, precision operations to set conditions for negotiations. Disabling power to cause temporary service blackouts, or disrupting and corrupting government information campaigns would allow the U.S. to control the narrative. These precision operations should be choreographed and limited to eliminate harm to civilians.

Precision strikes launched from UGVs could damage government buildings and political headquarters, timed for maximum media coverage, to demonstrate penetration and weakness. Cellular towers could be struck with small munitions to inconvenience and frustrate the population. These limited actions could continue near indefinitely, and would reinforce the narrative that Maduro is weak and incapable, increasing the likelihood of a timely resignation.

UGVs with an explosive payload could be covertly controlled over cellular networks over extended distances, to strike key locations such as bridges, military installations or troop concentrations deep within Venezuela. In the event of a troop deployment, UGV could also be outfitted with weapon platforms such as machine guns or grenade launchers, for force protection.

Subscriber+Members get exclusive access to expert-driven briefings on the top national security issues we face today. Gain access to save your virtual seat now.

Conclusion

With warships off the coast and the airspace over Venezuela “closed”, all signs indicate that the U.S. administration intends to leverage the military to achieve a political objective. There are two options should we choose to proceed. The first is a conventional war, with high financial cost, significant political risk and moderate risk of casualties. The second option is to leverage our growing unmanned systems arsenal, where financial costs will be relatively low, and the risk of casualties will be minimal.

The lessons from modern conflicts in Ukraine and Israel overwhelmingly provide a model for moving towards an agile, unmanned systems-centric strategy. This agile approach, moving from pervasive intelligence collection to targeted electronic warfare and precision kinetic strikes, if choreographed with other effects, would exert maximum political and psychological pressure. It also minimizes collateral damage by avoiding direct military engagement with Venezuelan forces.

This strategy has several advantages: it drastically reduces the risk of unacceptable casualties for American forces, and it minimizes the destructive aftermath that traditionally prolongs conflict and burdens post-conflict reconstruction. An unmanned systems strategy also enables the U.S. to move fluidly between deterring and dominating to maximize effects, and serves as a strong deterrent against countries who might doubt America’s ability to fight and win in modern combat.

Ultimately, the choice to intervene will always be a political one. However, if such action is deemed necessary, adopting a nearly exclusive unmanned strategy offers a path to achieving a political end-state quickly and cleanly. It is a recognition that the future of modern warfare is defined not by the size of a conventional buildup, but by the strategic, ethical, and precise application of unmanned systems to effect change.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

America’s Antibiotic Weakness Is a National Security Blindspot

OPINION – Offshoring and outsourcing antibiotic production to China and India is putting America’s access to lifesaving medicines at risk. It’s time to implement antibiotic security measures before a supply crisis occurs. The first step is rebuilding onshore fermentation manufacturing capacity.

Antibiotics have significantly improved life expectancy and overall public health for over 80 years. Penicillin alone has saved approximately 200 million lives. Its discovery paved the way for further advancements in antibiotics that have saved hundreds of millions more.

From the 1940s to the late 1980s, the United States led global antibiotic manufacturing. The volume of fermentation capacity required to produce antibiotics in the U.S. was a key measure of this. However, over time, pharmaceutical companies steadily outsourced and shifted antibiotic manufacturing to other countries, largely driven by opportunities to reduce costs and avoid capital investment.

Today, the production of antibiotic active pharmaceutical ingredients (APIs) is concentrated in a handful of countries; nearly 70% of the manufacturing sites for a representative shortlist of 40 antibiotic APIs are in India and China (with the majority in China). More concerning, the United States no longer has any significant fermentation manufacturing capabilities to produce antibiotic APIs onshore (see Table 1).

Fermentation capacity for manufacture of antibiotics in USA

Year	Fermentation Capacity (Liters)
1944	400,000
1984	18,000,000
2024	Less than 400,000

This reality creates risks to health security and equitable access to key medicines, especially since antibiotics are such an essential tool for combating infections. In 2024, there were 256 million prescriptions for antibiotics distributed in the U.S. alone. Yet, the amount of antibiotics manufactured in the United States has dwindled to a concerningly low level; 92% of the 111 most-prescribed antibiotics have no U.S. source as of 2021. Worse, antibiotics are 42% more likely to be in short supply than other drug products.

Save your virtual seat now for The Cyber Initiatives Group Winter Summit on December 10 from 12p – 3p ET for more conversations on cyber, AI and the future of national security.

During the COVID-19 pandemic, India limited exports of two common antibiotics, tinidazole and erythromycin (among other drugs), due to dwindling supply of APIs resulting from the temporary closure of Chinese manufacturing facilities. And, in 2017, there was a global shortage of two other antibiotics, piperacillin-tazobactam and benzathine penicillin, because a single factory in China shut down. Just three API manufacturers for these products remain, all in China.

Other countries are already steps ahead of the U.S. in securing their own antibiotic supply. India’s Production Linked Incentive (PLI) scheme, for example, enhances antibiotic security by promoting domestic manufacturing of APIs, key starting materials (KSMs), and drug intermediates. This reduces India’s reliance on imports, and plays a crucial role in protecting Indian public health.

For its national security, the United States must bring antibiotics manufacturing back home. Key is maintaining a level of fermentation manufacturing capacity. This would enhance domestic ability to respond to public health emergencies and minimize the impacts of global supply chain disruptions and geopolitical tensions. Beyond improving antibiotic security, increasing capacity in the U.S. would create net new jobs and enable the implementation of improved and lower cost technologies.

Collaboration between the government and the private sector, particularly via government funding, is crucial to catalyze change in the production landscape. It would also drive innovation in manufacturing processes. To bring fermentation capacity back onshore, something the U.S. has already done to ensure access to other key products, there will have to be incentives.

The CHIPS and Science Act, for example, reduces U.S. dependence on foreign semiconductor manufacturing, particularly from geopolitical rivals like China. The Act provides $52.7 billion in funding to boost domestic semiconductor production, research, and workforce development, ensuring that the United States maintains a secure and resilient supply of critical microchips used in defense, infrastructure, and consumer technology. Antibiotics should receive the same treatment.

Given that higher costs to produce antibiotics onshore drove antibiotic production overseas in the first place, further economic incentives, such as tax credits and subsidies, are also needed. These could motivate pharmaceutical companies to invest in manufacturing capacity domestically. Contract manufacturing organizations (CMOs) and generic drug suppliers should also be targets of these incentives since generics represent over 80% of antibiotic market share by revenue.

Finally, guaranteed purchasing agreements from the government or public entities can provide financial stability for antibiotic manufacturers and make investing in fermentation or manufacturing capabilities a more attractive, lower risk opportunity.

These opportunities are not without challenges. Pharmaceutical companies have historically prioritized more profitable, chronic disease treatments; antibiotics are prescribed for short durations and generate significantly less revenue compared to other drugs. Any new economic incentives need to be meaningful enough to bridge this gap significantly.

In the meantime, the government should continue stockpiling antibiotics to insure against future shortages. Currently, the U.S. maintains an undisclosed amount of antibiotics through the Center for the Strategic National Stockpile (SNS), but a longer term manufacturing strategy is required to improve safety and reduce risk of shortage.

Access to antibiotics is too critical to simply let cost dictate where production occurs. At the end of the day, this is about protecting our ability to combat infection and preserve the health of the American people.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Can Europe Survive the New Multipolar World?

EXPERT PERSPECTIVE — For more than three decades after the Cold War, Europe lived under the illusion that history had settled in its favor. Liberal democracy seemed ascendant, global markets expanded without friction, and American military primacy insulated the continent from hard-power competition. Under those conditions, the European Union could focus on enlargement, regulation, and internal integration rather than geopolitics.

That era is finished.

A new multipolar world, shaped primarily by the United States, China and Russia has taken hold, and Europe’s place within it is increasingly uncertain. The EU now faces a destabilizing combination of external pressures and internal constraints that call into question its long-term strategic relevance. The next decade will determine whether Europe becomes a genuine pole of power or resigns itself to being a geopolitical appendage.

The End of Post-Cold War Certainties

The post-1991 Western order rested on three assumptions: U.S. military dominance, deepening globalization, and the notion that political liberalization would eventually spread worldwide. Each of these pillars has eroded.

U.S. primacy is no longer guaranteed. Washington is now stretched between deterring China in the Indo-Pacific, supporting Ukraine, and managing crises in the Middle East. American policymakers—across both parties—increasingly resent Europe’s reliance on U.S. defense guarantees and expect the EU to realign its China policy with America’s priorities. Europe’s security depends on a partner whose long-term predictability it cannot ensure.

Globalization is fragmenting. The pandemic, geopolitical rivalries, and technological decoupling between Washington and Beijing have shattered faith in frictionless global supply chains. Europe, whose prosperity hinges on exports, advanced manufacturing, and access to global markets, feels the squeeze.

Authoritarian resilience has replaced Western convergence. China’s techno-authoritarian model and Russia’s militarized nationalism offer alternatives to liberal democracy. Across Africa, the Middle East, and South Asia, states increasingly hedge rather than take sides, reducing the EU’s ability to shape norms or export its model. The world is no longer moving toward Europe. It is moving away from it.

The New Power Triangle: Washington, Beijing, Moscow

1. The United States: indispensable, but increasingly impatient

The U.S. remains the only actor capable of deterring Russia on Europe’s behalf, and without American intelligence, logistics, and weaponry, Ukraine’s position would be far more precarious. Yet Washington’s strategic focus is shifting eastward. In every administration, the question recurs: Why should America subsidize European security indefinitely?

Growing U.S. skepticism combined with the possibility of future political shifts exposes Europe’s most dangerous vulnerability: dependence on an ally whose priorities are changing faster than Europe can adapt.

2. China: Europe’s vital economic partner turned systemic rival

China is indispensable to European industries from electric vehicles to renewable energy to pharmaceuticals. Yet Beijing’s industrial subsidies, strategic investments, and political influence operations challenge the EU’s economic model and internal cohesion. As Washington accelerates decoupling, Europe is pressured to follow suit at high cost to its own industry.

China is no longer just a market; it is a shaping force in a global system that Europe struggles to influence.

3. Russia: the security threat that will not disappear

Russia’s invasion of Ukraine shattered Europe’s illusions of a “post-historic” continent. Even after the initial shock, Moscow’s ongoing militarization signals a long-term confrontation. Europe’s sanctions, energy diversification, and support for Kyiv have been substantial but the EU still lacks the military and industrial backbone to sustain a prolonged, high-intensity conflict without the United States.

Russia is not a temporary crisis. It is a structural challenge.

Europe’s Structural Weakness: Power Without Agency

Europe has economic weight, technological capability, and regulatory influence but struggles to convert them into geopolitical power.

1. Fragmented decision-making. EU foreign policy requires unanimity, making coherent action nearly impossible. France pushes for “strategic autonomy,” Germany for economic stability, Poland for deterrence, Italy for flexibility. Diverging priorities fracture the bloc at every major juncture, from China policy to Middle East diplomacy.

2. Military insufficiency. Despite increases in defense spending, Europe remains dependent on the U.S. for intelligence, logistics, command-and-control, missile defense, and advanced weapons. The continent’s defense industry is fragmented into dozens of incompatible national systems that a luxury Europe can no longer afford.

3. Economic vulnerabilities. From semiconductors to critical minerals, Europe relies on external suppliers. In a world defined by technological blocs and industrial rivalry, the EU risks being squeezed between U.S. security demands and Chinese economic dominance.

4. Demographic decline. Aging societies and shrinking workforces reduce the EU’s long-term competitiveness and its ability to project power.

These vulnerabilities do not make Europe irrelevant—but they do make it reactive.

Three Possible Futures

Scenario 1: Strategic Autonomy Becomes Real

Europe could choose to become a coherent geopolitical actor—pooling defense procurement, adopting majority voting on foreign policy, investing heavily in its defense industry, and crafting a unified China strategy. This would give the EU real agency.

But achieving this requires political courage that Europe has rarely demonstrated.

Scenario 2: Renewed Atlantic Dependence

The EU may double down on the U.S. alliance, accepting a secondary role in global geopolitics while focusing on economic and regulatory power. This is the easiest path both politically and financially but it leaves Europe dangerously exposed to America’s domestic turmoil.

Scenario 3: Fragmentation and Decline

If member states continue to pursue conflicting national policies and U.S. attention continues shifting to Asia Europe risks strategic irrelevance. In this scenario, global powers shape Europe’s environment, while Europe merely adapts.

This path is unlikely to be dramatic. Decline rarely is. It is slow, quiet, and comfortable until suddenly it is not.

Europe Must Choose Power Over Comfort

The multipolar world will not wait for Europe to get its act together. The question is no longer whether the EU wishes to become a global actor; it is whether it can afford not to.

Europe’s future is binary:

A genuine geopolitical pole, capable of defending its interests. A subordinate ally, protected but strategically constrained. Or a divided continent, overshadowed by the ambitions of others. For three decades, Europe believed it had escaped history. Now history has returned with force. Whether Europe survives the new multipolar world depends on whether it chooses power over comfort, strategy over complacency, and unity over drift.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Inside the Pentagon IG’s Findings on Signalgate

OPINION — “The [Defense] Secretary [Pete Hegseth] sent nonpublic DoD information [on March 15 at 11:44 EDT] identifying the quantity and strike times of manned U.S. aircraft over hostile [Houthi] territory [in Yemen] over an unapproved, unsecure network [Signal] approximately 2 to 4 hours before the execution of those [U.S. aircraft] strikes. Using a personal cell phone to conduct official business and send nonpublic DoD information through Signal risks potential compromise of sensitive DoD information, which could cause harm to DoD personnel and mission objectives.”

That was one finding from the December 2, Defense Department Inspector General (DoD IG)] report entitled Evaluation of the Secretary of Defense’s Reported Use of a Commercially Available Messaging Application for Official Business that was released last Wednesday.

Another finding was “We [Office of the DoD IG] concluded that the [Defense] Secretary [Hegseth] sent sensitive nonpublic, DoD operational information that he determined did not require classification over Signal on his personal cell phone. Although EO 13526 [Executive Order on Classified National Security Information] grants the [Defense] Secretary the authority to determine the proper level of classification of DoD information, we concluded that the Secretary’s actions did not comply with DoDI 8170.01 [DoD Policy for social media accounts] which prohibits using a personal device for official business and sending nonpublic information over a non-approved commercially available messaging application.”

So in that first finding the DoD IG found Hegseth’s message potentially endangered U.S. military members and their mission, and in the second finding the DoD IG said the Defense Secretary had violated DoD policy.

On Wednesday evening, after public release of the DoD IG report, Hegseth on X messaged, “No classified information. Total exoneration. Case closed. Houthis bombed into submission. Thank you for your attention to this IG report.” At roughly the same time, Pentagon spokesman Sean Parnell in a statement said: “Total exoneration of Secretary Hegseth and proves what we all knew – no classified information was shared. The matter is resolved and the case is closed.”

Of course the DoD IG report is the opposite of “total exoneration,” and by no means should the case be closed. In fact, this entire matter should have been an illustration to the Trump administration that it cannot get away with lying about serious matters, but nonetheless they have continued to try.

The history of this DoD IG report shows that Hegseth and others in the Trump administration even failed to cooperate in the IG’s investigation.

For example, the DoD IG report said frankly, “The Secretary declined to be interviewed for this evaluation.” Hegseth did, after four months, supply to the IG Office a July 25, one-page, five paragraph statement. In it, Hegseth used two paragraphs to defend the questioned details in his March 15, Signal chat message, arguing at one point the information was “either not classified, or that I could safely declassify [it].”

Meanwhile, there were other times of non-cooperation. The DOD IG report said, “We requested a copy of the Secretary’s communications on Signal on or about March 15. According to a senior official in the Office of the Secretary of Defense (OSD), the Secretary declined to provide us direct access to his personal cell phone.”

At another point, when the DoD IG was trying to get a full transcript of the March 15, Signal chat, it found that OSD had a consolidated version it received from the White House Counsel’s Office, but the request for a copy was declined “because it was not a DoD-created record.”

The DOD IG report, itself, originated from a request back on March 26, by Sens, Roger Wicker (R-Miss.) and Jack Reed (D-R.I.), the Chairman and Ranking Member of the Senate Armed Services Committee.

The two Senators were reacting to two articles dated March 24, and March 26, on The Atlantic website written by Editor Jeffrey Goldberg, who had described that somehow then-National Security Advisor Mike Waltz had made Goldberg part of a Signal chat group of senior Trump administration officials named the Houthi PC small group. The chat group included Vice President JD Vance, Secretary of State Marco Rubio, Secretary Hegseth, Director of the Central Intelligence Agency John Ratcliffe, and Director of National Intelligence Tulsi Gabbard.

What national security news are you missing today? Get full access to your own national security daily brief by upgrading toSubscriber+Member status.

Goldberg’s March 24, Atlantic article alleged that on March 15, the Signal chat group received from Hegseth sensitive war plans about the U.S. air strikes before they took place on Yemen that day. The Atlantic initially chose not to print those war plan details because potentially they contained classified information. Although the White House initially said the story seemed authentic, Hegseth initially said, “Nobody was texting war plans, and that’s all I have to say about that."

By the next day, the Trump administration had settled on their response. Appearing on March 25 before the Senate Select Committee on Intelligence, CIA Director Ratcliffe said, “The Secretary of Defense is the original classification authority, and my understanding is that his comments are that any information that he shared was not classified.” DNI Gabbard, appearing with Ratcliffe, echoed him saying, “There were no classified or intelligence equities that were included in that chat group at any time.”

After the denials, The Atlantic on March 26, then published Goldberg’s subsequent article which contained Hegseth’s pre-strike details. They gave the scheduled March 15 time of the first F-18 launch package; the time the first strike F-18s should reach “Target Terrorist;” the time of launch of MQ-9 strike drones; the time launch of second F-18 package; the time “when first bombs will definitely drop,” and the time when F-18 2nd package strike begins; and the time when the first sea-based Tomahawk missiles launched.

Although Hegseth claimed, “there were no details that would endanger our troops or the mission,” anyone who knew where the F-18s were based, their time of departure and the expected time bombs were to be dropped in Yemen might have been be able to determine the targets.

The DoD IG report concluded, “If this information had fallen into the hands of U.S. adversaries, Houthi forces might have been able to counter U.S. forces or reposition personnel and assets to avoid planned U.S. strikes. Even though these events did not ultimately occur, the Secretary’s actions created a risk to operational security that could have resulted in failed U.S. mission objectives and potential harm to U.S. pilots.”

Nominations for outstanding leaders in national security and intelligence are now open for the 2026 Cipher Brief Honors Dinner. Find out more here.

Another issue raised by the DOD IG report is that Hegseth was involved in other Signal chat groups into which he could have put additional classified information.

For example, the DOD IG reported, “One of the officials we spoke with stated that the Secretary posted the same sensitive operational information concerning the March 15, Houthi attack plans on the ‘Defense Team Huddle’ group chat.” That was a chat group Hegseth established from his personal and professional inner circle in January 2025, before his confirmation as defense secretary, and included Hegseth’s wife, Jennifer, who is a former Fox News producer.

The New York Times reported the Defense Team Huddle chat group also included Hegseth’s younger brother, Phil Hegseth, who has since become a senior adviser to the Defense Secretary and a DoD liaison officer to the Department of Homeland Security (DHS).

Other OSD officials told DoD IG investigators there are “multiple additional Signal group chats in which the Secretary allegedly participated to conduct official DoD business and transmit nonpublic DoD information,” according to the IG report. “Two officials stated that they were part of several group chats, and one of them stated that the Secretary and others used the chats to coordinate meetings, respond to media inquiries, or alert staff to check their official email accounts.”

That was another reason, the report said, “why we [DoD IG] requested copies of messages from these other Signal group chats, as well as access to the Secretary’s personal cell phone,” which so far have been unsuccessful.

I must conclude this article by saying that much credit goes to the DoD IG office, and Acting DoD IG Steven A. Stebbins. They did an admirable job on this inquiry given the lack of cooperation from their top bosses to this inquiry. They showed the professionalism looked for and needed in federal government employees.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

What China’s ‘World-Class Navy’ Means for the U.S. and Asia

DEEP DIVE — On a Wednesday in November, with Chinese President Xi Jinping looking on, the People’s Liberation Army Navy (PLAN) commissioned the 80,000-ton Fujian, the country’s third aircraft carrier and largest to date, in a ceremony that also featured its latest Navy stealth fighters, helicopters and command aircraft. A week later, China’s Ministry of Defense announced that the Sichuan, one of the world’s largest amphibious assault ships, had completed initial sea trials and would be ready for deployment next year. And last week, Shanghai is hosted “Marintec China,” the largest maritime conference in the world.

These are all signs of China’s continued rise as a maritime power and challenger to U.S. supremacy on the seas. And they have happened at a lightning-fast pace.

China now has “a world-class Navy,” retired Rear Admiral Mike Studeman, a former Commander of the Office of Naval Intelligence, told The Cipher Brief. “It's not, ‘Hey, we're going to achieve this in 2049.’ And it's just not in the numbers, it's in the quality. These ships are modern by any standard.”

The recently commissioned Fujian is the first Chinese carrier (and only the second in the world, after the U.S. Gerald R. Ford) to be equipped with electromagnetic catapults for launching aircraft. As for the new amphibious vessel, the Sichuan, experts have been impressed both by its sophistication and the fact that it was built in just over two years.

Top U.S. Navy officials are taking note. On an Asia-Pacific tour last month, Admiral Daryl Caudle, the U.S. Chief of Naval Operations, acknowledged the new carrier and assault ship and the overall “impressive” growth of China’s Navy.

“How they utilize those aircraft carriers globally is, of course, a concern of mine,” Adm. Caudle said in Japan. As for the Sichuan assault vessel, Adm. Caudle said, “We’ll watch that very closely and see what they’re going to do there. That’s a large ship, very capable.”

Experts say the recent milestones are the latest evidence of gains that have seen China’s Navy surpass the U.S. fleet in overall numbers while boosting the quality of its vessels as well.

“It's impressive,” former Rear Admiral, Mark Montgomery, told The Cipher Brief. “They're building a hundred merchant ships for every one we build, and two warships for every one we build. And they have quantitatively exceeded the size of our U.S. naval ship numbers.”

Montgomery was quick to add that China’s advances “don’t mean they have a more capable Navy” than the U.S. In terms of the quality of submarines and destroyers and carriers – “your choice, ship class after ship class,” as he put it – the U.S. remains without peer. But Montgomery and others say that China has rapidly narrowed the quality gap, and already changed the strategic equation for any potential conflict over the South China Sea or Taiwan.

China is “building a lot of ships, but the technological sophistication of those vessels has also significantly increased,” said Matthew Funaiole, Senior Fellow at the China Power Project at the Center for Strategic and International Studies (CSIS). “They're really trying to compete with other countries – and they obviously have their sights set on the U.S. in terms of maritime dominance in the region.”

The Trump Administration issued an executive order in April to jumpstart the U.S. shipbuilding industry and restore “American maritime dominance,” but experts say the U.S. has work to do to match the urgency of the Chinese buildup.

“The shipbuilding capacity in China now dwarfs that of the United States,” Emmanouil Karatarakis wrote in a recent analysis for The Cipher Brief. Citing estimates that China's overall shipbuilding capability (armed and unarmed) is now hundreds of times larger than the U.S.'s, he added, “This imbalance has far-reaching implications for long-term strategy and wartime readiness.”

Subscriber+Members are invited to join in an exclusive virtual conversation on Monday, December 8 at 2:30p ET on Russia’s Gray Zone Operations in Europe with former leaders from the Department of Defense, CIA, NATO and the British Foreign Office. Members receive links to register via email.

Not a Subscriber+Member? Let’s fix that.

China’s maritime rise

As with many elements of China’s rise as a global power, this one began in the early 1990s. At the time, China’s Navy was deployed primarily to guard its coastline – and while precise figures are hard to come by, estimates of its 1990 force range from 350-400 vessels, most of which were small patrol craft. Back then, the PLAN had no modern destroyers or submarines, and when China first put a carrier to water – in 2012 – it was a retrofitted Soviet vessel (the ship had actually been built in the 1980s, in the then-Soviet republic of Ukraine).

Today, China’s Navy boasts more than 1,000 vessels, including roughly 370 warships and submarines in what the Pentagon calls China’s “battle force” capability. The bulk of this rags-to-riches rise in maritime assets has come during the tenure of Xi Jinping.

“Xi Jinping has always been clear-eyed about the fact that a great power is a maritime power,” RADM Studeman said. “He personally understands that China, in order to be the leading power in the world, needs to have a maritime capability bar none. And that's the course they're on.”

Beijing has taken advantage of a booming commercial shipbuilding industry and the fact that – unlike in the U.S. – the civilian and military sectors in China are intertwined. Shipbuilding was included in the 10 core technologies in Beijing’s “Made in China 2025” industrial strategy, a blueprint for competing with global leaders in key industrial sectors.

A CSIS report offered staggering evidence of China’s maritime rise: the country’s share of global shipbuilding has jumped from 5% in 1999 to roughly 50%, while the U.S. now builds fewer than 1% of commercial ships globally. China’s largest state-owned shipbuilder built more commercial vessels by tonnage in 2024 than the entire U.S. shipbuilding industry had built since the end of World War II.

As for warships, China is now on track to have a 425-ship fleet by 2030, while the U.S. Navy currently has fewer than 300 deployable battle-force vessels – a total which experts worry may drop as aging ships are retired faster than new ones are put to water. “The growing size and sophistication of China’s Navy, combined with Beijing’s increasing assertiveness,” the CSIS report said, “poses major challenges to U.S. and allied military readiness and deterrence in the Indo-Pacific.”

Strategic implications

Experts say there are two basic strategic aims behind China’s maritime growth: preparing for potential conflict in the region, and adding a critical element for the country’s projection of global power and influence.

For the latter goal, the Fujian adds a major “chess piece,” as RADM Studeman put it, helping the PLAN expand its growing “blue-water” capabilities and extend its reach well beyond China’s Southeast Asian neighbors.

“They have been going up into the Bering Sea and parts of the Arctic and Antarctic,” Studeman said. “And they've been able to expand their footprint and develop their capabilities in an evolutionary way, which has been remarkable to see.”

The new carrier group might also be used in a maritime blockade of Taiwan, global humanitarian missions, and show-of-force deployments far from China’s shores.

“China wants to have the ability to operate globally,” Funaiole told The Cipher Brief. “I don’t think they want to do the same things the U.S. does, which is to have forward-positioned fleets all over the world. But they do want the ability to operate in different regions that are further and further away from the Chinese mainland, and you need to have a blue-water Navy in order to do that. It's the key to power projection.”

As far as a potential Taiwan conflict is concerned, the Sichuan – the newly-minted amphibious vessel, would be the more important “chess piece.” It’s an assault ship built to provide launch platforms for large combat drones, helicopters, and amphibious equipment, according to China’s Ministry of Defense.

“The carriers are less important for a Taiwan contingency than a lot of the other assets,” Funaiole said. “The amphibious ships are critical for that being successful.”

RADM Montgomery echoed the point, calling the new carrier group “a muscle flex and power projection,” while noting that the Sichuan and other assets would bring more concrete benefits in a regional conflict.

“The rest of their Navy [beyond the carrier group] isn't a muscle flex,” he said. “This is actually building a capability and capacity to push the United States farther and farther away from the area of crisis and contingency, whether in the East China Sea around the Senkaku [Islands] with Japan, in Taiwan, or in the South China Sea. The idea is to keep our Navy as far away as possible with a mix of missiles, aircraft, submarines, surface ships, all of that.” Those elements have been developed “at close to breakneck speed,” Montgomery said. “They've done a fantastic job of identifying, developing, resourcing and fielding a Navy air and missile force that places the US Navy and US Air Force at risk.”

U.S. Navy commanders have also warned that in the event of a Pacific war, China would be better equipped to replace lost ships – by virtue of geography and its more efficient shipbuilding. Taiwan war scenarios have shown that China would be able to absorb far heavier warship losses than the U.S.

Save your virtual seat now atThe Cyber Initiatives Group Winter Summit on December 10 from 1p – 4p ET for expert-led conversations on cyber, AI and the future of national security.

Can the U.S. turn the tide?

The White House’s April order, issued under the heading “Restoring America’s Maritime Dominance,” marked a recognition of China’s rise and a high-profile effort to reverse the erosion of U.S. shipbuilding. As The Cipher Brief has reported, the order mandates a whole-of-government push to jump-start the domestic shipbuilding industry.

The order called for the creation of an “Office of Shipbuilding” within the National Security Council, and said that within 210 days, the Assistant to the President for National Security Affairs “shall submit a Maritime Action Plan (MAP) to the President…to achieve the policy set forth in this order.”

That 210-day deadline has passed (November 5 was the 210th day), and there has been no public announcement of such a plan. The White House did not respond to requests for comment.

RADM Studeman acknowledged that even in the best-case scenario, these goals would take years to achieve, but added that he was disappointed by a slow pace of progress since the order was signed.

“I expected to see more frankly,” he said. “I think that they're incredibly good ideas that were in that directive, and unless it's going on very quietly, I haven't seen enough progress in each of the areas.”

RADM Montgomery agreed.

“I know it's expectation management, but I'm disappointed,” he said, adding that he worries that future U.S. budgets may not provide the funds he believes are needed to kickstart the warship-building industry.

“China has modernized shipyards, as have Japan and Korea, who equally outpace us,” Montgomery said. “We do not have modernized shipyards for a number of reasons. We have not properly invested in that. Our labor costs are significantly higher, and that's particularly true in shipbuilding and defense manufacturing.”

He and others hold out hope that investments and expertise from Korea and Japan will help boost the U.S. output. The authors of the CSIS report urged a blend of punitive measures against China and long-term investments in U.S. and allied shipbuilding capacity. “U.S. Navy leaders have begun intensive outreach to allies like Japan and South Korea to support U.S. shipbuilding efforts,” the report stated, “an effort that President Trump has indicated he supports. However, much work remains to be done.”

“You need basically startup VC capital to get things going on it,” Funaiole said. “And it's not just the technical part or the physical infrastructure. We also have a lack of expertise and shipbuilding in this country. And so there also needs to be personnel training investments and exchange programs with other countries as well and specialization into new areas.”

Experts agree on this much: failure to address these issues risk damage to U.S. national security.

“As tensions rise,” the CSIS report said, “leaders in Beijing may calculate that China’s superior shipbuilding capacity would be a material benefit to outlasting adversaries in a protracted military conflict.”

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Putin Sees “Useful Meetings”, the U.S. Should See a Trap Set for Inexperienced Negotiators

EXPERT OPINION / PERSPECTIVE -- Reports from Moscow suggest that U.S. representatives Jared Kushner and Steve Witkoff are “optimistic” about the prospect of results from their discussion with Kremlin officials this week. But after months of fruitless negotiations, if they are optimistic about achieving a negotiated solution to Russia’s invasion of Ukraine, they have little reason for it, given comments from Russian officials on the Moscow discussions.

If, as has been recently suggested to me, a central priority behind Kusher and Witkoff’s participation in negotiations (instead of relying on more experienced U.S. diplomats with a record of dealing with autocrats like Vladimir Putin) is to secure business deals in Russia following the conclusion of hostilities, then both the negotiations over Ukraine’s future and future business deals in Russia will prove to be fool’s errands, the former first and the latter over time. President Trump should know better and should have selected better representation for U.S. interests.

Kremlin spokesman Dmitriy Peskov described the meeting between Putin and the U.S. representatives as “very useful, constructive, and highly substantive.” At the same time, he said no compromise on a peace plan was reached. He went on to note that Russia wants peace, but only if its objectives are met and reiterated that Moscow insists on achieving the goals of its “special operation.”

Peskov’s remarks are not surprising as they are completely consistent with the narrative that Putin has pushed before and during his ill-fated invasion of Ukraine. As if to emphasize the Kremlin’s rejection of the Kushner-Witkoff mission, Putin launched one of the largest drone and missile attacks on Ukraine, probably while the U.S. representatives were still in the air flying home.

Russia’s position in this “negotiation” is absolutely clear and has been for some time: The complete elimination of Ukraine as an independent nation; the breakup of the transatlantic alliance which has been the bedrock of European security since 1945; the creation and exacerbation of political division in the United States to weaken it as a strategic opponent and create the conditions for the establishment of a multi-polar world order with Moscow and Beijing leading the autocratic anti-democratic poles and a weakened U.S. and Europe, the other pole. Success in Ukraine is key to Putin and Chinese President Xi Jingping’s strategy.

As part of the red orchestra Putin is directing to set the stage for the achievement of his objectives, he is pushing two critical narratives. The first is that Russia can achieve through military conquest the subjugation of Ukraine - the narrative that Kyiv is losing and will inevitably lose the war. Secondly, he is pushing the argument in Washington and elsewhere that Europe is undermining the Trump Administration’s efforts to achieve a negotiated solution to the conflict (however feckless and unrealistic the 28 point peace plan was/is). Putin is also using a combination of “gray zone” clandestine kinetic and lethal operations across Europe to undermine public confidence in their security at home and undermine resolve to support Ukraine and resist Putin’s ambitions. The Russian leader has executed a number of these efforts in recent years with varying degrees of plausible deniability and certainly without any retribution or consequence paid.

Not a Subscriber+Member? Let’s fix that.

At Putin’s age and at this stage of his regime, he cannot back off his maximalist objectives in Ukraine, at least not until the pain from the war is felt by Russian elites and the Russian public to the point where his house of cards starts to tumble.

Ukraine’s ability to extract maximum casualties from Russia’s marginal territorial advances in Ukraine plus the cost being paid by Ukraine’s long-range strikes against energy infrastructure and military targets in the Russian Federation start to undermine support in those constituencies for Putin’s continued governance. The plan led by Kushner and Witkoff and endorsed by Trump works against undermining support in Russia for Putin’s aggression.

So, where does that leave Kushner and Witkoff with regard to a rumored undisclosed agenda of using the negotiations as cover for post-conflict business arrangements with Moscow? Dealing with business confidence in a kleptocracy is an oxymoron. If Kushner and Witkoff have never heard of Bill Browder, they should look him up.

Browder has consistently and accurately described the risks of doing business in Putin’s Russia. He again recently pointed out these risks in the specific context of warning Trump and his representatives of the risk they are taking on. Browder’s cogent observations and the wreckage of the hundreds of U.S. and western businesses that poured into Russia after the collapse of the Soviet Union show that you can put money in but getting it out is another matter entirely.

Who’s Reading this? More than 500K of the most influential national security experts in the world. Need full access to what the Experts are reading?

Trump and his representatives seem to think they will be the exception to the Russian kleptocratic paradigm. They will not be.

One can be sure Putin and Dmitriev will be whispering all the promises into the ears of their U.S. interlocutors. Kushner and Witkoff will dutifully carry these messages back to the White House and share their pipe dream fantasies of the untold riches of being on Putin’s good side.

The only thing Putin asks Kushner and Witkoff to relay is that Trump stop aiding and supporting the two remaining obstacles to a negotiated settlement, Zelensky and the European members of NATO. End military, intelligence, and economic aid to Ukraine, Putin certainly will have said, and Ukrainian resistance will collapse speedily, and the war will brought more rapidly to its inevitable conclusion. And the U.S. certainly should be able to put enough pressure on its NATO puppets to end their futile support for Ukraine and there will be peace in our time.

The President should engage some sound and experienced counsel to provide more realistic and experienced guidance on Russian realities. The first bit of that counsel would be to remove any illusion that Putin is a man who can be trusted. Putin’s public and private comments as well as his actions over the twenty plus years he has been running the Russian Federation leave no doubt as to where he stands with regard to the West in general and the U.S. in particular.

He believes democracy and capitalism are outmoded and morally exhausted political and economic philosophies doomed to collapse. As President of the country to which Putin refers as the “glavniy protivnik” or main enemy, President Trump should realize in Putin’s mind, HE is the main enemy.

Any promises of business deals that will follow the conclusion of the Ukraine conflict will inevitably be broken by Putin and his representatives. President Trump should understand Putin wants to steal his money the most. What greater victory for Putin than to have the U.S. hand him victory in Ukraine and in the process set up the biggest theft of money from a U.S. entity in history.

A second bit of counsel President Trump might seek to provide his representatives is that it is very difficult to keep secret deals secret when you are represented by someone as manifestly incompetent and compromised as Steve Witkoff. No additional evidence needs to be provided than the leaked transcript of the call with Kirill Dmitriev in which Witkoff provides advice on how to persuade President Trump to accept the Russian proposals for the end of the conflict in Ukraine.

In addition to the naiveté of having such a conversation in the first place, Witkoff should also be advised that undertaking such actions looks a lot like he is acting as an agent of influence for the Russian Federation.

Lastly, President Trump should be reminded of former British Prime Minister Winston Churchill’s famous remarks to Neville Chamberlain after Munich, “You were given the choice between dishonor and war. You chose dishonor and you will have war.” In the context of the current negotiations Churchill might have added that a fool and his money are soon parted.

All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the U.S. Government. Nothing in the contents should be construed as asserting or implying U.S. Government authentication of information or endorsement of the author's views.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Strategic Failure on North Korea’s Nuclear Rise

EXPERT OPINION — South Korea’s Korea Institute for Defense Analysis recently publicly stated that we underestimated North Korea’s nuclear weapons program. According to their analysis, North Korea has between 127 and 150 nuclear weapons (not 50 to 60 nuclear weapons), and by 2030 they will have 200 nuclear weapons, reaching 400 nuclear weapons by 2040.

At the eighth Central Committee of the Workers’ Congress in late 2022, North Korean leader Kim Jong Un ordered the exponential expansion of North Korea's nuclear arsenal and the development of a more powerful intercontinental ballistic missile. Mr. Kim reportedly said: “They are now keen on isolating and stifling North Korea…and the prevailing situation calls for redoubled efforts to overwhelmingly beef up our military muscle.”

During this six-day meeting of the Central Committee, Mr. Kim not only called for an “exponential increase in North Korea’s nuclear arsenal”, but he also called for the mass production of battlefield tactical nuclear weapons targeting South Korea, and a new ICBM with a “quick nuclear counterstrike capability; a weapon that could strike the mainland U.S.”

North Korean leaders usually say what they plan to do. Indeed, this is the case with Mr. Kim. Not only has he apparently done this with his arsenal of nuclear weapons, but in October 2025, at the parade celebrating the 80th anniversary of the Korean Workers’ Party, the Hwasong-20, a solid fuel, mobile three stage ICBM capable of targeting the whole of the U.S., was introduced to the international community. The Hwasong-20 possibly could also be capable of launching multiple nuclear warheads at different targets, a capability that would challenge any missile defense system. So, the arsenal of ICBMs that could strike the U.S. – Hwasong-18 and 19 – has also grown exponentially with the Hwasong-20, as Mr. Kim said in 2022.

North Korea has also been working on its submarine program, to include a nuclear-powered submarine. This is in addition to its extensive work on hypersonic and cruise missiles, all representing a challenge to any missile defense system.

North Korea is also developing a second-strike capability, with programs to ensure the survivability of some of North Korea’s nuclear weapons and the progress North Korea has made with solid-fuel mobile ICBMs and nuclear-armed submarines, providing a mobile launch platform. Moreover, North Korea’s doctrine for the use of nuclear weapons has changed to a preemptive, first use of nuclear weapons if a nuclear attack against the leadership or command and control systems is imminent or perceived to be imminent.

Russian President Vladimir visited Pyongyang in June 2024, when he and Mr. Kim signed a mutual defense treaty, part of a “Strategic Comprehensive Partnership” between Russia and North Korea, ratified in November 2024. Article 4 of the treaty states that should either nation “put in a state of war by an armed invasion, the other will provide military and other assistance with all means in its possession without delay”

In October 2024, NATO claimed North Korean soldiers arrived in Russian Kursk Oblast to join Russian forces in its war of aggression with Ukraine. Additionally, North Korea was providing Russia with artillery shells and ballistic missiles. That assistance to Russia continues.

In return, it’s likely that in addition to energy and food assistance, Russia is providing North Korea with assistance with its satellite and ballistic missile programs and, also, with its nuclear program. Indeed, Russia could help with North Korea’s nuclear-powered submarine program, especially with the design, materials and components for such a technically challenging program.

North Korea’s mutual defense treaty with Russia, and its participation in the war with Ukraine, was a major failing of the U.S. and South Korea. We should have seen movement in this direction and did more to prevent it from happening. Of course, there is irony in Russia now saying North Korea should have nuclear weapons when in the Six Party Talks with North Korea, Russia, with China, Japan, South Korea and the U.S., was in sync arguing that North Korea should not have nuclear weapons.

North Korea’s nuclear and ballistic missile programs are an existential threat to the U.S. and its allies. Our past policy to “contain and deter” North Korea and to be “strategically patient” with North Korea didn’t work. They failed, as evidenced by North Korea’s robust nuclear and ballistic missile programs and their allied relationship with Russia – and China. Indeed, efforts should be made by the leadership in the U.S. and South Korea to get Mr. Kim to reengage, especially with President Donald Trump.

As South Korean President Lee Jae Myung said, North and South Korea are in a “very dangerous situation” where an accidental clash is possible at any time.

This column by Cipher Brief Expert Ambassador Joseph DeTrani was first published in The Washington Times

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Second Strike, No Survivors: The Legal and Political Questions Around Trump’s Narco-Boat Killings

OPINION — “As we’ve said from the beginning, and in every statement, these highly effective strikes are specifically intended to be ‘lethal, kinetic strikes.’ The declared intent is to stop lethal drugs, destroy narco-boats, and kill the narco-terrorists who are poisoning the American people. Every trafficker we kill is affiliated with a Designated Terrorist Organization.”

That was part of a message from Defense Secretary Pete Hegseth last Friday evening on the social platform X, commenting on an earlier Washington Post story that alleged Hegseth had verbally ordered defense officials to “kill everybody” traveling on a narco-trafficking boat September 2. That was the first of 21 boats struck and sunk since then by U.S. military units – actions which have killed 83 people.

According to last week’s Post story, that first September 2, missile strike hit a so-called narco-trafficking boat carrying 11 passengers, but left two survivors clinging to the wreckage. The Post story then reported for the first time that a second strike was ordered by Adm. Frank "Mitch" Bradley, who was at the time, head of Special Operations Command and was the commander in charge of the operation.

In his Friday message, apparently referring to The Post article, Hegseth wrote, “As usual, the fake news is delivering more fabricated, inflammatory, and derogatory reporting to discredit our incredible warriors fighting to protect the homeland.”

Hegseth went on to write that the attacks have been “lawful under both U.S. and international law, with all actions in compliance with the law of armed conflict,” positions already being criticized and questioned before last week’s Post story.

On Sunday, President Trump on Air Force One said, “He [Hegseth] said he did not say that [the order “kill everybody”], and I believe him, 100 percent.”

Yesterday, White House Press Secretary Karoline Leavitt, said “Secretary Hegseth authorized Adm. Bradley to conduct these kinetic strikes,” and that “Adm. Bradley worked well within his authority and the law to ensure the boat was destroyed and the threat to the United States of America was eliminated.”

A good question is who was in the room when Adm. Bradley gave that order?

What national security news are you missing today? Get full access to your own national security daily brief by upgrading to Subscriber+Member status.

The second strike issue has also put a spotlight on President Trump’s threat policy toward Venezuela and its leader, Nicolas Maduro.

I describe it as a threat policy because Trump’s been unclear whether he just wants Maduro out, or plans for the U.S. to take over Venezuela and install a new government in Caracas.

Since August, a possible U.S. invasion force has been built up in the Caribbean, and over the past weeks Marine, Navy and Air Force elements have carried out well-publicized military exercises. Trump last week threatened to attack Venezuelan land-based drug facilities, and he disclosed on Sunday, that he had spoken to Maduro.

Press reports claim Trump offered free passage if Maduro left Venezuela, but indications are that the latter did not accept the offer. A Trump-led White House meeting on Venezuela was scheduled for 5 p.m. yesterday with the President’s top national security aides.

Let’s pause for a moment.

President Trump has not yet explained his strategy, or the specific purpose or plan, for the built-up U.S. Caribbean military forces. He has talked about stopping drugs from entering the U.S., often claiming – with no proof – that each narco-boat destroyed saves 25,000 American lives.

It’s no real war on drugs in the U.S. since it has no domestic element, and even the foreign side is flawed as illustrated by Trump’s surprise pardon offer last Friday to former-Honduran President Juan Orlando Hernández.

Based ironically on an investigation begun during Trump’s first administration, Hernandez was convicted and sentenced last year to 45 years in prison. Prosecutors described him as a “violent, multi-ton drug trafficker” who allegedly abused his political connections for personal and political gain and at least twice “helped arrange murders of drug trafficking rivals.”

Nominations for outstanding leaders in national security and intelligence are now open for the 2026 Cipher Brief Honors Dinner. Find out more here.

Meanwhile, up to now Congress has yet to hold a public hearing focused on the Caribbean buildup or the Venezuelan situation. However, this second-strike killing of the two September 2 survivors has brought new attention and concern to the legal questioning of the Trump administration’s killing of narco-traffickers.

Harvard Law School Professor Jack Goldsmith last Friday pointed out in his Executive Functions platform that the Defense Department’s own Law of War Manual says, “it is also prohibited to conduct hostilities on the basis that there shall be no survivors, or to threaten the adversary with the denial of quarter. This rule is based on both humanitarian and military considerations. This rule also applies during non-international armed conflict.”

Last Friday, Sens. Roger Wicker (R-Miss.) and Jack Reed (D-R.I.), chairman and ranking Democrat on the Senate Armed Services Committee, released a joint statement saying their committee “is aware of recent news reports and the Department of Defense’s initial response regarding follow-on strikes on suspected narcotics vessels in the SOUTHCOM area of responsibility.”

As a result, the two Senators said, “The Committee has directed inquiries to the Department and we will be conducting vigorous oversight to determine the facts related to these circumstances.”

Their notice comes on top of a letter sent November 24, to Attorney General Pam Bondi and Hegseth by Democratic Senators on the Armed Services Committee, seeking “expeditious declassification and public release of the Department of Justice Office of Legal Counsel’s [OLC] written opinion, dated September 5, 2025, concerning the domestic and international legal basis for recent military strikes of certain vessels near South America and the Caribbean, with appropriate redactions necessary to protect military personnel and sensitive intelligence matters.”

The 13 Senators pointed out, “Few decisions are more consequential for a democracy than the use of lethal force,” and noted as precedent that “after the United States carried out military strikes in Libya in 2011, and in Syria in 2018, the Department of Justice released the applicable OLC opinion justifying each operation.”

On Saturday, the House Armed Services Chairman and ranking Democrat. Reps. Mike Rogers (R-Ala.) and Adam Smith (D-Wash.), issued their own statement saying their committee is “committed to providing rigorous oversight of the Department of Defense’s military operations in the Caribbean,” and “we take seriously the reports of follow-on strikes on boats alleged to be ferrying narcotics in the SOUTHCOM region and are taking bipartisan action to gather a full accounting of the operation in question.”

With both Republican-chaired committees on record opening inquiries into the narco-boat attacks, and President Trump threatening new land attacks on Venezuela, it is not clear what happens next.

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

What Trump has done is put out statements on Truth Social such as the one last Saturday, “To all Airlines, Pilots, Drug Dealers, and Human Traffickers.” They are to “please consider THE AIRSPACE ABOVE AND SURROUNDING VENEZUELA TO BE CLOSED IN ITS ENTIRETY.” Most international commercial flights had been cancelled more than 10 days ago after the November 21, U.S. Federal Aviation Administration warning of the risks of flying over Venezuelan airspace,

What is all this Trump messaging supposed to mean? And is this a way a serious U.S. President should be conducting foreign policy?

As I and others have pointed out, there has been unease indicated within the Defense Department since these unprovoked killings began. In mid-October, SOUTHCOM Commander Adm. Alvin Holsey announced his early retirement on December 12 – little more than a year after he assumed the position. Holsey has yet to disclose his reasoning, but the New York Times reported that he had raised internal concerns about the attacks on the boats.

In November, NBC reported that a senior SOUTHCOM Judge Advocate General in August, before the strikes began, had raised whether they would be legal, and that he was later sidelined.

We also have had President Trump’s social media outbursts beginning November 20, against Sen. Mark Kelly (D-Ariz.) and five other Members of Congress, each of whom had served in the military or CIA, for their video reminding military personnel that they “can refuse illegal orders.” Trump at various times called what they had done “Seditious Behavior” that was “punishable by death.”

Hegseth, last Tuesday in a memo to the Navy Secretary John Phelan, described Kelly’s participation in the video as “Potentially Unlawful Conduct,” and asked for it to be reviewed for “consideration and disposition as you deem appropriate.” As a retired Navy officer, Kelly could be ordered back on active duty and face a court martial trial. But Hegseth, having apparently left it up to Phelan and the Navy to carry out, made it highly unlikely that anything more than an inquiry will ever take place.

While all these activities are taking place today, I want to also record a bit of history surrounding Operation Southern Spear, which Secretary Hegseth announced November 13, “as a new, formal military and surveillance campaign,” with a goal “to remove ‘narco-terrorists’ from the Western Hemisphere and secure the U.S. homeland from illicit drugs.”

In fact, Operation Southern Spear had its roots in the Biden administration and was officially announced by the U.S. Navy 4th Fleet on January 28, 2025, as “a heterogeneous mix of Robotic and Autonomous Systems to support the detection and monitoring of illicit trafficking while learning lessons for other theaters.” In a press release, the 4th Fleet said the operation was an evolution of the Navy’s previous operation dubbed Windward Stack, begun in 2023. It added, the results of Operation Southern Spear “will help determine combinations of unmanned vehicles and manned forces needed to provide coordinated maritime domain awareness and conduct counternarcotics operations.”

In a July 2, 2025, announcement, the Navy said SOUTHCOM and 4th Fleet have launched Operation Southern Spear which “will involve un-crewed surface vessels that can stay at sea for extended periods, small robotic interceptor boats, and vertical take-off and landing un-crewed air systems. These will combine with manned forces to help provide coordinated maritime domain awareness and conduct counternarcotics operations.”

I doubt that the originators of Operation Southern Spear foresaw it as a human killing program.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Kremlin's Kill List: Inside a Culture of State-Sponsored Murder

EXPERT OPINION / PERSPECTIVE — The 2024 spy swap between Russia and the West exposed a brutal truth: Moscow still treats innocent civilians as bargaining chips, and killers as heroes. In the deal, Russia forced multiple governments to trade convicted Russian intelligence officers, including an SVR “illegal” couple arrested in Slovenia, in exchange for Western citizens that the Kremlin had deliberately entrapped. But the real prize for Russian President Vladimir Putin was Vadim Krasikov, the FSB assassin who was convicted by a German court for murdering Chechen exile Zelimkhan Khangoshvili in Berlin in 2019. Through years of negotiations, including those aimed at freeing Wall Street Journal reporter Evan Gershkovich, Krasikov’s release remained a non-negotiable demand from Russia.

When the swap finally happened, Putin greeted Krasikov on the tarmac with a public embrace, an extraordinary display of presidential affection for a convicted murderer. Days later, the Kremlin confirmed his FSB status, praised his “service,” and even highlighted his past role as a presidential bodyguard. Putin’s message to his security services—and to the world—could not have been clearer: if you kill for Putin’s regime, the regime will protect you. Killing for the regime has always been a mission for Russia’s intelligence services (RIS).

State-directed murder was long embedded in the mission and culture of the RIS and their predecessors. The practice predates the Soviet Union, reaching back to the Czarist Okhrana, which routinely hunted down dissidents when exile to Siberia failed to silence them. After the 1905 revolution, Czar Nicholas II unleashed a wave of retributive assassinations that set a precedent for the violence institutionalized by the Cheka and later the KGB. He became known as “Bloody Nicholas.” The state security “organs” (as they are still known in Russia) elevated assassination into a professional craft, giving rise to the notorious phrase in Russian: vishaya mera nakazaniya — the highest measure of punishment. The term still carries its original meaning and dreaded connotation: death at the order of the state, whether by trial or extrajudicial killing.

There were many examples both at home and abroad for Soviet citizens to be afraid. Stalin’s plot to kill his arch-rival and fellow revolutionary, Leon Trotsky, was decades in the making and ended with an ice pick to Trotsky’s head while he was in Mexico City. His assassin, Ramon Mercader, was awarded the title Hero of the Soviet Union when he was released from prison and arrived back in the USSR.

Secret institutes like the infamous “Poison Factory,” known in the KGB as Laboratory 1 or “kamera” (for “the cell”), were set up during the early years of the Cold War to study chemical and biological agents that could be used to murder quietly. Laboratory 1 specialized in refining special toxins, like the ricin pellet the KGB provided to their Bulgarian allies, and used in the infamous assassination of Bulgarian dissident Georgi Markov on a London bridge in 1978.

Today is no different. Some assassinations are believed to be directly ordered by Putin in what the Russians call “direct action” (pryamoye deistviye, also known colloquially as mokroe delo, or wet work), while others are believed to be carried out with his implied approval. Poison factories continue to function inside of Russia. Today, the FSB uses a modern “kamera” which helped refine the nerve agent Novichok for use against the defector Sergei Skripal in the 2018 Salisbury UK attack. It was the same agent used against Russian Opposition leaders Alexei Navalny in a failed assassination attempt, prior to his death in a remote Russian prison, also likely wet work at the hands of the FSB.

Why does Putin let his Chekist assassins use such a well-known, state-only produced chemical weapon like Novichok to kill defectors or dissidents? The answer: because he wants the world to know the RIS were behind the attacks and that the tradition of the “highest measure” continues. Otherwise, he could certainly have his hitmen use a gun, ice pick, or other more deniable method. There is a track record now for decades, going back to the FSB defector Alexander Litvinenko and his death from polonium in the UK. The RIS will not hesitate to murder any intelligence or military defectors that the RIS can find and reach in the West. The lack of a formidable response from the UK and the U.S. to the Litvinenko poisoning only emboldened Putin and his henchmen (one of the assassins, Lugavoy, was praised so highly within Russia that he was eventually elected to the Russian duma).

Save your virtual seat now atThe Cyber Initiatives Group Winter Summit on December 10 from 1p – 4p ET for expert-led conversations on cyber, AI and the future of national security.

The Russian Record of Killing their Own: Disincentivizing Dissent

Putin and his RIS siloviki want all of their officers to know that the price for treason is death, and they don’t care what government may be offended or what international laws are broken. Otherwise, the incentive for those officers to betray Russia’s corrupt services and look to a better life for themselves and their families is too high. It matters not whether the execution is ordered by a secret court, or carried out on the street, the RIS consider it within their purview to decide how and when.

Two historical points illustrate this as practice within the RIS. For decades of the Cold War, and after, the rumor proliferated within the KGB and GRU that one or both of the first GRU spies to work for the United States, Pyotr Popov and Oleg Penkovskiy, were executed by being thrown into a furnace alive. Popov was uncovered and executed in 1960. Penkovskiy was arrested and executed in May 1963 after the vital role he played in providing intelligence to the United States during the Cuban Missile Crisis.

The practice during that time period, carried over from Stalin’s purges, was more likely a bullet to the back of the head up against a wall at the infamous Lubyanka prison. But the rumor, which was spread to the West by GRU defector Viktor Suvorov, was effective and garnered a lot of attention within the services; it still does. It was purposely spread, and taught, and continues to be, at the KGB Andropov Academy through the 1980s, now known as the modern SVR Foreign Service Academy (what they call the AVR). The same rumor is taught to officers at the GRU Military Diplomatic Academy. Defectors have confirmed for years that this rumor is whispered among classes at the academies, and as a warning against dissents—“you want to be thrown into a furnace alive, shut-up you idiot!” The very idea of being burned alive in a furnace is hard for young officers to forget.

There is another example from Cold War history that illustrates the same point. In 1985, the so-called “year of the spy,” while crypto-spy John Walker and his family ring were uncovered and arrested, CIA officer Ed Howard defected to Moscow, and many other espionage incidents took place. CIA traitor Rick Ames gave his “big dump” of classified holdings to the Soviets. Ames offered up roughly a dozen different U.S. cases to the Soviet services, including many penetrations of the KGB and GRU. Most of those assets were executed in short order, sending up a giant “CI flag” of counterintelligence warning to CIA/FBI and the entire U.S. intelligence community that something was amiss. A major mole hunt, which unfortunately took nine years, eventually led to Ames’ arrest. Ames himself commented after his arrest that he was astounded that the KGB/GRU had killed so many assets: why not keep them running as controlled cases, at least for a time, in order to protect him? It was an unprecedented, even reckless reaction.

Why did they do it?

The answer, as some senior Russian officers including former Line KR (kontrarazvedka or CI) Chief Viktor Cherkashin would later confirm (he wrote a book that was translated in the West) was that the Soviet services had no choice. The KGB and GRU had to take drastic steps to stop the flood of espionage and leaks in the Soviet services—too many traitors! An example had to be set.

Cherkashin would know since he ran both Ames and FBI spy Robert Hanssen when he served in the Washington D.C. Residency (station) of the KGB. Reportedly, the issue went to the highest ranks of the KGB/GRU and then on to the Central Committee of the Communist Party. For all their feared security prowess in the Soviet Union, the vaunted KGB had no idea that the CIA was running so many cases under their noses, literally, in Moscow and around the world. Since their own counterintelligence, the 2nd Chief Directorate of the KGB, had failed so miserably, the decision was made to execute them all (or nearly all, a previous few escaped death in the Gulag). There had to be a hard line drawn for the tens of thousands of other Soviet intelligence officers not to betray the regime - the highest measure would be the warning.

Murder by Order or Murder to Impress the Boss?

The FSB is no less of a counterintelligence failure than their KGB predecessors. They cannot turn the tide against the U.S., our intelligence services, and those of our allies. Instead they arrest innocent civilians like those used to barter for the 2024 swap. That is why Putin likely continues to order death to all intelligence defectors. That is why he will greet a killer like Krasikov at the airport in Moscow in front of the cameras. But Putin’s RIS don’t just kill defectors and Chechen separatists. The RIS were almost certainly behind many political hits in Russia like Navalny, Boris Nemtsov and many others “falling out of windows” from Putin’s own government in recent years. Here it is important to recall that under President Yeltsin, Russia abolished the death penalty. So what were once judicial executions, ordered by the state, have become extra-judicial killings in the Putin era. But for the RIS, there is no distinction.

There have been many assaults and killings of journalists like Anna Politkovskaya. The question often arises—does Putin know about and order all of these murders? Perhaps, but there may be something else at play as well, an effort to impress “the boss.” This could also explain some of the more reckless acts of sabotage playing out in Europe at the hands of the RIS. Mafia families work in the same way - they surprise the boss with new income streams or take out a threat to the family with a hit, to earn one’s “button” and become a “made man.”

Indeed, the RIS function within mob-like cultures, fostered by patronage relationships, and corruption at every level. Officers are encouraged to pay bribes up the chain of command, and frauds of all kinds at every level infect their services. Putin has no doubt told aspiring leaders in the SVR, GRU and especially the FSB, his favorite service, to surprise him with new and inventive operations meant to hit back against the West, particularly regarding Ukraine. This has led to a cascading series of actions by the RIS, including sabotage, exploding parcels, and, yet again, like earlier in their history, attempted assassinations. The most brazen plot uncovered so far was the GRU plot that was unraveled in Germany in 2024 to assassinate the CEO of Rheinmetall, a leading provider of arms to Ukraine. GRU unit 29155 is likely behind that plot, just as they were behind the Skripal attack, and others.

The RIS attack dogs in Putin’s services are simply continuing a tradition of state-directed violence. Yet in the West, we often hesitate to assign blame, waiting for courtroom-quality evidence. But the evidence is already written across decades of Russian intelligence tradecraft, and reinforced by independent investigations.

Open-source teams like Bellingcat have repeatedly identified the GRU and FSB officers behind some of Moscow’s most feral operations - from the Skripal poisoning in Salisbury to the attempted assassination of Alexei Navalny. Still, conclusive proof of Kremlin authorization often appears only when an insider defects with hard intelligence. Those who contemplate such a step know they will be protected and given a new life in the West. They also know the stakes, however, if caught.

The absence of courtroom proof in every case of murder, poisoning, or a fall from a window should not silence the West. Putin’s record speaks for itself. His regime has presided over the killings of journalists, opposition figures, exiles abroad, and tens of thousands of Ukrainian civilians. He operates as a modern bloody czar, no different in impulse from Nicholas II—ordering assassinations, reprisals, and revenge killings with impunity. And the pattern is escalating. It is only a matter of time before Russian intelligence pushes further, testing its reach against U.S. and allied targets. The warning signs are unmistakable. The question is no longer whether the threat exists, but what the West intends to do about it.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

‘Mind-Blowing’ Pentagon Overhaul Will Reshape Acquisition

FEATURED INTERVIEW — As the Pentagon undertakes its most ambitious overhaul yet of how it acquires new warfighting capabilities, Silicon Valley entrepreneurs are weighing in on whether the modernization effort can happen quickly enough to bring the U.S. up to speed with China in a time of rapid technological development.

When the overhaul was announced earlier this month, Secretary of War Pete Hegseth said the reforms aims to dramatically accelerate how the Department buys and fields new capabilities and that the changes are specifically aimed at cutting bureaucracy, rewarding rapid development, and pushing defense primes to invest more of their capital in new capabilities.

In the weeks since the announcement, the U.S. Army has shared details on how it will reform its service-level acquisition process. Part of the change involves consolidating the service’s program executive offices (PEOs), which are responsible for buying new weapons, into six new offices called “portfolio acquisition executives” (PAEs). Plans also include the creation of a new office to rapidly field and scale emerging technologies. Similar initiatives are in the works at the other services.

Measures like these have been championed by the private sector, which has traditionally on the cutting edge of innovative capabilities for decades. Cipher Brief COO & Executive Editor Brad Christian caught up with Entrepreneur and Stanford Professor Steve Blank, who recently published a Department of War Program Executive Office directory to help entrepreneurs better navigate the current complicated system for selling to government. Their conversation has been lightly edited for length and clarity.

Steve Blank

Steve Blank is an adjunct professor at Stanford and co-founder of the Gordian Knot Center for National Security Innovation. His book, The Four Steps to the Epiphany is credited with launching the Lean Startup movement. He created the curriculum for the National Science Foundation Innovation Corps. At Stanford, he co-created the Department of Defense Hacking for Defense and Department of State Hacking for Diplomacy curriculums. He is co-author of The Startup Owner's Manual.

THE INTERVIEW

Christian: Describe your initial reaction to the Pentagon's somewhat surprise announcement that it was overhauling its acquisition process.

Blank: It was mind blowing. It was mind blowing not because anything the Secretary said was new; these are things that people who are interested in acquisition reform have been asking for the last 10 years. But it was put in a single package and was clearly done by the infusion of people who have actually run large businesses and were used to all the language of organizations that already know how to deliver with speed and urgency.

The part that didn't get said, is essentially that the Department of War wants to adopt startup innovation techniques of lean iteration, pivots, incremental releases, good enough delivery, and that gets you what the Secretary asked for, which was speed of delivery. But all those are things that we've lived with in Silicon Valley for the last 50 years. And it wasn't until we had people who worked outside of buildings with no windows inside the Pentagon to understand that those techniques could actually be applied. And it required blowing up the existing system. And they did that spectacularly well. There are very few holes in these proposals.

Save your virtual seat now for The Cyber Initiatives Group Winter Summit on December 10 from 12p – 3p ET for more conversations on cyber, AI and the future of national security.

Christian: Obviously the Pentagon procurement system is a product of decades of bureaucracy and rules. Are you hopeful that you're going to be able to see the kind of change in the rapid timeline that they've laid forth here?

Blank: Number one, this is a pretty extensive reorganization. Right now, the Department of War is siloed between requirements and system centers for testing and prototyping and acquisition, which was the acquisition with a small A with the PEOs and program managers, and then it went to contracts and then it went to sustainment, et cetera.

Those were silos. Now we're putting it all underneath a single portfolio acquisition executive. So, instead of making their offices 10,000 people, it's actually a matrix organization, much like a combatant command is. Most of those people will stay in their existing organizations but now be tasked to work on specific portfolios. And the portfolios will no longer be arranged by weapons system. They're going to be arranged, for example, by war fighting concepts or technology concepts, et cetera.

That said, boy are they trying moving an elephant and make it dance. And at the same time, they recognized - this was one of the genius parts - that people won't just get a memo and know what to do. Historically, they've depended on the Defense Acquisition University, which taught contracting officers and the rest, how to work with the 5,000 pages of the DFAR and FAR, Federal Acquisition, Defense Acquisition Regulations. One of the unnoticed things was that they basically told the Defense Acquisition University, to stop teaching what they're teaching today, recognizing that they need to teach people this new methodology. That's not going to happen by telepathy.

First of all, we need to train the trainers, then we need to train all the people who've grown up in their career following the paperwork. I predict six months or a year of chaos and confusion. And there are always saboteurs in a large-scale reorganization who are angry that their cheese has been moved or worse, their authority has been diminished or their head count went somewhere else. This is going to be no different except maybe at a bigger scale.

In the end, if we pull this off (and I'll explain the only possible reason not to do this) the country will be much better for it.

The other obstacle will be if you're on the board of directors and the executive staff of a prime, you're going to go through the 12 stages of denial and grief and whatever because I don't know how many times both Deputy Secretary of Defense Steve Feinberg and Secretary Hegseth made it clear that the primes weren't delivering and they weren't investing in the things the country needed and they got used to the system and we were kind of mutually dependent on a broken system - and that's over. Well, you're not going to let your stockholders say you just went home and packed up. Obviously, it's pretty clear that appealing to the Pentagon isn't going to work, but Congress is “coin operated”. This is now going to be a race of lobbying cash from the primes versus lobbying cash for the first time from private equity and venture capital. So it's going to be, who has the biggest pile of cash to influence Congress and the executive branch to keep these rules in place or modify them?

Remember what a disaster this is if you're an existing large company selling to the DoD. It says number one, we're going to buy commercial off the shelf. Number two, we're going to buy commercial off the shelf and then modify it. If and only if either one and two work, we will do some bespoke contracting with the existing organization. It's never happened before. Pretty clear, pretty direct. So, the easy thing would be for primes to change their business model. But my prediction is they're going to double and triple down on the amount of lobbying and dollars spent.

Christian: In addition to the lobbying are we going to see consolidation? A major prime, like you said, isn't going to just pack up their bags and go home. Are they just going to start scooping up all of the small commercial providers?

Blank: In the space segment, they were already doing that. And in fact, were told to kind of stand down and that these things needed to flourish. You have to remember that primes and corporations are companies. Their number one priority, at least in their heads, is no longer national interests, it's the shareholders and returns and revenues and profits. That's the nature of capitalism. The problem here is that the Department of War said, 'Well, that's nice, but we're not getting what we need out of that. Send a note to your shareholders that life's about to change'. That's going to create a lot of conflict - with a lot of money involved - in trying to bend the rules back.

And just as an aside, the primes aren't useless. You don't want them to go out of business. No startup is building an aircraft carrier or a joint strike fighter. We can make the argument of whether we should anymore, but that's secondary. That level of complexity and skill set is just not built yet. Maybe the Andurils and others will get there in another five years, but they're not there yet. And so, waving a wand and making the primes go away completely is equally inane as saying we could depend on startups for everything that the Department of War needs.

But the balance of power, at least as the secretary and deputy believe, is that we need to be building things faster and delivering them faster and on time. And we're going to look for alternate sources. That's just a mind blower. So, as I said, I see six months to a year of confusion as this reorganization happens and people come and go as they establish who's in charge, what the rules are, et cetera.

The only good thing about making this happen is in a normal administration, the administration would wait for Congress's approval. I've not seen that happen in many of these cases with this administration. And in this case, it might actually be good for the country. Time will tell.

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Christian: You referenced decades of Silicon Valley's experience with iterating and moving quickly. One of the threats and one of the actual challenges that a country like China poses to America is they have a top-down autocratic government that doesn't change every four years. That presents a unique challenge to the Pentagon that Silicon Valley doesn't know, or the private sector doesn't necessarily have. How much of a risk is there for the next administration to come in and potentially change everything? And then, if you're one of those big primes, are you baking that into your long-term planning that this might shift in a measurable way in the future? Or do you think these changes are going to be something that is so overwhelmingly positive that future administrations have to stick with it?

Blank: Well, if you were asking me this three years ago, I would have said you should get all this done now because it's going to be flipped back in three years. What's different now though, is the amount of capital available for startups, scale-ups, and private equity firms that can match or overpower the lobbying efforts of the primes. So as I said, both the executive branch and Congress are coin operated, even more so now than ever. And for the first time ever, the insurgents have as much or more coin than the incumbents. That's what's going to change this game.

So yes, a Democratic administration or another Republican one might have a different opinion. But in this case, we're talking about piles of money flooding the streets of Washington D.C. to try to change the game. Think about who is now sitting in the cabinet and in other places where we're seeing people with commercial experience for the first time ever at scale, inside the executive branch for sure and inside the Department of War which changes the nature of the conversation and as we're seeing - the types of things they're recommending. It wasn't that people didn't recognize this before. It was kind of hard to explain this to people who had never run a business or who have been career successful. I've said for years, we had world class organizations, world class people for a world that no longer existed.

Finally, we have people who understand what that world should be like because they've been operating in it. Secretary Feinberg has been writing checks for tens of billions of dollars- buying aircraft carriers, okay, he’s written those kinds of checks before. Tell me who else has ever been in that position.

Again, it's not that the DOW should run like a corporation or a startup, but having that experience sets a bar for what you know is possible for doing extraordinary things. It's what this country knew how to do in World War II and during the Cold War, and we just kind of lost it when Robert McNamara, ex-chief financial officer of Ford, put in the first version of the Planning, Programming, Budgeting and Execution System (PPBE) in 1962. We've been operating on that system for 63 years, or some variance of it.

Basically, he imposed a chief financial officer's strategy on budgeting and planning, which made sense at the time. It stopped making sense about 15 years ago, but no one inside the building knew what to do differently. That's changed.

There was also one set of announcements that kind of flew under the radar, and that was that the policy organization in the DOW lost three organizations to acquisition and sustainment (A&S). I think Elbridge Colby runs that group and it went to A&S. So all the foreign military sales and all the policy stuff kind of disappeared overnight. I don't know what the talking points will be, but the optics aren't great for policy. That's number one.

The second thing that got buried in the memo and I'm not sure it was in the speech, but this new Economic Defense Unit (EDU) I think has taken over the office of strategic capital. And I think that's good given what the agenda is, which is that we're essentially using the whole of nation approach to decouple from China and not only invest in critical minerals but in the other parts of the ecosystem that we need as well, everything from batteries to drone motors to whatever. So we can operate independently. Scaling that unit up was strategically as important.

This was an acquisition announcement, but watching all these other moves are really smart chess pieces at scale, not just nibbling around the edges, but at scale. And I think paying attention to the other moves that are being made inside the DOW, you'll at least understand the master chess game that they're at least trying to implement. It's pretty smart.

Christian: You've done incredible work recently with helping people understand and navigate his environment in ways that perhaps were difficult for people to understand before. What are you going to be looking for next and what are you potentially going to be working on as a result of these changes?

Blank: I think you're referring to the PEO directory that I wrote, which is about 300 pages long. It’s the first phone book for the Department of War with a 30 page preamble of go-to-market strategies. I literally have started rewriting it and it's now going to be called the Portfolio Acquisition Executive Handbook and now it's going to explain how PAEs work and what the silos looked like before and how each service is reorganizing.

For example, the Army likely will condense 12 PEOs into six portfolios and make major shifts, this month or certainly by the end of the year. And the other services will follow. I think the Army is a little ahead of everybody else. But having a phone book to actually explain who's who and what they're supposed to be doing.

As I said, it will be six months to a year of chaos and I think having some kind of handbook that at least shows you where things are heading and who are the new people to call on would be helpful. So that's what the Stanford Gordian Knot Center for National Security Innovation is doing.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

A Real Life Example of Russian Information Operations

EXPERT PERSPECTIVE — In January of 2018, I was involved in organizing and supporting the visit of General Aleksandr Bortnikov, and Sergey Naryshkin, the heads of the Russian Federal Security Service (FSB) and Foreign Intelligence Service (SVR), respectively, to Washington D.C. to discuss counterterrorism cooperation.

Interestingly, Bortnikov and Naryshkin did not travel at the same time, indicating to me that there was no love lost between the two. The SVR delegation arrived first, spent one day meeting with the leadership teams of the Central Intelligence Agency (CIA) and the Director of National Intelligence (ODNI), then departed the next day before Bortnikov and his delegation arrived. Contrary to the wild claims made by some U.S. politicians and journalists after the visit, the head of the Russian Main Directorate of Intelligence (GRU) of the Ministry of Defense (MoD) did not travel to the U.S. in January of 2018, and the SVR and FSB delegations did not have any other official or unofficial meetings with U.S. officials. Also, the visits were fully coordinated within the U.S. Government’s Interagency.

Because these visits were part of the U.S. Administration’s “Intelligence Diplomacy” efforts, the U.S. and Russian sides both agreed that there would be no public or official statements about the meetings, nor would there be any organized media coverage of the visits.

After meetings with the DNI and CIA, Naryshkin had dinner plans with the then-Russian Ambassador to the U.S., Anatoly Antonov. And on the day of his departure from the U.S., Naryshkin advised a representative of the U.S. side supporting the visit that he and Antonov chose to have dinner at a quiet restaurant in Georgetown and that while dining together, a Russian journalist “happened” to be in the same restaurant at the same time, saw Naryshkin, and would “probably write a story” about his visit.

In delivering this news, Naryshkin claimed that he had no control over what the journalist would say or write and, sure enough, soon after his plane departed, there were media reports circulating in the U.S. about Naryshkin’s visit. The initial story came from a source in the Russian media, and was picked up by multiple U.S. and International media outlets. But the reporting included false claims, like “Naryshkin and Bortnikov were joined in the U.S. by the head of the GRU General Igor Korobov." Some reporting implied that the visits were not coordinated within the U.S. Government and suggested that it was possible that the Russians had also met with officials from the White House and the National Security Council (NSC) — all insinuations that were meant to undermine the U.S. President at the time.

Of course, the SVR was aware of the deep political sensitivities in the U.S. related to all-things Russia at the time and they knew that Trump himself was still dealing with the fallout of the “Russia Collusion” narrative that had been created and promoted by political opponents during the 2016 Presidential election. Naryshkin used the opportunity presented by his visit to “leak” information about the visit itself and to exploit existing domestic problems in the U.S., knowing that would further inflame suspicions about the U.S. President and undermine both the President and confidence in the U.S. system. There is no doubt that Naryshkin’s boss, Russian President Vladimir Putin was aware of this information operation in advance and authorized it.

I refer to this action by the Kremlin as an “information operation” because to my knowledge, the SVR did not disseminate any false or distorted information directly when Naryshkin leaked news of his visit. However, it is very possible that this was part of what the Russians called an “operational combination” in which additional aspects of SVR operations could have involved seeding false information using clandestine sources in the U.S. media space - to amplify the narrative.

For example, it is possible that the Russians would used their sources to pass information to U.S. or Western journalists that led to a lot of the false claims about the GRU Director’s presence in the U.S. at the time and allegations of a "secret meeting" between the U.S. President and Russian Intelligence officials. Of course, it is also possible that the Russians did not have to seed this type of information and instead, simply benefited from the fact that Trump’s opponents were looking to seize on any tidbit of information to attack the President and were not beyond distorting facts or promoting falsehoods to advance their own political agendas.

Information Operations are designed to play on the emotions, fears, prejudices and pre-existing beliefs of their target audiences. They are much more successful when target audiences do not apply critical thinking skills and approach receiving information with a level of objective discipline.

Disinformation is used by U.S. adversaries to fuel divides between Americans. Find out how to spot it in this public service message from The Cipher Brief

In the case cited above, the Russians most likely assessed that “leaking” news of the visit of their Intelligence officials to the U.S. would play to the fears and political biases of certain portions of the U.S. audience and result in an emotional or politically charged response.

Unfortunately, the Russians likely got a great deal of benefit from a small investment of effort because elements of their target audience overreacted, giving the operation greater impact than it would have had if some targets of the effort had simply responded objectively, asked good questions about the news and purpose of the visit and taken the time to understand that the visit had been pre-cleared and coordinated within the U.S. Government “Interagency” system and was not unlike other visits by Russian Intelligence and Security officials to the U.S. during previous presidencies.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

The U.S. Needs to Restore Deterrence Credibility Against Putin

OPINION — President Donald Trump’s 28-point peace plan is a humanitarian attempt to halt the killing and destruction in Ukraine, although Russia’s President Vladimir Putin may view the peace plan as an attempt to appease Russia. Since Russia’s invasion of Georgia in August 2008, the U.S. and its NATO allies have not been able to deter an aggressive Russian Federation.

When Russia invaded Georgia in 2008, this was a clear signal, especially to NATO, that Russia was prepared to use force in the “near abroad” when their interests weren’t respected. The response from the U.S. and NATO was weak: no military support to Georgia or strong punitive actions against Russia

In 2014, Russia seized Crimea, with minimal consequences. The muted response in 2008 to Russia’s invasion of Georgia no doubt convinced the Kremlin that the U.S. and NATO would not risk a military confrontation with Russia. Although Russia was suspended from the G8 and the United Nations General Assembly adopted a resolution condemning Russia’s annexation of Crimea, NATO’s military response – suspending all cooperation with Russia -- was weak:

The U.S. withdrawal from Afghanistan in August 2021reinforced the Russian view that U.S. and NATO “red lines” were either not clear or not credible. Indeed, Russia viewed the withdrawal as a weakening of U.S. deterrence credibility.

On February 4, 2022, just weeks before Russia’s invasion of Ukraine on February 24, 2022, Mr. Putin met with Chinese President Xi Jinping at the Beijing Winter Olympics. The joint statement from their discussion was clear in stating a “no-limits” partnership and “no forbidden areas of cooperation” between Russia and China.

And prior to Russia’s February 2022 invasion of Ukraine, the U.S. publicly stated that they had credible intelligence of Russia’s plan to invade Ukraine. Unfortunately, however, even with this insight, the U.S. could not convince Mr. Putin an invasion of Ukraine would cross a red line and result in sanctions and other consequences for Russia. We failed to deter Russia from this bloody four-year war, with over 400,000 Ukrainian casualties and over one million Russian casualties.

The 28-point peace plan is being reviewed by the leadership in Ukraine and NATO and it’s possible the peace plan will be amended, to secure greater support from Ukraine and NATO.

What’s clear from Russia’s actions in Georgia, Crimea and Ukraine is that U.S. and NATO deterrence failed. A credible deterrence strategy would have made it clear to Russia that their aggressive military behavior would have resulted in significant consequences, to include biting sanctions, pariah status and a likely military response.

China, North Korea and Iran, allies of Russia, are watching closely how the war in Ukraine ends. Indeed, their interest in what’s included in the peace plan and the consequences for Russia, given their invasion of a Ukraine that had security assurances from Russia – and the U.S. and United Kingdom – in the 1994 Budapest Memorandum on Security Assurances, which pledged to respect Ukraine’s independence, sovereignty, and existing borders.

Hopefully, none of Russia’s allies will view the Ukraine peace plan as license to foment trouble in their region. Clearly, China understands U.S. policy: A peaceful resolution of issues between China and Taiwan, in accord with the Taiwan Relations Act of 1979. North Korea knows that the U.S. has extended deterrence commitments to our ally in South Korea and Iran should appreciate – - especially since the June 2025 bombing of their Fordow nuclear facility -- that Israel is a close ally of the U.S, with strong security commitments.

Deterrence credibility is important. That’s why the U.S. is providing Taiwan with about $387 million in defensive arms sales in 2024. And that’s why we have a Washington Declaration with South Korea, enhancing the nuclear deterrence alliance. Iran saw clearly, with the bombing of Fordow, how close our allied relationship is with Israel.

These allies of Russia would be making a grievous error if they try to exploit any peace agreement with Russia to end the war in Ukraine. And Mr. Putin would be advised to comply with any peace accord to end the Ukraine war and to refrain from any future attempt to violate the sovereignty of any of the 32 NATO members.

This column by Cipher Brief Expert Ambassador Joseph DeTrani was first published in The Washington Times

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

I just want to read the news

Get the news and only the news!

Guardian

Back to top

Kaupunki

Back to top

Yle

Back to top

CNN

Back to top

Hesari

Back to top

Al Jazeera

Back to top

New York Times

Back to top

Reuters

Back to top

NPR

Back to top

The Cipher Brief

Steve Blank

Back to top