The Cipher Brief

OPINION -- In recent months, U.S. policy debates have increasingly acknowledged that the decisive contests of the 21st century will not be fought primarily on conventional battlefields. They will be fought in the cognitive domain, through influence, perception, legitimacy, and decision velocity. This recognition is important and depends on an adequate technical and institutional layer to deliver durable strategic advantage.

Cognitive advantage cannot be declared. It must be engineered. Today, the United States does not lack data, expertise, or analytic talent. What it lacks is decision-shaping architecture capable of producing consistently high-confidence strategic judgment in complex, adaptive environments. The result is a persistent gap between how confident U.S. decisions appear and how reliable they are - especially in Gray Zone conflicts where informal networks, narrative control, and societal resilience determine outcomes long before failure becomes visible. Afghanistan was not an anomaly. Nor will it be the last warning.

The Confidence Illusion

In U.S. national security discourse, the phrase “high confidence” carries enormous weight. It signals authority, rigor, and analytical closure. Yet extensive research into expert judgment, including studies of national-security professionals themselves, shows that confidence is routinely mis-calibrated in complex political environments.

Judgments expressed with 80–90 percent confidence often prove correct closer to 50–70 percent of the time in complex, real-world strategic settings. This is not a marginal error. It is a structural one.

The problem is not individual analysts. It is how institutions aggregate information, frame uncertainty, and present judgment to decision-makers. While pockets of analytic under confidence have existed historically, recent large-scale evidence shows overconfidence is now the dominant institutional risk at the decision level.

Recent U.S. experience from Iraq to Afghanistan suggests that institutional confidence is often declared without calibration, while systems lack mechanisms to enforce learning when that confidence proves misplaced. In kinetic conflicts, this gap can be masked by overwhelming force. In Gray Zone contests, it is fatal.

Afghanistan: Studied Failure Without Learning

Few conflicts in modern U.S. history have been studied as extensively as Afghanistan. Over two decades, the U.S. government produced hundreds of strategies, assessments, revisions, and after-action reviews. After the collapse of 2021, that effort intensified: inspector general reports, departmental after-action reviews, congressional investigations, and now a congressionally mandated Afghanistan War Commission.

The volume of analysis is not the problem. The problem is that these efforts never coalesced into a unified learning system. Across reports, the same lessons recur – misjudged political legitimacy, overestimated partner capacity, underestimated informal power networks, ignored warning indicators, and persistent optimism unsupported by ground truth. Yet there is no evidence of a shared architecture that connected these findings across agencies, tracked which assumptions repeatedly failed, or recalibrated confidence over time.

Lessons were documented, not operationalized. Knowledge was archived, not integrated. Each new plan began largely anew, informed by memory and narrative rather than by a living system of institutional learning. When failure came, it appeared suddenly. In reality, it had been structurally prepared for years.

Reports Are Not Learning Systems

This distinction matters because the U.S. response to failure is often to commission better reports. More detailed. More comprehensive. More authoritative. But reports - even excellent ones - do not learn. Learning systems require interoperability: shared data models, common assumptions, feedback loops, and mechanisms that measure accuracy over time. They require the ability to test judgments against outcomes, update beliefs, and carry lessons forward into new contexts. Absent this architecture, reports function as historical records rather than decision engines. They improve documentation, not confidence. This is why the United States can spend decades studying Afghanistan and still enter new Gray Zone engagements without demonstrably higher confidence than before.

Asking the Wrong Questions

The confidence problem is compounded by a deeper analytic flaw: U.S. systems are often designed to answer the wrong questions. Many contemporary analytic and AI-enabled tools optimize for what is verifiable, auditable, or easily measured. In the information domain, they ask whether content is authentic or false. In compliance and due diligence, they ask whether an individual or entity appears in a registry or sanctions database. In governance reform, they ask whether a program is efficient or wasteful. These questions are not irrelevant, but they are rarely decisive.

Gray Zone conflicts hinge on different variables: who influences whom, through which networks, toward what behavioral effect. They hinge on informal authority, narrative resonance, social trust, and the ability of adversaries to adapt faster than bureaucratic learning cycles.

A video can be authentic and still strategically effective as disinformation. An individual can be absent from any database and still shape ideology, mobilization, or legitimacy within a community. A system can appear efficient while quietly eroding the functions that sustain resilience. When analytic systems are designed around shallow questions, they create an illusion of understanding precisely where understanding matters most.

DOGE and the Domestic Mirror

This failure pattern is not confined to foreign policy. Recent government efficiency initiatives-often grouped under the banner of “Department of Government Efficiency” or DOGE - style reforms - illustrate the same analytic tendency in domestic governance. These efforts framed government primarily as a cost and efficiency problem. Success was measured in budget reductions, headcount cuts, and streamlined processes.

What they largely did not assess were system functions, hidden dependencies, mission-critical resilience, or second-order effects. Independent reviews later showed that efficiency gains often disrupted oversight and weakened essential capabilities - not because reform was misguided, but because the wrong questions were prioritized. DOGE did not fail for lack of data or ambition. It failed because it optimized what was measurable while missing what was decisive. The parallel to national security strategy is direct.

Why Gray Zone Conflicts Punish Miscalibration

Gray Zone conflicts are unforgiving environments for miscalibrated confidence. They unfold slowly, adaptively, and below the threshold of overt war. By the time failure becomes visible, the decisive contests - over legitimacy, elite alignment, and narrative control - have already been lost.

Adversaries in these environments do not seek decisive battles. They seek to exploit institutional blind spots, fragmented learning, and overconfident decision cycles. They build networks that persist through shocks, cultivate influence that survives regime change, and weaponize uncertainty itself. When U.S. decision systems cannot reliably distinguish between what is known, what is assumed, and what is merely believed, they cede cognitive advantage by default.

What “90 Percent Confidence” Actually Means

This critique is often misunderstood as a call for predictive omniscience. It is not.

According to existing standards, No system can achieve near-perfect confidence in open-ended geopolitical outcomes. But research from forecasting science, high-reliability organizations, and complex systems analysis shows that high confidence is achievable for bounded questions - if systems are designed correctly.

Narrowly scoped judgments, explicit assumptions, calibrated forecasting, continuous feedback, and accountability for accuracy can push reliability toward 90 percent in defined decision contexts. This is not theoretical. It has been demonstrated repeatedly in domains that take learning seriously. What the U.S. lacks is not the science or the technology. It is the architecture.

Cognitive Advantage Requires Cognitive Infrastructure

The central lesson of Afghanistan, Gray Zone conflict, and even domestic governance reform is the same: data abundance without learning architecture produces confidence illusions, not advantage.

Cognitive advantage is not about thinking harder or collecting more information. It is about building systems that can integrate knowledge, test assumptions, recalibrate confidence, and adapt before failure becomes visible.

Until U.S. decision-shaping systems are redesigned around these principles, the United States will continue to repeat familiar patterns - confident, well-intentioned, and structurally unprepared for the conflicts that matter most. The warning is clear. The opportunity remains.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

When a Charismatic and a Machiavellian Meet

President Trump will visit Beijing later this month for the first time in almost a decade. As a former CIA clinical psychologist, I have conducted many remote assessments of world leaders. I believe this summit presents both great opportunities, and great dangers. Not just because of the economic and political stakes, but because of the highly divergent personalities and styles of leadership of the two Presidents.

Xi is a cool-headed introvert, whose political superpower is his iron Machiavellian detachment. This type of leader does not allow himself the pleasures of living within commonplace morality, considering this a form of “feel good” self-indulgence a leadership failure. According to the code described by Machiavell, a Prince (and Xi is the quintessential Red Prince) puts the needs of his City States ahead of all other considerations. The Machiavellian’s task is to perpetually scan, detect, and then eliminate opponents and threats that stand in the way of a strategically advantageous future. Xi’s combination of detachment, attention to detail and abstinence regarding human needs makes him a formidable foe in conflict or negotiations.

Trump has a “hot” extraverted personality. He draws energy from those around him, is attuned to their moods and needs, and automatically seeks to connect with crowds. A true individualist – the quintessential American Maverick – Trump is a fearless instinctive leader with extraordinary charismatic skill. Trump is preternaturally able to grasp the mood of crowds and engage them. He noted in the press conference he gave immediately after a third thwarted assassination attempt that leaders with “the most impact” are commonly targeted by assassins. It is true that extremely talented charismatic leaders such as Trump, Lincoln, Kennedy, Shinzo Abe, Martin Luther King, and Ghandi are loathed as much as they are loved. These types of leaders engage emotions, good or ill, within the collective unconscious of their supporters and detractors.

When a gifted political charismatic such as President Trump is paired in negotiation with an equally gifted Machiavellian such as President Xi, history-making deals may happen. So too can epoch-defining disasters occur. The summit between Mao and Nixon comes to mind as a world-changing success story. Close observers of both past and present summits might quip that history has flipped on which country brought a charismatic (or narcissistic) leader and which a Machiavellian (or paranoid) to the table.

Hitler, Chamberlan, and Stalin come to mind in regard to historical catastrophes resulting from leaders with striking differences in personality. Hitler, though unhinged, poorly educated, and seething with genocidal hatred, possessed extraordinary charismatic talent. He was able to deceive classically educated, upper-crust British Prime Minister Neville Chamberlain, a scrupulous man who disdained popularity or glamour, into believing that the Munich agreement would bring “peace in our time.” Hitler managed the same trick with Stalin, who was Hitler’s equal in bloodlust, paranoia, and ruthlessness, but more cunning and detached rather than deranged. The two signed a non-aggression pact that Hitler broke.

Xi and Trump appear to share a consensus that the current post WW-II rule-based order is inimical to their goals. Each may believe that it is time to negotiate a new set of rules for a world order and believe this falls to them because of their positions as co-equals in world power; Trump has referred to a “G-2” with China. However, both also believe that a leader can only dictate international relations if their domestic power is secured and seen to be untouchable, because anything less than a full “hands off” respect from a political counterpart implies that any deals made are shaky. Hitler did not hesitate to break a deal he made with his ostensibly inferior counterpart.

Both Xi’s and Trump’s political ethics and values are founded on dealmaking. A leader destroys his enemies by making them friends – or at least, by making a frenemy who has an equal share of power that allows the negotiation of lasting deals. Both Xi and Trump believe they have unique mastery of logic as well as the unconscious dynamics of power. In their calculations, the weak and vulnerable in society are not necessarily forgotten but protected and looked after; however, power is not shared with the powerless.

As demonstrated in their respective “big, beautiful [military] parades” both men love to put on a grand performance. A showman at heart, Trump puts himself in the center of the action and loves the unmediated, moment-by-moment audience reactions. Xi is a master behind-the-scenes director, who is essentially an orchestrator and always a watcher, not an immersive participant. Xi composes spectacles of great precision and complexity.

Ultimately, both men are driven by urgency to protect and restore the historic “spirit” of their cultures, seeming to believe that they were chosen by fate for highest office. One’s call to action is: “The Great Rejuvenation of the Chinese Nation” and the other’s slogan is “Make America Great Again.” Both believe in the exceptionalism and manifest destiny of their nations. Is it possible for both men to be right?

Xi and Trump may be an odd couple in world leadership, but we must remember they are part of a very exclusive club whose only members are the two most indisputably powerful men on earth. Within this exclusivity, they understand each other very well, share surprising similarities, and some dangerous differences.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Congress Faces a Growing Blind Spot in the Pentagon’s Expanding Budget

OPINION -- “That brings me to a concern I want to put on the record. In addition to the billions requested for the F-35 [fighter-bomber] enterprise, several of these programs I consider highest priority are being funded through the mandatory [reconciliation bill] request -- $17.5 billion for Golden Dome [anti-missile system], $7.7 billion for air moving-target indicator, $4.6 billion for munitions equipment, and $3.9 billion for space data network. Mandatory funding [via the reconciliation bill] bypasses the annual appropriations process, which is how Congress exercises its oversight responsibility. If these programs are as critical as the [fiscal 2027] budget request suggests, and I believe they are, then they deserve all the full scrutiny and sustained attention that we on the appropriations process provide.”

That was Rep. Ken Calvert (R-Calif.), Chairman of the House Appropriations Defense Subcommittee, during his opening statement at the April 30, hearing called to go over the fiscal 2027 budgets for the U.S. Air Force (USAF) and Space Force (USSF).

There are two reasons I’m focusing on this Appropriations Subcommittee hearing.

One is because the session was cut short after 53 minutes so members could take part in a House floor vote, but then the hearing was not resumed. When the hearing adjourned, only seven of the 13 subcommittee members present had their five minutes to ask questions, although they were at the end given an opportunity to submit questions in writing.

This was one more example of a House subcommittee just not playing its assigned Constitutional role, but a questionable remedy exists which I will discuss further below.

Equally important, as Calvert pointed out above, the Trump administration is playing around with the normal defense budget process, based on what the House and Senate let them do last year when Congress passed an $839 billion fiscal 2026 Defense Appropriations Bill, but then added another $152 billion for defense in the so-called “one, big, beautiful” reconciliation bill.

This year, as part of the Trump administration $1.5 trillion request to fund the Defense Department (DoD) next year, the Pentagon has planned for $1.15 trillion being inside the base budget, with an additional $350 billion coming from a proposed additional second round of reconciliation bills.

By putting that $350 billion in a later reconciliation bill, the administration seeks to avoid the need for 60 votes for passage in the Senate, which regular legislation would require, but the reconciliation bill needs only a majority vote.

Over at the Senate Armed Services Committee that same day, April 30, Sen. Angus King (I-Maine) brought up the reconciliation idea with Defense Secretary Pete Hegseth, who was testifying about the fiscal 2027 DoD budget.

King asked Hegseth, “Why do we suddenly have a two-part [DoD] budget where this committee and the Congress generally has oversight and input to a process where a quarter of the [DoD] budget [the part in the reconciliation bill] is essentially a slush fund?”

Hegseth responded, “I wouldn't characterize a quarter of it as a slush fund, but I recognize that we see it in totality as a $1.5 trillion budget separation.” Hegseth then unsuccessfully tried to explain by adding, “Why the two pieces…why there are multiple vehicles, but we are fully committed with working with the committee to ensure that the right vehicles are utilized to get precisely this amount $1.5 trillion.”

Meanwhile, there is another chance for the House Appropriations Defense Subcommittee members to ask questions about the DoD fiscal 2027 budget today when Hegseth, Joint Chiefs Chairman Gen. Dan Caine and Acting Assistant Defense Secretary (Comptroller) Jules W. Hurst III appear before them to review the $1.5 trillion DoD budget request.

However there will be a time constraint.

It turns out that the Senate Appropriations Defense Subcommittee also is scheduled to hold its hearing today, May 12, with the same witnesses. The House subcommittee hearing is set for 8 a.m. this morning in a room in the Rayburn House Office Building. The Senate group is scheduled to begin at 10:30 a.m. in a room in the Dirksen Senate Office Building, on the other side of Capitol Hill.

I must point out that at best the House Defense Subcommittee members will have much less than 90 minutes for questions, and if all 18 members show up not all will get their allotted five minutes to ask anything. That is not worthwhile oversight.

Remember the 53 minute House Defense Subcommittee meeting where only seven asked questions? They were only dealing with an Air Force fiscal 2027 budget of $339 billion, which by the way is 38 percent greater than this year. Those same members today will be trying to cover questions about a $1.5 trillion DoD budget that is 40 percent larger than the current one.

Having read all testimony from that shortened April 30 session on the fiscal 2027 Air Force budget, I think the public needs to know more about the sixth generation F-47 which is to be the future world’s most stealthy and lethal fighter. Last year, Boeing won a $20 billion contract to build 185 of them. They will exceed Mach 2 in speed, which is twice the speed of sound and faster than 1,500 miles-per-hour with a combat radius of 1,000 nautical miles.

The F-47s are also designed so that their pilots will be the in-the-air directors of up to eight unmanned AI-driven drones, named by the Air Force Collaborative Combat Aircraft (CCAs). According to what Air Force Secretary Dr. Troy E. Meink told the subcommittee back on April 30, the F-47 “and its integration with autonomous CCA represents a generational leap in combat capability that will redefine the battle-space.”

Meink said, “We are allocating over $5 billion in fiscal year 2027 for F-47 engineering and manufacturing development. The USAF is investing $1.4 billion for CCA testing and development, which puts us on a direct path to procure over 150 CCA by the end of the [five year] Future Years Defense Program, rapidly scaling our combat mass.”

How is all of that progressing?

But one question that needs to be asked at today’s hearings with Hegseth is what’s the reason for dividing the $1.5 trillion budget up in the first place?

At the end of the shortened House subcommittee April 30 hearing, Rep. Joe Morelle (D-N.Y.) asked Air Force Secretary Meink if the division of the DoD budget was “a one year anomaly, or is the Department planning to continue to shift defense funding into mandatory accounts [reconciliation bills] going forward, which would give this committee [House Appropriations] far less oversight over defense spending.”

Meink at first said, “We are always happy to come down and walk through with you how we’re spending the resources, fully transparent, whether it’s reconciliation or in the base budget.”

When Morelle persisted and asked about “the out years,” Meink replied, “I can’t speak to the level of conversation or the [Trump administration] strategy going forward Congressman.”

To which Morelle said, “Let me just say this, and then I’ll yield back…I think this is a dangerous precedent. I think Article One [of the Constitution which established Congress] responsibilities and the role that is vested in this committee to do oversight – I’m a new member [of the subcommittee] – but I think this is really important, not only for congressional integrity and for congressional responsibilities and prerogatives for the American people.”

I agree.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Why June Is the Oil Market’s Point of No Return

OPINION -- Two months into the U.S.-Iran war, the global oil market has shifted from shock to siege. The Strait of Hormuz — through which roughly 20 percent of the world’s seaborne oil trade normally flows — remains effectively shut. And while Brent crude hovers around $108–$115 per barrel, the real story isn’t the price on screen today. It’s the inventory math that’s quietly counting down to a crisis the world has never faced at this scale.

The Illusion of Plenty

A new JP Morgan flash note, aptly titled “The Illusion of Plenty,” lays out the arithmetic in blunt terms. At the start of 2026, the world held approximately 8.4 billion barrels of oil and oil products — a number that sounds reassuring until you examine what’s actually usable. According to JP Morgan’s analysis, only around 800 million barrels of that stockpile can be drawn without pushing the physical system into what they call “operational stress.” Roughly 35 percent of that accessible buffer had already been consumed by late April.

The distinction between oil-on-paper and oil-you-can-actually-use matters enormously. Much of the global stockpile is locked up in pipeline fill, minimum tank levels, refinery feedstock requirements, and other operational necessities. Draw below those floors and you don’t just run short — you damage the infrastructure itself. Pipelines lose flexibility, terminals seize up, and refineries lose the feedstock they need to function.

Goldman Sachs reinforces the urgency: global oil inventories are draining at a record pace of 11 to 12 million barrels per day, driven by the loss of roughly 14.5 million barrels per day of Middle East crude production. The IEA has called this the largest supply disruption in the history of the global oil market. That’s not hyperbole — it’s the assessment of the institution responsible for coordinating emergency energy responses among developed nations.

June: The Tipping Point

JP Morgan now projects that oil stockpiles will enter “operational stress” territory by early June and hit an “operational floor” by month’s end. At that point, the market isn’t absorbing a shock anymore — it’s depleting its last reserves in real time, and price becomes the only mechanism left to ration supply.

Traders are already warning that the math points to prices well beyond current levels. Macquarie Group has modeled scenarios reaching $200 per barrel if the war extends into June, assigning a 40 percent probability to that outcome. Worst-case modeling — such as Iranian strikes disabling Arabian pipeline alternatives — pushes theoretical prices as high as $370. These aren’t predictions; they’re stress tests. But they reflect the uncomfortable reality that the market is being asked to absorb something historically unprecedented.

The world will need to shed approximately 11 million barrels per day of demand to match remaining supply. For context, the COVID-19 pandemic — which locked down the entire global economy — produced a demand drop of roughly 9 million barrels per day. The oil shocks of 1973, 1979, and 2008 each cut demand by no more than 5 million. What the market is now being asked to do, through price signals alone and on a timeline of weeks rather than years, has never been accomplished.

Asia Is Already There

The crisis isn’t theoretical in Asia. Roughly 84 percent of crude oil that transited Hormuz in 2024 was headed to Asian markets, with China, India, Japan, and South Korea absorbing the bulk. Asian buyers ran through their Gulf-origin supply roughly two weeks before Europe and the United States. The consequences are already visible: factory shutdowns, government-imposed fuel rationing, cooking gas shortages, more than 150,000 flight cancellations, and severe strain on power grids now running on fumes.

Pakistan depends on the Gulf for 99 percent of its LNG. Vietnam sourced 80 percent of its crude from Kuwait. Bangladesh is facing recession-like conditions and has ordered universities and commercial establishments into early closures to conserve energy. The Philippines declared a state of emergency in late March. India, which imports 85 percent of its crude, has slapped export duties on diesel and aviation fuel while racing to connect households to piped natural gas from domestic fields.

This is what the front edge of an energy crisis looks like — and it hasn’t hit the West at full force yet.

The Western Countdown

For now, America benefits from its position as the world’s largest oil producer and LNG exporter. U.S. crude exports have surged to record levels — 6.44 million barrels per day — as global buyers scramble for non-Gulf supply. Gas prices have risen over a dollar a gallon since the war began but remain manageable compared to Asian spikes.

That insulation won’t last forever. Gunvor Group’s head of research has warned that without a reopening, the world faces a macro crisis and recession, with June as the clear inflection point. Macquarie’s strategists caution that the real pain arrives when diesel shortages hit — because diesel is the backbone of global goods movement. When it becomes scarce, the disruption cascades from trucking to manufacturing to retail shelves.

Europe sits in an especially vulnerable position. The continent entered this crisis with historically low gas storage levels after a harsh winter, and its dependence on Qatari LNG transiting Hormuz compounds the energy squeeze. The European Central Bank has already cut GDP growth projections and modeled scenarios where Brent at $145 cuts the eurozone’s growth in half.

The Strategic Question

President Trump has stated his intention to maintain the U.S. naval blockade of Iranian ports for “months,” framing it as maximum economic pressure. Iran’s new supreme leader, Mojtaba Khamenei, has pledged to retain control of the strait and refuses to relinquish nuclear or missile capabilities. Despite a fragile ceasefire announced in early April, ship traffic through Hormuz remains negligible.

This creates what is effectively a mutual chokehold: the U.S. blockade strangles Iran’s economy, while Iran’s closure of the strait bleeds the world’s oil reserves dry. The question now is which pressure point breaks first — and whether the answer arrives before June’s tipping point or after it.

For those of us who spent years studying energy markets during previous Gulf crises, there’s a temptation to assume the system will muddle through as it always has. But the scale here is genuinely different. Previous disruptions removed 2 to 5 million barrels per day from the market. This one has removed closer to 10–15 million. Previous crises had functioning alternative routes and infrastructure. This one has seen physical damage to Gulf production facilities and export terminals. And critically, previous drawdowns unfolded over months or years. This one is compressing into weeks.

June is coming fast. The buffers are thin. And the market is about to find out whether price alone can do what government edicts and pandemic lockdowns struggled to accomplish.

The author is a former CIA intelligence officer with extensive experience on the Near East. This analysis draws on open-source reporting, regional analysis, and publicly available assessments. All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author’s views.

Watch my Special Competitive Studies Project podcast, Intelligence at the Edge!

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The New Extremist Recruitment Funnel Starts With Children

OPINION -- Technology has a way of helping us skip steps.

China skipped mass adoption of credit cards and went straight to mobile payments. Nigeria bypassed landlines and went directly to mobile networks. Indonesia moved past cable and into streaming. That’s infrastructure leapfrogging—when entire systems evolve because a better alternative arrives before the old one fully forms.

Since Covid-19, we’ve seen a different kind of leapfrog—one that operates at the level of behavior, not infrastructure. TikTok replaced the social graph with the algorithm. Gaming platforms replaced traditional social environments. And generative AI has removed the barriers between languages, domains and audiences.

The result is a compression of how people discover, evaluate, and act.

In the business world, we are always wondering how we can compress the marketing funnel. Can we move through the phases of awareness, consideration, evaluation, and purchase faster? With AI, we can as sales cycles that took months can now happen in days. Wonderful.

Unfortunately, extremist groups have come to the same conclusion.

They are no longer pursuing recruits step-by-step over time. That’s old school.

They are engineering systems that compress exposure, trust, and commitment into a single, continuous experience—one that increasingly begins and ends with children.

The data reflects the shift. In 2024, the UK reported that one in five terrorism-related arrests was for a young person under age 18. Better detection explains part of the increase—but not the magnitude. What has changed is the system and it is a system that directly impacts humans under the age of 18, which account for about one-third of the global population.

The Leapfrog

Traditional radicalization followed a sequence: exposure, ideological grooming, social belonging, commitment, and then action. It required time, proximity, and human effort. We know this cycle well.

Today, those stages are no longer sequential. They are compressed—and in many cases, bypassed entirely.

Social media provides reach. Gaming provides trust. Private networks provide control. Language provides conversion efficiency.

On TikTok, algorithmic recommendation engines push content to users without intent. Exposure is passive, continuous, and personalized. A user does not have to search. They are found.

From there, engagement often shifts into gaming environments—platforms that function as trusted social spaces, particularly for younger users. These are not viewed as risky environments. After all, this is where friendships are formed, identities are shaped, and precious time is spent.

That trust matters. Because radicalization rarely begins with ideology. It begins with belonging.

One documented example is a loosely organized online extremist network, the “764 Network,” which often starts in a gaming platform. Initial contact is made in-game. From there, users can be invited into private servers, where interaction becomes more controlled, more persistent, and more difficult to monitor. The conversion event is not belief—it is migration into a closed environment.

This pattern is not new. ISIS and other groups have long used a similar model—broad distribution across open platforms followed by migration to encrypted channels like Telegram. What is new is the speed, scale, and accessibility of the system—and the age of the participants.

Artificial intelligence is now accelerating the process further.

A human recruiter might manage five to ten conversations at once. An AI system can manage thousands in native language. It can triage, profile, and personalize interactions in real time. It can simulate peer relationships, maintain constant engagement, and adapt messaging dynamically.

What once required time and effort now requires only access.

And for younger users, the system is particularly effective.

Children are more exposed to algorithmic content. They spend more time in gaming environments. They are in earlier stages of identity formation, actively seeking belonging and meaning. And they are less likely to distinguish between human and synthetic interaction.

It is reasonable to conclude this system doesn’t just reach children—it is optimized for them.

If we map this to the marketing funnel, the structure becomes clear:

- TikTok provides awareness through algorithmic reach
- Gaming platforms provide consideration through social interaction
- AI enables evaluation through personalized reinforcement
- Private networks like Telegram enable conversion and commitment

What once took months—or years—can now happen in days. The recruitment funnel is compressed.

There are additional accelerants.

Language has become a major force multiplier. Groups like Al-Shabaab now release content simultaneously in multiple languages, dramatically expanding reach and reducing friction for local audiences. AI enables instant localization at scale.

At the same time, platform defenses have not kept pace.

Much of the current counterterrorism framework was built for an earlier version of the internet—one that was public, adult, and relatively easy to monitor. Today’s environments are different: private servers, encrypted messaging, voice chat, and friends-only networks.

Gaming platforms in particular sit largely outside traditional terrorism policy frameworks. Moderation is limited, visibility is constrained, and activity often occurs in spaces that were never designed for oversight.

Even where monitoring exists, it is uneven. Think of it this way. Extremists focus on any language that does not generate enough revenue or political pressure to support investment in human moderators and AI classifiers. Less common languages such as Amharic, Burmese, Pashto, Indonesian, Swahili, Kurdish and many other languages represent platform blind spots that can be exploited at scale.

A New Recruitment Model

This new recruitment funnel can be summarized as the 3Cs.

Capture – attention via algorithm

Connect – trust via social environments

Convert – behavior via AI persuasion

That convergence is the breakthrough.

It is not simply an increase in activity—it is a structural shift.

The age floor of who is targeted for recruitment is dropping because the system now favors it.

It is earlier, faster, and more scalable to reach youth, occurring in environments that were never designed to defend against it.

And that is the point. We are no longer dealing with a content problem. We are dealing with a system design problem.

The question is not whether children will encounter these situations. They will. It is whether the systems around them are built to stop or slow them.

Today, they are not.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Intelligence Community’s Acquisition Revolution: Can Washington Move Fast Enough?

OPINION -- On February 9, the CIA announced a major overhaul of its technology acquisition from the private sector. Director John Ratcliffe described it as “a radical shift towards a culture of speed, agility, and innovation,” while Deputy Director Michael Ellis declared that “CIA is open for business” in areas ranging from AI to microelectronics. With DARPA veteran Efstathia Fragogiannis now leading procurement, the agency is attempting to dismantle structural barriers that have long prevented it from rapidly adopting commercial innovation.

The announcement is significant in its own right. But it is not occurring in isolation. It comprises a broader wave of institutional reforms; at least four major initiatives were launched in rapid succession, all aimed at the same challenge: the national security enterprise must move at the speed of modern technology.

The CIA acquisition overhaul is the most visible. For years, intelligence community procurement timelines have been a frustration for innovative companies. Startups with relevant capabilities have routinely found the contracting process so slow and opaque that many simply walked away. The new framework seeks to fix this problem at a structural level, not just through incremental process tweaks. Fragogiannis’ DARPA background suggests an effort to import that organization’s flexible, high-tempo acquisition model into Langley.

A second reform is the creation of the AI Information Sharing and Analysis Center (AI-ISAC), mandated by the White House’s AI Action Plan and led by the Department of Homeland Security in coordination with Commerce and the Office of the National Cyber Director. In contrast to traditional ISACs, which are organized by infrastructure sector, the AI-ISAC is organized around a technology. This reflects an important shift: AI is now a cross-cutting capability that creates new vulnerabilities across every sector simultaneously.

Third is ANCHOR, the Alliance of National Councils for Homeland Operational Durability, which will replace the long-standing Critical Infrastructure Partnership Advisory Council (CIPAC). CIPAC served for nearly two decades as a principal mechanism for government–industry collaboration on infrastructure security, but its dissolution in 2025 highlighted the demand for a more modern framework. ANCHOR is intended to provide that replacement, with updated structures designed to better reflect today’s threat environment.

The fourth and most consequential change is the forthcoming National Cybersecurity Strategy. National Cyber Director Sean Cairncross has previewed a six-pillar approach focused on shaping adversary behavior, modernizing federal systems, securing critical infrastructure, maintaining dominance in emerging technologies, improving the regulatory environment, and dealing with the cyber workforce gap. The emphasis on deterrence (moving from reactive defense to proactive shaping of adversary behavior) signals a strategic change that will directly affect how agencies rank and procure technology.

For those of us who have spent careers inside the federal government, this pattern is familiar: bold announcements, ambitious frameworks, and then the hard work of implementation against entrenched processes. The distinction today is the nature of the threat.

The rise of agentic AI, autonomous systems capable of planning and undertaking complex operations, has fundamentally changed the offense-defense balance in cyberspace. Adversaries are using these tools rapidly. Meanwhile, the U.S. national security enterprise is attempting to acquire comparable capabilities through legacy processes that were never designed for the pace of AI innovation. Every month of procurement delay is a month in which competitors gain ground.

For defense contractors and technology firms, these converging reforms create both opportunity and uncertainty. Across multiple agencies, the government is communicating a desire to interact more directly with industry and to adopt high-tech capabilities faster than before. The CIA’s explicit invitation to startups and innovators is the clearest expression yet that the Intelligence Community recognizes the immediacy.

But speed alone will not determine success. The companies most likely to benefit will be those that can demonstrate more than technical excellence. They have to demonstrate integration readiness, the ability to deploy solutions securely into government environments, interoperability alongside existing systems, and scalability within demanding compliance frameworks such as CMMC and emerging AI security standards. The era of selling isolated point solutions is ending; government customers increasingly need platforms and capabilities that fit within elaborate, mission-critical ecosystems.

Ultimately, the challenge is not simply to buy faster, but to buy smarter. Real progress will depend on enduring collaboration between government and industry, on integrating security by design, and on building acquisition models that reward outcomes rather than process.

Washington’s intent is clear. The scope of these projects demonstrates genuine recognition that the old ways are no longer sufficient. The real test will be whether that urgency can be maintained over the years, not just weeks.

If execution matches ambition, 2026 may be remembered as the year the national security enterprise finally began to close the gap between the speed of technological change and the speed of government response. That would represent more than an acquisition reform; it would represent a strategic transformation and a critical national advantage.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Two Fronts, One War: Why Ukraine and Iran Are Part of the Same Fight

OPINION -- I recently had the opportunity to take part in a panel discussion on geopolitical issues at the Kyiv Security Forum in Kyiv. One of the key issues covered by the panel was the status of Russia’s continued aggression against Ukraine and continued Western support for Ukraine. This is a topic I have addressed publicly many times since retiring from the CIA during public and private speaking engagements, podcasts, and various news shows. What I stated in Kyiv was no different than what I have argued in the past – the “West”, led by the U.S., should continue to provide Ukraine with the military, economic, diplomatic, political and morale support needed to continue facing down Russian dictator Vladimir Putin and his unjustified war against Ukraine. Ukraine is fighting for its existence, and we need to stand with the Ukrainians as they defend their right to exist. We should never allow Putin, or any other foreign leader, to dictate who has the right to “be”. Thankfully, none of the other panelists disagreed with this point of view. We need to help the Ukrainians defend themselves against foreign aggression and tyranny.

But what was surprising was to hear one of my fellow panelists criticize President Donald Trump and his administration for initiating military operations against the Islamic Republic of Iran (IRI) (Operation “Epic Fury”) in late February 2026. My fellow panelist argued that it was a mistake for the U.S. to start “Epic Fury” because the operation was drawing off resources that should be directed to supporting Ukraine and resulted in the closure of the “Strait of Hormuz”, the rise in energy prices and a decision by the White House to temporarily end sanctions against “Shadow Fleet” tankers that were already at sea carrying Russian oil.

From my optic, some of the statements made against “Epic Fury” have a basis of fact. For example, it is clear that in the run up to “Epic Fury” the U.S. Military directed its limited group of air defense resources to the Middle East to protect U.S. and allied interests given the rising risks of a military confrontation with Iran. The closing of the Strait of Hormuz” has led to a rise in energy prices at a time when the Russian economy was struggling under the pressure of U.S. and European Union (EU) sanctions and the increasingly effective use of “deep strikes” by the Ukrainians against Russia’s energy infrastructure. But the conflict in the Gulf has not resulted in a significant increase in revenue for the Russian State budget and, as one Ukrainian Air Defense officer recently told me, U.S. and Israeli operations targeting Iran’s defense production capacity and armed forces have limited Tehran’s ability to provide Russia with weapon systems and equipment that Moscow had been using before February 2026 to sustain air attacks against Ukraine. Unfortunately, while some argue that the Iran conflict has also distracted the White House from pursuing peace negotiations between Moscow and Kyiv, negotiations have continued but have made little progress, not because of the Iran issue, but because the Russians continue to take a maximalist stance vis a vis talks and Putin has shown little real interest in ending his war against Ukraine.

But more than anything, I am always surprised when I hear Americans and Europeans argue that the operation against Tehran is a mistake, while in the same breath, they demand continued support for Ukraine. For me, as stated above, the U.S. has a responsibility to help Ukraine protect its existence from the terror it faces from Moscow. At the same time, Washington and Brussels also have a responsibility to help Israel defend itself against Putin’s allies in Tehran, who have been threatening to destroy the State of Israel since seizing power in Iran in 1979? Helping Ukraine is the right thing to do. So is helping Israel defend itself against the threat of annihilation.

Those arguing against military operations in Iran view the military conflict with the Islamic Republic as being separate and isolated from our conflict with Russia, but that is not the case. The regimes in Moscow and Tehran formed a strategic alliance against the U.S. and its allies years ago and have both been working to undermine Western interests for years. Iran has been supplying Russia’s war machine with Unmanned Aerial Vehicles (UAVs), ballistic missiles, munitions and spare parts since the start of Moscow’s full-scale invasion of Ukraine in February 2022. In turn, Russia has been providing the Iranians and their proxies with weapons systems, advanced technology, diplomatic and political support for years. Importantly, the Russians have also been providing Tehran with direct intelligence support, including targeting data on U.S. forces in the Middle East. Ukraine’s fight for its survival and the U.S. – Israel operations against the IRI are not two separate “wars”, but are two fronts in one common war. The demise of Putin’s allies in Tehran will be a victory for Ukraine. Ukraine’s defeat of Russia will be a victory for the U.S. and collective West, including Israel.

I cannot agree with those who attack President Trump for finally responding to Iranian threats against the U.S. and its allies with force. That action was long overdue and, while the President gave the Iranian’s a year to try to negotiate a resolution to the serious differences we had with the Islamic Republic, when those efforts failed, President Trump should be given credit for showing the type of resolve on Iran that his predecessors failed to show for far too long. It is likely that the U.S. President understood that in making the decision to start “Epic Fury”, he recognized that this decision would be attacked by his opponents and unpopular with many of his supporters, especially the “isolationist camp” in the Republican Party. Making the decision in advance of mid-term elections would be difficult for any President and President Trump deserves credit for taking a principled stand in support of U.S. and allied interests.

Unfortunately, while the President is “right” on Iran, since returning to the Oval Office he has been wrong on Russia. Like the Iranians, he gave Putin over a year to negotiate an end to the war in Ukraine and contrary to the Kremlin’s ongoing efforts to blame Kyiv for the failure of those negotiations, it is Moscow that has refused to make any concessions needed to end the fighting. Instead, he has consistently tried to manipulate the President and his inner circle and lied to the White House about who started the war and who is standing in the way of peace.

In October 2025, President Trump appeared to have reached his limit with Putin’s game playing when he canceled a planned summit with Putin in Budapest and slapped new sanctions on Russia’s major energy companies. In a clear sign of desperation, Putin panicked and immediately sent his “American Whisperer” Kirill Dmitriyev to the U.S. to try to convince Trump’s inner circle that Putin was ready to negotiate. The Kremlin then executed an effective covert influence operation by making sure some aspects of Dmitriyev’s discussions with U.S. officials were leaked to the media, undermining U.S. credibility, driving a wedge between Washington and its European partners and creating the false impression that the U.S. and Russia were in “cahoots” and ready to sell out Ukraine in order to secure potentially lucrative business deals in Russia in the future.

President Trump has criticized his predecessors for allowing Putin to “outplay” them. To date, he allows Putin to do the same to him. But it is not too late for Trump to reverse that trend and demonstrate to the world that he will not be outsmarted by Putin. The President should sign the bipartisan sanctions package prepared by Republican Senator Lindsey Graham which would send a powerful message to the Kremlin that the U.S. is no longer willing to tolerate Putin’s stalling on negotiations and place enormous additional pressure on Putin to agree to make necessary concessions needed to end the war.

President Trump can send a strong message to Kyiv and other U.S. allies that the U.S. Administration will not be deceived or manipulated by the Kremlin and it is ready to show the same resolve towards Moscow that it is showing on Iran. It will also send a message to America’s enemies that the U.S. will take a consistent stand against those countries that threaten the U.S. and its allies. This message not only needs to be heard in Moscow, but should also be heard in Pyongyang, Beijing and any other capital where a dictator or autocratic regime is considering attacking one of America’s allies.

All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author’s views.”

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Getting Our Adversaries Out of Cuba Should be our Immediate Goal

OPINION -- Since 1959, the U.S. and Cuban relationship has been defined by gray zone operations that have occasionally broken out into open confrontation. At the same time, Cuba has been the proxy area for US adversaries to spy on the US homeland and endanger US security. Due to a convergence of events, Cuba and the US are poised for a monumental change in the relationship that could move from gray zone activities to a more positive transactional diplomatic relationship, but there is a long way to go before we get there and the US must stay focused on its goal of increased security for the homeland.

Cuba is a master at gray zone activity with the US as the focus. In July 2024, the National Intelligence Council defined gray zone activity as:

The deliberate use of coercive or subversive instruments of power by, or on behalf of, a state to achieve its political or security goals at the expense of others, in ways that exceed or exploit gaps in international norms but are intended to remain below the perceived threshold for direct armed conflict. Gray zone campaigns are commonly characterized by a sustained, multi-domain approach, indirect methods, and deliberate ambiguity about their aims and sponsorship.

When Fidel Castro came to power in 1959, he disrupted the geopolitical landscape with promises of wealth, education, and medical care for all. Cuba supported revolutions across the globe. It was a leader in the nonaligned movement. It exported doctors and supported medical education from countries across Latin America and Africa and then used those Cuban educated doctors to provide pro-communist propaganda to local populations along with their medicine. These were classic, gray zone activities.

As part of its multi-faceted approach to foreign policy, the Cuban government also worked with US adversaries to counter US national security. The Cuban missile crisis is a memorable and important example. Over time, Cuba developed the island into a listening post for US adversaries willing to pay for the privilege.

After the Cold War ended, the U.S. tried different approaches with the island. President Bill Clinton signed the Cuban Liberty and Democratic Solidarity Act, which strengthened the U.S. embargo and set stringent conditions for the lifting of sanctions. President Barack Obama kept the trade embargo intact but restored diplomatic relations with Havana, relaxed economic sanctions, and removed Cuba’s designation as a state sponsor of terrorism. Obama’s Secretary of State, John Kerry, called the Monroe Doctrine dead. This opened the island to US tourism and separated families were able to visit each other. In 2017, President Trump rolled back Obama’s normalization efforts and enacted more than 240 measures tightening sanctions against Cuba. Now the administration has administered a blockade, arrested the leader of Cuba’s closest supporter, President Maduro in Venezuela, and put Cuba’s other two supporters, Russia and China, on notice that the US is expecting them to back off the relationship. On January 29, President Trump signed an executive order that says:

Cuba hosts Russia’s largest overseas signals intelligence facility, which tries to steal sensitive national security information of the United States. Cuba continues to build deep intelligence and defense cooperation with the PRC. Cuba welcomes transnational terrorist groups, such as Hizballah and Hamas, creating a safe environment for these malign groups so that these transnational terrorist groups can build economic, cultural, and security ties throughout the region and attempt to destabilize the Western Hemisphere, including the United States.

On 1 May, President Trump signed a new executive order strengthening sanctions against Cuba and Cuban leaders and again calling out its relationship with Hizballah.

While the Cuban government neglected and mismanaged the economy, it has continued to support US adversaries and focused on anti-US activities. Meanwhile, the country is in a humanitarian crisis, with electrical grid failure, hospitals canceling surgeries, and schools and businesses closing. In the last several years nearly 3 million people have left the island. The government is in survival mode with its once well-respected military and spy services riddled with corruption and hollowed out. These trends began before the US kicked away the lifelines that kept the economy barely hobbling along. Cuba’s allies, Russia and China, have provided minimal economic support while maintaining their presence in Cuba’s national security institutions. Without much else to lose, some Cubans are lashing out at their leadership. Some are lashing out at the US. Most are trying to make it through each day.

Understanding the US-Cuba Dynamic

As an intelligence analyst for the US government, I worked with academia to develop insights into nation states that would help us analyze leadership reactions to specific events. Florida International University (FIU) spearheaded a series for us on Strategic Culture in Latin America. We defined strategic culture as the combination of internal and external influences and experiences—geographic, historical, cultural, economic, political and military—that shape and influence the way a country understands its relationship to the rest of the world, and how a state will behave in the international community. In FIU’s 2009 report, the experts they gathered explained:

·Cuban strategic culture is offensive, nationalist, and wary of US intentions;

·Regime change will have to be a Cuban affair;

·The elite in Cuba came to power on a wave of anti-US vitriol and lived firsthand through US efforts to undermine their government;

·If the US wants to change the relationship with Cuba, it must reduce the sense of threat ingrained in the elite’s strategic culture.

These insights should help our government develop strategies that will meet US goals.

Next Steps

If the US administration stays true to form, it will not force a new democratically disposed government in Cuba. This is currently an unrealistic goal. This US administration, following its pattern in Venezuela and Iran, will insist on a government that will work with it. Ever the optimist, I believe that this transactional approach to diplomacy might be the beginning of the change that has eluded the island for nearly seventy years; if the US approaches Cuban leaders in the appropriate way.

Given the entrenched elites and what we know about the nation’s strategic culture, the US will have to take a long-term approach to force the changes it is looking for. Appealing to the elites’ economic needs while foregoing coercive or inflammatory language will have the best reaction and should have a trickle-down effect on the rest of the Cuban population. Focusing on pushing the Russian and Chinese national security institutions from the island is an area that might have some success. It is specific, understandable, and the Cuban leadership cannot realistically expect either country to offer much more than rhetoric and a little aid to counter the US.

What is to be Gained?

There is little for the US to gain economically from forcing Cuba to work responsibly with Washington. Cuba has few natural resources, it is a small market, and it will take vast resources to rebuild the infrastructure and reverse the decades of environmental damage that will give Cubans the opportunity to redevelop the agriculture and tourist sectors.

A clear message on why the US is focused on Cuba is important. Concentrating that message on homeland security sets the tone for our adversaries that says that we will not tolerate their spying on our borders. It tells the Cuban government leadership that we are focused on how they are affecting us and not on removing them from power. This goal of a Cuba, free of Russian and PRC listening posts is a stretch, but it is realistic and would be significant.

There are two clear victories in creating closer ties between the US and Cuba. One is humanitarian. With increased interaction between the US and Cuban governments, there will be more freedom when it comes to information but I am not yet convinced that in the short term, a new regime will treat its people any better. Such a sea change will take new leaders that have exposure to the west and that will take time if not a generation to happen.

The second victory and one that I believe is more achievable would be in the national security sphere. Winning the strategic competition vis a vis Russia and China and securing US borders would be an important milestone. To move forward with the relationship, the US must insist that Havana offer the U.S. guarantees that it will reverse its security relationship with U.S. competitors like Russia and China. By demanding that Cuba strip itself of Russian and Chinese intelligence presence on the island, the US helps secure our own supply chains and the important national security infrastructure that resides close to Cuba in Florida with the multiple combatant commands and military bases. This would be a sea change from the 70 years of sharing our southern waters with adversaries.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Corporate Cybersecurity Is the New Frontline of National Security

OPINION -- For decades, national security was defined by geography: borders, terrain, and physical infrastructure shaped how nations defended themselves and projected power. The private sector, while important, was largely adjacent to this domain. Companies built products and generated wealth, but they were not themselves considered strategic terrain.

That distinction no longer holds. Governments do not own the terrain on which this conflict is being fought. Today, the frontlines of national security run directly through corporate networks.

The Collapse of the Public–Private Divide

Modern conflict is no longer confined to military domains. It unfolds continuously across digital infrastructure, in cloud environments, software supply chains, and data platforms, most of which are owned and operated by private companies.

Adversaries have adapted accordingly. Rather than confronting states directly, a new strategy has emerged: target the systems that states depend on. This includes logistics platforms, financial networks, cloud providers, and energy grids. The result is a fundamental shift: corporations are no longer adjacent to conflict; they are participants in it.

This shift is already here. Ransomware campaigns now disrupt healthcare systems at scale, producing effects once associated with geopolitical bombing campaigns without crossing a border. Nation-state actors maintain persistent access inside critical infrastructure not to destroy, but to position. In each case, the battlefield is corporate, the targeting is consequential, and the effects are systemic.

Synthetic Asymmetry and the Corporate Target

Understanding why corporations have become the primary terrain in this conflict requires a framework that explains the underlying logic. Synthetic Asymmetry, a concept I introduced in The Cipher Brief in 2025, describes the ability of actors to generate disproportionate impact through the convergence of inexpensive, networked, and rapidly iterating technologies.

Asymmetry was once a condition. Synthetic Asymmetry is a strategy.

The key insight is that the cost-to-impact ratio of offensive operations has inverted. Traditional military power required mass and industrial capacity; Synthetic Asymmetry requires only access. A modestly resourced exploit developed by a small team, or even an AI, can now paralyze a $50 billion logistics firm, effectively neutralizing a nation's supply chain without a shot being fired.

Corporate environments are, by design, optimized for exactly the kind of interconnection that Synthetic Asymmetry exploits. A single vulnerability in widely used enterprise software can cascade across borders. A compromised cloud environment can simultaneously expose entire sectors. These are state-level operations, executed through corporate infrastructure, against national interests.

The Incentive Misalignment Problem

Despite this reality, most corporations remain structured as if cybersecurity were a cost center rather than a national security function. Boards prioritize efficiency and shareholder returns. Security investments are justified via risk reduction or compliance, not systemic resilience.

National security logic demands redundancy and layered defense. Corporate logic treats both as inefficiencies. This tension is structural — the predictable result of asking private actors to bear geopolitical costs that the current incentive environment does not reward.

The Expansion of Corporate Sovereignty

As corporate systems become more critical to national outcomes, a subset of companies is increasingly exercising forms of de facto authority once associated with states. We have seen this play out in real-time in the Ukraine theater:

Starlink became a literal lifeline for Ukrainian command and control, yet its availability was subject to the shifting calculus and jurisdictional constraints of a private entity.

Microsoft acted as a first responder and a digital intelligence agency, moving Ukrainian government data to the cloud and neutralizing Russian "wiper" malware before many state actors had even characterized the threat.

These decisions carry consequences normally associated with states, made by organizations that often lack formal mandates or the full intelligence context required for such high-stakes choices. The gap this creates cuts both ways: reactive and inconsistent decision-making on one side; a form of national-scale capacity that no government can replicate unilaterally on the other.

Strategic decision-making authority is now being exercised by entities that were never designed to hold it.

Toward a New Security Model

If corporate cybersecurity is now a frontline, our models must evolve:

Treat Corporate Networks as Critical Terrain. Deepen integration between governments and the private sector beyond simple information-sharing. Coordinated response models must reflect the reality that consequential national infrastructure is privately owned and operated.

Reward Resilience Instead of Penalizing It. Market structures currently punish resilience as inefficiency. Sector-specific liability frameworks should balance accountability for under-investment with "safe harbors" for those who meet a defined floor of systemic resilience.

Build Executive Strategic Literacy. Corporations need access to relevant threat intelligence at the appropriate classification level, and leadership that understands where business risk and geopolitical stability intersect.

The Stakes

The character of conflict has changed. It is continuous, distributed, and fought through the systems that underpin modern life. Policymakers and executives who still view cybersecurity as an IT risk are operating with a map that no longer matches the terrain.

In the era of Synthetic Asymmetry, strategic advantage belongs to those who understand the environment in which they are actually operating. The network is now part of the national security perimeter. The question is whether we are prepared to defend it accordingly.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Russia’s Victory Day Parade Signals Anything But Victory

Снявший голову, по волосам не плачут

(When your head is cut off, you don’t cry about your hair)

- Old Russian Proverb

OPINION – Russia is readying for Victory Day celebrations at a time when Moscow is anything but victorious as its unprovoked war on Ukraine enters its fifth year of destruction and devastation. And for the first time, the impact of that war will be on full display in Moscow.

Russian President Vladimir Putin is hoping to remind Russians of the achievements of the Soviet Union in their defeat of Nazi Germany. He also wants them to believe that it is he, Putin, who has returned Russia as a military power to its proper place in the pantheon of world states. But this year’s Victory Day celebration and its centerpiece parade through Red Square will be something quite different ranging from who will be there, to what will be on display.

In part out of concern over potential Ukrainian drone strikes, there will be very few foreign leaders or dignitaries in attendance. There will even be reduced representation of the leadership of the Russian Federation present on Lenin’s tomb - the traditional place of honor. In the parade itself, there will be no Russian military hardware (armored vehicles and missiles) driven through the square.

The diminishment of the parade is a big deal, having witnessed five of them myself, I have seen what the victory celebration means to many Russians. The reduction in the size of the parade is clearly out of concern for a possible Ukrainian attack, but a more honest celebration this year would be for the current leadership of Russia to acknowledge the responsibility of the Soviet Union for the Second World War starting in the first place - with the division of Eastern Europe between Nazi Germany and the Soviet Union as defined in the Molotov-Ribbentrop Pact of August 1939, which became known as the German-Soviet non-aggression pact. It was signed immediately preceding Hitler’s invasion of Poland on September 1 of that same year.

Today, President Putin is reportedly showing excessive concern about his own security both from the threat of Ukrainian drone attacks (anti-drone patrol boats are reportedly visible on the Moscow River near the Kremlin) and the threat of possible attack by Ukrainian or Russian assassins in Moscow.

Putin is reportedly doing most of his work from a bunker complex in Russia’s Krasnodar region and avoiding his usual residences in the Moscow region and Valdai. He is also instituting extraordinary security protocols for visitors reminiscent of those he instituted during the COVID era. He has dramatically reduced public appearances in the past few months. And perhaps also representative of Putin’s growing paranoia, in March, Russian security forces arrested Russian Tsalikov, former Minister of Defense Shoigu’s long time Deputy on corruption charges. But sources in Russia suggest the real reason for the arrest was concern that he was involved in plotting a coup. This, as there is increasing evidence of criticism of Putin’s regime on social media and in military blogger communities, perhaps contributing to the regime’s efforts to limit communications on Telegram and the shutting down of the internet in Moscow, St. Petersburg, and other cities.

Perhaps playing most significant in Putin’s concerns over his own security and regime stability is the efficacy with which Ukraine is attacking energy infrastructure in the Russian Federation and the effect those attacks are having on the Russian economy.

In 2025 alone, Ukraine carried out more than 140 strikes on refineries, ports and logistics hubs in Russia with some targets located deep inside Russian territory. This year, Ukraine has conducted over 40 deep strikes, and the pace of those strikes is increasing, as evidenced by the success of Ukrainian attacks on Russian bases, naval targets in the Black Sea and attacks against ships that are part of Russia’s “Shadow Fleet” operating in the Mediterranean and elsewhere. Those attacks are meaningful but not as economically impactful as the ones targeting Russia’s energy infrastructure.

Throughout the second half of April, Ukraine made the Black Sea resort of Tuapse its primary target. Tuapse is a sprawling oil city - home to a Rosneft oil refinery, one of Russia’s oldest, which operates alongside an export terminal that ships petroleum products overseas. From April 16 to May 1, Ukraine hit the town four times, damaging both the terminal and the refinery. The drone strikes led to a genuine ecological catastrophe.

Video images of the fires at the refinery were shocking. Plumes of smoke were reportedly visible from orbit and toxic black rain fell across the city with burning petroleum pouring down at least one of the city’s streets. Air quality tests reportedly showed high levels of carcinogenic benzene and xylene in the air as well as toxic soot. And despite Putin’s best efforts to control state news media and shut down the internet, he still cannot conceal the effect of attacks such as those on Tuapse as well as the ports of Ust-Luga and Primorsk - from the Russian people.

Ukrainian attacks are economically consequential. According to various sources, there have been over $13 billion in losses to Russia’s oil sector and up to 40% of Russia’s refining capacity has been disrupted or is now operating under reduced conditions. The attacks on Russian ports have resulted in periods of exports dropping by 50% during peak periods. The Ukrainian attacks have reduced Russia’s revenue gain from the ill-timed, if temporary, U.S. lifting of sanctions on Russian energy. For a country that relies significantly on revenues from hydrocarbon sales, this is a serious blow.

There are domestic consequences as well, Russia has been forced to reintroduce a ban on gasoline exports (April–July 2026), while domestic fuel prices have already increased by 6–8%. Most of Russia’s refining capacity was modernized by western energy companies in the post-Soviet period. Those technologies are no longer available to Russia due to sanctions. Putin’s energy challenges are only going to get worse and financing the invasion of Ukraine is only going to get more difficult.

Compounding the problem set for the Russian leader in Krasnodar, former U.S. envoy to Ukraine Keith Kellogg has recently remarked that Russia is losing the war due to “astronomical” casualties, estimating 1.2-1.4 million Russian troops killed or wounded. These are World War Two level losses and compare unfavorably to the 18,000 lost by the Soviet Union in Afghanistan. Moreover, Russia is unable to replace lost troops at the pace they are being killed or wounded without a general mobilization. The troops which are being sent to Ukraine as replacements are even more poorly trained, prepared, and equipped than their predecessors - which may in part explain why Russian casualties are mounting and Russia is still unable to acquire meaningful tracts of Ukrainian territory.

One other risk to consider if Putin is feeling isolated and paranoid is the security services and leadership of the Baltic States that are increasingly expressing concerns of a Russian provocation against their countries under the pretext - especially in the case of Estonia - protecting against repression of the ethnic Russian population.

One will recall that this was part of the rationale for Russia’s occupation of Crimea and support for the insurrections in Donetsk and Luhansk as well as the invasion of Ukraine in February 2022. Similar concerns have appeared in threat assessments by the security services of new NATO members Sweden and Finland. The fear in those countries is that Putin will attack, forcing NATO countries to act in accordance with Article V of the NATO Charter. And Putin is betting that the Trump Administration will refuse to comply, thus ending NATO as it is currently structured. Congress may not let Trump renege on America’s commitment in such a scenario.

Judging from some of the comments coming from Ukrainian and other officials at the recently-concluded Kyiv Security Forum, there is a perceptible sense of optimism in Kyiv and elsewhere that Ukraine may win this war after all - despite the reduction or cessation of support under the Trump Administration. President Trump is famous for his disdain of being associated with “losers.” It would make sense then for him to reconsider his association with Putin and his stance on supporting Ukraine.

Next year at this time, there may be a Victory Day parade on the Maidan Square in Kyiv and neither Trump nor Vice President JD Vance will be invited. Talk about ending up on the wrong side of history.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Last Undefended Perimeter

Russia has industrialized cognitive warfare, producing synthetic media at scale through a modular system that targets soldiers, civilians, and Western publics with distinct engineered effects. A Chinese frontier AI capable of executing the same doctrine is now freely available worldwide, unrestricted and priced within reach of any actor. The U.S. federal institutions built to track and counter these operations are in transition, with no successor architecture yet in place. A proven adversary doctrine, democratized capability, and an unresolved gap in domestic defenses have arrived together. And a major election cycle is coming this year.

The first thing to understand about Russia's cognitive warfare system, documented by researchers at Sensity AI in April 2026, is that it isn't a campaign. Campaigns have beginnings and ends, specific targets, and identifiable decision-makers who can choose to stop. What the research showed was a production system: more than a thousand AI-generated synthetic videos, organized into three distinct assembly lines, each engineered to produce predictable cognitive effects in a specific target population. Ukrainian soldiers at the front received content calibrated around despair, leadership failure, and the futility of continued resistance. Civilians received content designed to induce sustained emotional fatigue, erode institutional trust, and make Russian terms seem, if not acceptable, at least inevitable. Western audiences received a separate product line focused on questioning the value of continued alliance support and amplifying doubts about evidence of Russian conduct.

The strategic objective of this architecture, as the research demonstrates, is not persuasion. Persuasion requires convincing people of a specific proposition. The goal here is something more structurally corrosive: information chaos. When synthetic content reaches critical mass in an information environment, authentic evidence becomes contestable. Documented war crimes can be dismissed as fabrications. Verified reporting becomes just another narrative competing for attention. The epistemic cost of reasoning accurately under those conditions falls entirely on the target population, not the attacker. The adversary pays almost nothing to create that environment. The people living in it pay continuously.

Russian military doctrine describes this approach as cognitive warfare but more recently researchers have given the operational method a new name: the Narrative Kill Chain. Iran, separately, deployed more than 110 synthetic videos targeting the same Western audience during the spring 2026 escalation cycle. A doctrine developed in one theater is spreading. The operating manual is published, and we should expect other actors to study it.

The three-audience segmentation is not scattershot propaganda. It is deliberate targeting, calibrated to different decision nodes: soldier morale, civilian will to resist, Western political will to sustain support. Content is seeded on TikTok and Telegram, where it builds initial engagement, and then amplified algorithmically across X, Facebook, and YouTube. The platforms' own mechanisms do part of the adversary's work at no cost to the adversary.

The deeper danger is what researchers have called the liar's dividend. Once a critical mass of synthetic media circulates in an information environment, even authentic evidence becomes contestable. Adversaries do not need to win arguments. They need to make the process of resolving truth from falsehood expensive enough that most people eventually stop trying. That objective, per Sensity's analysis, is largely being achieved.

The question worth asking is what it takes, both technically and financially, to execute this doctrine at scale. Until recently, the answer pointed toward state-level actors and resources. That has recently changed.

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

On April 24, 2026, DeepSeek released V4-Pro and V4-Flash as open weights under an MIT license, meaning anyone can download the full model, run it independently, and use it for any purpose without restrictions. V4-Pro is powerful, nearly matching U.S. frontier models, but at a fraction of the cost and offered as open-source. It’s available on a hard drive, permanently, to anyone who downloads it. Independent assessment by the Tennessee AI Advisory Council found that prior DeepSeek models were susceptible to jailbreaking at substantially higher percentages that comparable U.S. models. There is no meaningful indication that V4 represents a departure from that pattern.

The combination is the point. The doctrine is documented and replicable. The tool is nearly free and unrestricted. Any actor with a grievance, a distribution channel, and an internet connection can now pair the Narrative Kill Chain model with frontier-class AI capability. And the empirical research on what that combination can accomplish is increasingly precise: controlled experiments published in Nature and Science found that conversational AI can shift political attitudes by about 10 points in some settings, and in one U.S. test the effect was roughly four times larger than traditional campaign ads. This is not a projected threat. It is a measured effect.

Much of my career was spent studying adversarial capabilities, plans, and intentions. What that experience teaches, more than any specific technique, is to look at convergences. Capability without doctrine is potential. Capability plus doctrine, freely available, with limited counterparts on the defensive side, is a structural condition. That is where we are at the moment.

The United States previously built institutional architecture to address similar threats, but those functions, that resided across multiple government agencies and departments, are now in transition. They have been restructured, downsized, closed, or dissolved, and a successor architecture is not yet in place.

This is not a simple story, and it should not be seen as one. There are legitimate constitutional questions about how the federal government conducts work in this space. The line between detecting foreign synthetic operations and influencing domestic information environments requires rigorous institutional discipline to protect. Those concerns deserve serious consideration and careful legislative design. What the current moment asks is that those necessary governance debates happen faster. The threat is not waiting for the architecture to be resolved.

What any successor structure needs to accomplish is not difficult to specify, even if it is complex to execute. It needs to set standards for the detection and attribution of foreign synthetic content at scale, identifying what is manufactured, amplified, and deliberately targeted at American society. That is an intelligence and technical function, not a content moderation or speech function. The distinction is essential, and it is the one that any new design must protect. These new institutions, when and if created, should never be in the business of adjudicating truth. Their mission should be to ensure that platforms identify content that is synthetically generated, amplified, and aimed at the public. That simply provides the audience with objective data upon which to evaluate what they are reading or viewing, and it can be performed without crossing into censorship. That mission needs a home.

Thankfully, the private sector is not waiting. Companies with deep forensic capability in synthetic media detection are developing attribution tools that operate at scale. The technical capacity to identify AI-generated content, trace distribution networks, and flag coordinated inauthentic behavior is advancing rapidly in the commercial sector. A successor architecture built as a genuine public-private partnership, pairing government authority and classified context with private sector technical capability, may be better suited to the current environment than a purely governmental structure. What government brings that industry cannot replicate is access to intelligence collection on adversarial plans, allied coordination, and the authority to act on attribution findings, when they veer into criminal conduct. What industry brings is speed, scale, and detection capability that is already operating. The two are complementary. What is missing is the design and the mandate to connect them.

Three developments have arrived simultaneously. The doctrine for industrial scale cognitive warfare has been documented, refined, and is spreading across adversary ecosystems. The tools to execute that doctrine have been democratized to the point where frontier-class AI capability is nearly free, unrestricted, and available worldwide. And the federal institutional architecture charged with tracking and countering foreign cognitive operations against the United States is in transition, without a successor in place.

The effects of this convergence are not limited to elections, though elections are the most visible surface. What is at stake is the shared epistemic ground on which any form of collective decision-making depends. When authentic evidence becomes routinely contestable, when any documented fact can be attributed to a fabrication machine that everyone knows exists, the cost of reasoning accurately rises for every person in the information environment. That cost does not fall on governments or institutions. It falls on individuals; in every judgment they make about what to believe and whom to trust.

The perimeter has always existed. What changes is the technology of assault and the capacity of defense.

The country has organized around threats of this scale before. New structures are needed, designed for the technological moment we are now in, with clear mandates focused on detection and attribution of foreign synthetic operations and civil liberties protections built in from the start. Not structures that tell Americans what to believe. Structures that identify what is being manufactured and aimed at them.

That is achievable. And today, it is necessary.

Views expressed here are the author’s alone and do not represent the positions or policies of the U.S. Government or the Central Intelligence Agency.

Inside the Pentagon’s High-Stakes Nuclear Overhaul

“The unfortunate truth is that it's fallen to the lot of all of us to modernize the entire [U.S.] nuclear triad at once. Probably, in retrospect, we should have been doing pieces of it over the last 30 or plus years. Plus…we're having to modernize the nuclear weapon production [warheads, bombs] as well as the triad platforms [bombers, submarines, missiles]. I refer to it as the pig in the budgetary python. It's a lump that's moving through that we're just going to have to swallow in order to maintain the basic bedrock of our national security strategy, which is [nuclear] deterrence.”

That was Sen. Angus King (I-Maine), speaking on the afternoon of April 20, during a Senate Armed Services Strategic Forces Subcommittee session taking testimony from seven officials on the Fiscal 2027 Authorization for the Department of Energy (DoE) Atomic Defense Activities and the Department of Defense (DoD) Nuclear Weapons Programs.

Only Subcommittee Chairman Sen. Deb Fischer (R-Neb.) and ranking-member King attended the roughly 90-minute session. However, in that time the witnesses described what Sen. King described as DoE’s nuclear weapons building complex, the National Nuclear Security Agency (NNSA), being the busiest since its creation in 1980, and meeting DoD nuclear weapon requirements “while at the same time modernizing Manhattan [Project] era [1940s] production facilities.”

Meanwhile, King said, DoD “is conducting a once-in-a-generation modernization of our triad...ensuring the existing triad of ICBMs, submarines, and bombers can remain safe, secure, and effective as the bedrock of our national defense deterrence policy with two near peer adversaries, Russia and China.”

This subcommittee hearing, I thought, provided the best update on the complexities of this ongoing redo of U.S. nuclear forces and, since it had little-to-no public coverage, it’s worthwhile to present some highlights.

For example, Air Force Gen. Dale R. White, Director of the Critical Major Weapon Systems program, updated for the Senators what’s going on with the Air Force’s Sentinel ICBM program.

Sentinel was designed to replace the aging, 400 deployed Minuteman III ICBMs, but the Sentinel program was halted in 2024 for review after costs rose from an initial $78 billion to over $141 billion, moving initial operating capability (IOC) by at least two years beyond the original 2029 target.

White told the Senators, DoD now annually allocates over $2 billion to operate and sustain Minuteman III with 10 active investment programs that ensure the system meets or exceeds all warfighter requirements. These funds will modernize essential, Minuteman III-specific equipment required for vital aging, surveillance, and nuclear hardness testing.

Meanwhile, in the restructuring of the Sentinel ICBM program, White said the first complete three-stage ground test missile had been assembled last fall, “paving the way for the program's first flight, a missile pad launch scheduled for 2027, which will mark a pivotal moment in our flight test campaign.”

This past February, the program also broke ground on a prototype Sentinel launch silo in Promontory, Utah. He called this, “a key step in tackling one of the program’s most significant engineering challenges.”

White said Sentinel is on a path to its Milestone B decision by the end of this year, which would authorize it to enter engineering and manufacturing development with an initial operational capability scheduled for the early 2030s.

A February Government Accountability Agency (GAO) report said, “As a result of delays to Sentinel, the Air Force may need to operate Minuteman III through 2050, 14 years longer than planned,” adding, “Prolonged operation of the aging system presents sustainment risks. Addressing these risks in a transition risk management plan would help ensure the system meets requirements during the transition.”

To meet the risk, White told the Senators that to manage “the intricate transition from Minuteman III to the deployment of Sentinel,” Air Force Global Strike Command has established Sentinel Site Activation Task Force detachments at each missile wing, test site, and acquisition location.

White is also responsible for the new B-21 Raider strategic bomber, which is in its flight test campaign with the physical production already begun. White said, “The first aircraft remains on track for delivery to Ellsworth Air Force Base in 2027, with a planned fleet of at least 100 aircraft, and a recent agreement with Northrop Grumman to increase annual production capacity by 25 percent.”

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Another subcommittee witness, Air Force Gen. Stephen L. Davis, Commander of Global Strike Command who said he “provides our Nation's combat-ready forces for nuclear and conventional long-range strike.”

The U.S. bomber force of B-1s, B-2s, and B-52s, Davis said, “remain in high demand across multiple theaters.” He said they have played roles in military operations, including Rough Rider, a 2025 operation in Yemen; Midnight Hammer in Iran; Absolute Resolve in Venezuela; and today in Epic Fury in Iran.

In Epic Fury, Davis said, “Global Strike Command conducted over 150 bomber sorties, 48 of which were round-trip from the United States. These missions were a minimum of 18 hours in duration, with those from the U.S. taking as long as 40 hours.”

Davis is also responsible for the Air Force Survivable Airborne Operations Center (SAOC), the so-called “Doomsday” fleet of aircraft that would serve as a command post in the event of a nuclear attack on the homeland.

Davis told the Senators that the $13 billion program will be fully funded in the fiscal 2027 budget and that four aircraft [Boeing 747-8s] are in Dayton, Ohio [where Sierra Nevada Corporation is]… converting [them] into the new platforms.”

Davis added, “We're expecting the first aircraft to show up at Omaha [Nebraska, Offutt Air Force Base] which has been identified as the main operating base in the early 2030s.”

The SAOC aircraft are an important part of the DoD recapitalization of the aging Nuclear Command, Control, and Communications (NC3) system, estimated to cost some $154 billion from 2025–to-2034. This modernization will replace 1980s-era technology with digital systems and integrate with new triad platforms.

The Senators also heard the status of the Navy’s new Columbia-class ballistic missile nuclear submarines (SSBNs), 12 of which are to replace the 14 Ohio-class SSBNs now providing on patrol providing the most secure strategic nuclear deterrence.

Adm. William J. Houston, Director, Naval Nuclear Propulsion Program reported the Columbia nuclear reactor propulsion plant would finalize development in fiscal 2027, adding, “The life of the ship core, now entering serial production, is directly supporting the Navy's number one acquisition priority and a key strategic asset.”

Vice Adm. Johnny R. Wolfe, Jr., Navy Director for Strategic Systems Programs, confirmed the first Columbia sub was “definitely on track” to make the initial, planned 2039 deployment. Wolfe said the biggest risk on the government side “is understanding all the testing that we're going to need to do both from the [test] pad and from the platform [the submarine] before we start deploying in 2039.”

Another witness before the subcommittee was NNSA’s David E. Beck, Deputy Administrator for Defense Programs, who described seven nuclear warhead modernizations and several complex construction programs that were underway.

Two just completed, Beck said, were for the W88 Alt 870 warhead upgrade for the Navy’s Trident II D5 sub-launched ballistic missile and the B61-12 Air Force tactical nuclear bomb. Still underway are upgrades for the B61-13 tactical bomb; the B80-4 warhead for the Long-Range Standoff cruise missile; the W80-5 warhead for the new Navy sub-launched cruise missile; the W87-1 warhead for the Minuteman III and Sentinel ICBMs; the W93, future warhead for the Navy D5.

Beck also said there were two phase one projects, which mean early designs, for future possible nuclear weapons which he did not describe.

Beck did describe forward movement in pit production, the plutonium-based triggers for thermonuclear weapons.

“Our requirement by law is to make 80 pits a year by 2030,” Beck said, “and we have set a goal to make 100 collectively through December of 2028, which means that in order to get there from here, we will have to make between 30 and 50 pits per year. We're moving closer to the objective.”

At the end of the session, Sen. King said, “I just I think it's important to sort of look on this as a bigger picture in terms of appropriations and expenses. This is not something that will continue forever. We'll get through these new [nuclear weapon] programs. It is unfortunate from a budgetary perspective, we're having to do it all at once, but it's nonetheless so critical to national security.”

I expect Congress will pass the fiscal 2027 budget funding these nuclear weapon-related programs the Trump administration is seeking.

From Socialist Surge to Regional Realignment- Latin America’s Pink Tide Is Receding

Latin America’s Pink Tide Recedes as Economic Reality Fractures Socialist Alliance

Latin America’s leftist front is hitting a wall. The momentum that carried leaders like Gabriel Boric and Gustavo Petro to power has stalled, replaced by the harsh realities of inflation and cartel violence. This isn’t just a temporary dip in the polls — it’s a fundamental breakdown of the old order, and it’s reshaping the strategic landscape of the entire hemisphere.

The transformation is most visible in the aftermath of Nicolás Maduro’s arrest in Venezuela, which has sent shockwaves through remaining leftist governments and emboldened opposition movements across the continent. Intelligence analysts are now betting that the so-called pink tide won’t gradually recede but will collapse entirely under the weight of its own contradictions by year’s end.

The shift is both externally driven by the Trump administration’s openly interventionist approach and internally, as socialist policies fail to deliver economic results that maintain electoral support.

Former Revolutionaries Reject the Model

Perhaps nowhere is the ideological fracture more striking than in Colombia.

Enrique Serrano, a Colombian political analyst with over 40 years of studying U.S.-Latin American relations, tells The Cipher Brief that the left’s failure stems from a fundamental misreading of its own base.

“Those left-wing politicians in Latin America didn’t expect a rise within the middle part of our society,” he explains. “The middle class — they are drifting towards the right because they need more money. It’s more important for them that there’s no governmental regulation on income, for example, on economic opportunities.”

The shift is measurable across the region. In Colombia, Serrano notes that approximately 60 percent of the population now identifies as middle class. Yet, Petro’s policies have targeted people experiencing poverty and the working class, who “normally don’t go vote.”

In Argentina, middle-class frustration with inflation exceeding 200 percent annually drove voters to embrace libertarian Javier Milei’s radical free-market platform. Chile’s 2023 rejection of a progressive constitution — despite electing leftist Gabriel Boric in 2021 — reflected similar middle-class concerns about economic stability over ideological purity. Even in Brazil, Lula’s narrow 2022 victory margin has eroded as middle-class voters increasingly question his economic management and tolerance of regional autocrats.

The shift represents a stunning reversal for a region that seemed firmly in socialism’s grip just three years ago.

“I have never noticed such a strong and such a direct impact from the US on Latin America like it is happening today,” Serrano says. “I see that also in the context of Marco Rubio. There is a strong change compared to the last 40 years right now.”

President Gustavo Petro’s administration is hemorrhaging support not just from centrists but from within the left itself. His approval rating has plummeted to 35.7 percent with a 53.7 percent disapproval rating according to January 2026 polling, down from 48 percent approval when he took office in August 2022. Even within his own Pacto Histórico coalition, internal divisions have emerged as 72 percent of Colombians now believe the country is heading in the wrong direction.

Despite winning the presidency in 2022 as Colombia’s first leftist leader, Petro now commands only his core 30 percent base — approximately six to seven million voters out of 24 to 25 million — as the country approaches crucial May elections.

“The left failed because they’re offering politics towards really the poor, or the workers on the street,” Serrano says. “But those people normally don’t go vote. The ones who put in the most votes are the middle class, and the left is not reaching out towards the middle class.”

The electoral math bears this out. In Colombia’s 2022 presidential election, Petro won with just 50.4 percent in the runoff, the narrowest margin in recent history, despite mobilizing his base. Colombia’s economy grew just 1.6 percent in 2025, well below regional averages, while its healthcare reforms triggered a system collapse, and its security policies failed to stem rising crime rates.

Similar patterns are visible across the region. In Chile, despite electing leftist Gabriel Boric in 2021, voters decisively rejected his proposed progressive constitution in 2023 by nearly 62 percent, with middle-class neighborhoods leading the opposition. Despite his narrow victory in Brazil’s 2022 election by less than two percentage points, Lula’s approval rating has fluctuated significantly.

After hitting a historic low of 24 percent in February 2025—the lowest across all his administrations — his numbers have since rebounded to 48 percent by January 2026. However, 45 percent of Brazilians say they would never vote for him. His recovery came largely through confrontations with Trump rather than domestic policy successes. At the same time, critics cite his tolerance for regional autocrats like Maduro and economic challenges, including food inflation, that particularly hurt his traditional support base among the poor.

A senior U.S. intelligence official, speaking to The Cipher Brief on background, confirmed that internal assessments show socialist governments across the region facing simultaneous crises of legitimacy, economics, and security.

Colombia’s Dual Crises

President Petro’s tenure has been marked by contradictions that illuminate broader challenges facing Latin American socialism. While maintaining popularity among his leftist base, his administration has struggled with governance basics while simultaneously drawing scrutiny for connections between leftist politics and transnational criminal networks — a pattern that has implications far beyond Colombia’s borders for U.S. counternarcotics and security efforts.

Petro’s governance has been plagued by scandals that blur the line between politics and criminality. The Trump administration sanctioned Petro in October 2025, accusing him of allowing drug cartels to “flourish” while cocaine production in Colombia reached its highest levels in decades. Though Petro denies direct cartel ties and the New York Times found no evidence of personal criminal connections, his son was arrested in a money laundering scandal involving campaign financing. At the same time, two former cabinet ministers were jailed in December 2025 for orchestrating a vote-buying scheme that diverted public contracts in exchange for legislative support.

It goes beyond Colombia.

The Maduro regime became a haven for Iranian operatives and Hezbollah networks before his arrest, while the Ortega regime in Nicaragua has been accused of providing sanctuary to anti-American forces. This visible fusion of leftist governance with criminal organizations represents a marked shift from previous decades, when corruption, while present, remained more discreet, complicating U.S. counternarcotics efforts and security cooperation throughout the hemisphere.

Petro’s relationship with Washington has been equally contradictory. After months of public confrontations with the Trump administration over deportation flights and trade threats, Petro abruptly shifted course following a phone call with President Trump earlier this year.

On January 26, 2025, Petro blocked two U.S. military aircraft carrying 160 Colombian deportees from landing, declaring he would “never allow Colombians to be brought back in handcuffs.” Within hours, Trump threatened 25 percent tariffs on all Colombian imports, rising to 50 percent within a week, plus visa sanctions on government officials and enhanced customs inspections.

Petro initially responded defiantly, announcing retaliatory tariffs and posting on social media that “your blockade doesn’t scare me.” Yet by that evening, after the White House threat to Colombia’s $28.7 billion in annual exports to the U.S., Petro capitulated completely, agreeing to “all of President Trump’s terms, including the unrestricted acceptance of all illegal aliens from Colombia returned from the United States, including on U.S. military aircraft, without limitation or delay.”

Following the cordial phone call in January, Trump invited Petro to Washington for a February meeting that “dramatically reversed their war of words.” The sudden rapprochement caught observers off guard. The about-face revealed the extent to which even vocal anti-American leftist leaders now recognize their vulnerability to U.S. economic pressure.

Electoral Reckoning Approaches

Colombia’s May elections are shaping up as a referendum on the country’s leftward turn. Iván Cepeda, Petro’s preferred successor, enters the race with heavy ideological baggage. Following years of economic and social volatility, the electorate has become increasingly wary of socialist rhetoric. The 63-year-old senator is the son of a murdered communist party leader, studied philosophy in Bulgaria during the communist era, and has been active in various leftist movements, including the Communist Party and groups linked to former FARC guerrillas.

Cepeda faces political outsider Abelardo de la Espriella, a self-made criminal defense lawyer and businessman. The 47-year-old from Montería built a lucrative law practice defending celebrities and high-profile clients, including the recently arrested Alex Saab, before launching his presidential bid. Recent polling shows de la Espriella leading with 28 percent support versus Cepeda’s 26.5 percent, with the gap widening to 9.3 percentage points in a hypothetical runoff.

“Politics needs fewer politicians and more businessmen,” de la Espriella told Reuters, promising 6-7 percent annual economic growth through infrastructure investment and deregulation — a stark contrast to Colombia’s anemic 1.6 percent growth under Petro’s socialist policies.

The Colombian race also reflects broader regional trends. According to some experts, the pink tide’s momentum has reversed so dramatically that remaining leftist leaders now find themselves isolated.

“Gustavo Petro is facing a situation where he’s standing almost alone right now because the rest of the region turned to the right already, like Chile, like Argentina,” Serrano says. “So he’s only having two strong allies still in the region, which would be Lula and Claudia Sheinbaum in Mexico.”

Even those alliances are crumbling.

“Petro only has as allies Lula, who is almost about to fall, and Sheinbaum, who is alone,” Serrano continues.

The rightward shift in recent years has brought leaders like El Salvador’s Nayib Bukele, Argentina’s Javier Milei, and Ecuador’s Daniel Noboa to power, creating a new conservative bloc that has welcomed closer ties with the Trump administration and rejected the socialist solidarity that characterized the previous decade.

Existential Threats Beyond the Mainland

The potential socialist collapse extends beyond South America. Cuba, long considered impervious to change despite six decades of communist rule, now faces its most serious existential crisis.

Washington’s regional focus has shifted from Cold War ideological containment to pragmatic strategic interests; a calculation that explains the administration’s surgical approach to Venezuela while largely ignoring Havana.

Cuba, which has maintained communist rule since Fidel Castro’s 1959 revolution, now faces its most serious existential crisis in over six decades. The island’s economy has contracted sharply, with GDP shrinking and basic services collapsing. Prolonged blackouts affecting millions have become routine as the electrical grid repeatedly fails, while severe food shortages have driven unprecedented waves of emigration.

“Their situation is worse (than Venezuela) because they don’t have natural resources,” Serrano underscores. “They don’t have electricity. They can’t produce electricity on their own, and they don’t have food either. So it’s very unlikely that the government in Cuba might survive this year.”

The island’s energy infrastructure has repeatedly failed, leaving millions without electricity for days at a time, while food shortages have driven unprecedented emigration.

Nicaragua faces similar pressures under Daniel Ortega’s increasingly isolated regime. Ortega has ruled since 2007, consolidating power through mass arrests of opposition leaders, shuttering of independent media, and the expulsion of international observers. The regime’s systematic repression has driven over 300,000 Nicaraguans into exile while leaving the country economically stagnant and diplomatically isolated.

“Those authoritarian governments like Venezuela, Nicaragua and Cuba — what they in real life try to do is just to gain time,” Serrano told The Cipher Brief. “They will disappear earlier or later. It’s just they try to get as much time as possible.”

The convergence of economic failure, political repression, and technological change has created conditions fundamentally different from those that allowed previous generations of authoritarian leftist governments to survive for decades.

Technology Accelerates Socialist Decline

In addition, the digital revolution has destroyed the old-school socialist playbook. As mobile technology has expanded across Latin America, governments have lost their most powerful tool: the narrative. U.S. analysts are currently monitoring how this decentralized flow of information, from protest coordination on encrypted apps to real-time leaks of government corruption, is creating a level of accountability that previous generations of leftist leaders never had to face.

Beyond Cuba and Nicaragua, other left-wing regimes recently faced Trump administration scrutiny. In Honduras, leftist president Xiomara Castro was defeated in the November 2025 elections by Trump-backed conservative Nasry Asfura, who took office in January 2026. Castro’s tenure had raised concerns in Washington about her government’s ties to China and open support for authoritarian regimes, including Venezuela and Nicaragua.

U.S. Strategic Implications

With the collapse of the pink tide, Washington faces both opportunities and risks. The shift away from socialism aligns with U.S. interests, but it also creates vulnerabilities that adversaries may exploit. The penetration of organized crime, particularly groups with ties to Iran and Hezbollah, remains a persistent concern.

Mauricio Baquero, Venezuelan opposition organizer and María Corina Machado’s representative for Latin America, tells The Cipher Brief that authoritarian governments’ tolerance of malign foreign actors poses direct threats to U.S. security.

“The Nicholas Maduro government allowed Hezbollah and Iran officials to be in Venezuela,” he explains. “So that’s obviously a source of insecurity in the whole region.”

Luis Bustos, spokesperson for Venezuelan opposition party Primero Justicia, tells The Cipher Brief that removing foreign actors remains a critical challenge even after Maduro’s arrest. Regarding whether interim president Delcy Rodríguez continues tolerating Hezbollah’s presence in Venezuela, he explains that “it’s not possible to get them out of the country really quickly.” his reality, he explains, underscores why “it’s not recommendable” to rush elections.

“We need a time of transition where we make sure that all those influences from abroad, among them, Hezbollah, for example, will leave the country,” he says.

Since socialist governments have provided sanctuary to anti-American actors, including Iranian operatives, Russian intelligence services, and Chinese surveillance networks, Washington has made the pink tide’s recession a national security priority, rather than a matter of ideological preference.

According to Serrano and others, the Trump administration’s aggressive approach, particularly in Venezuela, has accelerated changes that might otherwise have taken years.

As several Latin American nations drift rightward, the question is no longer whether the pink tide will recede, but whether any socialist government can survive the decade ahead without dramatic policy reversals that abandon the model’s core premises.

“Not over, but it’s failing,” Serrano adds. “And the region needs to examine why.”

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Human vs. Machine: Operational Realities from Ukraine’s Frontline

A global debate is underway over how much human involvement should be required when artificial intelligence is implemented in military operations. This is typically described on a spectrum: "human-in-the-loop," where a system can select targets and apply force only with human authorization; "human-on-the-loop," where a system selects and applies force without authorization but under human supervision with the ability to override; and "human-out-of-the-loop," where a system selects and applies force without human authorization, supervision, or intervention.

How much human control is necessary remains contested, but the debate is overwhelmingly normative rather than empirical. Ukraine, where these systems are being deployed at scale under active fire, offers a case study for testing those assumptions against battlefield reality.

What emerges is not a clean line between human control and machine autonomy but a continuum shaped by biology, budget, cognition, accountability, and ethics. The harder question — and the one this paper examines — is what happens when human-in-the-loop safeguards are preserved in name but the conditions that make them meaningful have already eroded because the volume of targets exceeds what any operator can review and the tempo of engagement outpaces human reaction time.

Biology

Proponents of autonomous weapons systems consider them a moral imperative. They argue that if technology can remove warfighters from danger, governments have an obligation to use it. Ukraine's leadership has arrived at the same conclusion under considerably more urgent circumstances.

Since 2024, Russia's elite drone unit, Rubicon, has wreaked havoc on Ukrainian forces well behind the frontlines. One brigade reported losing up to seventy percent of its drone operators in a single week. Another lost most of its vehicles, drone launch sites, antennas, and communications equipment. In Kursk, the pressure grew so severe that Ukrainian forces ultimately withdrew.

Compounding the problem is the time it takes to evacuate wounded soldiers. The medical "golden hour" standard has collapsed in Ukraine, where evacuation now takes twenty-four to seventy-two hours. A US veteran fighting in the war lamented that they now face a "golden three days," noting that a friend was hit by shrapnel — which should have been an easy fix — but required a leg amputation due to the long evacuation time.

The situation is also a matter of numbers. Ukrainian Minister of Defense Mykhailo Fedorov disclosed upon taking office that 200,000 troops have gone AWOL and two million men of military age are evading mobilization. Russia holds a significant advantage here. Ukrainian frontline units now operate at fifty to sixty percent of authorized strength, with some as low as thirty percent.

This combination of relentless danger and severe manpower shortages is pushing Ukraine toward autonomous weapons systems across the land, air, and sea.

Fedorov has stated the country "needs to remove UAV operators from the battlefield." The near-term goal is enabling operators to control drones from anywhere in the country. The ultimate objective is full drone autonomy.

Ukraine has also deployed armed ground robots in place of infantry on the battlefield. In late 2025, Ukraine's robot army held frontline positions for forty-five straight days. The systems were controlled remotely from safe locations and reloaded every forty-eight hours. Ukrainian officials called it a first in modern warfare. A commander within the Third Army Corps said, "Robots do not bleed."

By the end of 2025, drones were responsible for more than eighty percent of all enemy targets destroyed in Ukraine, according to officials. "We don't have infantry. We do drones. We kill with drones. We save with drones. We liberate with drones," one commander said.

Ukraine's ambassador to the UK, Valerii Zaluzhnyi, predicts a rapid evolution for these systems. He believes that in the near future, these robots will be used "not just on their own, but as part of large, AI-powered swarms of drones" across all domains.

Budget

Those biological and manpower pressures interact directly with the economics of drone warfare. One-way attack drones can be deployed for as little as $400, and in 2025 Ukraine allocated $2.8 billion to procure millions of them. The sheer volume of cheap drones, paired with AI-driven target identification, compresses the entire kill chain — reducing sensor-to-shooter timelines from days to minutes. The same dynamic is currently playing out in the U.S. and Israeli war with Iran, where both sides are deploying cheap semiautonomous attack drones in the thousands. But this shift is not only about money and hardware; vast numbers of cheap, AI-enabled drones also transform what any human can realistically perceive, decide, and authorize in time.

Cognition

These compressed timelines and target volumes force a rethink of human cognition as the limiting factor in AI-enabled warfare. Ukraine's experience with systems like the Avengers AI platform and the Delta command-and-control environment illustrates how quickly human oversight can be stretched to the breaking point.

The Avengers AI platform, used for offensive targeting and integrated into Ukraine's Delta command and control system, can identify up to 12,000 enemy assets per week through automated analysis of drone and camera feeds. The system does not fire weapons by itself; humans still validate targets, allocate scarce munitions, and manage escalation. Ukrainian officials emphasize that Avengers is meant to filter, not replace, human judgment. But the volume raises a governance question: at what point does human validation become a fiction, as exhausted analysts and commanders "rubber-stamp" AI recommendations they cannot meaningfully re-evaluate? This has already been observed in other conflicts, including Gaza.

By contrast, Ukraine's Octopus interceptor drone is designed to detect and destroy incoming Russian drones mid-air without requiring a human to approve each intercept. Requiring a human to approve every intercept in a saturation drone attack can result in more civilian and military casualties than allowing a supervised-autonomous system to fire within fractions of a second under pre-defined rules of engagement.

This mirrors what the 2023 U.S. Department of Defense Directive 3000.09 refers to as 'operator-supervised autonomous weapon systems,' permitting systems to select and engage targets under human supervision for time-critical defense — especially static defense of installations and defense of platforms against saturation attacks. Full autonomy remains rare: most systems remain operator-in-the-loop or operator-on-the-loop, with autonomy used for terminal guidance, navigation through jamming, or collision avoidance rather than independent target selection.

Systems like Avengers and Octopus show that autonomy is already being used in different parts of the kill chain — filtering targets at scale or firing within fractions of a second under predefined rules of engagement — often at speeds no human can match. As the volume and tempo of AI-generated recommendations rise, the risk grows that operators will "rubber-stamp" system outputs they can no longer meaningfully re-evaluate.

Accountability

As battlefield realities push humans further from direct control, questions emerge around accountability, and when human-in-the-loop oversight is meaningful and when it is theater.

These are not purely technical choices; they are institutional and doctrinal ones. Architecture becomes policy — the way the system is wired effectively decides how tightly humans are tied into day-to-day combat decisions. Documenting intent and assigning responsibility for civilian harm cannot be an afterthought; it must be designed into the system from the start.

The harder ethical question is whether preserving human-in-the-loop safeguards is always the right thing to do — or whether, in some cases, it is more ethical to admit where humans cannot keep pace. The real governance question is not whether to keep a human in the loop in the abstract, but which loops we deliberately anchor in human cognition and institutional authority, and which we are prepared to delegate.

Conclusion

Within the broader discourse on autonomous systems, Ukraine provides empirical evidence that the devolution of human oversight is a systemic reality of modern combat, not a hypothetical risk. The compounding forces of human biological limits — ranging from localized attrition to universal thresholds of reaction time — alongside the proliferation of low-cost drones and unparalleled data velocity, inevitably distance the human operator further from direct control. Consequently, true accountability cannot rest on an operator's final click under fire; it must be deliberately designed into the entire operational process — architectures, workflows, and governance — that lead up to that moment. The governance question is no longer whether to keep a human "in the loop" in the abstract, but which loops humans must own, how much cognitive load they can bear, and how fast wartime institutions can adapt command-and-control (C2) and oversight structures.

To help policymakers and practitioners translate these insights into practice, we offer three mutually reinforcing lines of effort.

First, decide which loops humans own. Make human placement an explicit design decision, not a slogan. For each mission type (for example, air defense; ISR; long-range strike; information operations), require a short statement of where humans sit on the continuum (in/on/out of the loop), why, and what tradeoffs you are accepting in speed, survivability, and escalation risk. Reserve true "human-in-the-loop" control for low-tempo, high-stakes decisions, and use Ukraine's experience to distinguish between high-volume, time-critical defensive engagements — better suited to supervised autonomy like Octopus-style interceptors — and lower-tempo but politically or ethically weighty decisions, where humans should remain the real bottleneck.

In parallel, reframe ethics around actual control, not formalities. Move policy language away from blanket promises that humans will "approve every shot" toward domain-specific statements about where humans truly control outcomes and where they supervise architectures that act faster than they can. Document human intent in system design, not only in rules of engagement, so accountability is anchored in what commanders ask AI systems to optimize, rather than solely in an operator's last-minute approval.

Second, design systems to manage cognitive overload. Treat human cognitive limits as a hard design constraint, not a staffing problem. Cap and structure AI output for human decision-makers by limiting how many "priority" alerts any individual can receive in a given timeframe, using tiered queues and automated de-duplication — especially in environments like Delta/Avengers, which can surface thousands of targets per week. Mandate machine-readable rationales and confidence scores so human review becomes targeted supervision rather than binary approve-or-reject decisions. Instrument "rubber-stamping" as a safety signal rather than a success metric. Treat near-100-percent approval rates under high load as a warning, require periodic audits of how often humans overrule or modify AI outputs, and adjust triage logic and escalation pathways based on those findings.

Third, govern battlefield AI at responsible speed. Align architectures, governance, and professional education with the operational realities Ukraine is already revealing. Build CJADC2-style systems around actual operational needs: follow lessons from Ukraine's Delta by starting with a single web-based common operational picture that fuses multi-domain data, then layering AI analytics on top. Co-design compute and command, recognizing that where you place compute (cloud, theater data centers, edge) determines which forms of human oversight are realistic at different echelons. Create wartime AI-governance playbooks with predefined fast-lane processes for testing, fielding, and monitoring AI tools in combat. Encourage modular autonomy packages that can be certified, updated, and reused, and tie funding to governance metrics such as robust logging, verification and validation, red-teaming, and post-incident review. Finally, prepare people and organizations for AI-enabled campaigns by making AI literacy and "AI tradecraft" core elements of professional military education, exercising AI-failure scenarios in wargames, and embedding small AI and data teams with operational units, as Ukraine and its advisers have already begun to do.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Why Abu Dhabi Walked Away from OPEC After Nearly 60 Years

When UAE Energy Minister Suhail al-Mazrouei announced Tuesday that Abu Dhabi is leaving OPEC – a cartel it has been a member of since 1967 – he called it a “pure policy change” and a “policy-driven evolution aligned with long-term market fundamentals.” It was considerably more than that.

The exit is the most visible rupture yet in Gulf Arab solidarity: a pointed rebuke of Arab partners who watched Iran batter the UAE with hundreds of missiles and drones for months while offering, in Abu Dhabi’s assessment, next to nothing in return. It is also a strategic bet – on a deepening bilateral relationship with Washington, on unconstrained production capacity once the Strait of Hormuz reopens, and on the proposition that multilateral institutions no longer serve UAE interests the way they once did.

The UAE’s OPEC exit is the product of three overlapping pressures: a chronic quota grievance costing Abu Dhabi more than $50 billion a year in foregone revenue; war-driven fury at Arab inaction; and a US-backed opportunity to monetize ADNOC’s expanded production capacity without cartel constraints. The strategic implications extend well beyond oil markets.

The Long Squeeze

The UAE has been a member of OPEC since 1967 – before the federation itself existed, when Abu Dhabi joined as a standalone emirate four years before the seven emirates formally unified in 1971. In that time, OPEC shaped global oil prices, managed supply shocks, and gave member states a framework for coordinating production in ways that kept revenues relatively stable. For most of its membership, the UAE benefited from that arrangement.

The economics changed when ADNOC began a serious capacity expansion. The Abu Dhabi National Oil Company has invested aggressively over the past decade, reaching 4.85 million barrels per day (bpd) in nameplate capacity and targeting 5 million bpd by end-2026 under a $150 billion capital expenditure plan. The gap between what ADNOC can produce and what OPEC+ quotas allow it to produce became a structural source of frustration – and an increasingly expensive one.

Under OPEC+ constraints, the UAE has been producing roughly 30 percent below its current capacity, with actual output running between 3.4 and 3.8 million bpd before the Iran war disrupted everything. A 2023 Baker Institute analysis estimated that quota constraints cost the UAE upward of $50 billion per year in foregone revenue. Over time, this has amounted to a staggering subsidy of Saudi Arabia’s price management strategy, paid by Abu Dhabi.

This tension erupted publicly in 2021, when the UAE blocked an extension of OPEC+ production cuts unless its individual baseline quota was raised from 3.17 million to 3.65 million bpd. The argument was straightforward: its baseline was set before capacity expanded significantly, making cuts disproportionately punishing. A compromise was eventually reached, and in June 2024 OPEC+ granted the UAE a further increase to 3.5 million bpd for 2025. That still left production well below ADNOC’s 4.85 million bpd capacity.

The fundamental math never changed: the cartel’s quota system was designed for a UAE that no longer exists. Abu Dhabi built its way out of the arrangement.

War Changes Everything

The Iran war removed the last argument for staying. Since the conflict began on February 28, 2026, Iran has launched 537 ballistic missiles, 2,256 drones, and 26 cruise missiles against the UAE – killing 13 people and wounding 224. ADNOC operations were hit. Fires burned at Palm Jumeirah and the Burj al-Arab. Dubai International Airport sustained damage. The UAE’s carefully constructed image of permanent stability – the foundation of its tourism, finance, and services economy – was shattered in a matter of weeks.

The response from fellow Arab OPEC members was, in Abu Dhabi’s assessment, inadequate. The Hormuz closure compounded the economic pain. With the strait effectively shut since February 28, UAE crude production collapsed 44 percent to approximately 1.9 million bpd in March. Abu Dhabi’s alternative export route – the Habshan-Fujairah pipeline (ADCOP), which runs 380 kilometers to the Gulf of Oman and bypasses Hormuz entirely -- provides only partial relief. The pipeline has a capacity of roughly 1.5–1.8 million bpd; the UAE was using about 1.1 million bpd pre-war, leaving limited headroom.

UAE diplomatic adviser Anwar Gargash, speaking at the Gulf Influencers Forum on April 27 – the day before the exit announcement – put it plainly: “The Gulf Cooperation Council countries supported each other logistically, but politically and militarily, I think their position has been the weakest historically. I expect this weak stance from the Arab League, and I am not surprised by it, but I haven’t expected it from the GCC and I am surprised by it.”

Mazrouei’s framing of the exit timing carries its own admission: he told CNN that May 1 was chosen precisely because the strait is closed, limiting the immediate market impact. Abu Dhabi has engineered a clean break at a moment when the exit cannot destabilize oil prices – while positioning itself to ramp production aggressively once the strait reopens.

The logic is clear once the two grievances are placed side by side. The UAE spent years subsidizing OPEC’s price management discipline while absorbing war costs that OPEC Arab members declined to share. Staying would have rewarded both failures simultaneously. Mazrouei’s explicit statement that Saudi Arabia was not consulted is not a diplomatic accident. It is the message.

Washington’s Fingerprint

The timing of the exit also points toward Washington – and a deal that may have been struck in the days preceding the announcement.

Trump has accused OPEC of inflating prices repeatedly and tied US military support in the Gulf to lower oil costs. But the more immediate context is a dollar crisis. In the weeks before the exit, UAE central bank officials raised with Treasury Secretary Scott Bessent the possibility that Abu Dhabi might be forced to conduct some oil transactions in Chinese yuan if dollar liquidity in the Gulf tightened further. This was not an idle threat – it was a structural vulnerability created by the Iran war’s disruption to Gulf financial flows, and it posed a direct challenge to the petrodollar architecture underpinning US financial power.

On April 24, Bessent publicly backed emergency dollar swap lines for Gulf allies, including the UAE. Four days later, Abu Dhabi announced its OPEC exit. The coincidence is striking. Fortune reported on April 28 that the timing “raises the question of whether the US gave implicit backing to the move.” No direct evidence of explicit coordination has emerged, but the incentive alignment is real: the UAE gets a dollar lifeline and freedom from cartel constraints; the US gets a weakened OPEC, a Gulf ally choosing Washington over the cartel, and a medium-term downward price trajectory once Hormuz reopens. The petrodollar threat was neutralized by the swap-line arrangement; the OPEC exit may have been part of what Abu Dhabi offered in return.

This is transactional diplomacy in real time. The Gulf’s multilateral institutions – already strained by a war that none of them were designed to manage – are being quietly sidelined by bilateral arrangements.

What Happens Next

For OPEC, the arithmetic is bleak. The cartel loses its third-largest producer. Saudi Arabia now carries more of the price management burden with less internal buy-in. The cartel was already struggling with chronic compliance cheating – Iraq, Kazakhstan, and Russia have consistently overproduced against their quotas. The UAE’s exit removes the member that had been most vocal about quota fairness. Qatar left OPEC in 2019, becoming the first Gulf departure; the UAE is the second but far more consequential. If smaller Gulf members – Kuwait, Bahrain – conclude that bilateral arrangements offer more than cartel solidarity, OPEC’s coherence deteriorates further.

For UAE production, the real payoff is post-Hormuz. Abu Dhabi cannot ramp output immediately – Hormuz closure limits physical export capacity to the Fujairah pipeline, and ADCOP cannot absorb the full 4.85 million bpd ADNOC is capable of producing. But when the strait reopens, the UAE will be free to increase toward full capacity without cartel permission. This is a bet on capturing market share during the reconstruction cycle.

For Saudi Arabia, the exit is the worst possible timing. Already absorbing war costs – Ras Tanura hit, Red Sea rerouting threatened by Houthi pressure at Bab al-Mandab, desalination infrastructure vulnerable – Riyadh now faces a weakened OPEC position without its closest Gulf ally. The MBS-MBZ personal estrangement that produced the Mukalla strike, the first Saudi military action against GCC-linked assets since the council’s founding, now has cartel-level confirmation. These two are not coordinating.

The Verdict

The UAE’s OPEC exit is a data point in a larger reconfiguration. Gulf states that absorbed Iranian attacks without adequate protection from the multilateral architecture – OPEC, the GCC, the US-led security umbrella – are making their own arrangements. For Abu Dhabi, the calculus is stark: bilateral relationships with Washington, unconstrained production capacity, and a Fujairah bypass provide more durable leverage than cartel solidarity with partners who didn’t show up when it mattered.

The test comes when Hormuz reopens. If UAE production ramps aggressively toward 5 million bpd, it confirms this was always a capacity play layered on security grievance. If Abu Dhabi exercises restraint, the move was primarily a signal about the limits of Arab multilateralism.

Either way, the cartel that shaped global oil markets for six decades has lost one of its most consequential members—not to market forces, but to a war and the fractures it exposed. That is the more important story.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

That Other Nuclear Nightmare: North Korea Sounds New Alarms

DEEP DIVE – As the U.S. grapples with the still-unsolved problem of Iran’s nuclear program, another American adversary is expanding its nuclear arsenal at a dangerous pace. That’s the view of the International Atomic Energy Agency (IAEA) and other experts after a flurry of alarming news from North Korea.

According to the IAEA and the Center for Strategic and International Studies (CSIS), recent satellite imagery of North Korea shows heightened activity at the Yongbyon nuclear complex, the commissioning of a new light water reactor, and evidence that the North has completed – or neared completion – of a new uranium enrichment facility.

"All of them point to a very serious increase in the capabilities of [North Korea] in the area of nuclear weapons production," the IAEA Inspector General Rafael Grossi said during a mid-April visit to Seoul.

The new enrichment facility would be North Korea’s second and allow Pyongyang to grow an arsenal already estimated at 50 nuclear warheads. Experts say the regime has made strides on the delivery side as well – with new intercontinental ballistic missiles (ICBMs) and launch systems. Just five days after Grossi’s statements, North Korea carried out a series of ballistic missile tests.

Victor Cha, the CSIS Korea Chair, said the recent developments reflect a core ambition of North Korean leader Kim Jong Un: to match the capability of some of the world’s major nuclear powers.

“Kim Jong Un intends to develop a modern nuclear weapons arsenal the size of France or the United Kingdom, each of which has over 200 nuclear weapons,” Cha, who served as deputy head of the U.S. delegation at the Six-Party Talks with North Korea, wrote in Foreign Affairs. “And he is well on his way…North Korea has blown past even the most pessimistic predictions.”

The North’s latest nuclear muscle-flexing comes as the U.S. wrestles with a major piece of unfinished business in its war against Iran – the future of that country’s enrichment facilities and stocks of uranium. Some experts worry that the Iran war is drawing attention away from North Korea.

“Now North Korea is not just in possession of the nuclear capability – it is becoming more of a nuclear weapons state, and they can use those weapons against us and our allies,” Joseph DeTrani, who was the U.S. Special Envoy for the Six-Party Talks, told The Cipher Brief.

“People may see Iran as very hostile because they say the U.S. is the enemy,” DeTrani added. “Well, the North Koreans say the U.S. is the enemy too – that’s in their constitution – and I fear that we’ve become very complacent with North Korea.”

A race for more weapons

The new enrichment facility at Yongbon has been under construction for more than a year; satellite imagery analysis by the CSIS showed signs of work at the site as early as mid-December 2024.

On March 2 of this year, Grossi told the IAEA’s Board of Governors that the “the new building is externally complete, and internal fitting is likely underway,” and in early April, the CSIS said new imagery “shows the facility essentially complete, including a probable standby generator, administration/engineering support, and vehicle shed buildings.”

Experts aren’t certain that the facility is operational, but they say that when it is, it will boost the North’s production of enriched uranium and ultimately its stocks of nuclear weapons as well. According to the Stockholm International Peace Research Institute, the North’s arsenal is estimated at 50 nuclear warheads, with enough fissile material to produce up to 40 more.

“They will have more fissile material than ever with this new facility,” DeTrani said. “And so they will likely be producing more nuclear weapons than ever before.”

Beyond Pyongyang’s push for more weapons, there have been other worrying signs.

On April 19, North Korea launched five short-range ballistic missiles armed with cluster munitions against an island target in the Sea of Japan. It was the second test-firing of delivery systems in less than a month. According to North Korean state media, Kim Jong Un and his daughter – who many analysts believe is his heir apparent – supervised the launches in person.

Cha says that North Korea has developed nearly 20 different delivery systems, including long-range ICBMs that can reach targets in the United States. According to the CSIS and others, the regime is also pursuing ballistic missiles that can be launched from nuclear submarines.

Then there is the Russia factor. Not long ago, China was the North’s chief ally and lone supplier of military and financial support; in 2024, Russia sought North Korean help for its war against Ukraine, and the resulting agreement has given Russia thousands of North Korean troops and supplies of ammunition and ballistic missiles, in exchange for technological help for the North’s nuclear program.

“They are learning things from the Russians – that’s another great fear,” John Parachini, Senior International and Defense researcher at RAND, told The Cipher Brief. “They’ve provided weaponry and blood to Russia and I’m sure they’ve gotten something in exchange for it.”

DeTrani warned of a dangerous and unprecedented combination: North Korea’s growing arsenal of weapons, its improved delivery systems, and the burgeoning technical assistance from Russia.

“This is exponentially a different equation when it comes to North Korea and their nuclear weapons program,” he said.

Kim’s long game

North Korea’s latest moves follow a series of pledges to scale up its nuclear capabilities.

In 2023, Pyongyang ordered an “exponential” expansion of its arsenal – effectively a shift from developing and testing existing weapons to creating more of them. A CSIS study of statements from North Korea’s news agency between 1998 and 2023 documented a shift from defense (i.e., keeping a nuclear stockpile to maintain deterrence) to offense (the potential use of nuclear weapons during a war). And in a speech to his parliament last month, Kim declared the country “will continue to consolidate our absolutely irreversible status as a nuclear power.”

As Treston Wheat, chief geopolitical officer at Insight Forward, told The Cipher Brief in November, North Korea has evolved to “a maturing nuclear war fighting state,” with doctrine “trending toward first-use options in extreme regime-threat scenarios.”

Experts say Kim’s strategy is based on the belief that a nuclear arsenal helps guarantee his regime’s survival – and that the U.S.-Israeli war against Iran has buttressed that belief.

This is exclusive Subscriber+Member content.

During the first weeks of the war, Kim boasted that North Korea had been able to resist outside pressure and avoid enemy attacks – and that this validated his refusal to make major concessions at the negotiating table.

“The present situation clearly proves,” Kim said, “how just the strategic option and decision of our state were in rejecting the enemy’s cajolery and perpetuating our nuclear possession.”

“He’s basically saying, we made the right decision to not dismantle, and not denuclearize,” DeTrani said of Kim’s statement. “We made the right decision to keep our nuclear weapons program, and we definitely made the right decision to enhance those capabilities and build more nuclear weapons and delivery systems. We weren’t fooled by the sweet talk, mainly from the United States.”

“The U.S. war on Iran confirms what North Koreans have thought since the bombing of Libya, the invasion of Iraq, and indeed all the way back to the Korean War,” said Yonsei University Professor and Korea expert John DeLury. “Having a nuke is perhaps the only way to prevent being attacked by the United States.”

Recent U.S. dealings with Iran and North Korea support that notion. In the case of Iran, President Trump launched a war with the stated aim of ensuring that the country never obtains a nuclear weapon; in the case of North Korea, Trump held three summits with Kim Jong Un during his first term and has spoken positively since then about their relationship.

“If you’re Kim, and you look at what happened to Iran…Kim is saying to himself that I have really safeguarded my country and I have safeguarded my regime,” Parachini said. “With that nuclear capability, he has survival as I believe he sees it.”

Wanted: Out-of-the-box ideas

Ever since the North first produced a nuclear weapon (in 1994, according to the CIA), U.S. strategy has hinged on a single word: denuclearization. As Cha notes, “American negotiators dealing with North Korea have repeated the same mantra: ‘With denuclearization, all things are possible. Without denuclearization, nothing is possible.’” That has been the approach, more or less, over seven American administrations – a blend of carrots and sticks that has offered humanitarian and other financial aid to Pyongyang in exchange for incremental concessions, while imposing increasingly heavier sanctions for noncompliance.

Experts say that while the strategy has produced occasional “wins” – a freeze on reactor operations, declarations of nuclear inventory, and pledges to pursue denuclearization – these have proved temporary at best. And the North has reneged on every promise to scale back its arsenal.

If anything, experts say Pyongyang may be in a better position now than it was during President Trump’s first term.

“They are in a different space now, because of their military capabilities, their nuclear capability and now they’ve got Russia as their backer,” Parachini said. “They have an ability to reject everything that’s put forward until there’s real fundamental change.”

For all these reasons, experts say the time has come for a recalibration.

“The size and sophistication of North Korea’s nuclear arsenal today shows that these approaches have failed,” Cha said. “No prior combination of hardline measures and incentives has worked.”

Cha and other experts argue that the U.S. should no longer insist on complete and verifiable denuclearization. Instead, they say, the aim should be for lower-threshold concessions.

Everyone needs a good nightcap. Ours happens to come in the form of a M-F newsletter that keeps you up to speed on national security. Sign up today.

“There is, in my view, no longer a negotiated path to denuclearization,” DeLury said. “If the United States and South Korea want to reengage in diplomacy and find a modus vivendi with North Korea, it will have to be done on the basis of the [North] being a nuclear armed state. No amount of sanctions will convince Kim otherwise, and arguably the coercive pressure only gives motivation and rationale for further improvements to the nuclear weapons program. A radical change in policy is needed.”

DeTrani agrees. “We have to change the paradigm,” he said. “What can we offer North Korea? What can we give to North Korea that’s important for Kim Jong Un that would entice him to look at possibly freezing his nuclear weapons program? Stop talking about giving up nuclear weapons – they’re not giving up their nuclear weapons.”

What might a new paradigm look like? Some ideas mirror Cold War-era policies that reduced the risk of U.S.-Soviet confrontation: a graduated lifting of sanctions in exchange for a freeze on uranium enrichment, a halt to nuclear testing, and limits on missile production or testing; a strengthening of multilateral deterrence – in this case with Japan and South Korea; and new communications hotlines and other crisis management mechanisms (Parachini noted that early in his career he had operated the so-called “MOLINK” between Moscow and Washington – a hotline established in 1963 to keep regular communication flowing between the Cold War capitals).

“Let’s talk about arms control with the North Koreans,” DeTrani said. “And make clear: if you stop these things, here’s what we can do for you.”

Among more out-of-the-box ideas, Cha says the U.S. military presence in South Korea could be included in future negotiations. Pyongyang has made no secret of its wish for an end to that deployment – which today numbers 28,500 – and while Cha doesn’t suggest withdrawing all the troops, or doing so simply to appease Pyongyang, he notes that the U.S. has already encouraged South Korea to increase its defense spending and assume more of the burden of defending the peninsula. In other words, if some of the American forces may be coming home anyhow, the U.S. could include the drawdown as part of an incentive package for the North.

Parachini went so far as to suggest that the U.S. pursue a peace treaty and the establishing of diplomatic relations. “It’s kind of a Nixon-goes-to-Beijing move, it’s doing the unlikely, it’s doing the unconventional, it’s taking a big risk,” he said. “But I think that would at least begin to change the dynamic, because that’s what the North Koreans want – and I think what the South Koreans want is stability.”

And while none of the experts believe military action is a viable response – as Cha put it, “North Korea is not Iran: it is a proven nuclear weapons state that could retaliate against the United States and its allies” – they all suggested a bulking up of missile defenses and other deterrent capabilities with Japan and South Korea, and a clear message to Pyongyang that any nuclear strike would bring a devastating response.

“The world would be a safer place if North Korea shed its nuclear weapons,” Cha said. “But getting it to give up its arsenal is simply not within reach any time soon, and proceeding as if it would be detrimental to national security. The best strategy for avoiding a hot war with a nuclear North Korea is to preserve a cold peace.”

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Britain’s Antisemitism Crisis Is Now a National Security Threat

There has been yet another terrorist attack targeting Britain’s Jewish community. This time, two Jewish men were stabbed on Wednesday in Golders Green, London - a leading center of Jewish life and culture in the UK. The incident follows a series of recent attacks on Jewish targets, including assaults on Jewish ambulances in north London just weeks ago, and comes amid a broader surge in anti-Jewish violence across Australia, the United States, Europe, and beyond.

The reaction to this attack has been more marked than any previous antisemitic attack in the Uk that I can remember. It has dominated headlines here, in the mainstream media including the BBC. Prime Minister Starmer reacted with condemnation within minutes of the attack taking place. Politicians on all sides - almost all sides - have said that British Jews have to feel safe, have to have confident expectations of being able to live a normal life like other communities in the UK. More Jewish people have been interviewed by the media and the messages they have been giving out are consistent. They do not feel safe, they do not feel they are understood.

The man suspected of committing the two stabbings has been named as Esse Suleiman, a British national born in Somalia. Responsibility for the attack has been claimed by a terrorist organization with links to Iran.

I have written about this problem before, and I have two contentions that should make this relevant to all readers of the Cipher Brief. The first, as I have said before, is that antisemitism has to be treated as a national security issue. The second and related is that antisemitism is not just a threat to the Jewish community but to democracy. You cannot have a democracy in which one group of the community is battered into silence, fear and flight.

The issue therefore matters to people everywhere who share the values of democracy and tolerance.

The clear goal of these attacks is to make Jewish people in England - perhaps less than 0.5% of our population - feel so unsafe that they leave the country. If they take the obvious route - to Israel - this will somehow only play to the conspiracy theories of Islamists and the extreme left. So where else do they go?

I do not think most British Jews will be going anywhere, but they need more than words from the political class, more than a few extra police officers, or cameras and fences around synagogues, Jewish schools and other buildings.

The need is for a government strategy that specifically counters antisemitism. It has not been enough for people to unite against racism because many people who claim to be, think they are, anti-racist still wittingly or unwittingly perpetrate antisemitism. So, antisemitism is a distinct problem, with distinct causes and needs distinct solutions. The idea that Jews are somehow not an ethnic minority but people at the top of the pile needs to be countered. The idea that there is an alternative to a homeland for Jews needs to be countered. Conspiracy theories that I do not need to retail, but which continue to flood across social media, have to be identified and refuted.

How? When we recognized we had a problem with violent Islamist extremism after the London bomb attacks in 2005 it was recognized that ideas behind the extremism needed to be challenged. Now the same is true of anti-Semitism. The police and intelligence agencies need more power to stop violent attacks, but the battle of minds has to be fought in the public sector - through how teachers understand their pupils and how they counter anti-Semitic ideas often innocently expressed. Community leaders of all faiths and none need to be educated in what antisemitism is, why they should counter it and how. Politicians need to understand the difference between legitimate criticism of the actions of Israel and statements that strike fear into the hearts of Jews.

We need a government led strategy that will expose, discredit and discard anti-Semitism. Only then will Britain’s Jews feel not only safe but free.

To repeat, this is a national security issue and should be treated as seriously as any other national security issue. Our own people should not be terrorized - by state or non-state groups, or by individuals.

This has to start now. It is getting very late.

CIA Deaths Expose Fragile U.S.-Mexico Security Ties

Around two o’clock in the morning of April 19, an SUV veered off a twisting dirt road in a remote corner of the Sierra Madre, plunged into a ravine and burst into flames. The dead were two Chihuahua state law enforcement officers and two unnamed Americans -- who were identified by Mexican authorities as CIA officers.

A state official initially said that all four of the dead were returning from two days of fairly spectacular raids of methamphetamine super-labs in the highlands near a hamlet called El Pinal. That account was swiftly retracted, and the Americans were described as “instructors” teaching state cops how to pilot drones. Either way, the CIA had just put boots on the ground deep in Mexico’s Golden Triangle, a forbidding terrain infamous for vast fields of opium poppies and marijuana, clandestine landing strips for Colombian cocaine flights, and, lately, synthetic drug labs pumping out tons of methamphetamine and fentanyl. This might be a first, but at the very least it was rare, and the price was terrible.

“Why would CIA personnel go deep into Mexico’s cartel country - to a place that’s considered the turf of an extremely violent, heavily armed transnational group?” CIA clandestine service veteran Ralph Goff asked rhetorically and answered. “CIA officers go where their intelligence missions take them. And that includes dangerous areas like war zones and high crime areas - and Mexico is an unfortunate combination of both, with the added risk of dangerous roads. We are trained to deal with dangerous situations and events, which reduces risk but never eliminates risk, and we are aware of this.”

The Trump administration’s intensifying pressure on Mexico’s organized crime families is stirring furious protests from Mexico City, where political leaders are acutely protective of perceived insults to their national sovereignty. Yesterday, Mexican President Claudia Sheinbaum told reporters that her government had sent Washington a formal "diplomatic note” objecting to the CIA officers actions and suggested they had gone rogue. “The [U.S.] federal government didn't know about the involvement of these people (in the operation) and we hope that it's an exception," Sheinbaum said in her daily morning press conference, according to Reuters. "...From now on, as has been done, our constitution and national security law should be followed." Sheinbaum’s remarks followed a statement issued on Saturday by Mexico's security cabinet, charging that the U.S. officials had not been accredited to participate in security activities in Mexico and complained that one of them had entered Mexico as a tourist.

The deaths of the two CIA officers have aggravated longstanding U.S.-Mexico tensions over security ⁠cooperation, particularly when it comes to operations against Mexico’s multi-billion-dollar cartels, which have diversified from drug trafficking into human trafficking, petroleum pirating, extortion and other lucrative crimes. President Donald Trump has repeatedly pressed for greater use ⁠of U.S. military force to combat Mexican cartels and has threatened unilateral action, even inside Mexican territory.

Sheinbaum has pushed back, asserting the U.S. cannot send U.S. officers or troops across the border but is welcome to share intelligence with Mexican officials.

For CIA, DEA and FBI personnel assigned to Mexico and the border area, passing actionable intelligence about specific high-value targets has often been a non-starter, citing widespread corruption within the Mexican government. A number of U.S. informants have been murdered in recent years, according to U.S. officials, with leaks suspected though usually unproven. U.S. Ambassador Ron Johnson, a former Green Beret and CIA operations officer, appears to have taken the side of U.S. intelligence officers wary of cooperating with their Mexican counterparts because of the risk of corruption. Significantly, last Thursday, Johnson traveled to Los Mochis, the town where notorious cartel kingpin Joaquin “El Chapo” Guzman was captured in 2016, deep in Sinaloa state, also known as the second leg of the Golden Triangle, and spoke at a ground-breaking for a joint U.S.-Mexican methanol plant. “If we want projects like this to succeed – if we want our shared future to be as bright as it can be – corruption and extortion have no place,” Johnson said pointedly. The existing bilateral trade agreement, he said, “requires our governments to criminalize bribery and corruption and enforce codes of conduct for public officials. We may soon see significant action on this front. So, stay tuned.”

This is exclusive Subscriber+Member content.

By “stay tuned,” the Los Angeles Times reported, citing unnamed sources, the American ambassador was signaling an escalating Trump administration anti-corruption campaign, focused on Mexican officials allegedly linked to organized crime. This campaign would be more severe than the administration’s decision last October to revoke ⁠the visas of more than 50 Mexican politicians for “activities ⁠that run contrary to America's national interest."

CIA officers have worked closely with some Mexican military and security units since the Agency’s creation in the early Cold War. Officers based in Mexico City have long cultivated relationships with Mexican officials willing to help keep tabs on suspected Russian, Chinese, and Cuban spies, Middle Eastern extremists and other shady characters suspected of using Mexico City as a base for espionage or violent conspiracies against the U.S.

Now the Agency is casting a broader net, in response to Trump’s second-term push for an all-of-government assault on the Mexican cartels. On his inauguration day in January 2025, Trump designated Mexico’s major cartels as “foreign terrorist organizations” and “specially designated global terrorists.” In March of last year, as The Cipher Brief reported, the administration designated drug trafficking as the nation’s top national security threat, a major departure from past designations. Since then, officials say, the CIA has been looking for ways to apply its technological and human assets to counternarcotics work, in the Triangle and beyond.

Experts say intelligence about the Golden Triangle and its gateway border city, Juarez, has never been more crucial, as that smuggling corridor has become a battleground between two ambitious emerging crime groups: La Linea, loosely aligned with underworld leader od the Cartel Jalisco Nueva Generacion, (CJNG) currently the world’s richest, most powerful cartel, and the Gente Nueva, a splinter of the Sinaloa Federation, a waning but still powerful and storied old-line cartel. Both of the upstarts operate in and around Juarez, on the border across from El Paso, a major American metropolitan area and one of the nation’s most important trade hubs, handling an estimated $106 billion in U.S.-Mexico cross-border trade in 2024 alone.

“Paramilitary officers and Case Officers from the CIA's Directorate of Operations are tasked to fill the gaps that other USG agencies may have in their programs and to bring our unique skills to bear in support of law enforcement agencies like DEA and FBI as well as DoW,” Goff said.

In Mexico, the CIA strives to keep a low profile, because Mexican politicians, influential people and the press are deeply suspicious of Washington, especially its spy agencies. The current exceptional episode began on Sunday, April 19, when Chihuahua state Attorney General César Jáuregui announced news that Pedro Román Oseguera Cervantes, commander of the state agency of investigation, AEI, a state policeman, and two American “instructors” from the U.S. Embassy in Mexico City had been killed in a vehicle accident in southern Chihuahua. He said they had been returning to the state capital of Chihuahua City after taking part in a state police-military operation raiding six industrial-size methamphetamine labs in the thickly forested highlands. The destruction of a major cartel complex was heralded as a win for the good guys, but Jáuregui inadvertently ignited a political firestorm that’s still raging. Questions proliferated when the Washington Post and Associated Press, citing an unnamed U.S. official, reported that the American “instructors” who were killed were working for the CIA.

“There cannot be agents from any U.S. government institution operating in the Mexican field,” Sheinbaum told reporters. “It is very important that something like this not be allowed to go unaddressed.” She said she was considering sanctioning Chihuahua law enforcement officials for dealing directly with the CIA instead of deferring to the central government.

Sheinbaum’s efforts to corral the CIA, and perhaps other U.S. agencies, brought a sharp rebuke from the White House. “I think the president would agree that some sympathy from Claudia Sheinbaum would be well worth it for the two American lives that were lost, considering all that the United States of America is doing currently under this president to stop the scourge of drug trafficking through Mexico to the United States,” White House press secretary Karoline Leavitt said.

Everyone needs a good nightcap. Ours happens to come in the form of a M-F newsletter that keeps you up to speed on national security. Sign up today.

Now Sheinbaum is caught between Trump, who last month issued a proclamation promising the “dismantlement” of the cartels, and Mexican nationalists who view yielding to Washington’s demands as a grave threat to their country’s hard-won sovereignty. Sheinbaum tried to thread the needle by lodging a formal protest over the CIA presence, at the same time forgiving Washington’s transgression, just this once. “Let us hope this is an exceptional case ... and that a situation like this never happens again,” she said.

“It’s appalling to hear how Claudia Sheinbaum has responded to the tragic loss of life of two officers - presumably Agency officers - in the service of our country,” David Shedd, a CIA veteran and former acting Defense Intelligence Agency leader, told The Cipher Brief. “There was absolutely nothing illegal or extrajudicial associated with what these officers were doing in Mexico, as the cooperation to include assisting the Mexican security personnel in forward positions is not new. In fact, the kind of mission that these officers were on has led me to believe with a high degree of confidence that bilateral security cooperation between the U.S. and Mexico has never been better. That cooperation has been sanctioned by Sheinbaum. For her to publicly distance herself from our joint security operations is again, appalling.”

Shedd said that the value of sending the CIA officers on the lab raid would have been to let them examine the labels and markings on the drums and sacks of precursor chemicals, so they could identify the chemicals’ points of origin. According to DEA intelligence reports, most of the precursor chemicals used in meth production come from China. “The mission that these U.S. officers were on was absolutely critical to the efforts, to not only destroy the lab but if at all possible, establish a fact-based pattern of Chinese ties to the Mexican cartels,” Shedd said.

Adding to the cross-border tensions: Mexican officials’ shifting stories about what happened on that dark night in the Sierra Madre. Jáuregui, the Chihuahua attorney general, was publicly chastised by Mexico City, then held a second press conference to say there had been a misunderstanding, and CIA officers hadn’t been anywhere near the actual lab raids. He said they had been in another mountain village – Polanco, pop. 403 – six-and-a-half hours away from the action, training state officials on how to operate drones. He didn’t explain why the state needed drone operators – presumably to spot clandestine labs.

Jáuregui said that once the Americans wrapped up the drone training session, they contacted officials with the Chihuahua state investigation agency, AEI, who were coming back from the lab raid, and asked to hitch a ride to the state capital, so they could catch their flight home to Mexico City. (The number of CIA officers involved is murky. The Los Angeles Times reported that there were four CIA personnel, two in the lead SUV with the AEI’s director, and another two in a pickup truck with other Mexican police officers.) At any rate, the police-military convoy picked up the Americans. Around 2 a.m. the lead SUV, with two CIA employees, went off the road, tumbled into the ravine and exploded. It all happened too fast for others in the convoy to help. So far, no evidence has surfaced to suggest foul play. By all accounts, so far, it was just very bad luck.

“Unfortunately, long days followed by bad roads and being tired – there are car accidents,” says Goff. “There's 140 memorial stars on the wall, and our martyrs there. Not all of them were killed by enemy action. We have colleagues who were killed in car crashes, killed in plane crashes, killed in hotel fires, things like that. But it still makes them our martyrs. And we mourn them and we're saddened by their loss, but it's like any endeavor. It's part of what we take on.”

Houthi's are Positioned to Close the Bab el-Mandeb Strait

Despite suffering heavy losses to combined U.S.-Israeli military strikes, the Iranian regime remains defiant. It’s recent reluctance to send a delegation to Islamabad to resume talks with the U.S. was not—as President Trump asserted—because the regime is too “fractured.” It did not attend because it calculated it is operating from a position of strength, not weakness. Their calculus is rooted in their confidence in their ability to punish the global economy by choking off the Strait of Hormuz, and thereby strike back at the U.S.’ center-of-gravity; our political economy.

But while attention is rightly focused on the Hormuz, it is not the only point of vulnerability. Yemen’s Houthis remain positioned to close the Bab el-Mandeb Strait, which sits astride the vital sea route to the Red Sea and Suez Canal. With the Strait of Hormuz effectively shut, Saudi Arabia is now routing roughly five million barrels per day through the Red Sea port of Yanbu. Every barrel sits within Houthi strike range. The USS George H.W. Bush carrier strike group, deployed from Norfolk in late March, is right now rounding the Cape of Good Hope rather than transit Bab el-Mandeb — a 6,000-mile detour that tells you exactly how seriously the Pentagon takes the threat.

Since the ceasefire took effect, the Houthis have launched at least eight barrages at Israel and have shifted their approach to Red Sea shipping from broad pressure to selective political screening — identifying and targeting vessels by political affiliation rather than nationality, applying the same graduated-pressure formula Iran employed at the Strait of Hormuz. Senior Houthi political official Mohammed al-Bukhaiti has stated publicly that current strikes on Israel constitute only a "first phase," a formulation that signals the movement is managing its escalation options against future contingencies, not simply reacting to current events.

Removing the threat to the Red Sea, however, will not flow automatically from a U.S.-Iranian peace deal, even if one is achieved. Washington’s analytical error is treating the Houthis as a faucet Tehran can open or close. The evidence points the other way. The Houthis are not an Iranian subsidiary taking orders; they are a franchise operator pursuing their own agenda under a shared brand. Their calibrated restraint through most of March, followed by ballistic missile strikes on Israel starting March 28 and a claimed “joint operation” with Iran and Hezbollah on April 1, reflects a Yemeni calculus rooted in Yemeni domestic politics — not Tehran’s stage management. Understanding the distinction matters because it determines whether Bab el-Mandeb closes alongside the Strait of Hormuz. And if it does, the economic shock of this war moves from severe to catastophic.

From “Fingers on the Trigger” to Missiles on Israel

On February 28 — the same day the U.S. and Israel launched Operation Epic Fury — the Houthis threatened to resume Red Sea attacks. Industry bodies reacted immediately. The Baltic and International Maritime Council warned that vessels tied to U.S. or Israeli interests faced elevated risk. UK Maritime Trade Operations issued an advisory flagging increased danger across the Gulf, the Strait of Hormuz, and the Red Sea corridor. Then, nothing.

On March 5, Houthi paramount leader Abdul-Malik al-Houthi declared the group’s “fingers are on the trigger, ready to respond at any moment should developments warrant it.” The statement was conditional, not committing. Through the first three weeks of the war, Hezbollah fired rockets at Israel. Iraqi Shia militias struck U.S. targets in Kuwait and Jordan. The Houthis — Iran’s most geographically advantaged proxy, astride the second most important maritime chokepoint in the region — stayed quiet.

Their hesitancy baffled me and many of my analytic colleagues. Michael Hanna of the International Crisis Group said plainly: “We are not exactly sure, to be honest.” CSIS and Israel’s Institute for National Security Studies each published assessments attempting to account for the reticence. The Times reported on March 16 that the Houthis were awaiting an Iranian signal. Bab el-Mandeb remained the only functioning artery for Saudi crude, with roughly 30 tankers near Yanbu within Houthi range at any given moment.

On March 27, Houthi supporters rallied in Sanaa in “solidarity with Iran and Lebanon.” Military spokesman Yahya Saree warned that the U.S. and Israel would not be permitted to use the Red Sea as a base against Iran. The next day, March 28, the Houthis fired their first ballistic missile at Israel since October 2025. The IDF intercepted it. A second salvo of a cruise missile and drones followed the same day. On April 1, Saree claimed a coordinated “joint operation” with Iranian and Hezbollah forces targeting Israeli military sites. But the Houthi attacks then ceased and the group again went quiet.

On April 7, a senior Iranian source told Reuters that “if the situation gets out of control, Iran’s allies will also close the Bab el-Mandeb Strait.” As of this writing, no commercial vessel has been struck in 2026. The USS George H.W. Bush is off Namibia. Saudi crude still flows through Yanbu. The Houthis have reshaped global naval movement without firing a shot at shipping.

Who They Actually Are

Most American coverage describes the Houthis as “Iran-backed Yemeni rebels” and leaves it there. That shorthand obscures more than it reveals.

The movement emerged from the “Believing Youth” (al-Shabab al-Mo’men) Zaydi revivalist study circles that formed in Yemen’s northern Saada province in the 1990s. The Houthi family’s grievances were not invented in Tehran. They run back to Yemen’s 1962 revolution, which ended a millennium of Zaydi imamate rule in the north and marginalized the Hashemite clerical class from which the al-Houthis claim descent. The founder, Hussein Badr al-Din al-Houthi, was killed by Yemeni government forces in 2004 in the first of six Saada wars with the Saleh regime. His recorded lectures still form the core indoctrination curriculum today.

The current leader is Hussein’s younger brother, Abdul-Malik al-Houthi. He holds the title Alam al-Huda — “Icon of Guidance” — signifying his claim as supreme leader chosen by God and entitled to absolute obedience from his followers. He has not appeared publicly in weeks. Israeli airstrikes in August 2025 killed 12 members of the Houthi cabinet including Prime Minister Ahmed al-Rahawi; Chief of Staff Mohammed al-Ghamari was killed in October 2025. Houthi senior leaders have been instructed to stay off-grid.

Organizationally, the movement is highly personalized and familial. The “preventive security” apparatus — modeled explicitly on Iran’s IRGC and reportedly set up with Hezbollah and Iranian trainers — reports directly to Abdul-Malik al-Houthi rather than to any Yemeni state institution. A U.N. Panel of Experts has described it as the most influential intelligence apparatus in Houthi-controlled areas. The key public figures are Yahya Saree (military spokesman), Mohammed Abdulsalam (chief negotiator, under U.S. sanctions), and Mahdi al-Mashat (formally “commander-in-chief”). But real authority rests with Abdul-Malik and a narrow circle of family and clan figures in Saada.

What motivates them is a blend Washington consistently underestimates: Yemeni nationalism, Zaydi-Hadawi revivalism, Hashemite hereditary entitlement, and an anti-imperial ideology that borrows from Khomeini’s Wilayat al-Faqih but does not depend on it. Their slogan — “Death to America, Death to Israel, Curse the Jews, Victory to Islam” — predates Gaza and is core identity, not opportunistic branding. They are not popular. A 2024 Sanaa Center for Strategic Studies poll found that only 8 percent of Yemenis in Houthi-controlled areas viewed the movement positively. They rule by coercion. Their revenue model — war profiteering, smuggling, extortion of humanitarian aid, racketeering through the port of Hodeidah — has immiserated Yemen rather than developed it.

Franchise, Not Subsidiary

Here is where the analysis matters most. The conventional framing — Houthis as “Iranian proxy” — is useful shorthand but strategically misleading. CSIS Middle East Program director Jon Alterman has put it most plainly in congressional testimony: Iran did not create the Houthi movement, and Iranian support for it is “relatively new” and “largely opportunistic.”

The historical record bears this out. Through the first Saada war in 2004 and the five that followed, Iranian involvement was minimal. The Houthis took the Yemeni capital of Sanaa in September 2014 without significant Iranian support. Serious Quds Force engagement — weapons transfers, training, technical assistance — began only around 2017, after the Houthis had already demonstrated they could hit Saudi Arabia on their own.

What Iran has provided since is real and strategically consequential: ballistic and cruise missiles, anti-ship weapons, long-range drones, training (initially routed through Hezbollah, later direct), intelligence, and increasingly Chinese-sourced dual-use components moved through Iranian logistics networks. But patronage is not command. A franchise pays royalties and flies the brand; it does not take operational orders on schedule.

The distinction is not academic. It shows up in the March-April 2026 pattern in three ways that contradict the proxy frame.

First, Iran reportedly pressed the Houthis to attack Red Sea shipping. Bloomberg reported in late March, citing European officials, that Tehran was pushing Abdul-Malik’s circle to prepare a renewed maritime campaign contingent on further U.S. escalation. The Houthis declined. They launched at Israel instead — a much lower-risk target under the terms of the May 2025 U.S.-Houthi ceasefire, which covered U.S. vessels but not Israeli territory.

Second, credible reporting suggests elements of the IRGC have actively discouraged Houthi escalation at certain moments. Nadwa al-Dawsari of the Middle East Institute has argued that the Guards do not want to “drag the Houthis into a suicidal war” because Tehran may need Yemen as a fallback base if the Iranian regime itself collapses. That is not how a principal treats an agent. It is how one franchise operator protects another.

Third, the Houthis are conducting their own internal debate. Al Jazeera’s reporting from Sanaa and analysis by INSS identify two camps inside the Houthi leadership. A cautious current, shaped by the hard lessons of Operation Rough Rider — the U.S. bombing campaign that ran from March to May 2025 and killed many of the group’s senior missile and drone commanders — argues that direct involvement drains resources, invites Israeli decapitation strikes, and complicates the political track with Saudi Arabia. A maximalist current, aligned with the “unity of fronts” rhetoric coming out of Tehran, argues that this moment is the strategic payoff the movement has spent a decade preparing for. The March 28 strikes on Israel were a compromise between these camps, not an order from Iran.

The May 2025 Omani-brokered U.S.-Houthi ceasefire is the one piece of evidence often cited for the proxy frame. Iranian officials did sway the Houthis to accept it, and the Atlantic Council read this as evidence of Tehran’s “continued command and control.” But the better reading is the INSS one: Iran negotiates with the Houthis, not through them. The ceasefire served Houthi interests — stopping a bombing campaign that had killed their commanders — at a moment when those interests happened to align with Iran’s. Alignment is not subordination.

Why Restraint Now, and What Breaks It

Three drivers account for Houthi restraint through the current phase of the war.

The first is self-preservation after 2024 and 2025. Israeli and U.S. strikes gutted Hodeidah port, killed the cabinet, eliminated al-Ghamari, and degraded the missile and drone arsenal Iran had spent a decade building up. The decapitation playbook Israel ran against Hezbollah — killing Hassan Nasrallah in September 2024 and most of the senior leadership in the weeks that followed — is now a credible Yemen scenario. Abdul-Malik al-Houthi knows this. His survival instinct counsels caution.

The second is the Saudi détente. The 2022 truce between the Houthis and the Saudi-led coalition has held through the Gaza war and survived Operation Rough Rider. Saudi Arabia has spent the last year quietly betting that containment works. More urgently, Riyadh now depends on the Red Sea ports — Yanbu especially — as its Hormuz workaround. Any Houthi strike on shipping off Yanbu shatters the détente and reopens the active Yemen war at a moment when the Saudi-backed internationally recognized government in Aden is stronger than it has been in years.

The third is Yemeni public opinion. Palestine mobilizes the Yemeni street. Iran does not. Most Yemenis view the Islamic Republic as yet another foreign power meddling in their country. Attacking commercial shipping “in solidarity with Gaza” in 2023 and 2024 produced a domestic popularity surge. Attacking shipping “in solidarity with Iran” in 2026 is a much harder sell.

But restraint has a trigger. Three developments would collapse it.

First, U.S. ground operations against Iran. President Trump has deployed an additional 2,500 Marines to the region and has publicly discussed seizing Iran’s Kharg Island. If the war moves from air campaign to ground operation, the calculus inside the Houthi leadership inverts — because the unity-of-fronts logic becomes existential rather than rhetorical.

Second, direct strikes on Houthi infrastructure. If the U.S. or Israel hits Hodeidah, Sanaa, or senior Houthi leadership, the internal debate flips immediately toward the maximalist camp. The cautious current’s entire argument rests on the premise that the Houthis can keep their heads down and preserve the movement. Strikes that negate that premise negate the argument.

Third, an Iranian signal tied to regime survival. Will Todman at CSIS has laid this out clearly: if Tehran judges the regime is existentially threatened, it will squeeze the Houthis hard to join in the fray. New Supreme Leader Mojtaba Khamenei has already hinted at “new fronts in the conflict.” If the IRGC concludes Yemen is the last lever available, they will pull it — and the Houthi maximalist camp will pull with them.

The Bottom Line

What happens at Bab el-Mandeb determines whether this war produces a manageable economic shock or a generational one. Saudi Arabia cannot sustain export volumes without the Red Sea. Egypt cannot sustain its balance of payments without Suez Canal revenues. Asian economies cannot sustain industrial output if both straits close simultaneously. The Bab el-Mandeb is not a secondary concern. It is the keystone of the global response to the Hormuz closure.

The policy implications of the franchise frame are three.

One: any off-ramp with Iran that does not include a separate Houthi track will leave the Red Sea threat intact. Tehran cannot deliver the Houthis. It can influence them, but it cannot guarantee their behavior after a ceasefire.

Two: Riyadh and Muscat are faster levers than Tehran for keeping Bab el-Mandeb open. Oman brokered the 2025 U.S.-Houthi ceasefire. Saudi Arabia has direct back-channels to Abdul-Malik’s circle through the stalled peace roadmap. Those channels should be running hot right now.

Three: direct strikes on Houthi infrastructure should be understood as guaranteeing, not deterring, the Red Sea campaign. Every previous American bombing campaign against the Houthis has ended with more sophisticated Houthi capability and more aggressive Houthi rhetoric. The U.S. Navy is better served by escort operations and deterrent patrols than by strikes that radicalize an internal debate currently running in Washington’s favor.

The image to keep in mind is the USS George H.W. Bush rounding the Cape of Good Hope in mid-April. The Houthis have not fired a shot at a commercial vessel in 2026. They have not sunk a tanker, seized a ship, or mined a shipping lane. And they have still reshaped American naval movement across one of the world’s most critical chokepoints.

That is the franchise at work. Alongside Iran, the Houthis are a consequential variable the Trump administration does not control — and cannot control by treating the Houthis as someone else’s problem to manage.

Follow Chip on X.com and LinkedIn, and watch his Special Competitive Studies Project podcast, Intelligence at the Edge!

This article was originally published on Chip's Substack and is reposted here with permission, give him a follow.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Pakistan’s Terror Landscape Continues to Threaten South Asia

In March 2025, an elderly cleric with a long history in Pakistan’s jihadist circles stood before a gathering at Markaz-e-Taiba and called for “jihad against the kuffaar,” explicitly naming India and Israel. The speaker was Amir Hamza, co-founder of Lashkar-e-Taiba (LeT), and his sermon came just weeks before the Pahalgam attack, in which 26 civilians were killed in India’s Union Territory of Kashmir. One year since the Pahalgam attack, Makraz-e-Taiba—LeT's headquarter in Pakistan—remains destroyed because of an Indian airstrike during Operation Sindoor, and Amir Hamza survived two assassination attempts. However, Pakistan-based terrorist organizations have adopted to changing operational circumstances and expanded their geographical reach under the auspice of Pakistan’s civil-military leadership.

The questions remain whether anything has meaningfully changed at all since the four-day conflict between India and Pakistan unfolded in May last year. The answer, based on evolving patterns of activity, appears to be no. Rather than dismantling these networks, Pakistan-based terrorist organizations have adapted, restructured, and in many ways expanded their reach under the protection of the country’s civil-military establishment. Such accommodations not only reveal the acceptance of terrorist organization but exposes the links that continue to flourish under the leadership of Pakistan’s de-facto leader, Field Marshal Asim Munir. As Pakistan continues to position itself as a peacemaker in the Middle East, Islamabad’s ongoing support for Salafi-Jihadi groups reveals a fresh chapter of Pakistan’s long-troubled history with terrorism.

New Logo, Same Motto

Pakistan has formally banned organizations such as Lashkar-e-Taiba and Jaish-e-Mohammad (JeM), but these actions have not translated into meaningful dismantlement. Indian kinetic operations imposed operational setbacks for terrorist outfits and caused significant damage to the state’s military infrastructure, yet Islamabad has not eliminated these groups but helped mainstream them. These groups have now reoriented themselves through layered organizational structures that preserve their operational capabilities while providing a veneer of legitimacy. This transformation is most visible in the emergence of the Pakistan Markazi Muslim League (PMML), widely understood to function as a political front for LeT.

This dual-track strategy—pairing militancy with political participation—is not new, but it has intensified in recent years, particularly under the consolidation of power by Field Marshal Asim Munir. LeT operatives have increasingly appeared in public political spaces, participating in rallies, community outreach programs, and youth mobilization campaigns. These activities blur the boundary between extremist networks and mainstream political life, making it more difficult to distinguish between state-sanctioned political engagement and covert militant operations.

The presence of figures such as Saifullah Khalid Kasuri, a veteran LeT commander now operating within the PMML framework, highlights the extent of this integration. Kasuri, who resurfaced on US radar in 2024 after meeting Hamas terrorist Khaled Mashal in Doha, has openly acknowledged his ties to the Pakistani military and has been photographed alongside senior officers. Similarly, Hafiz Abdur Rauf, a US-designated terrorist, has been seen leading funeral prayers for Pakistani soldiers in the presence of uniformed officials. These instances reflect a pattern of proximity between militant actors and state institutions that raises serious questions about Pakistan’s commitment to counterterrorism.

Despite failing to secure electoral success, PMML has remained active as an ideological platform, targeting youth through training camps, religious competitions, and public gatherings. On several occasions, LeT leader and son of Hafiz Saed, Talha Saeed, has hosted rallies which have been attended by senior Pakistani politicians. In a picture recently leaked online, PMML-Islamabad chief can be seen sitting with Pakistani Defense Minister Khwaja Asif. Such evidence of close relationship between LeT-led political outfit and high-profile Pakistani politicians reveals the degree of access LeT operatives enjoy under the cover of political activities.

Adaptation and Expansion: New Networks, Old Objectives

The transformation of militant groups is not limited to political rebranding. These organizations have also adapted their operational and financial strategies to evade scrutiny and sustain activity. LeT-linked charity networks such as Falah-i Insaniat Foundation (FIF) continue to raise funds across Pakistan, despite being subject to US sanctions. Meanwhile, groups like JeM have shifted toward digital financing mechanisms, including mobile wallets and decentralized payment systems, allowing them to operate with greater anonymity and reduced reliance on formal banking channels. This shift into digital ecosystems represents a significant evolution in militant financing. It reduces the effectiveness of traditional counterterrorism tools, such as financial monitoring and sanctions, while enabling groups to tap into new sources of funding. The result is a more resilient and adaptive network capable of sustaining operations even under increased international scrutiny.

At the same time, these groups are expanding geographically within Pakistan. On April 14, LeT leaders Saifullah Kasuri and Faisal Nadeem visited Quetta in Balochistan Province held a large gathering of LeT cadres. Hundreds attended the gathering in Quetta, which likely reflects LeT’s attempt to strengthen the organization in Balochistan. Historically concentrated in Punjab, organizations like LeT and JeM are now establishing a presence in regions where they previously had limited influence, particularly in Balochistan and Khyber Pakhtunkhwa (KPK). Recent reporting of recruitment drives by JeM in remote areas of KPK also indicate a deliberate effort to broaden their operational footprint in western Pakistan. This expansion serves multiple purposes. First, it allows these groups to diversify recruitment and funding sources, reducing their dependence on traditional strongholds. Second, it enables them to rebuild organizational capacity following losses inflicted by Indian military operations. Third, and perhaps most significantly, it aligns with Pakistan’s broader security challenges.

Pakistan is currently facing a surge in internal insurgencies, particularly from groups such as the Tehrik-e-Taliban Pakistan (TTP) in Khyber Pakhtunkhwa and the Baloch Liberation Army (BLA) in Balochistan. According to the 13th edition of Global Terrorism Index, TTP and BLA were responsible for more than 1,000 attacks in 2025, making Pakistan one of the most terrorism-affected countries globally. In this context, the expansion of LeT and JeM into western Pakistan takes on a new dimension. Rather than being solely oriented toward external targets such as India, these groups may also be serving as instruments of internal counterinsurgency. By recruiting fighters in regions affected by anti-state violence, Pakistan’s military establishment could be attempting to leverage jihadist networks to counter other militant threats. This strategy, while tactically expedient, carries significant risks. It reinforces the ecosystem of militancy rather than dismantling it, creating a cycle in which one form of extremism is used to combat another. Over time, this approach is likely to deepen instability, as different militant groups compete for influence, resources, and legitimacy.

Conclusion: A Persistent Threat to Regional Stability

The persistence and adaptation of these networks raise a fundamental question: has anything truly changed since the Pahalgam attack and the subsequent India-Pakistan crisis? On the surface, there have been visible actions through Indian military operations. However, this has not addressed the underlying structures that sustain militancy in Pakistan. Instead, Pakistan’s approach appears to have shifted toward managing, rather than eliminating, extremist networks. By allowing these groups to operate through political fronts, charitable organizations, and decentralized financial systems, the state has effectively created a parallel ecosystem in which militancy can evolve without direct confrontation. This approach may provide short-term flexibility, but it undermines long-term stability. It perpetuates a cycle of violence that extends beyond Pakistan’s borders, posing a continuing threat to regional security, particularly in South Asia.

One year after Pahalgam, Pakistan’s militant ecosystem has not weakened but evolved, exposing the reality of its military’s "death by a thousand cuts” doctrine against India. This reality should raise serious concerns in Washington, especially as the United States increasingly relies on Pakistan as a mediator in its engagement with Iran. US policymakers must therefore approach this partnership with caution, recognizing that a state struggling to manage its own militant ecosystem may not be a dependable broker in high-stakes regional diplomacy.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

From Chernobyl to Ukraine: The Enduring Cost of Kremlin Lies

In April 1986, a reactor exploded at Chernobyl and the Soviet Union lied about it. That instinct to conceal, distort, and deny did not just worsen the disaster; it would come to define the collapse of the Soviet state. Forty years later, that same instinct still shapes Russia, the largest of the former Soviet republics and, under Putin, the self-proclaimed legacy of that broken system. From Chernobyl to the Ukraine invasion, the through line is not nuclear energy or military ambition. It is the cost of lies. Putin and his siloviki have made it an official state tradecraft.

Four decades since the Soviet nuclear catastrophe at the Chernobyl plant it is important to remember the cost. Dozens died immediately, thousands more within a few years, and likely tens of thousands over the decades from radiation-related illnesses. The disaster scarred the landscape of Ukraine and Belarus, but it also changed the Soviet Union itself, accelerating its decline under the weight of corruption, deception, and bureaucratic rot. Those were not incidental flaws. They were the system.

Looking back at Chernobyl offers a way to understand Russia today. The same security elite - born of the KGB and now embodied in the FSB, SVR, and GRU - still govern the country. President Vladimir Putin and his inner circle of KGB veterans often invoke the Soviet past with nostalgia. But they do so selectively, avoiding the truths that would indict their own system. Their vision is clouded by the same habits of concealment and self-deception that doomed the USSR.

The central lesson of Chernobyl is simple: lies have consequences. The Soviet system was built on them. From Stalin onward, “five-year plans” set unrealistic production targets divorced from reality. Workers and managers learned to fabricate success rather than report failure. The result was a vast Potemkin façade - an economy and state sustained by alleged performance rather than truth. Eventually, the façade, like Catherine the Great’s village of the same name, collapsed.

At Chernobyl, that culture proved fatal. As Adam Higginbotham recounts in his seminal work, Midnight in Chernobyl, bureaucratic pressure and blind obedience drove operators to conduct a dangerously flawed test. Safety systems were disabled and key procedures were ignored. The goal was not safety, but approval from superiors in a rigid, abusive chain of command. Everyone was trying to get ahead in a corrupt, feudal-like Soviet system.

Worse still, the operators were working in the dark, literally and figuratively. The RBMK reactors used at the Chernobyl plant (there were four of them providing energy to the greater Kiev region at the time) had a known design flaw: its control rods, intended to slow or stop the nuclear reaction, could initially increase reactivity when inserted under certain conditions. This flaw had nearly caused a catastrophe during earlier testing in Leningrad. But it was concealed, not only from the public, but from many within the Soviet nuclear establishment itself.

The reason was simple: RBMK reactors were meant to symbolize Soviet technological prowess. They were bigger than those in the West, safer than those in the West, impossible to explode or compromise. Admitting flaws risked lower output, reputational damage, and political consequences. So, the truth was buried.

On the night of April 26, 1986, that buried truth surfaced catastrophically. When operators attempted to shut down the reactor, the control rods accelerated the reaction instead. All the safeties had been removed in order to “complete the test” and for the bureaucrats in charge to get their Soviet-style bonuses and promotions. And with the concealed flaw, the very system designed to ensure safety triggered the explosion.

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

It is an apt metaphor for the Soviet state - and for its successor, Russia. Institutions meant to protect the system instead destroyed it, because they were built on secrecy and lies.

Today’s Russia reflects the same pattern. The security services - once the KGB, now its successors in the FSB/SVR/GRU - have not reformed so much as evolved. Their core function remains the same: to preserve power through control of information and to protect the state and its personage in Vladimir Putin. But in doing so, they distort reality for themselves as much as for others.

That dynamic was evident in the invasion of Ukraine. Russian military and intelligence leaders fed optimistic, often false assessments up the chain of command. The FSB and other “organs” of power told President Putin what he expected to hear - just as Soviet officials had done for decades. The result was a catastrophic miscalculation: the largest land invasion in Europe since World War II, launched on faulty assumptions of a short, decisive war. The failed prognostications have cost Russia over 1 million in dead and wounded.

Again, lies fed more lies. And again, the consequences were devastating. The parallels to Chernobyl are not just abstract. They are all too human and they had and still have devastating human consequences for millions of Ukrainians, and Russians.

In 1986, the town of Pripyat - just miles from the reactor - was not evacuated for 36 hours. Tens of thousands were exposed to dangerous radiation. Thousands of them, including children, would die from cancer. The fallout spread across Belarus, Lithuania, and beyond. My own wife, like countless others, spent those days as a young school “pioneer” outdoors in Lithuania for days during school recess, and after school, unknowingly breathing in radioactive particles with no warning from the Soviet leadership. Citizens in Europe and Scandinavia were warned to avoid going outdoors before Soviet citizens thousands of kilometers closer to the danger.

May Day celebrations proceeded as scheduled in Kiev and Minsk with no concern for their citizens’ safety and health while radioactive particles and fallout fell on them. Decades later, those same hundreds of thousands face elevated cancer risks and lifelong medical monitoring (especially of thyroid cancer, the highest risk for having absorbed radiation in such conditions). Hundreds of thousands, even millions, were exposed needlessly, for no reason but lies.

A state that does not protect its own children defies the laws of nature. Russia is that state today, like the USSR was then.

The true human cost of Chernobyl will never be fully known. The Soviet system was too compromised by secrecy to measure it accurately. That same disregard for truth - and for human life - echoes today in Ukraine. Entire cities have been devastated. Millions displaced. The damage, like radiation, spreads invisibly and endures long after the initial event.

There is also a bitter irony in Chernobyl’s continued relevance. The disaster contributed directly to the collapse of the Soviet Union - what Putin has called the “greatest geopolitical catastrophe of the 20th century.” The financial burden of cleanup, combined with an already strained military economy, hastened the system’s unraveling. The Soviet state, already overburdened trying to keep up in an arms race and devoting over half its economy to military production, buckled under the weight of a massive cleanup involving hundreds of thousands of conscripts and volunteers, and billions of rubles.

And yet, the actual site of the catastrophe remains at risk. Recently, a Russian drone struck the New Safe Confinement structure (NSC) built to contain the reactor. The attack caused significant damage and risked releasing radiation once again. That such a target would be endangered - by the very state that inherited responsibility for the disaster, Russia, and whose own citizens could be put at risk - defies logic. But it follows a familiar pattern: short-term action divorced from long-term consequence. Again, the Ukrainian people are made to suffer and be put at risk, just like 40 years ago; and in the midst of an already costly war with untold suffering brought on by Putin and his lies.

Not a Subscriber+Member? Let's fix that and get you access to expert-level national security insights.

Chernobyl is not just history. It is a warning. The lesson is not limited to nuclear safety or Soviet bureaucracy. It is broader, and more enduring: systems built on lies accumulate hidden risks. Those risks eventually surface - often suddenly, and catastrophically.

Forty years ago, the Soviet Union could not escape the consequences of its own deception. Today, Russia faces a similar reckoning. The same habits persist: suppressing bad realities, rewarding loyalty over truth, and mistaking control for stability. But reality has a way of asserting itself.

As the Chernobyl (HBO) series memorably put it: “Every lie incurs a debt to the truth.” That debt can be delayed, disguised, or denied. But it cannot be erased. The question is not whether it will be paid, but when, and at what cost. Putin has encumbered Russia with more lies than any leader in modern Russian or Soviet history. But he faces no accountability for it. Someone will have to pay the debt. Sadly, it is not Putin, nor the security services who will pay, but ultimately, like in Soviet times, the Russian people.

Pyongyang’s Bet: Nuclear Growth and Great Power Support

OPINION – North Korea is building more nuclear weapons and more sophisticated ballistic missiles to target the region and the U.S., while ensuring that they are closely aligned with China and Russia. Basically, North Korean leader Kim Jong Un has given up on the U.S., even if the U.S. relents and accepts North Korea as a nuclear weapons state.

The International Atomic Energy Agency (IAEA) Chief, Rafael Grossi, while on a recent visit to South Korea, said North Korea is boosting its nuclear weapons capability, saying they made “very serious” advances in their nuclear program. He cited their new uranium enrichment facility at the Yongbyon nuclear complex, noting that satellite images were like the images for their uranium enrichment facility in Kangson.

North Korea’s Highly Enriched Uranium (HEU) program goes back to 2000, when the Intelligence Community (IC) assessed – despite press skepticism -- that North Korea had a clandestine HEU program. To this day, North Korea denies having an HEU program for nuclear weapons. And in the failed 2019 Hanoi Summit with President Donald Trump, Mr. Kim refused to include his HEU sites in any agreement with the U.S.

North Korea reportedly has between 50 and 60 nuclear weapons, with enough fissile material – from HEU and Plutonium -- to increase that number to 100 nuclear weapons within the next few years. I – and others who follow North Korea -- believe North Korea can miniaturize and mate these nuclear weapons to the tip of ballistic missiles.

Impressive progress has been made with North Korea’s ballistic missile programs. Recently, they displayed the Hwasong -20, a large, solid fuel, mobile, multiwarhead (MIRV) Intercontinental Ballistic Missile (ICBM) with a range of 15,000 kilometers. This is the latest in an arsenal of over 400 ballistic missiles, from short-range (SRBM) to long-range ICBMs designed for nuclear and conventional warheads. The focus has been on the solid-fuel systems like the KN-23, KN-24, and the KN-25 and the sophisticated ICBMs, like the Hwasong-17 and Hwasong-19.

North Korea’s nuclear doctrine has evolved from no-first use to “automatic” preemptive use of nuclear weapons if its leadership and command systems are under imminent – or perceived to be imminent attack. Their work on hypersonic systems, to defeat missile defense systems – is impressive, as is their progress with cruise and anti-ship missiles.

Pyongyang made sure the world saw Mr. Kim visiting the 5000-ton Choe Hyun-class destroyer, their second destroyer with a third and fourth destroyer under construction. Plans are for North Korea to exponentially increase the number of nuclear-capable destroyers to twelve by 2030, all armed with cruise and tactical ballistic missiles.

It’s not only North Korea’s rush to acquire more nuclear weapons and missiles to potentially target countries in the region and the U.S., or their new preemptive-use doctrine, it is North Korea’s allied relationship with China and Russia that should be of concern. Historically, North Korea has relied on China for its economic survival and Russia, prior to 1991, for assistance with its nuclear and missile programs. But things have changed. North Korea is closer to China than at any time since Mr. Kim took over in 2011. Indeed, the September 2025 visit to Beijing to stand with China’s Xi Jinping and Russia’s Vladimir Putin was the beginning of a new and closer North Korean relationship with China and its leader, Xi Jinping. China’s Foreign Minister Wang Yi’s visit last week to North Korea to meet with Mr. Kim -- and the attention it got from North Korea’s press -- was indicative of that improved relationship.

North Korea’s relationship with Russia over the past few years has progressed rapidly, with a mutual defense treaty and North Korean assistance – troops and munitions -- to Russia for its war with Ukraine and the likely nuclear, missile and satellite assistance North Korea is receiving from Russia.

North Korea now has two permanent members of the United Nations Security Council (UNSC) who will ensure that no further sanctions are imposed on North Korea for their continued violations of UNSC resolutions.

So, in the final analysis, Pyongyang has probably concluded that they don’t need a normal relationship with the U.S. They have China and Russia who provide economic and military support and apparently accept their nuclear status. And Mr. Kim’s global credibility – important to him -- will be derived from a close allied relationship with China and Russia, and their leadership of the Shanghai Cooperation Organization (SCO), the BRICS (Brazil, Russia, India, China, and South Africa), and their appeal to the Global South.

It appears that Mr. Kim is taking advantage of the U.S. war with Iran – and tension with NATO -- to grow his nuclear arsenal, while strengthening his relationship with China and Russia.

Indeed, if the U.S. relents – which North Korea believes is inevitable – and eventually accepts North Korea as a nuclear weapons state, Pyongyang will pocket the win, and use it to get more from his allies, China and Russia.

This column by Cipher Brief Expert Ambassador Joseph DeTrani, was first published in The Washington Times, and is republished with permission from the author.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Why the Navy’s Next Battleship Faces Major Hurdles

“The Navy and Coast Guard need to demonstrate that the approach to these [shipbuilding] programs is not a short-term deviation followed by returning to the long-standing business as usual approach. This is especially true for shipbuilding programs that require new designs, like the future [Golden Fleet Trump-class] BBG(X) battleship…For these and other future programs, fully leveraging the range of leading ship design practices -- like iterative design based on user feedback and robust, in-house ship design capabilities and digital tools -- will be critical to long-term success.”

That’s an excerpt from the prepared testimony of Ms. Shelby Oakley, the Government Accountability Office (GAO), Director of Contracting and National Security Acquisitions, who appeared last Wednesday before the House Armed Services Subcommittee on Seapower and Projection Forces in a hearing on the shipbuilding challenges facing the U.S. Navy and Coast Guard.

Navy shipbuilding design was a central focus of GAO’s Ms. Oakley’s testimony last week. As she put it, “Improving ship design practices is one step that could help drive different outcomes on ship building programs. As I have testified in the past, both Navy and Coast Guard continue to move into construction before designs are sufficiently mature. That's a consistent pattern and it leads to predictable results -- cost overruns, schedule delays, and performance issues.”

I want to apply those words to the Trump-class BBG(X) battleship, which has been controversial since the President first disclosed it at a Mar-a-Lago press conference last December 22. At that time Trump said, “It's my great honor to announce that I have approved a plan for the Navy to begin the construction of two brand new, very large -- the largest we've ever built -- battleships.”

Taking credit for the idea, Trump said, “It started with me in my first term because I said why aren't we doing battleships like we used to? And these are the best in the world. They'll be the fastest, the biggest and by far -- 100 times more powerful than any battleship ever built.”

Trump went on, “I don't know if anyone's seen Victory at Sea [a famous documentary about World War II naval battles], but it was a classic. They'll [BBG(X) battleships] help maintain American military supremacy, revive the American shipbuilding industry and inspire fear in America's enemies all over the world.”

Trump added, “America's battleships have always been unmistakable symbols of national power. We stopped making them for whatever reason, I don't know.”

At that point, Trump congratulated his Palm Beach neighbor and friend, then-Navy Secretary John Phelan, saying, “He [Phelan] came to me -- the first day we met, he talked about battleships and I said you're absolutely on the right track. He said why are we doing other things?”

Trump continued, “The [BBG(X)] battleships are going to be armed just in terms of guns and missiles at the highest level. They'll also have hypersonic weapons, many hypersonic weapons, state-of-the-art electric railguns and even the high-powered lasers that you've been starting to read about. We have lasers where you aim the laser at a target and it just wipes it out. We're going to have…the most sophisticated laser in the world will be on the battleships that we're building.”

I must note that Navy hypersonic, laser and railgun weapons are still in development.

As if that were not enough, Trump added, “They'll also carry the nuclear arms to launch cruise missiles currently under development, which will be instituted pretty quickly. But they're under development and they've proven to be extremely lethal.”

Then Trump stated, “The U.S. Navy will lead the design of these ships along with me, because I'm a very aesthetic person, alongside our partners in American industry.”

Later, during a February 2026 speech to soldiers at Fort Bragg, Trump said, “The new battleship that we have, which I've seen and helped design. I put a little more spirit in the hull, a little more -- give me a little bit more hull and give me -- I want that ship to look gorgeous.”

Although Trump last December said he had approved “a plan for the Navy to begin the construction” of two BBG(X) battleships, Naval News last week more accurately described that Mar-a-Lago announcement as an “initial concept debut” for the vessels.

Last Tuesday, Navy Secretary Phelan in a keynote speech at the Navy League's Sea-Air-Space conference, opened by saying, “President Trump's Golden Fleet Initiative is not an aspiration. It is the framework by which we deliver decisive maritime power at scale. Under his leadership, we are making a generational investment in American sea power that represents the largest sustained ship building order since FDR urged American industry to build the fleet to win World War II.”

As for the BBG(X) battleships, the first currently set to be named the USS Defiant, Phelan described “Battleship strike groups [that] will offer commanders more war options than what exists in today's fleet.” The new battleship will integrate on board a “staff element for forward command and control, network unmanned systems, layered air and missile defense, directed energy, high-speed long-range strike [that] is designed to operate and prevail across all contested domains. They are built to fight and stay in the fight by sustaining fires, maintaining pressure, and outlasting any adversary.”

“But,” Phelan added, “high-end capability alone does not win wars. Wars are won by forces that can adapt faster than the adversary, that can iterate in real time and scale combat power without delay. That requires a true high-low mix, expanding presence without sacrificing producibility -- new frigates, small surface combatants, and fully integrated unmanned systems.”

On the sidelines of Tuesday’s Navy League Sea Air Space exposition, Phelan confirmed to reporters that the Navy is already in talks with vendors about the BBG(X) design.

“We have been talking to two different vendors as we speak right now,” Phelan said, “and then it’ll be a function of how we get through that design process with them, and then their capacity in their yards, what we think they can do, because we’re looking to really get moving on this and lay the keel in [20]28.”

At a Pentagon background session for reporters on the Navy’s fiscal 2027 budget last Tuesday, Assistant Secretary of the Navy for Budget, Rear Admiral Ben Reynolds laid out just how costly the BBG(X) battleship program will be, starting with research and development (R&D) for the battleship, which is already underway.

“I just want to say that we're already in this year, in [20]26, spending at least $134 million already in R&D for the battleship today,” Reynolds said, “as we try to really tighten and refine the requirements process. And I think we'll likely go to try to put more money into that [R&D] in [20]26 as well.” He later said it could be $100 million to $120 million more this year.

The fiscal 2027 Navy budget for the BBG(X) battleship has an additional $837 million in R&D, plus $1 billion for advanced procurement (AP), which is described as for long-lead materials and design work.

Reynolds said, “I think that the R&D work and AP that we do in [20]27 will be incredibly important. And I think through that very disciplined requirements process and then expanding the way we're building ships, I expect us to be able to start construction [on the first battleship] in [20]28. Remember, it's a battleship. It's a large ship, and so we will start construction in [20]28 and then work in construction through the next few years.”

Over the next five years, according to Reynolds, the Navy expects to spend $3.9 billion for R&D and $43.5 billion for actual shipbuilding, for what’s become a three BBG(X) battleship program. That means each BBG(X) battleship’s costs are expected to be $13 billion-to-$15 billion, roughly equal to each of the next three Ford-class aircraft carriers.

Phalen was fired as Navy Secretary last Wednesday by Defense Secretary Pete Hegseth, with no reason given. President Trump told reporters a day later of Phalen, “He’s a very good man. I really liked him, but he had some conflict, not necessarily with Pete. He’s [Phalen’s] a hard charger, and he had some conflicts with some other people, mostly as to building and buying new ships. I’m very aggressive in the new shipbuilding.”

Politico last week suggested Phalen’s firing was related to his promotion of the Trump-class battleships, because Hegseth and Deputy Defense Secretary Stephen Feinberg wanted “to pivot

toward smaller, cheaper uncrewed ships, according to the two people, who…were granted anonymity to discuss sensitive matters.”

That got me thinking that there are other potential blockages to the BBG(X) battleship moving ahead, starting with the GAO’s Oakley’s testimony to the House subcommittee that “early design work helps you kind of stress out what it is you can and can't do.”

That echoed what the Chief of Navy Operations (CNO) Adm. Daryl Caudle said last week during a session with reporters at the Navy League event. Caudle picked up on the design issue saying that one of the “mistakes that we’ve done before, quite frankly,” is “we’ve started to build before the design is mature enough.” The CNO then added, “And we want to make sure that we’re at [sic] least a very, very high level – I won’t try to give a percentage, but you can think like 80% or more design – before the first weld is done.”

Since BBG(X) design work will continue for at least another two years, my bet is that none of these Trump-class battleships will ever actually be built.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

America Is Fighting the Wrong Drone War

For two decades, U.S. drones hunting terrorists across the mountains of South Asia were the symbol of American military power: precise, lethal, and unmatched. That era is now over. Drones are no longer exquisite tools of counterterrorism and have evolved into something far more common and destabilizing: cheap, expendable, and mass-produced tools of attrition. Despite pioneering the technology, the United States is now poorly positioned for the version that matters most. Critical mass is being replaced by a strategy of 'death by a thousand cuts,' as quantity assumes a quality all of its own.

From Ukraine to the Persian Gulf, and increasingly along America’s own borders, expendable drones are reshaping battlefields and quickly rewriting how modern wars are waged. These platforms aren’t winning wars outright, but they are doing something just as important: straining defenses, exhausting budgets, and outlasting the very systems that were designed to counter them. Right now, the United States is least prepared for that reality, and its adversaries know it.

But two things can be true at once: the United States still leads in advanced conventional military power, and cheap drones aren't necessarily subject to those rules. They don’t need to be sophisticated, just cheap and in constant supply. That alone is enough to upend long-held assumptions about how wars are fought and won. Today, America’s adversaries — state and non-state alike — are using drones more effectively while Washington has yet to fully reckon with what that portends, both in the short and long term.

The new drone war runs on a simple, ruthless logic: cheap beats expensive. Take Iran’s Shahed-136 drones. They are simple by conventional standards—noisy, slow, and not particularly precise—yet brutally effective. Costing as little as $20,000, they are mass-produced for saturation, overwhelming defenses through sheer volume. Each drone forces a response, often with a missile costing over $1 million a piece. Do that math a thousand times, and you don't just have a military problem, but a dealbreaker for almost any defense budget.

This strategy is not incidental but deliberate. It is a calculated campaign of economic exhaustion — and it is working. For Western militaries and for those countries that Western militaries supply with weapons and training, this is not just inefficient but a losing equation.

This is what war looks like in 2026, where outcomes are no longer driven solely by large-scale strikes or which side destroys more targets. Conflicts are shaped by persistence through thousands of small hits that stretch resources, exhaust personnel, and wear down resolve of populations, militaries, and governments. Advantage favors the side that can sustain pressure while forcing the other side into a continuous, costly response day after day.

Ukraine offers the clearest example. Russia has used Iranian-supplied drones and domestically produced variants in relentless attacks against cities and infrastructure. In one recent 24-hour period, nearly a thousand drones were launched alongside cruise missiles. Even when most are shot down, the cumulative effect strains defenses, drains resources, and erodes public confidence. Ukraine, meanwhile, has emerged as one of the world’s most adaptive drone ecosystems, scaling production to tens of thousands of systems a month through a decentralized network of engineers, hobbyists, and 3D-printing workshops.

The same playbook is strangling the Red Sea, where Houthi militia forces have used inexpensive drones to disrupt one of the world’s most critical shipping lanes, forcing commercial vessels to reroute around Africa. The result is imposing billions in added costs on global supply chains, all driven by weapons that cost a fraction of the disruption they cause. Powerful nation-states are slowly waking up to the reality that well-trained and well-resourced non-state actors can consistently disrupt the global economy.

A quieter but equally dangerous version of this dynamic is also playing out along the Afghanistan-Pakistan border. The Afghan Taliban and Tehrik-e-Taliban Pakistan (TTP) are using off-the-shelf drones—some costing just a few thousand dollars—for surveillance and limited strikes. Pakistan’s cross-border operations have led to civilian casualties, hardening what began as localized tensions into a steady back-and-forth with both sides testing limits without tipping into full-scale war. Terrorist groups have adapted just as quickly, with ISIS and al-Qaeda affiliates now routinely modifying commercial drones for surveillance and attacks. In doing so, they have gained capabilities and reach they never had before.

Worryingly, the same trend is now visible much closer to home. Mexican cartels and criminal networks are operating drones along the U.S. border at a scale that would have seemed unthinkable a decade ago — for surveillance, tracking law enforcement, smuggling, and increasingly, attacks. More than 30,000 drone incursions were recorded in 2025 alone, including cases involving explosives. In one incident, a drone struck a government building in Tijuana, just miles from California.

The line between foreign battlefield and domestic threat has not just collapsed but has exposed where the United States is least prepared. The uncomfortable truth is that the United States is exquisitely prepared for a war no adversary wants to fight. The Pentagon has spent decades and trillions of dollars optimizing for high-end conflict —the kind built around stealth platforms, precision strikes, and overwhelming technological advantage. But that model assumes short wars, finite adversaries, and dominance through superiority. Cheap drones are invalidating all three assumptions in real time.

That mismatch is increasingly out of step with the wars America is actually facing. China is already moving aggressively in the opposite direction, pursuing a program to field one million tactical drones, while the United States procured roughly 50,000 in 2025 and plans another 200,000 by 2027. At the same time, the economics of defense are becoming harder to ignore. In the early days of the Iran conflict, the United States reportedly spent billions of dollars on interceptor systems in a matter of days. Against adversaries deploying drones that cost a fraction of that, the math is dangerously unfavorable.

Getting serious about this will require more than small adjustments.

First, the United States must treat low-cost, expendable drones not as a supplement but as a core element of how it fights. Quantity has a quality all of its own. Having enough systems matters just as much as having the best ones. The hard reality is that while the United States is not being outmatched technologically, it is still playing a game its adversaries have already changed.

The good news is that the Pentagon’s new $1 billion Drone Dominance program is a step in the right direction aimed at rapidly fielding tens of thousands of low-cost, one-way attack drones. So is the new training for force-on-force drone warfare, where autonomous systems engage each other directly. The U.S. defense budget may also allocate around $7.5 billion toward counter-drone systems in 2026, a belated recognition of just how costly it is to play defense in a war of attrition that adversaries are deliberately engineering.

These are the right instincts, because real competition is no longer about who has the most advanced platforms, but who can produce systems faster and cheaper. Iran’s effective use of low-cost drones to wreak havoc across the Gulf and to pressure the world's strongest military will only guarantee other countries to follow suit, accelerating efforts to develop their own indigenous drone manufacturing programs.

Second, defense ought to become cheaper than offense. Destroying a $20,000 drone with a million-dollar missile cedes the advantage to adversaries by design. Investments in systems like high-power lasers, electronic jammers, and autonomous counter-drone networks are essential if the economics of defense are to make sense again.

Third, the Pentagon must rethink how it buys and builds. The current development cycles measured in years are fundamentally mismatched against adversaries who adapt in days. That means opening the door to smaller manufacturers and startups, leveraging commercial technology, and accepting systems that are “good enough” if they are available at scale when needed. The LUCAS drone - based on the Shahed-136 design, developed by an Arizona startup, and fielded in roughly seven months - shows what is possible when the system moves at the speed of the threat. Such a shift will be uncomfortable for a defense community built around precision and quality, but the alternative is worse.

The United States invented this weapon and turned it into a defining counterterrorism tool. But that advantage is now moot. The technology has diffused and been successfully repurposed by a wide range of actors. The speed of this shift leaves little room for a slow response, with every year spent preparing for the last war only handing the advantage to those fighting the one today.

What is unfolding reflects a broader shift in the changing character of warfare, one that rewards volume over precision, staying power over firepower, and speed over perfection. In this kind of accelerated technological Darwinism, victory will be claimed by those who can sustain pressure, adapt quickly, and outlast their adversary.

Right now, even under the most optimistic scenario, the United States is at a serious disadvantage. Until it adjusts to that reality, it will keep fighting on terms set by others while absorbing costs it cannot afford to bear. This is a competition America cannot afford to lose.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Dangerous Trade of State Secrets

At just after 2 a.m. on January 3, explosions echoed across Caracas. Low-flying aircraft struck military installations. Venezuelan President Nicolás Maduro and his wife were seized by U.S. forces and taken into custody to face narco-terrorism charges.

Mere hours before President Trump announced the operation on Truth Social, a newly created Polymarket account had quietly staked just over $32,000 on Maduro’s exit from power by the end of January. When the news broke, that position paid out $436,759 — a return of more than 1,200 percent in under 24 hours, on an event Polymarket itself had been pricing at roughly 5 to 7 percent odds for weeks. The account had been created less than a week before the operation and had placed bets on only one subject: Maduro’s removal.

Nearly four months later, U.S. Army Special Forces Master Sgt. Gannon Ken Van Dyke is scheduled to be arraigned on Tuesday in the Southern District of New York, where he’s facing charges associated with wire fraud, conspiracy and misuse of national defense information. Neither Van Dyke or his attorney have yet issued a statement, though he is expected to enter a plea in court on Tuesday.

This isn’t the first time something like this has happened. On February 12, an indictment unsealed in Tel Aviv read like something from a different era of espionage — only instead of dead drops and clandestine meetings, the alleged method of exploitation was a cryptocurrency wallet and a prediction market website. An Israeli military reservist and a civilian were charged with placing bets on the online betting site Polymarket regarding the timing of military operations, based on classified information the reservist had accessed by virtue of his military duties.

The investigation, conducted jointly by Israel’s Shin Bet domestic security agency, the Defense Ministry, and the Israel Police, resulted in the arrests of several suspects and was widely believed to be the first public case stemming from classified operational intelligence being used to trade on a prediction market in a kinetic combat environment.

Sixteen days after the bet was made, on February 28, the United States and Israel launched coordinated strikes against Iran under what the Pentagon designated Operation Epic Fury. Before the first explosions were reported in Tehran, on-chain analytics firm Bubblemaps had already flagged six wallets that walked away with roughly $1 million in combined profit on the Polymarket contract “US strikes Iran by February 28, 2026?” Officials say most accounts were funded and activated within 24 hours of the strikes, all concentrated on the same date-specific contract, and all with no prior trading history.

The largest single wallet turned a roughly $61,000 position into a profit of over $493,000. The account bought 560,680 “yes” shares at about 10.8 cents each, when the odds were still at just 17 percent. and walked away with nearly half a million dollars once the contract was resolved. The Iran war-related contracts had, by that point, generated approximately $529 million in total trading volume on the timing-of-attack markets alone, with another $45 million wagered on the single largest contract tied to Supreme Leader Ayatollah Ali Khamenei.

JP Castellanos, Director of Threat Intelligence at Binary Defense, tells The Cipher Brief this pattern “has crossed the threshold into a documented, operational counterintelligence vulnerability.”

“Every time a government or military insider places a pre-operational bet, they are effectively broadcasting classified foreknowledge into a public, blockchain-transparent ledger,” he cautions.

This is no longer a story about gambling. It is a counterintelligence crisis.

A new vector for secrets

Polymarket said it reported suspicious trading in the case involving Van Dyke to law enforcement and that it is cooperating with investigators, while stressing that its rules prohibit trading on material nonpublic information.

Online betting outlets work like a stock exchange for real-world outcomes. Users buy and sell shares tied to whether a given event will happen, with prices shifting in real time as new information enters the market. Its founder and CEO, Shayne Coplan, has been unapologetic about the role of informed traders, insisting that insiders “having an edge in the market is a good thing” because it surfaces accurate predictions faster.

That framing might be defensible when applied to corporate earnings or box office projections, but does it hold when the underlying event is a military strike and the “informed trader” holds a security clearance?

The structural problem is not incidental to Polymarket’s design; it is embedded in it. While rival platform Kalshi is regulated by the Commodity Futures Trading Commission and bans contracts involving wars, terrorism, and assassinations, Polymarket has operated an overseas exchange outside the reach of U.S. authorities. That offshore structure has made it a magnet for the most controversial types of prediction-market wagers.

Users in the United States accessed the platform through virtual private networks that masked their identities, and transactions settled in cryptocurrency — pseudonymous, borderless, and largely resistant to subpoena.

Stephen Piepgrass, a regulatory attorney at Troutman Pepper Locke focused on financial enforcement, tells The Cipher Brief that the platform’s design features are precisely what make it so difficult to police.

“The prediction markets are thriving in part because they permit the use of anonymous accounts, allow trading using cryptocurrency, and do not require geofencing,” he explains. “To date, these have been features, not bugs, of this growing market. But these same factors make policing the markets challenging, if not impossible.”

The Israeli case made explicit what many in intelligence circles had long suspected. A senior Israeli source involved in the details of the affair said it would “cause an earthquake,” describing it as “a serious security scandal in which those involved are suspected of committing acts for the sake of money”.

The adversarial intelligence problem

The danger does not run only from insider to market. It runs in the other direction, too. Dennis Kelleher, a financial reform advocate with deep expertise in derivatives regulation, points out that U.S. adversaries already have both the motive and the means to exploit these markets as a live intelligence feed.

“U.S. adversaries can use event contracts on geopolitical events to try to determine if the U.S. is going to undertake an action against their country,” he tells The Cipher Brief. “They can go on prediction market platforms and see the baseline of activity on these event contracts and then monitor for any unusual activity, which could be a spike in activity or a newly opened account that places a large bet in the midst of reporting on a possible action. That could easily tip off an adversary that insiders who know what is going to happen are the ones driving the activity.”

Castellanos echoes the assessment, noting that foreign intelligence services like Russia’s Foreign Intelligence Service and China’s Ministry of State Security are almost certainly already doing exactly that.

A sudden price spike on a “U.S. strikes Iran by a certain date” contract three hours before an operation, he contends, carries actionable intelligence value, potentially providing warning time to Iranian partners or informing Russian diplomatic positioning.

The manipulation vector runs in the opposite direction as well. Kelleher warns that adversaries could just as easily use these markets offensively, placing large bets to manufacture the appearance of insider knowledge and sowing anxiety without firing a shot.

Piepgrass offers a concrete example.

“An adversary could create a new account and place a large bet around, for example, a major regional power grid going down,” he notes. “If U.S. intelligence monitors the markets and believes an attack on the grid is imminent, it could divert resources and focus to that area, leaving the actual target more vulnerable.”

On March 10, Times of Israel military correspondent Emanuel Fabian reported that an Iranian missile had struck an open area outside Beit Shemesh. The attack caused no reported casualties but what Fabian didn’t know at the time was that his dispatch had become the resolution trigger for a Polymarket contract with more than $14 million wagered on whether Iran would strike Israel that day.

What followed was a pressure campaign: emails, WhatsApp messages, fabricated legal threats, and eventually death threats from users who had lost positions worth an estimated $900,000. Some of them demanded he rewrite his reporting. Polymarket condemned the harassment, banned the accounts involved, and said it was cooperating with authorities.

What the episode made plain was something Polymarket’s defenders had not seriously reckoned with: that contracts carrying enough money can turn journalists into targets, with their reporting becoming leverage in someone else’s financial bet.

Matthew Wein, a national security analyst who has studied prediction markets and insider threat dynamics, tells The Cipher Brief that the risk of foreign manipulation is real and relatively easy to execute.

“For a relatively cheap level of investment, an adversary could buy up the price of a certain market to drive news coverage of the change in price or probability,” he says. “Given news organizations’ agreements with prediction markets, the ability to change the narrative of a given news story seems relatively easy.”

Washington moves — slowly

Congress has begun to stir. Federal officials, political appointees, and executive branch staff would be barred from trading event contracts tied to government policy based on nonpublic information under a bill introduced by Representative Ritchie Torres in the House.

Senator Adam Schiff and Representative Mike Levin jointly introduced the DEATH BETS Act on March 10, which would explicitly prohibit any CFTC-registered exchange from listing event contracts referencing terrorism, assassination, war, or an individual’s death.

That same day, Senator Richard Blumenthal introduced the Prediction Markets Security and Integrity Act to address fraud, insider trading, and broader market manipulation. Then, on March 17, Senator Chris Murphy and Representative Greg Casar introduced the BETS OFF Act, which would ban trades on war, terrorism, assassination, non-financial government actions, and events where someone controls or knows the outcome in advance. Senator Blumenthal put it directly, stating that “prediction markets have become a haven for insider trading, market manipulation, and underage gambling” and that these “billion-dollar businesses are turning war into a casino game.”

Yet the legislative momentum faces structural headwinds. Donald Trump Jr. is an adviser to Polymarket, and his venture capital firm 1789 Capital has invested millions in the company. The Trump administration dropped two federal investigations into the platform — one civil, one criminal — that were opened under former President Joe Biden. By November 25, 2025, Polymarket had its CFTC designation in hand, cleared to run a fully regulated United States exchange. Come February 2026, the company was being valued at $9 billion. Three months later, on February 25, the CFTC’s enforcement division issued a public advisory reminding markets that it has full authority to pursue illegal trading practices on any designated contract market — including prediction platforms.

Still, legal analysts note that how insider trading rules apply in practice, particularly to offshore platforms beyond the agency’s direct reach, remains dangerously unresolved.

Matt Motta, a policy expert who has studied the legislative proposals, tells The Cipher Brief that both the Public Integrity Act and the DEATH BETS Act are necessary but insufficient.

“I think we can do more,” he asserts. “Only regular audits of prediction market transaction reports can allow government regulators to survey the full scope of trading on political markets, and assess how those transactions might impact national security.”

The definitional problem compounds the enforcement gap. Piepgrass notes that the Commodity Exchange Act prohibits prediction contracts related to terrorism, assassination, and war — yet those concepts resist precise legal definition.

“The last time Congress formally declared war was during World War II,” he points out. “Is removing a head of state, like Maduro, a form of war? How about the action in Iran?”

Kelleher is more direct about where the fault lies.

“Current law could be sufficient to address these risks from U.S.-based bettors if the law were actually aggressively enforced,” he explains. “However, the administration generally and the CFTC in particular refuse to enforce the law and are cheerleaders for the prediction market industry.”

When asked what it would actually take for Washington to close that gap, Castellanos is blunt.

“The legislative package is a necessary first step and will deter the unsophisticated opportunist,” he adds. “It will not deter the deliberate foreign asset, the sophisticated contractor insider, or the allied military officer.”

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Half Measures and Maximum Risk in Iran

Over the past month, U.S. and Israeli operations have killed Iran’s senior leadership, destroyed over 155 naval vessels and roughly 300 ballistic missile launchers, and degraded elements of Iran’s nuclear infrastructure. But scorch marks and craters do not equal a strategic victory.

Operation Epic Fury’s initially stated goals were sweeping and maximalist: to fully destroy Iran’s nuclear infrastructure, missile forces, navy, Iranian Revolutionary Guard Corps, and proxy networks. Yet in pursuing these objectives, the Trump administration has constrained itself to accommodate political realities, employing means short of the full-scale occupation typically required to secure such objectives. The problem is compounded by a second, related challenge: even when strikes appear successful, the United States has limited ability to verify whether its objectives have actually been achieved.

This dynamic, of seeking maximalist ends with politically constrained means, creates a strategic tension that precision strikes can’t resolve. While B-2s and Tomahawks can destroy targets, ensuring the dismantlement of a nation’s military capacity has historically required forms of commitment that Washington is reluctant to undertake.

Understandably, Washington appears unwilling to occupy territory in order to follow through completely on its stated aims. The Trump administration, perhaps emboldened by its easy victory in Iran last June, and Venezuela this January, has walked into a trap of its own making. As history shows, half-measures deployed in service of total victory have often proven disastrous — perpetuating conflict, resolving little.

The verification problem

Through the first month of Epic Fury, the U.S. and Israel have conducted thousands of strikes, all geared toward addressing the operation’s stated end goal. Reports suggest that these attacks have been tactically effective, degrading various forms of Iranian nuclear and military infrastructure. But assessing the true damage, and the irreversibility of that damage, presents a logistical problem that remote methods can’t solve.

The U.S. is equipped with the world’s most sophisticated surveillance architecture. America’s toolbox of satellites, drones, and artificial intelligence allow for rapid assessment of the battlespace and the damage wrought. This sophisticated surveillance architecture paints a flattering picture of objectives nearly or fully achieved, but the actual picture remains incomplete.

Remote surveillance cannot determine whether underground nuclear facilities were destroyed; whether mobile missile launchers survived; whether covert logistics chains still flow; and whether proxy militias remain operational. To truly gauge the effectiveness of Epic Fury, the United States would need to inspect tunnels and warehouses, rooting out hidden stockpiles and underground enrichment facilities - feats that can’t be accomplished from afar. Even under the 2015 nuclear deal, the Joint Comprehensive Plan of Action, verification depended on intrusive, on-the-ground inspections, underscoring the limits of remote surveillance in dismantling complex programs.

Battle damage assessment (BDA), which is used to gauge the effectiveness of Epic Fury, measures only the visible destruction at the point of impact but offers limited insight into the resilience of the targeted system. A crater where a nuclear enrichment facility once stood is an encouraging piece of intelligence. But it leaves questions unanswered, like whether critical components from that facility were moved before the strike, or whether redundant systems exist elsewhere, or whether the brainpower that animated the facility lives on.

The limits of BDA are especially present against Iran, which has spent years hardening and dispersing its military infrastructure in preparation for this long-anticipated attack, all in the hopes of remaining intact enough to regenerate.

The tension at play in Epic Fury - between ambitious objectives, constrained means, and limited visibility - has been present in past U.S. conflicts. After Operation Desert Storm, in which President George H.W. Bush stopped short of wreaking total destruction on Saddam’s regime, Washington believed that Iraq’s military capability had been crippled. But uncertainty persisted, resulting in a long standoff, which finally culminated with the disastrous 2003 invasion.

Afghanistan is also instructive. During Operation Enduring Freedom, the U.S. shifted from airstrikes and special forces to a strategy deeply invested in remote counterterrorism. This limited, drone-dependent remote presence failed to eliminate militant groups who were mobile and embedded. The result was a two-decade resource drain, America’s longest war, which ultimately failed to achieve its objectives and concluded with the resurgence of the Taliban.

The takeaway, from both Iran and Afghanistan, is that half measures don’t work for maximalist strategic goals. The lesson, which should have been applied to Epic Fury, is not that the U.S. should have committed more force, but that it should adjust its objectives to the resources it is willing to commit - before the first Tomahawk is ever launched.

Yet, through the opening month of Operation Epic Fury, Washington appears on the verge of repeating its familiar, post-Cold War pattern of half measures. The administration’s sweeping aims - to dismantle Iran’s nuclear program, missile production, IRGC, proxy networks, and navy - are not achievable or verifiable under the constraints Washington has (correctly) imposed on the campaign.

The current methods deployed against Iran threaten to leave behind persistent strategic ambiguity. Without physical verifications, Iran may well retain, or quickly replenish, the missiles and drones and fissile material that inspired Epic Fury in the first place, which in turn could inspire a lingering half-measured U.S. commitment.

In other words, Epic Fury could lock the United States into a repetitive cycle of sporadic violence (what the Israelis call “mowing the lawn”), with each round triggered by signs that Iran is regenerating capabilities that were never fully eliminated. The prospect of a third 21st century quagmire should give warplanners pause - especially given the uncertain strategic value of Epic Fury itself.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Pentagon’s $54 Billion Bet on Autonomous Warfare

The Department of Defense does not always announce structural shifts loudly; often, it buries them in the dense columns of budget lines where only the most attentive analysts can find the seismic activity. The $1.5 trillion FY2027 spending proposal contains exactly such a shift, a profound and subtle transformation that effectively reorders the American approach to conflict. Central to this plan is the Departmental Autonomous Warfighting Group (DAWG), an organization established late last year with a modest budget of $225 million. For the 2027 fiscal year, the Pentagon has requested $54.6 billion for this organization, representing a staggering 24,166% increase in funding; that single line accounts for nearly 15 percent of the total reconciliation and exceeds the gross domestic product of many small nations and is higher than the entire budget request for the US Marine Corps of $52.8 billion.

Internal documents indicate the intent to transform the group into a unified combatant command, a joint entity that would coordinate drone, aircraft, and vessel operations across all warfighting domains. This shift mirrors previous military evolutions, specifically the establishment of Space Command in 2019 and the elevation of Cyber Command in 2017. Historically, Congress has authorized these specialized commands when fragmented service approaches created redundancy or dangerous gaps; the same logic applies here. By consolidating these capabilities, Secretary of War Pete Hegsethwants to streamline the development of autonomous systems, ensuring the service branches do not pursue conflicting tactical goals or incompatible technical standards.

The reflects the hard lessons learned in modern conflicts, particularly the ongoing struggles in Ukraine and Iran. CTO Emil Michael has observed that these wars routinely involve thousands of low cost systems engaging against each other in highly contested environments. To maintain a competitive edge, the Pentagon launched the Replicator program with the ambitious goal to deploy hundreds of thousands of one way attack drones by 2028. However, early efforts faced substantial hurdles regarding hardware reliability and supply chain bottlenecks that delayed delivery targets. These shortcomings led to a fundamental realization within the leadership: hardware is secondary to the AI software that drives it.

The current strategy treats artificial intelligence and physical autonomy as a tandem force, where the software is the primary strategic asset. This perspective has created a unique friction point between the Department of War and the private sector, specifically with Anthropic. While the military requires flexible, decisive models for high stakes environments, Anthropic has maintained strict red lines regarding the use of its Claude model. This impasse prompted the Department of War to designate certain domestic AI firms as supply chain risks, a move that highlights the growing chasm between Silicon Valley and national security. If a model is too restricted to perform in a combat environment, it becomes a liability rather than an asset.

The policy landscape remains contentious as Congress prepares the next National Defense Authorization Act. While the technological advantages are evident, the legislative challenges are substantial. Armed Services Committee leaders like Senator Roger Wicker and Representative Mike Rogers have cautioned against making such massive structural shifts without a clear strategy that accounts for ethical and operational oversight. They have drawn clear lines on executive branch activism regarding autonomy, requiring that any major push receives rigorous scrutiny. Representative Rob Wittman has echoed these concerns, noting that while the military must move fast, it cannot afford to abandon the principles of accountability that define American governance.

Internationally, the pressure is even more pronounced. Recently, 156 nations supported a United Nations General Assembly resolution expressing deep concern over the risks of an autonomous arms race. These nations fear that removing humans from the loop will lower the threshold for conflict and lead to unpredictable escalations. The United States was among the minority that declined to support the resolution, citing the necessity of maintaining a technological lead against competitors like China and Russia who are pursuing their own autonomous capabilities with little regard for international norms. Current U.S. policy prohibits the employment of lethal autonomous systems without senior official approval, but critics argue this is a temporary safeguard that could easily be swept away by the speed of machine warfare.

History suggests that as technical capabilities drift, legal frameworks must evolve to provide clear definitions of what constitutes an autonomous weapon. The transition to a unified command for autonomy is not merely a budgetary or structural change; it is a recognition that the nature of power has shifted from physical platforms to the cognitive software that controls them. Failing to adapt to this reality would leave the United States holding an expensive, manned fleet in an age of attritable, intelligent swarms. The window for this transformation is closing, and the FY2027 budget request is the most significant signal yet that the Pentagon is ready to step through it.

Success will depend on more than just the $54.6 billion requested; it will require a new type of coordination between the warriors who fight and the engineers who build the tools. As the Department of War navigates the friction with firms like Anthropic and the skepticism on Capitol Hill, it must articulate a vision where autonomy enhances human judgment rather than replaces it. If they succeed, the 12th Unified Command will become the backbone of American security for the next century; if they fail, the machines will indeed be at the helm, but we may not like where they are steering us.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Anthropic Mythos - We’ve Opened Pandora's Box

EXPERT OPINION -- For a decade the cybersecurity community was predicting a cyber apocalypse tied to a single event - the day a Cryptographically Relevant Quantum Computer could run Shor’s algorithm and break the public-key cryptography systems most of the internet runs on. We braced for a one-time shock we would absorb and adapt to. The National Institute for Standards and Technology (NIST) has already published standards for the first set of post-quantum cryptography codes.

It’s possible that the first cybersecurity apocalypse may have come early. Anthropic Mythos now tilts the odds in the cybersecurity arms race in favor of attackers - and the math of why it tilts, and how long it stays tilted, is different from anything our institutions were built to handle.

In 2013, Edward Snowden changed what people understood about nation-state cyber capabilities. In the decade that followed disclosures and leaks of nation state cyber tools reduced uncertainty and accelerated the diffusion of cyber tradecraft.

The Cipher Brief applies expert-level context to national and global security stories. Grant yourself full-access to Cipher Brief expert insights, analysis and private briefings in the new year by becoming a Subscriber+Member.

The defensive playbook that followed - compartmentalization, need-to-know, leak-surface reduction, clearance reform, “worked” because the Snowden leaks and those that followed were one-time disclosures, absorbed over a decade, with the system returning to something like equilibrium.

We got good at responding to the shocks of disclosures. It became doctrine. It was the right doctrine for the wrong future.

Pandora's Box

In 2026, Anthropic Mythos (and similar AI systems) is changing what people can do. Mythos found Zero-day vulnerabilities and thousands of “bugs” that were not publicly known to exist (a must read article here.) Many of these were not just run-of-the-mill stack-smashing exploits but sophisticated attacks that required exploiting subtle race conditions, KASLR (Kernel Address Space Layout Randomization) bypasses, memory corruption vulnerabilities and logic flaws in cryptographic libraries in cryptography libraries, and bugs in TLS, AES-GCM, and SSH.

The reality is a number of these were not “bugs.” There were nation-state exploits built over decades.

What this means is that Anthropic Mythos, and the tools that will certainly follow, has exposed hacking tools previously only available to nation-states and transformed into tools that Script Kiddies will have within a few months (and certainly within a year.) No expertise will be required to apply that tradecraft, compressing both the learning curve and the execution barrier.

All Government’s Will Scramble

When Mythos-class systems are used to analyze the code in critical infrastructure and systems, the hidden sophisticated zero-day exploits that are already in use, (including ones nation-states have been sitting on for years) will be found and patched. That means intelligence agency sources of how to collect information will go dark as companies and governments patch these vulnerabilities.

Every serious intelligence service will scramble, likely with their own AI, to find new access before the visibility gap costs them something they cannot replace. A new generation of AI-driven exploits will rise to replace the ones that have been burned.This will build an arms race with a new generation of AI-driven cyber exploits looking to replace the ones that have been discovered. Whichever side sustains faster AI adoption - not just “procures” it, but ships it into operational systems, holds a widening advantage measured in powers of two every four months.

The binding constraint is not budget. Not authority. Not access to models. It is institutional capacity for change - the rate at which a defender organization can actually change what it deploys.

The Long Tail Will Not Be Patched

Anthropic has given companies early access to secure the world’s most critical software. That will help Fortune 100 companies. But the Fortune 100 is not just a small part of the software attack surface.

The attack surface includes the unpatched county water utility, the regional hospital, the third-tier defense supplier, the school district, the state Department of Motor Vehicles, the municipal 911 system, and the small-town electric co-op. Tens of thousands of systems running software nobody has time to patch, maintained by teams that have never heard of KASLR.

Every one of those systems is now exposed to nation-state-grade tradecraft, wielded by attackers with no expertise required. Mythos-class hardening at the top of the pyramid does not trickle down. The long tail will stay unpatched for years.

Attackers Advantage - For Now

Under continuous exponential growth of AI designed cyberattacks, a cyber defender using traditional tools can't just respond just once and stabilize their systems. They’ll need to keep investing at a rate that matches the offense's growth rate itself. A one-time defensive shock like compartmentalization might work against a sudden attack, but it will fail against sustained exponential pressure because there's no stable equilibrium to return to. The defender's investment rate has to track the offense's growth rate.

Ultimately and hopefully, the next generation of AI driven cyber-defense tools will create a new equilibrium.

What We Need to Do

Mythos and its follow-ons will change how we think about cyber-defense. We can’t just build a set of features to catch every exploit x or y. We need to build cyber systems that can maintain or exceed the capability rate of the attackers.

Here are the three tools governments and cyber defense companies need to build now:

Measure the Gap Between Attackers and Defenders. We need to know the gap between what the attackers can do and what we can defend against. We need to develop instrumented red/blue exercises (a simulation of a cyberattack, where two teams – the red team and the blue team – are pitted against each other) to estimate the number of new vulnerabilities vs cyber defense mitigation. (This can be built in six months, with a small team.)
Measure the Defender Response Time. For each corporate or government mission system, measure how long it takes to implement a change from identification to production deployment. Treat each organizational obstacle as equivalent to technical debt that needs to be remediated.
Specify Speed, Not Features. Any new Cyber Defense tools and architecture - including the next-generation cloud-native systems sitting in review right now - should have explicit ‘rate’ requirements. Claims of “our product delivers X capability is now the wrong specification. “Closes detection gap at rate greater than or equal to the offense growth rate” is the right one.

Buckle up. It's going to be a wild ride - for companies, for defense and for government agencies.

Mythos is a sea change. It requires a different response than what the current cyber security ecosystem was built for, and one the current system is not built to produce. We are not behind yet. The gap between Mythos and what we can build to defend is small enough today that a serious response can still match it. A year from now, the same response will be eight times too slow. Two years, sixty-four.

By the way, the only thing left in Pandora’s Box was hope.

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

America’s Cyber Strategy Has a Budget Problem

The threat from cyberattacks has never been more acute, but there is reason to worry America is not rising to the challenge. It is not the lack of a cybersecurity strategy, but rather a growing gap between what the United States says and what it is willing to fund. The Trump administration’s latest budget proposal makes that gap impossible to ignore.

At the center of the proposal is a $707 million reduction to the Cybersecurity and Infrastructure Security Agency (CISA), the federal government’s primary civilian cybersecurity body. The request would bring CISA’s budget down to just over $2 billion. That’s well below the roughly $2.6 billion Congress had been prepared — on a bipartisan level — to provide to the agency prior to the partisan blow up over the Department of Homeland Security’s budget because of a dispute over immigration enforcement.

Over the past year, the agency has already been weakened by layoffs and reduced support for state and local cybersecurity efforts. The new budget would accelerate that trend. The administration has framed the cuts as a refocusing of CISA on its “core mission,” shuttering supposedly unnecessary initiatives like the Stakeholder Engagement Division. But the reality is that modern cybersecurity does not operate in a vacuum. Defending critical infrastructure — energy grids, transportation systems, water utilities, and telecommunications networks — depends on constant coordination with state and local governments, private sector operators, and international partners. Dismantling the very offices designed to enable that coordination undermines the mission the budget claims to prioritize.

At the same time, the broader federal cyber ecosystem is also being thinned. The Office of the National Cyber Director would see a $3 million reduction in funding. The State Department’s cyber apparatus has been reorganized in ways that risk diluting its effectiveness. The Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response would see budget $40 million below FY25 enacted levels of $200 million. And there has been a noticeable pullback in engagement with the private sector and international cyber community — two pillars of any credible cyber defense strategy.

The contradiction becomes even clearer when viewed against the broader threat environment. The United States faces sustained cyber pressure from sophisticated adversaries, including China, Russia, Iran, and North Korea. These actors are not just targeting federal systems; they are probing the connective tissue of American society – ports, pipelines, hospitals, and supply chains. Many of these systems are owned and operated by the private sector or local entities that rely on federal support, guidance, and information sharing to defend themselves.

To be clear, not every line in the budget moves in the wrong direction. There is a modest $15 million increase proposed for Treasury’s “critical cyber capabilities, sanctions targeting, and combatting illicit financial activity.” State Department funding to improve its own IT infrastructure would also see a slight boost. These are useful investments, but they are not substitutes for a coherent, whole-of-government approach.

The most striking aspect of this budget is how misaligned it is with widely accepted cybersecurity priorities. For years, policymakers from both parties have emphasized the need for stronger public-private collaboration, improved information sharing, and deeper international partnerships. Yet, the proposed cuts target precisely those functions.

This raises a more fundamental question: what is the administration’s theory of cyber defense?

If the goal is to reduce federal overreach, that is a legitimate policy debate. But the current approach does not simply scale back — it selectively removes the connective infrastructure that enables decentralized defense to work. Without federal coordination, the burden shifts to actors who often lack the resources, visibility, or expertise to manage nation state cyber threats on their own.

Congress has seen this dynamic before. In prior budget cycles, lawmakers from both parties rejected proposals to significantly cut cyber funding, recognizing the mismatch between rising threats and reduced investment. There is little reason to believe the underlying risk calculus has changed. If anything, it has intensified.

The United States is entering a period of heightened geopolitical tension, where cyber operations are increasingly integrated into broader military and economic strategies. In this environment, underinvesting in civilian cyber defense is not a cost-saving measure — it is a strategic liability.

A credible cybersecurity strategy requires more than strong rhetoric. It requires sustained investment in the institutions, partnerships, and capabilities that make defense possible. Right now, the budget and the strategy are moving in opposite directions. Congress should close that gap.

Jiwon Ma is the senior policy analyst at the Foundation for Defense of Democracies’ Center on Cyber and Technology Innovation, where she contributes to the work of CSC 2.0.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

How Extremist Groups Are Sharing a Global Media Strategy

In the private sector, we analyze competitors to understand where they excel, so we can improve our approach. With this same mindset, I reviewed how 15 adversarial groups utilize media to communicate locally and internationally.

The headline is that the groups, ranging from Al-Shabaab to ISIS-K to Hezbollah, are clearly learning from each other, leading to an informal universal playbook that is consistent across the groups.

This is quite similar to the private sector where innovation is more of an iterative race. We have a tendency to copy what works.

Let’s take a look at these common behaviors by separating them into media strategy and narrative style.

Media Strategy

Telegram is home base. It is the top distribution channel for a reason. Telegram offers broadcast channels with no limit on subscribers, bots for automation, end-to-end encrypted direct messages, minimal content moderation and easy migration after bans via invite links. Narratives often start in Telegram, then content is fed to other platforms.

Each group has a similar distribution strategy that anticipates content takedowns. Groups distribute content, on average, across 3-7 platforms simultaneously. Knowing takedowns will occur, they also upload content to Archive.org, which serves as a holding tank. If content goes down on a social channel, it can be re-uploaded from Archive.org. An example of a media mix may include Telegram, Facebook, TikTok, Element and Archive.org.

A two-tier distribution system. All groups have two-tier distribution – their official channels for direct distribution and unofficial channels for supporters/surrogates (TikTok, Instagram, YouTube) to reshare and amplify content. The supporters help groups maintain a presence despite official account bans. Platform policies have difficulties proactively monitoring and patrolling the surrogate amplification layer.

Enforcement leads to migration. Each group pre-positions on other channels, e.g., Rocket.Chat, Element and Session so they can more easily activate a pre-existing presence in alternative channels or they move to new channels beyond the reach of platform moderation, such as satellite TV (Hezbollah, Houthis) and physical offline media (JI, Boko Haram).

Narrative Style

Groups are expert at establishing a false narrative frame. It is standing protocol to exploit major geopolitical events by immediately inserting their narrative within hours. If they conduct this type of “narrative jacking” within 2-4 hours of the incident they have a chance to lead the first wave of interpretation before mainstream media establishes the dominant frame.

Video accelerates attack claims. Every group releases an official video within hours of any attack. Pre-produced, officially branded with logos, released to Telegram first. Sets the frame and it is often more emotional.

Expertise in parallel audience messaging. The local message is in local language and often focuses on governance legitimacy or grievance. The international message focuses on solidarity, victimhood and humanitarian framing. Dual-narrative analysis will be more instructive than tracking either alone.

Ability to reframe civilian imagery. The footage is often authentic. The deception is in the attribution, the framing, or the claimed scale.

Grievance amplification is a gateway to radicalization. Media strategy often begins by amplifying legitimate grievance – real injustices, real conflicts, civilian suffering. Extreme content gets layered on top over time, and because the foundation is real, platform policies usually don’t flag it.

Overall, if we understand how groups learn from each other, it improves our ability to identify which media, technology and AI trends are being utilized by any of the groups. We know that what breaks new ground will be analyzed and implemented as quickly as possible.

The implication for any counter-messaging team is practical. Watching one group’s innovation is watching all fifteen. The right question to ask inside your own operation is whether you are monitoring the first mover in the playbook — not just the group on your assigned target list.

Note: the groups analyzed include ISIS, Al-Qaeda, Al-Shabaab, Boko Haram/ISWAP, Taliban, Hay’at Tahrir al-Sham, Hezbollah, Hamas, Tehrik-i-Taliban Pakistan, AQAP, ISIS-K, Jemaah Islamiyah, Abu Sayyaf Group, Jaish-e-Mohammed/Lashkar-e-Taiba, Houthis.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

I just want to read the news

Get the news and only the news!

Guardian

Back to top

Kaupunki

Back to top

Yle

Back to top

CNN

Back to top

Hesari

Back to top

Al Jazeera

Back to top

New York Times

Back to top

Reuters

Back to top

NPR

Back to top

The Cipher Brief

The Collapse of the Public–Private Divide

Synthetic Asymmetry and the Corporate Target

The Incentive Misalignment Problem

The Expansion of Corporate Sovereignty

Toward a New Security Model

The Stakes

Back to top