The Cipher Brief

OPINION – Economic insulation is no longer guaranteed by geography. Australia is nevertheless very vulnerable to geopolitical unrest in the Middle East despite its distance from the region, especially through international energy markets. The recent escalation between Iran and important regional players has once again shown how swiftly economic effects from the Gulf War can spread across continents. Australian consumers, businesses, and governments are facing a well-known but growing reality: distant battles have home repercussions as oil prices rise and supply chains tighten.

According to recent Treasury modelling, prolonged fighting may cause Australia's inflation to rise by much to 1.25 percentage points while slowing GDP growth by 0.6 percent over the medium run (Reuters, 2026). This risk is more than just theoretical. It is already unfolding across fuel prices, transport costs, and broader inflationary pressures.

The Strategic Centrality of the Middle East

About 20 percent of the world's oil supply goes through the Strait of Hormuz, which is at the centre of the world's energy vulnerability. Global supply and pricing mechanisms are quickly impacted by any disruption, whether it is from military escalation, blockades, or attacks on infrastructure.

Australia is still largely dependent on imported refined petroleum products even though it is a significant exporter of liquefied natural gas (LNG). Australia suffers domestically from increased fuel and transportation costs while benefiting from high global energy prices through export income due to this structural dependency.

This vulnerability has been highlighted by recent tensions. Analysts warn that short-term price increases in Australia could reach 40 cents per liter due to oil price spikes associated with Middle East unrest (ABC News, 2026).

Transmission Channels: From Oil Shock to Inflation

The method of economic transmission is both quick and extensive. Growing oil prices directly affect the cost of gasoline, which in turn affects manufacturing, transportation, and logistics costs across the economy. In the end, these expenses are transferred to customers.

Higher oil costs affect everything from grocery and delivery services to construction and aviation, according to Commonwealth Bank study, demonstrating how ubiquitous energy-driven inflation is (CommBank, 2026).

This dynamic is strikingly illustrated by recent occurrences. Fuel price spikes associated with the turmoil in the Middle East have already compelled Australian companies, such as those in the transportation, aviation, and logistics sectors, to raise prices and pass costs on to customers (The Guardian, 2026).

Monetary policy responses exacerbate the inflationary effect. The Reserve Bank of Australia is under pressure to maintain or raise interest rates in response to rising inflation, which slows economic development. As a result, there is a classic stagflationary risk: slower growth coupled with price increases.

Structural Vulnerabilities in Australia’s Energy System

Long-standing structural flaws are the cause of Australia's vulnerability to global energy shocks.

First, in comparison to norms set by the International Energy Agency, the nation's strategic fuel reserves are comparatively low. Because of this, Australia is susceptible to temporary supply outages, especially during protracted geopolitical crises.

Second, over the past 20 years, Australia's refining capacity has drastically decreased, increasing reliance on imported refined fuels. As demonstrated by current shortages connected to both Middle East tensions and regional export restrictions, this reliance becomes particularly problematic when global supply lines are disturbed.

Third, domestic price volatility has resulted from the integration of domestic gas markets with international LNG markets. Although LNG exports bring in a significant amount of money, they also expose domestic customers to changes in global prices. Because of this, even in situations where domestic output is robust, Australian consumers may have to deal with rising gas and energy costs.

Beyond Energy: Broader Economic Impacts

The conflict in the Middle East affects more than just fuel prices. Particularly at risk are industries that rely significantly on fuel and transportation, such as manufacturing, construction, and agriculture.

According to recent data, Australia's construction industry is already under strain due to increased oil and freight costs, which are driving up the price of products like bitumen, steel, and cement (The Australian, 2026).

Furthermore, there are extra hazards associated with supply chain disruptions, especially through important maritime routes. Secure shipping channels across the Indian Ocean and Indo-Pacific are essential to Australia's trade-dependent economy. Any prolonged interruption to these routes could result in shortages, delays, and higher expenses in a number of industries.

Policy Imperatives for Australia

Global energy shocks are recurrent, which emphasises the necessity of an all-encompassing and proactive policy response. Australia needs to build structural resilience instead of reactive measures.

Strategic Fuel Security

Australia should significantly expand its strategic petroleum reserves and ensure compliance with International Energy Agency standards. Temporary measures such as relaxing fuel standards or releasing emergency reserves are insufficient substitutes for long-term preparedness.

Investment in domestic refining capacity should also be reconsidered as part of a broader national security strategy. While global markets offer efficiency, overdependence creates strategic vulnerability.

Energy Diversification and Transition

It is both geopolitically and environmentally necessary to accelerate the switch to renewable energy. Australia would be less vulnerable to outside shocks if it relied less on imported fossil fuels.

Long-term energy independence can be improved by investing in wind, solar, and hydrogen energy, especially in places like South Australia. To prevent short-term supply gaps and price volatility, the transition must be handled carefully.

Domestic Gas Reservation Policy

Australia should look into enhancing domestic gas reserve systems to ensure that a part of output is distributed to the local market at stable prices. The Western Australian approach provides a viable roadmap for balancing export revenues and domestic affordability.

Maritime and Strategic Security

Given the significance of global shipping routes, Australia must improve its maritime security capabilities and strengthen ties with regional partners. Maintaining global energy flows requires protecting freedom of passage, particularly in important chokepoints such as the Strait of Hormuz.

This involves diplomatic involvement, participation in global security initiatives, and naval capability development.

Economic Buffer Mechanisms

Short-term policy solutions are also useful for minimising immediate consequences. These could include targeted fuel subsidies, cost-of-living adjustments, and assistance for vulnerable industries.

However, such policies must be carefully constructed to prevent distorting market signals or jeopardising long-term energy transition objectives.

The Middle East wars are no longer remote geopolitical occurrences with little importance to Australia. In a linked global economy, they pose urgent and visible threats to home security.

The current crisis has highlighted a fundamental reality: Australia's economic resiliency is inextricably linked to global energy security. Rising oil prices, interrupted supply chains, and inflationary pressures are not outliers; they are structural characteristics of a globalised energy system.

Canberra's policymakers face a clear challenge. Australia must anticipate, rather than simply respond to, external shocks. This calls for a combination of strategic reserves, diverse energy sources, strong domestic policy, and active international participation.

Failure to act will expose Australia to the next Gulf disaster. Strategic foresight, by contrast, offers a pathway toward resilience in an increasingly volatile world.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Why the ‘Day After’ Is The Most Important Day in the Iranian Conflict

OPINION — The countries that get held up as models for this kind of US led attack are worth looking at closely, because they’re instructive in the wrong direction.

Iraq fell in twenty-one days in 2003, but Saddam Hussein was running a hollow state. His military had been gutted by a decade of sanctions, the 1991 Gulf War, and the no-fly zones. There was no grassroots ideological loyalty to the man — people obeyed out of fear, not faith. The moment the fear lifted, the structure dissolved. What followed was twenty years and trillions of dollars trying to hold the country together. Regime change worked militarily in three weeks and failed politically for two decades. Libya was a one-man personality cult held together by oil money and tribal patronage with no real institutional military and no ideology beyond Gaddafi himself. Remove the man and there was nothing underneath. The result wasn’t a democracy. It’s been a failed state ever since. Venezuela is a different category altogether because it hasn’t actually undergone regime change but rather the leader of the regime changed.

Iran is categorically different, and there are six reasons why that’s worth taking seriously and explains why the Trump Administration’s goals have shifted from Regime Change to Negotiating a Deal.

1. The first is that the regime is the ideology. The Islamic Republic isn’t just a government. It’s a theocratic revolutionary project that has spent nearly forty-seven years fusing religion, nationalism, and anti-imperialism into a single identity. For tens of millions of Iranians, particularly the rural poor, the deeply religious, and the Revolutionary Guard apparatus, the regime isn’t just who’s in power. It’s who they are. Saddam had fear. Gaddafi had tribal patronage. Khamenei has true believers. Unfortunately, you can’t bomb an ideology out of existence.

2. The second is the IRGC, and this is probably the most under-appreciated part of the whole conversation. Most coverage treats the Revolutionary Guard as a military institution, which it is, but that framing misses what actually makes it so durable. These are people who control ports, construction contracts, telecommunications infrastructure, black market oil exports. In fact, it controls somewhere between a third and forty percent of the entire Iranian economy. Before the conflict started, the IRGC had its own navy, air force, ground forces, intelligence apparatus, and foreign legion in the Quds Force. It’s not only ideology holding the institution together. It's an enormous class of people with enormous personal financial stakes in the continuation of the current arrangement. When you kill a general in Iraq, the army wobbles. When you kill an IRGC commander, the institution absorbs it and hardens. Israel killed multiple top commanders in 2024 and 2025. The organization did not collapse. It adapted. There are some who think the IRGC’s recent comments indicated it has is following Venezuela’s lead; has seized power and wants to make peace with the US.

3. The third is geography and strategic depth. Iran is roughly four times the size of Iraq and three times the size of Libya. It covers one point six million square kilometers of mountains, deserts, and dispersed population centers. Critical military and nuclear infrastructure is buried under mountains, in tunnels reinforced with concrete and hundreds of feet of rock. Fordow was designed specifically to survive a nuclear strike. It is difficult to fully decapitate a regime that is geographically dispersed, has hardened underground command structures, and has spent forty years preparing for exactly this scenario. The ability of disparate groups to control vast swaths and for the country to degenerate into civil war is high. This administration seems to be cognizant of that risk and with total air supremacy has made substantial progress towards irreversible damage to the regime but there are challenges in what can be accomplished by air power alone.

4. The fourth is that the population is complicated in ways that get lost in Western coverage. Yes, there have been significant protests. Yes, millions of Iranians, particularly urban, educated, younger Iranians, despise the regime. But the assumption tends to be that they experience their government the way Iraqis experienced Saddam which was something purely imposed, something they’d shake off the moment an outside force gave them the opening. Iran fought the bloodiest war since World War II largely without allies, against an Iraq the West was quietly supporting. That experience left a scar that runs across ideological lines. You can find Iranians who genuinely despise the mullahs and who would still recoil from a US military intervention on Iranian soil. This stems not out of loyalty to the regime, but out of something older and harder to dislodge than political preference. They identify as Persian. A foreign airstrike doesn’t read as liberation in that context. It reads as confirmation of everything the regime has been saying since the 1970s. And Persians view themselves as the conquerors, not the conquered. Compare that to Iraq in 2003, where significant portions of the Shia and Kurdish populations welcomed the invasion, or Libya where rebels were already fighting in the streets asking for NATO intervention.

5. The fifth is the proxy architecture. Iran has spent decades building what it calls the Axis of Resistance which is a network of proxy forces spread across seven countries specifically designed so that Iran never has to absorb a full military attack alone. Hezbollah in Lebanon, the Houthis in Yemen, Shia militias in Iraq, Hamas in Gaza, assets in Syria. These are not just political allies, These are pre-positioned military capabilities Iran can activate without firing a single missile from Iranian soil. Israel did real damage to Hezbollah’s command structure and arsenal in 2024 and 2025, and that’s worth acknowledging directly. But degrading a node in a network isn’t the same as collapsing the network. Iran’s demonstrated response to losing a piece is to absorb it, adapt, and rebuild, not to negotiate from weakness. We are already seeing the damage and distraction that both Hezbollah and the Houthis have created by starting new fronts against the US and its allies. It is unclear how capable either force is or how long those forces can commit to further support. It is the unknown that makes the situation unpredictable. And is a reason to be thoughtful in our approach.

6. The sixth is that there is no ready-made replacement. One of the quiet lessons of Iraq and Libya is that regime change requires someone to hand power to. In Iraq there was at least a political infrastructure of exiled opposition parties. In Libya there were rebel militias with territorial control. In Iran the opposition is fractured, largely in exile, ideologically diverse. The opposition ranges from monarchists to secular liberals to the MEK, which is widely despised inside Iran and has zero military capacity inside the country. Without a credible successor, military strikes may not produce an acceptable regime change. These attacks could produce chaos, and chaos in a country of ninety million people with a sophisticated weapons program is far more dangerous than the regime itself. And, any successor viewed as a puppet of America will fail. The Persian culture will reject someone imposed on it. The people will have to broadly support any new political leadership. And, that has not happened. There are many reasons we do not see large numbers of Iranians trying to seize the momentum and overthrow the regime. It doesn’t matter. For this reason alone - lack of a popular uprising and rally behind a clear replacement, the regime is unlikely to change. And, Iranians were never going to accept a new leader picked by the United States and Israel. It has to be organic.

The honest historical lesson is this: the US has never successfully engineered lasting regime change in a country with these characteristics. Not through sanctions, not through airstrikes, not through proxy support. The question isn’t only whether the US has destroyed Iran’s nuclear program with these attacks, it almost certainly has degraded it significantly. The question is what comes after, and on that, history offers very little comfort. Which is why it appears this administration has not prescribed what will happen next preferring to keep all options on the table. If, as Trump encouraged in his public addresses, the population rises up and overthrows the clerical ruling class, then regime change will have been achieved and the follow-on becomes a test of who is the new regime and what kind of deal can the US reach with the new leaders. If the population fails to rise up and the regime, despite being damaged, survives (the most likely outcome), the option list gets very short, very fast. The best option is to reach a negotiated deal that keeps the Straight of Hormuz open while insuring Iran does not develop nor acquire nuclear weapons.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Taking a Stand on Adversaries’ Influence in the Western Hemisphere

THE BLUF: The January 3rd Operation Absolute Resolve ousted Venezuelan Dictator Nicholas Maduro but the full consequences of the US operation continue to play out. With that move, the subsequent Shield of America’s coalition, and apparent blockade of Cuba, the Trump administration has made one message clear to the world and that is that the US is pushing back on adversaries’ influence in the western hemisphere. This is a vast change from the last twenty or so years where we watched US influence in the region, especially Venezuela, wane amid an increase in Chinese, Russian, and Iranian influence. The US administration’s 2025 National Security strategy forewarned of this policy change with the call for the US to renew the Monroe Doctrine which the last administration put aside. The 1823 doctrine says the United States would reject other countries’ influence in Latin America.

Strategic Competition

Over the last twenty years or so, China has made the most inroads in Latin America. China started enhancing its relationships in the region through trade and infrastructure building which many dismissed as just global economics. Over time, China branched out to other fields to include selling weapons systems, buying minerals, allegedly building spying stations in Cuba, building regional infrastructure to include communications, and strengthening diplomatic ties.

China started its run for dominance in the region by acquiring the ports at either end of the Panama Canal and later, by acquiring the largest freight port in the hemisphere in the Bahamas.

China’s largest nondomestic space facility is located in Argentina’s Patagonian Desert. In February 2026, the House Select Committee on China reported that their investigation uncovered that China has developed an extensive network of dual-use space ground stations and telescopes across Latin America and uses this network to collect intelligence and boost the PLA's warfighting capacity. The investigation found at least eleven China-linked space facilities established across Argentina, Venezuela, Bolivia, Chile, and Brazil.

In December 2025, China released a new LATAM Policy paper that underscored the significance of the region to China and laid out new programs for closer cooperation on all fronts.

With the exception of Venezuela and Cuba, Russia has had less success in building influence in the region. However, its military-to-military relationship with Venezuela prior to the US extracting Maduro in January was robust.

Russian Su-30MK2 fighter jets were a key part of the Venezuelan Air Force. Venezuela also had Russian S-300VM (Antey-2500) battalions, Pantsir-S1, and Buk-M2E.

According to Reuters, Wagner Group members were in Caracas in 2019 to provide security for President Maduro following protests against his regime. Members of the group also trained elite combat units in Venezuela and were spotted in Venezuela as recently as 2024.

The 2025 Joint Strategic Partnership Initiative between Russia and Venezuela reaffirmed their intent to coordinate under the OPEC+ framework, avoid predatory competition, and jointly stabilize global energy markets, coordinate on communications and counterterrorism. The document also envisaged closer cooperation between Russia and Venezuela at the United Nations and other international organizations and in the area of arms control, along with joint opposition to the imposition of unilateral sanctions.

In October 2025, Maduro himself said publicly that Venezuela had more the 5,000 IGLA-S surface to air missiles positioned around the country.

Iranian influence in the region is less robust than that of the other adversaries and focused on evading sanctions and financial support to its proxy groups, especially Hizballah.

Petkaap III fast attack boat, CM-90 anti-ship missiles, GPS jammers, and passive detection systems are the most visible aspects of Venezuela’s ties with Iran.

In the past two decades, Venezuela and Iran deepened their ties with increasing industrial, economic, and military cooperation that includes fast-attack boats, anti-ship missiles, drones, and even a Hizballah presence.

Iranian-made drones were reportedly being produced in Venezuela, and Iranian-designed fast-attack naval vessels have also appeared. Caracas began with the “Arpía-001” surveillance UAV in early 2012 and quickly graduated, with Iranian help, to the EANSA assembly line beside El Libertador Air Base. Imagery and leaked purchase orders indicate a yearly output of approximately 50 Mohajer-2 derivatives (ANSU-100) and sub-kits for the stealthier Shahed-171 clone (ANSU-200).

In 2023, Brazil’s “Operation Trapiche” exposed a Hezbollah cell planning attacks against Jewish sites in São Paulo, with agents trained in Lebanon and employing local criminals for plausible deniability.

In 2024, Peruvian authorities arrested an Iranian Quds Force officer, Majid Azizi, for planning assassinations of Israeli citizens during a summit in Lima.

Why it Matters

Throughout the Soviet period, the US was aware of the Soviet Union’s Active Measures campaign in the Western Hemisphere and sometimes clashed with the Soviets over it. The two superpowers played proxy wars for influence throughout the region, funding political parties, sending in arms, and in some cases, inciting revolutions. With the breakup of the Soviet Union, the US ignored the ongoing competition in its own hemisphere and US primacy faded.

With increased awareness of the grey zone and cognitive warfare activity against the US worldwide, there is renewed interest in securing this hemisphere. Our ability to establish secure borders depends on having strong and friendly neighbors. To do this we need a combination of good trade, diplomacy, and a persistent intelligence capability that will alert the US and our neighbors as to what our adversaries are doing in the grey zone.

Conclusion

Multiple US administrations have turned a blind eye to our adversaries gaining influence into this hemisphere. Historically, we have ignored their activities or explained them away as merely open trade. This has resulted in security threats near our borders. We have allowed these adversaries to compromise our supply lines, our communications, and our transportation routes. This puts them in position to both gather important information and cutoff our accesses if they choose. This post Absolute Resolve moment gives the US the opportunity to put our adversaries on notice that the US will not stand by and allow them to infiltrate the US through its neighbors.

We know that the US can be a better partner than its adversaries. We need to double down and prove that to our neighbors while standing firm that we will not allow those adversaries to infringe on our resource and supply routes. It will take more than might to bring our neighbors around but steady diplomatic interaction and partnering will ensure that the US redevelops the robust relationships that should be our primary focus in the Western Hemisphere.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Iran Is Building the Disinformation Architecture of the Future

OPINION — Iran is the right place to start. Not because it is the most sophisticated adversary in disinformation—but because it is the most instructive. It has built a working infrastructure. It is using it in a live conflict. And it is showing us exactly what AI will make possible over the next five years.

This is not a future problem. The architecture is already under construction.

Within hours of the February 28, 2026 U.S.-Israeli strikes, AI-generated images of a burning USS Abraham Lincoln were circulating on Telegram and X—reaching millions of views before CENTCOM had drafted its first denial. Prime Minister Netanyahu was forced to post live video of his own hands to prove he was alive. AI-manipulated satellite imagery triggered a Pentagon response. The system moved faster than any government could react.

The goal is never to make people believe the lie. The goal is to make them uncertain enough about the truth that they question everything.

You cannot deter an adversary whose population believes you are losing. You cannot sustain a coalition when allied publics believe the conflict is a Western atrocity. Cognitive security is the war within the war.

What Iran Does Well Today

Five capabilities define Iran’s current playbook.

Speed. Iran wins the first news cycle. Producing a convincing false image takes minutes; verifying and rebutting it takes days. They don’t need to win the fact-check—only the first 24 hours.

Encryption. Fabricated battle footage seeded into WhatsApp and Telegram bypasses platform moderation entirely. These are primary news sources in the regions Iran targets—and they are effectively uncontested.

Proxy deniability. Networks like Houthi media ecosystems publish aligned narratives with no visible link to Tehran. Strategic impact, no attribution.

Narrative proxies. Iran amplifies existing frames—Palestinian solidarity, anti-Western sentiment—embedding its messaging inside movements it did not create.

The liar’s dividend. Once synthetic content floods the environment, all content becomes suspect—including the truth.

An easy way to remember Iran’s approach is to think of it as SPEAR: Speed (first-mover advantage), Proxies (deniability through networks), Encryption (closed-channel distribution), Amplification (narrative piggybacking), Relativism (liar’s dividend / truth erosion)

What AI Changes are Ahead

What comes next is not an evolution of this model. It is a step-change.

Agentic deepfake pipelines will compress production cycles to minutes, allowing synthetic battle footage to appear before real events are confirmed. Fact-checking becomes structurally irrelevant.

Voice cloning at WhatsApp scale will enable fabricated battlefield admissions or casualty reports—delivered in the voice of trusted leaders and distributed through personal networks where no platform intervention is possible.

AI-built persona networks will maintain credible, year-long digital histories before activation, eliminating the detection signals platforms rely on today.

Blockchain-hosted content will make disinformation permanent and immune to takedown. Domain seizures become obsolete.

Personalized deepfakes will target individuals directly—delivered in local dialects, referencing familiar places, increasing believability beyond broadcast media.

LLM-driven agents will build real relationships online, embedding influence within communities rather than broadcasting at them.

AI-generated media ecosystems will produce entire news infrastructures—sites, journalists, commentary—at global scale and near-zero cost.

Narrative flooding at scale will generate thousands of conflicting explanations simultaneously, overwhelming audiences and collapsing shared reality.

Precision-targeted persuasion will tailor messaging to specific identities, beliefs, and behaviors with unprecedented effectiveness.

Self-optimizing amplification systems will continuously refine timing, targeting, and distribution—turning disinformation into a persistent, learning system rather than a campaign.

The Strategic Picture

We are moving toward a world where detection is nearly impossible in the early stages, narrative creation collapses from hours to minutes, scale expands from thousands to millions simultaneously (and becomes more precise) and cost of entry falls to near zero.

Small, under-resourced actors will have the ability to shape global perception on a continual basis. No limits.

The future of AI-driven innovation also has a model for us to remember.

Think of AIMS - Automation (agentic systems), Individualization (personalized deepfakes),

Multiplication (scale, narrative flooding, media generation), Self-optimization (learning systems, amplification)

We know where to focus. We know what to do. In fact, much of the innovation is being built in our own ecosystem.

The requirement, however, is constant innovation: a perpetual red-team mindset—testing, adapting, and outpacing adversaries who are already compressing time, expanding scale, and targeting the world’s cognitive infrastructure.

This is not a media problem. It is a battlespace. One we are prepared to excel in.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Can the U.S. Win the Critical Minerals Competition?

What U.S. national security interest binds Greenland, Argentina, the Congo, and the Cook Islands? What was the impetus for the recent “strategic resilience” bill in Congress? And as Washington retreats from many global alliances, what’s the issue driving a U.S. push for closer ties with more than 50 nations?

The answer to all three questions involves critical minerals – integral elements in everything from smartphones to cars to major weapons systems, and an issue that has surged in strategic importance as China weaponizes its advantages in the minerals supply chain.

“For years, China has leveraged its dominance of critical minerals by manipulating global markets and supply chains,” Senator Todd Young (R-Ind.), a co-sponsor of the “strategic resilience” measure, told The Cipher Brief. “These materials are used in everything from fighter jets and submarines to missile systems and drones, and China’s monopolization has created a significant vulnerability.”

Experts agree: the competition for these minerals poses one of the most important strategic challenges of our time, and the U.S. faces a long and uphill struggle to counter China’s advantage. Critical minerals are often referred to as “the new oil”; one leading expert calls them “America’s most dangerous dependence.”

The push to reduce that dependence has been in the works for more than a decade, but only recently has the U.S. begun implementing an industrial and diplomatic strategy of its own, aimed at diversifying the supply chain and at least denting China’s near-monopoly on the supply and refining of these minerals.

“This is the culmination of looking at every single tool in the toolbox and the broader strategic issues,” Fabian Villalobos, Senior Engineer at RAND and Professor at the RAND Graduate School of Public Policy, told The Cipher Brief. “The U.S. is moving from analysis and into operations. There’s a point when you stop doing analysis and you start doing something about it.”

China’s Big Head Start

China’s path to dominance in the critical minerals space – like many aspects of its rise to global superpower – has been a long time coming. Since the 1990s, Beijing has tightly controlled the mining, processing, and export of critical minerals, backing its state-owned companies, restricting foreign investment, and consolidating production.

Today, China isn’t just a prolific miner of minerals; it dominates the ecosystem that brings them to market. The 2025 USGS Mineral Commodity Summary reads like a litany of China’s hold on the supply chain: The U.S. is completely dependent on imports for 12–13 minerals on its list of critical minerals; China is the leading supplier for 24 minerals for which the U.S. import reliance exceeds 50%; and for 19 of the 20 minerals that the U.S. rates as most strategically important, China refines at least 70% of the global supply – and more often well beyond 90%.

China’s chokehold wouldn’t matter much if U.S.-China relations were on a smooth path; they aren’t, of course, and last year the issue made headlines because China played its “minerals card” to great effect. Following President Trump’s imposition of tariffs against China in April, Beijing responded by tightening export controls on rare earths and magnets, and six months later it expanded the restrictions, targeting minerals essential for the U.S. defense sector. A Trump-Xi summit led to an easing of the restrictions, but the message had been sent: on a vital issue for U.S. economic and national security, China has the U.S. over a barrel.

Villalobos said that as important as China’s grip on the minerals supply chain is its industrial policy – a package of state financing, price manipulation, and export controls that aims for dominance in key high-tech sectors.

“Xi Jinping has directed components within China to create a world dependent on its industry,” Villalobos told The Cipher Brief. “And China wants to dominate the industry of the future – whether that’s electric vehicles, batteries, robots or high-tech weapons.” He cited the example of gallium, a mineral used in semiconductors for solar panels and LED screens. By imposing export restrictions on gallium, he said, Beijing has driven some foreign companies to house manufacturing in China. “What China does is incentivize technology into their country.”

Meanwhile, China has extended its supply advantage by striking deals with mineral-rich nations in Latin America and Africa. The result? A near-stranglehold over the global supply chain.

On the Home Front: “Project Vault” and a “Strategic Resilience Reserve”

Successive U.S. administrations have been working on the minerals issue for more than a decade. The Obama Administration’s Department of Energy issued a Critical Minerals Strategy in 2010; since 2020, the Pentagon has spent more than $439 million to establish a domestic rare earth element supply chain; and the Biden Administration established the 14-nation Minerals Security Partnership (MSP) in 2022.

The second Trump administration has “turned it up a notch,” as Villalobos said, with a flurry of measures on the domestic and global fronts.

On February 2, President Trump announced “Project Vault,” a $12 billion plan to build a U.S. stockpile of critical minerals, spur domestic production and insulate producers from future supply shocks. The project is backed by a $10 billion loan from the Export-Import Bank of the United States (by far the largest outlay in the bank’s history), along with $2 billion in private funding. The stockpile – which Trump likened to the U.S. Strategic Petroleum Reserve – would ensure a 60-day emergency supply for manufacturers. As President Trump put it, “We don’t want to ever go through what we went through a year ago”—that is, when China imposed the export controls.

Observers note that Trump is taking a China-style approach – leveraging the state’s economic and political power to secure supply. As laid out, Project Vault would employ many of Beijing’s tactics – state financing, partial government ownership of mining firms (most notably a multibillion-dollar public-private partnership with MP Materials), and strategic stockpiling to support domestic producers.

“The Trump administration has proven willing not only to convene these initiatives but to back them with significant taxpayer resources,” Michael Froman, president of the Council on Foreign Relations, wrote in February. “In the past six months, the administration has announced plans to deploy tens of billions of dollars in public capital—taking equity stakes in and extending credit to strategic firms—in an effort to reengineer entire global supply chains.”

Prior to the “Project Vault” announcement, Senator Young and three other members of Congress – a bipartisan group – introduced the SECURE Minerals Act, which would establish a $2.5 billion “Strategic Resilience Reserve” (SRR) for critical minerals, support domestic industry, create storage facilities to warehouse supplies of key materials, and “act as a market stabilizer against price manipulation.”

“To grow our independence and protect our national security,” Sen. Young told The Cipher Brief, “we need to ensure the United States has a secure and accessible supply of critical minerals.”

Mahnaz Khan, Vice President of Policy for Critical Supply Chains at Silverado Policy Accelerator, co-authored a recent Council on Foreign Relations report on countering China’s advantage. “What is emerging under the Trump Administration,” Khan told The Cipher Brief, “is a new American industrial playbook for critical minerals.” The overall approach, she said, “is about rebuilding and reshoring an entire rare earths sector to reduce decades of dependence on China.”

On the Global Stage: A Hunt for Allies

Experts and policymakers agree that the U.S. cannot replicate China’s 30-year head start in mining and refining – at least not anytime soon. With that in mind, the Trump Administration is turning to other parts of the world for help.

On February 4, Secretary of State Marco Rubio hosted leaders from more than 50 countries in a gathering “to reshape the global market for critical minerals and rare earths.” The meeting served as a launch for the Forum on Resource Geostrategic Engagement initiative (FORGE), which the U.S. pitched as a coalition of nations that would work as a counterweight to China. The State Department said FORGE would demonstrate “the benefits of working together…to strengthen diversified, resilient, and secure critical minerals supply chains.”

It was a striking show of multilateralism for an administration that has taken a hardline approach to many longstanding alliances.

One week later, the Trump administration sent the largest-ever U.S. delegation to Africa’s biggest mining conference – a nod to that continent’s rich supply of critical minerals, and another example of engagement in a part of the world the Trump Administration had neglected.

Meanwhile, the U.S. has pursued a slew of bilateral deals; as Axios put it, “President Trump is bringing his prospector’s pick to nearly every corner of the globe — including Ukraine, Venezuela and Greenland — in a push to boost the U.S. supply of minerals.”

On the day of the 54-nation minerals meeting, the State Department announced critical minerals frameworks or MOUs with Argentina, Morocco, the Philippines, the United Arab Emirates, Great Britain and a half dozen other countries. These followed larger-scale agreements: a multibillion-dollar deal with Australia that officials said could provide up to 40 of the 50 minerals the U.S. deems essential; a U.S.-Saudi Arabia agreement to develop a refinery in the kingdom; and a U.S.-Japan trade agreement that includes Japanese investment in a Georgia-based plant that produces synthetic diamond grit – a mineral used in advanced manufacturing and semiconductors. Last year the U.S. signed a minerals deal with Ukraine, and Trump has acknowledged that rare earths are a part of his interest in gaining control over mineral-rich Greenland.

“It’s got to come from somewhere,” Villalobos said of the wide-ranging push for more global supply. “The harder piece is where you put up non-Chinese refineries.”

When it comes to convincing other nations to sign on to an anti-China minerals coalition, the U.S. may face headwinds. Many U.S. allies have bristled at American tariffs and threats and ridicule from Trump and his top aides. As Politico noted, “Some will be skeptical about America’s new-found zeal for cooperation on this issue.”

“In the aftermath of a year of disruptive diplomacy, culminating most recently with the tension over Greenland with the rest of NATO, many have asked how willing other countries are to work with us,” Froman said. “Other countries have domestic politics, too, and based on many of their recent statements, our goodwill is diminishing.”

“Leapfrogging” China – and Other Out-of-the-Box Ideas

Some experts have argued that given the urgency of the issue and China’s huge head start, out-of-the-box thinking will be required.

A report published this month by the Council on Foreign Relations and Silverado Policy Accelerator argues that the U.S. should aim to “leapfrog” China’s dominance by “scaling disruptive innovation, recovery, and recycling” rather than striving to “out-mine, out-process, or out-fund China.”

“The United States will not secure its critical mineral future through traditional mining and processing alone,” the report said. “The most promising way to leapfrog China’s entrenched position is for the U.S. government to maximize breakthrough materials engineering, advanced extraction and processing technologies, waste recovery and recycling.”

In a similar vein, a study published in Science said that the U.S. could meet most of its critical mineral needs by recovering metals from existing mining waste. Researchers at the Colorado School of Mines analyzed waste from 54 active U.S. mines and concluded that “byproduct recovery” could supply sufficient amounts of copper, lithium, nickel, rare earths and other materials; for 15 minerals, including gallium and germanium, the report claimed that recovering less than 1% of waste could replace all imports; for another 11, including lithium, 1–10% recovery would suffice.

Villalobos is skeptical that “leapfrogging” China is possible anytime soon. While he supports greater investment and innovation in domestic mining, he said real impact would take years. On the recycling front, he and others noted that China has a head start there as well – given that EV battery producers have built-in recycling departments, and that it may be difficult to make American recycling and recovery economically viable. “It doesn’t mean we shouldn’t be doing these things,” he said, “but it’s just part of a long-term strategy.”

Then there’s the prospect of deep-sea mining – which is where the Cook Islands come in. Last year the U.S. announced bilateral cooperation with the 15-island nation, located between New Zealand and Hawaii, on seabed mineral exploration within the islands’ Exclusive Economic Zone. That’s a vast area that is rich in cobalt, nickel, titanium, and other critical minerals. The announcement followed an April Trump administration executive order – “Unleashing America’s Offshore Critical Minerals and Resources” – that would allow for deep-sea resource exploration in international waters. A RAND report found that “the emergence of a seabed mining industry would introduce a new source of supply for critical minerals,” but RAND and others have noted that deep-sea mining is highly controversial from an environmental standpoint, and that China has been aggressively pursuing deals with the Cook Islands and other Pacific island nations as well.

Further “out of the box,” some hi-tech leaders believe AI and quantum computing could be part of the solution, by helping to design synthetic substitutes and alloys. Speaking at this year’s World Economic Forum, SandboxAQ CEO Jack Hidary said these tools could compress decades of material development into a few years, thus bypassing China’s near-monopoly on refining.

Experts stress that in the critical minerals competition, it’s not a choice between domestic innovation and global diplomacy and out-of-the-box ideas; the U.S. should be trying all of these measures – and more.

“A long-term strategy must take an all-of-the-above approach,” Farwa Aamer, Director of South Asia Initiatives at the Asia Society, wrote in a recent report. “It must build capacity in the United States and among trusted partners, while also supporting research into alternatives and substitution technologies.”

A Long Road Ahead

President Trump has already claimed that victory in the minerals competition is on the horizon. “About a year from now, we’ll have so much critical mineral and rare earths that you won’t know what to do with them,” Trump said at a signing ceremony for the U.S.-Australia minerals agreement.

Experts have a different view – noting that new mines and refineries will take a decade or more to come online, some would-be allies may be reluctant to join the U.S. coalition, and the Trump administration’s recent funding pledges may face political challenges as well.

The domestic policy “is not without risk,” Froman said. “The U.S. government has announced more than $30 billion of direct funding commitments…related to critical minerals. In a number of cases, the government is taking direct equity stakes in private companies, pushing the envelope of industrial policy into the realm of state capitalism. The taxpayer stands to lose a great deal if these investments and loans go south.”

The Nikkei Asia Review surveyed experts after the “Project Vault” announcement and said that overall, the U.S. faces a “decade-long” road to loosening China’s grip on rare earths” – with refining representing the principal challenge.

Meanwhile, China isn’t standing still. Beyond the lever of export controls, Beijing has moved to build a global minerals alliance of its own, and it continues to challenge U.S. efforts on the world stage. Experts note China’s recent success in gaining control of a major Tanzanian rare-earth mine, which for years had been held by an Australian company and seen as a model for creating a China-free supply of rare-earth minerals. According to Benchmark Mineral Intelligence, Beijing now stands to receive all the rare earths flowing from Tanzania, one of the world’s major emerging sources of the elements, by 2029.

Can the U.S. still “win” the critical minerals competition? Experts say the answer is Yes, if winning means reducing vulnerability and building a coalition strong enough to blunt Chinese coercion. Put differently, success would mean that China cannot use its minerals advantage to shut down U.S. defense or tech production.

“Winning in critical minerals means reducing net import reliance by scaling mining and processing at home and with trusted partners,” Silverado’s Khan said, “so that China can no longer use these critical minerals as leverage in trade conflicts, securing U.S. economic and national security for the long term.”

Villalobos said the most important challenge is ensuring a price floor for minerals, one that lasts and exists for more than one company at a time (at the moment only the MP deal has such a provision). “If you can get a price floor that applies to the whole industry and that’s global in scale, that’s victory. After that it’s just a waiting game.”

But if winning is defined as replacing China as the world’s dominant minerals power, and doing so anytime soon, then it would appear the answer is “No.” And even in the best-case scenario, much will be needed for a “win”: a consistent stream of domestic investments – likely running north of $100 billion; effective cooperation with allies; far greater refining capacity; and innovation in domestic mining, recycling and possible alternatives to existing minerals. Again, an all-of-the-above approach – along with a measure of patience.

“Do I believe that the U.S. has a chance?” Villalobos said. “The answer is yes. The reality of the ‘yes’ is that it’s going to take a while.”

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Iran Exposed a New Reality for U.S. Air Power

OPINION — For thirty years, American wars have contained a quiet assumption: that the skies were uncontested. From Grenada and Panama, through Desert Storm, Afghanistan, Iraq, and Libya - the US could reliably achieve air superiority very quickly, almost a preordained fighting condition. Operation Epic Fury, however, has challenged that assumption, marking the first time in a generation the US has been forced to establish air superiority. And though air superiority was achieved over Iran in less than 100 hours, that superiority required a massive, multi-layered effort that contrasts with three decades of precedent.

For a generation, US policymakers and military planners have taken air superiority as a starting condition of war. No adversary, not since Korea or Vietnam, has had the capacity to challenge US warplanes for control of the skies. Panama for example, during Operation Just Cause, had neither fighter jets nor surface-to-air missiles (SAMs), and had to rely on small arms fire to thwart American air power. In Afghanistan, during Operation Enduring Freedom, the Taliban’s air force featured a handful of Cold War relic aircraft and MANPADS, left over from the Soviet-Afghan War, against which US forces could operate with impunity. Even during Operation Desert Storm, the US leveraged electronic warfare and stealth aircraft to destroy Saddam’s French-built, centralized “KARI” Integrated Air Defense System (IADS) in a concentrated effort, establishing air superiority rapidly. And again, in Serbia, NATO was able to dominate the air by effectively bypassing Serbia’s capable, yet fragmented, SAMs. On different continents, in different decades, against different adversaries—the outcome was always the same: the US expected to achieve air superiority and did so quickly.

But Iran offered the US a different kind of challenge. Tehran, long hampered by sanctions, understanding they could never achieve parity with the US, didn’t try to build an equivalent air force. Instead, Tehran spent decades building a defensive system that could complicate access, making the establishment of air superiority costly and uncertain. Rather than invest in cutting-edge fighters that could go toe-to-toe with the F-22, Iran invested in IADS, including layered SAMs, radar networks, ballistic missiles, drones, and hardened infrastructure. The result was a patch of airspace that the US would need to fight to dominate.

Iran’s air defenses fell quickly, too, in just four days, but it was only after the execution of a massive, multi-domain campaign that relied on unprecedented intelligence sharing from a regional partner; unlike recent conflict that leaned heavily on limited air assets, Iran required a coordinated multi-domain effort across cyber, space, and air. Phase one featured the blinding and spoofing of Iranian defenses with cyber, space, and electronic warfare systems. Phase two featured the Suppression of Enemy Air Defenses (SEAD), the destruction of Iranian radars and missiles with stealth aircraft (i.e., the B-2 Spirit) and standoff missiles (i.e., Tomahawk, PrSM). And phase three, penetration, with full strike operations and heavy bombers dropping guided bombs. In all, more than a thousand targets were struck. The point being: that even for the world’s most capable air force, dismantling Iran’s IADS required an enormous and coordinated effort; air superiority was achieved - but it was far from automatic.

Ultimately, American and Israeli forces needed just four days to establish air superiority over Iran, whose airspace now, more than one month into the conflict, is essentially permissive. And while the four-day timeline suggests a rapid collapse, the speed of victory masks the exertion that was needed to achieve air superiority, and what that exertion suggests about future wars.

Iran is formidable only by regional standards; their IADS is modest when compared to the air defense networks of major powers like Russia or China who can boast dense IADS, long-range missiles, layered air defenses, and distributed networks. And the major powers, no doubt taking notes on the hindering effects of Iran’s IADS, will likely be inclined to continue bolstering their own IADS networks. From the American perspective the problem here is clear: if dismantling Iran’s system required such a massive opening campaign, the challenge of gaining air superiority against a near-peer will certainly be far greater. Epic Fury may well have established a new precedent, setting the tone for the next generation of US warfighting, in which control of the air is no longer a default starting point, but rather the first objective.

For thirty years, American military power has operated under an assumption gained through the Cold War’s end: that the skies are ours. Operation Epic Fury suggests the first meaningful counter to that assumption. And though the US maintains a technological advantage in the air, the next generation of war could require the US to once again fight for control of the skies.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

How Close the Iran War Came to a Nuclear Disaster

OPINION — “Nuclear facilities on both [the Iranian and Israeli] sides have been targeted. That’s where we are in this war, and that’s how far it’s escalated. If a nuclear reactor like [Iran’s] Bushehr [nuclear power plant] were hit there’s a significant risk of a meltdown and leaks of extremely dangerous radioactive materials that would affect all countries in the [Middle East] region, and, of course millions of people including Americans and American service members.”

That was Rep. Joaquin Castro (D-Texas) speaking last Tuesday at a House Foreign Affairs Committee meeting on “Securing the Future: Arms Control and International Security for the Modern Age,” where Thomas G. DiNanno, Under Secretary of State for Arms Control and International Security was the only witness.

As the U.S./Israeli air attacks have increased and Iranian missile and drone strikes continued, Rep. Castro’s concern was echoed by International Atomic Energy Agency (IAEA) Director General Rafael Mariano Grossi.

At the hearing, Rep. Castro called attention to Iran claiming that on March 17, a projectile hit a structure about 1,000 feet from Iran’s Bushehr nuclear power plant. IAEA’s Grossi called it “the reddest line of nuclear safety.”

On March 21, Iran missiles attacked two southern Israeli cities including Dimona, which is about 8 miles from Israel’s Shimon Peres Negev Nuclear Research Center. This Israeli research center contains a secretive nuclear reactor, plutonium reprocessing facilities, and laboratories -- and was where Israel first developed nuclear weapons in the 1960s.

During last week’s House committee hearing, Castro and DiNanno tangled over Israel’s nuclear weapons program, but I will deal with that below.

Iran’s March 21, ballistic missiles that struck Dimona, injured more than 20 people, but for the first time penetrated Israeli air defenses near what is Israel's main nuclear research facility. Iran said explicitly it was targeting the Negev nuclear research center in retaliation for U.S./Israeli attacks on Iran’s Natanz enrichment facility only a day earlier.

So ten days ago, Iran demonstrated its ability to reach Israel’s most sensitive nuclear-related sites, despite President Trump and Prime Minister Benjamin Netanyahu claiming earlier that Iran’s missile capabilities had been “destroyed.”

On the evening March 24, hours after the above-mentioned House hearing, Iran claimed a U.S. missile struck the premises of the Bushehr Nuclear Power Plant, but there was no damage to the nuclear reactor, no injuries to staff, and the plant continued to operate normally with radiation levels stable. That was the second such attack at Bushehr in just over a week.

A third attack in the vicinity of Bushehr took place last Friday when Israeli planes struck the Shahid Khondab Heavy Water Complex in Arak, a key plutonium production site for possible use in making nuclear weapons. Israel also hit a uranium processing facility in the Iranian city of Yazd, where they extract raw materials essential to the uranium enrichment process. Again, the reports were there were no radiation leaks.

Al Jazeera reported from Tehran that these recent strikes on two major Iranian nuclear-related facilities could prompt the Iran military to target Israeli nuclear sites in Dimona again, as it did on March 21. At the same time, IAEA Director General Grossi reiterated his call for “military restraint to avoid any risk of a nuclear accident."

At the March 24, House hearing, Rep. Castro asked Under Secretary of State for Arms Control DiNanno, “What is the [Trump] administration’s assessment of the risk of nuclear escalation or radiological disaster in this war and what steps is the United States taking to prevent it?”

DiNanno initially replied that “operational questions would rest with [U.S. Central Command’s Commander] Adm. [Charles] Cooper,” and that “all resources that the [State Department] Nonproliferation Bureau [has] would be made available and are available should they want it.”

DiNanno quickly added, “I’ve had conversations with my colleagues in the War Department specifically to this issue and operationally the War Department would address the type of things.”

Asked by Castro if he could share any information he had received, DiNanno replied, “Admiral Cooper would be the decision-maker on how that would be, any hypothetical situation would be, addressed.”

Castro then asked a series of questions about Israel’s nuclear weapons that put DiNanno in a difficult situation, but one that has a complicated history which I will explain below.

Castro said, “I don't believe that you've adequately addressed the nuclear risks here. So, let's take a step back and establish some basic facts. The [Trump] administration has said that Iran is, or was, close to developing nuclear weapons, but they haven't discussed what Israel's capacity or capabilities are. So, I want to ask you, does Israel have nuclear weapons?”

DiNanno answered, “I'm not prepared to comment on that.”

“You’re not prepared to comment on that,” Castro said, and then went on, “It’s a very basic question. We are with an ally, conducting a war against Iran. We all know what American capabilities are; the U.S. Government has spoken what Iran’s capabilities are. Can you tell us what Israel's capabilities are? The consequences, as you know, are grave. This war continues to escalate tell us something as Congress, as the oversight body what is Israel's nuclear capability in terms of weapons?

“I can't comment on that specific question,” DiNanno said, “I'd have to refer you to the Israelis on that.”

“Does that mean you don’t know?” Castro asked.

DiNanno responded, “I can’t comment on that sir.”

I have to point out that Under Secretary DiNanno was following an historic, classified Executive Branch directive which for decades has forced U.S. officials into what’s been called “implausible deniability,” when it comes to the question of Israel’s nuclear weapons arsenal.

Books have been written about how Israel secretly began a nuclear weapons development program in the late 1950s and with the help of some French and American manufacturers by 1967 had built a few nuclear bombs with radioactive material from a nuclear reactor near Dimona.

Aware of the Israeli activity, U.S. Presidents John Kennedy and Lyndon Johnson tried to halt the program but, according to Israeli-American historian Avner Cohen, in 1969 an unwritten agreement was apparently reached between President Richard Nixon and Israeli Prime Minister Golda Meir.

The agreement was that Israel would not confirm it had nuclear weapons nor test any; the U.S. would not push Israel to give them up nor join the Non-Proliferation Treaty. In addition, the U.S. Government adopted as policy that Israel’s possession of nuclear weapons remain a classified secret.

That official U.S. Government policy has continued since 1969, and as a result there is limited public discussion and press coverage of Israel’s nuclear weapons. The Stockholm International Peace Research Institute in 2025 estimated Israel possesses approximately 90 nuclear warheads, but others suggest numbers as high as 200 with nuclear warheads on ballistic and cruise missiles and well as nuclear bombs.

Nonetheless, there is coverage not just in the American press, but also in the Israeli press.

For example, back in June 2002, I wrote in The Washington Post a story that began, “Israel has acquired three diesel submarines that it is arming with newly designed cruise missiles capable of carrying nuclear warheads, according to former Pentagon and State Department officials, potentially giving Israel a triad of land-, sea- and air-based nuclear weapons for the first time.”

In 2016, the Times of Israel, using a standard attribution “according to foreign reports” as a way of not violating their country’s secrecy, described those same Israeli submarines as “capable of delivering a nuclear payload.”

One reason Iran’s hardliners want a nuclear weapon is because Israel, their nearby neighbor, has had them for decades.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Telling China's Story Well: The PRC's Strategic Narrative as an Instrument of National Power

Executive Summary

Since President Xi Jinping's 2013 directive to "tell the story of China well" (讲好中国古事), the People's Republic of China has developed a systematic thirteen-year strategy treating "discourse power" (话语权) as a core component of Comprehensive National Power (CNP). This approach has enabled measurable influence gains, demonstrating that narrative power is not supplementary propaganda but a strategic weapon comparable to hard power.

Introduction

‘Chinamaxxing’ is a 2026 viral trend where non-Chinese social media users are sharing videos of themselves “learning to be Chinese” by adopting Chinese lifestyle and wellness behaviors. This trend is a recent example of the PRC’s growing soft power and influence around the world. As the U.S.’ soft power declines, China is swiftly catching up, narrowing its gap to only 1.5 points according to BrandFinance’s 2026 Global Soft Power Index.

China’s influence has been growing due to a long-term, concerted effort to “tell the story of China well” (讲好中国古事), a phase which President Xi introduced in 2013, elevating strategic narrative to a core priority of Chinese statecraft. In 2021, he elaborated on this directive, instructing Party members to "work hard to cultivate a trustworthy, loveable, and respectable image of China" (努力塑造可信、可爱、可敬的中国形象) in order to “expand China’s circle of friends”.

Theoretical Foundation

China's strategic narrative derives from Sun Tzu's principle of subduing enemies through persuasion rather than force. Chinese strategic documents explicitly position discourse power alongside territory, population, and military capability as determinants of national strength. The "Yellow Book of International Politics" places discourse power in the outer ring of CNP factors, while Xi's 2021 elaboration called for cultivating a "trustworthy, loveable, respectable" (可信、可爱、可敬) Chinese image.

Unlike Western diplomacy that treats communications as supplementary to policy, China elevates soft power to strategic equivalence with hard power—a fundamental departure with significant implications for great power competition.

The Four Pillars Framework

The PRC organizes its strategic messaging around four thematic pillars:

The Party: Narratives like "Rural Revival" and "Peaceful Pluralism" (Xinjiang content) demonstrate CCP benevolence and governance capability.

The Dream: Stories of deliverymen-poets and young scientists portray China as a meritocracy where aspirations flourish.

The Culture: "Cosmopolitan Cool" (viral cyberpunk Chongqing content) and "Heritage Glam" position Chinese civilization as ascendant and globally relevant.

The Cooperation: Belt and Road Initiative infrastructure and peacekeeping narratives frame China as a responsible global power.

These pillars are substantiated by $962.1 billion channeled through BRI across 126 countries since 2013, with Southeast Asia ($237.7 billion) and Africa ($230.4 billion) as primary recipients.

Precision Propaganda Methodology

The PRC employs a sophisticated three-tier targeting system:

Classification segments countries by relationship type. Competitors like the United States receive passive, data-driven messaging. Partnership-open nations receive "soft stories" emphasizing cultural connection. BRI members receive proactive development and poverty alleviation content.

Stratification differentiates elite versus mass audiences. Political elites receive messaging emphasizing commonality. Academic elites receive logic-driven, research-based content. Mass audiences are subdivided by age—younger audiences via internet slang and new media; traditional audiences via conventional channels.

Grouping targets individual characteristics including gender, religion, age, and interests, with particular emphasis on cultivating internet influencers. Beijing has hosted American influencers on curated trips designed to generate organic positive content.

Measurable Impact

The strategy is delivering quantifiable results. The Lowy Institute Southeast Asia Influence Index shows China leading the United States across most ASEAN nations with an aggregate regional score of China 65 versus US 25—a 40-point advantage. China holds significant leads in Myanmar (+37), Laos (+34), Cambodia (+20), and Singapore (+22). The US leads only in the Philippines (+13) and Timor-Leste (+40).

The ISEAS State of Southeast Asia Survey 2025 reveals Southeast Asians choosing the United States over China dropped from 61.1% in 2023 to 49.5% in 2024—an 11.6 percentage point decline in one year. The BrandFinance 2026 Global Soft Power Index shows the US-China soft power gap narrowed to just 1.5 points.

Beyond influence metrics, the strategy has enabled direct interference operations. In April 2025, Philippine security officials revealed China's state-sponsored campaign to influence midterm elections through Chinese Embassy payments to local firms hiring "keyboard warriors."

Strategic Recommendations

Five imperatives emerge for US and allied policymakers:

1. Recognize the system: China's narrative architecture is coherent strategy requiring equally systematic responses.

2. Address counter-narrative gaps: The US lacks an equivalent positive narrative framework; American messaging remains reactive criticism rather than proactive aspiration.

3. Link economic and narrative strategy: BRI's $962 billion creates narrative infrastructure; debt relationships generate dependency translating into discourse power.

4. Develop precision capabilities: Allied nations require granularity in audience segmentation matching PRC's elite/mass stratification.

5. Treat ASEAN as bellwether: Southeast Asia demonstrates China is winning the influence competition; it offers both warning and laboratory for broader competition.

Conclusion

Xi Jinping's directive to "tell China's story well" has evolved into a comprehensive strategic narrative system that treats persuasion as power. Through the Four Pillars framework, precision propaganda methodology, and sustained investment across policy, pop culture, and personality channels, the PRC has achieved measurable influence gains in critical regions. The strategic implication is clear: in an era where discourse power contributes to comprehensive national power, nations that fail to proactively assert their own narratives will find themselves playing roles assigned by others. The contest for the future will be won not only by those with the strongest economies and militaries, but by those who tell the most compelling stories.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Chalk Mark Still Matters: Russian Espionage Handling in the Modern Era

KREMLIN FILES: A brush of a hand against a park bench with chalk; or, a piece of electrical tape left on a mailbox. Sometimes it’s a coded phrase buried in a routine email with an encrypted picture. This is what Russian intelligence tradecraft looks like: subtle, disciplined, and built on signals most people would never notice. With the campaign of Russian hybrid war taking place across the European continent, it is more important than ever for NATO’s intelligence services and the general public to be mindful of Russian espionage tradecraft. That same tradecraft is also shared – at least in part-- with some of our other adversaries, including Chinese intelligence, Iranian IRGC (Revolutionary Guard) or other elements, and even terrorist groups. There has never been a better time for Americans to exercise vigilance regarding our adversaries and their intelligence services.

For the Russian intelligence services (RIS), over a century of experience-- from the Cheka to the KGB and today’s SVR and GRU-- has helped refine the art of handling agents in what they consider hostile foreign environments. While technology advances, the fundamental principles remain largely unchanged: compartmentalization, deniability, patience, and psychological control. The early Bolshevik revolutionaries had to understand spy tradecraft because they were leading a major conspiracy against the Tsar. They were enemies of the state, traveling under false passports and following what they called the “rules of conspiracy” to carry out their revolution.

Some aspects of Russian agent handling have evolved, but others remain the same. In my upcoming book on Russian intelligence tradecraft (out with Naval Institute Press, April 2026), I have a chapter devoted to Russian “street tradecraft” or how they handle their recruited agents. CIA calls this practice “sticks and bricks.” The RIS train on this heavily at their intelligence academies, including surveillance/countersurveillance techniques, agent signaling and handling, and the use of operational technology in agent communications. These tactics have evolved as well over the years to include satellite- and computer/encrypted-based “covert communications,” or what the Russians commonly call “spets-svyaz.”

Studying these techniques and their patterns is more important than ever with Russia unleashing a wave of covert action and sabotage operations against NATO and the West. Invariably, among those operations, there will be handling of espionage penetrations of NATO countries and their governments. And when they have highly placed agents, or even those placed in the media, companies, or NGO’s, the SVR, GRU, and FSB will use the following types of tradecraft to handle them.

Russian Agent Signaling and Handling Practices

Signaling is fundamental to any agent-handling operation (recall that the Russians, like U.S. services, do not refer to their officers as agents—the term agent is reserved for the asset, or foreign spy, being handled). Before any message is exchanged, agents and handlers must confirm that it is safe to communicate and then signal that the material exchange has been successful. Russians use what we often like to call “urban geography,” meaning telephone poles, mailboxes, park benches, or signs. Things that won’t typically move but are part of our everyday life and can be easily described to an agent, while still being distinct.

For example, the KGB used telephone and utility poles to mark signals and packages for the recruited cryptographic spy John Walker in the 1980s, while he was betraying the U.S. Navy in the case that became known as the “Walker Family of Spies.” The utility poles had the advantage, as the KGB noted, of each bearing a specific metal plate or identifier, which Walker could verify before dropping his reels of photographed documents, often concealed among various pieces of garbage (such as photographic reels placed in empty soda cans).

Dead drops, or what our British colleagues call “dead letter boxes,” are equally fundamental to Russian agent handling. They call them “tainiki,” meaning “concealed” or “secret place.” The Russians will use sealed and concealed containers — magnets under bridges, hollowed-out stones, or waterproof capsules (sometimes just double-wrapped trash bags) set in quiet locations or buried shallow in parks. These dead drops allow material to be exchanged without face-to-face contact. The method minimizes exposure: no meeting, no surveillance photographs, no conversations to intercept, and no risk of the FBI, British BSIS, or other foreign counterintelligence services following the agent or the Russian intelligence officer (RIO) to the meeting, thereby compromising the op.

And then there are communications protocols. Historically, this meant one-time pads and burst radio transmissions used by Russian agents throughout the Cold War. All of the Russian illegals who were arrested in the “Ghost Stories” case publicized in 2010 were trained and utilized to some extent or another in these systems. They involve encrypted messaging apps, laptops wired for covert exchanges, steganography in digital images, or covert Wi-Fi exfiltration from public spaces.

With all these practices, the same rules endure from the early days of the Bolshevik Chekists: assume compromise is inevitable, and design for resilience and redundancy in agent communications.

Surveillance Operations Abroad

Abroad, the SVR and GRU use surveillance more selectively than at home. Russia is indeed a modern surveillance state, but abroad, the RIS are the hunted and watched. The FSB operates less abroad than its foreign intelligence service and military counterparts, but it has made more forays into foreign work than ever, particularly in special operations and so-called “wet work.” The goal with surveillance, for all three services, is to monitor adversarial services (i.e., all diplomats from NATO and other countries that Russia considers adversaries—a list that is growing), protect their own officers, and, sometimes, use it to find kompromat—compromising material to intimidate potential recruits via extortion.

The SVR and GRU each have dedicated surveillance teams that can deploy abroad under the guise of illegal or other official or non-official covers. But more often than not, they employ their own IO (intelligence officer/staff officers) from Residencies already abroad in order to conduct “pick-up” teams to surveil targets of interest. This is not a best practice, but one they are forced into by the PNGs (declaration persona non grata), or expulsions, of hundreds of their intelligence officers from NATO and other countries in recent years. The RIS no longer have the staffing they once did under official cover at embassies abroad.

Naruzhka, as the Russians term the surveillance art, is never just about “following.” It supports countersurveillance, ensuring GRU and SVR officers are not under adversarial monitoring before a meeting or dead drop. Also, for the various acts of operational security with meetings, Russians use surveillance detection routes, which they call “marshrut proverki” or MP’s. When they have the resources to do so, just as in Russia, the SVR, GRU, and sometimes even the FSB map the routines of foreign officials or business leaders. Their goal is to determine whether those targets are viable recruits or potential targets for other operations, like their “direct action” and assassination attempts abroad.

Lessons Learned and Forgotten, From the Cold War

Good counterintelligence isn’t about chasing cinematic spy stories, but about recognizing patterns: subtle signaling behaviors or unusual compartmentation requests. These can be seemingly low-value contacts that, over time, map a network. U.S. and allied services have disrupted sophisticated networks run by the RIS over the years, many times over. Still, the operating environment has unfortunately only become more permissive for spying as methods using technical resources expand.

Global mobility, digital platforms, academic openness, and venture capital ecosystems create frictionless access points that hostile services exploit patiently and methodically. That means counterintelligence tradecraft must be just as disciplined. Allied services need to employ pattern analysis, cross-domain collaboration, and data integration. Defensive briefings need to be practical, not paranoid or meant to intimidate employees. Early anomaly detection inside sensitive programs is important. And above all, we need to exercise our collective institutional memory: understanding that these methods are not new, only repackaged.

Companies, universities, research centers, and startups sit on the front lines, whether they realize it or not. Talent recruitment, joint research proposals, conference networking, investment offers, and data partnerships can all be legitimate, or occasionally something else. The RIS and their Chinese allies understand that long-term access is preferable to short-term theft. They cultivate relationships, not just sources, and they play on ego, especially with academics, diplomats, and businesspeople. The Chinese recruitment of former CIA officer Kevin Mallory is a case in point—recruited and contacted by the Chinese through a job-hunting social media platform.

We are targets — both in the United States and with all of our European allies. We are so, not because of paranoia, but because of capability and innovation that are the envy of Russia. That and our democracy, which Putin fears. He can’t afford for the Russian people to have the benefit of democracy and the freedoms we enjoy. If he allowed it, his reign could not have lasted as long as the longest of the Tsars.

The Russians still use the term “GP” (glavnii protivnik) to refer to the U.S. as the main adversary. Ask any RIO, and they will quickly state that the UK, Germany, and all our NATO allies rank 2,3,4 etc. We need to be aware, actively collaborate, and remain constantly vigilant. The brush of a hand against a bench. A benign LinkedIn message. A visiting scholar with a narrowly defined question set. Tradecraft hasn’t disappeared, but has adapted. Vigilance, transparency, and informed skepticism aren’t overreactions. They are the modern equivalent of checking the lampposts and utility poles for chalk marks.

All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author’s views.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Blockade by Permission: How Iran Determines Who Gets Through Hormuz

For roughly two weeks, the Karachi, a Pakistani-flagged Aframax tanker loaded with crude at Das Island in Abu Dhabi, sat waiting for a signal that never came through official channels. When it finally moved, it did not take the standard shipping lane.

It hugged the Iranian coast, threading through the narrow gap between the islands of Larak and Qeshm, a route mariners are normally advised against, before tracking out into the Gulf of Oman. The tanker’s AIS transponder was broadcasting throughout, as if Tehran wanted the world to watch. The message was unmistakable: Iran was not simply closing the Strait of Hormuz. It was deciding, vessel by vessel, who had earned the right to pass.

Since Operation Epic Fury began on February 28, just 21 tankers have transited the strait, according to S&P Global Market Intelligence, compared with more than 100 ships daily before the conflict. The strait typically handles 21 million barrels of oil per day during normal operations, according to the IEA’s March 2026 assessment.

By this month, global oil supply had fallen by approximately 8 million barrels per day — a reduction the IEA has characterized as the largest oil supply disruption in history. Brent crude surged above $119 a barrel on March 19, the morning after Iran struck Qatar’s Ras Laffan gas field, before settling back above $105 at week’s end, more than 40 percent higher than before the war began.

What is emerging from the wreckage of normal transit is something more strategically dangerous than a closed strait: a permission economy, run entirely out of Tehran.

On March 5, the IRGC announced that Iran would keep the strait closed only to ships from the United States, Israel, and their Western allies. The declaration formalized what ship-tracking data had already begun to reveal. Yet, a growing number of ships have been rerouting via Iran’s territorial waters, suggesting Tehran is allowing permission-based transits to friendly nations, Iran’s Foreign Minister Abbas Araghchi confirmed the architecture in plain terms, saying the strait was “open, but closed to our enemies” — a formulation he repeated across multiple statements that week as Iran’s selective passage policy hardened into a deliberate framework.

According to a United States intelligence source, speaking to The Cipher Brief on background, the process is more transactional than diplomatic: a vessel requests permission directly from the IRGC, and if clearance is granted, it passes missile and drone-free. Those permissions, the source said, come at a price: vessels must pay a fee for the privilege of passage.

The beneficiaries have been carefully chosen.

Iran’s ambassador to India, Mohammad Fathali, confirmed that Tehran had allowed some Indian vessels to pass. Two Indian-flagged tankers carrying liquefied petroleum gas bound for ports in western India crossed early one morning, according to Rajesh Kumar Sinha, special secretary at India’s Ministry of Ports, Shipping and Waterways.

A Turkish-owned ship was also allowed to transit after Ankara received permission from Tehran; earlier, the Panama-flagged but Turkish-owned LPG tanker Bogazici had broadcast via AIS that it was a Muslim vessel under Turkish operation before successfully crossing.

Moreover, Pakistan’s passage was confirmed through a combination of Iranian clearance and direct naval coordination. A military source told Reuters that Pakistani naval officials had been in contact with Iranian counterparts. “No escort was needed, being Pakistani vessels,” the source said. The Pakistan Navy nonetheless provided maritime security to the vessel throughout its journey, according to Pakistan’s Express Tribune.

Jim Krane, energy research fellow at Rice University’s Baker Institute, tells The Cipher Brief that Iran is taking a page directly out of the Houthis’ playbook.

“They’re using Hormuz restrictions as a form of targeted economic sanctions on countries and firms with links to the U.S. and Israel,” he says. The Houthis did the same thing in the Bab al-Mandeb and the Red Sea. ‘Friendly’ cargoes were allowed to proceed, and those with connections to Israel, the United States, and Europe were denied passage.”

The logic is deliberate. Turkey is a NATO member but has maintained independent ties to Tehran. India has not joined any coalition against Iran and continues to import significant volumes of Iranian crude. China, which receives around 45 percent of its oil imports via the strait, was the first country Iran signaled it would favor, with reports emerging on March 4 that Tehran would initially allow only Chinese vessels to pass, citing Beijing’s supportive stance since the conflict began.

The architecture of the selective passage

The vessels that have made it through have not had an easy transit. Even routes shadowing the Iranian coast carry risk. On March 12, a China-owned container vessel called Source Blessing, operating under the Hapag-Lloyd and Maersk Gemini Alliance and broadcasting “China Owner” via AIS, was struck by falling debris while sailing toward Jebel Ali in the United Arab Emirates — not in the strait itself, but close enough to unsettle Chinese shipowners who have since largely avoided the route, according to Lloyd’s List Intelligence.

The attacks have followed no discernible pattern, making planning nearly impossible because operators cannot determine the rationale for targeting one ship rather than another. On March 11, a Thai-flagged bulk carrier, the Mayuree Naree, was struck by two projectiles while transiting the strait, setting fire to the engine room and forcing 20 of its 23 crew to abandon ship. Three crew members remained missing and believed trapped below. By March 6, the IMO Secretary-General confirmed at least six seafarers had lost their lives in attacks on vessels since the war began.

GPS and AIS interference has intensified sharply, affecting more than 1,650 vessels as of March 7 and concentrating spoofed positions near Fujairah and the Gulf of Oman, according to Windward. Some captains have gone dark deliberately — India’s maritime fusion center noted a rise in vessels conducting “dark transits” with AIS disabled to obscure their positions.

Roughly 400 vessels were spotted in the Gulf of Oman, a massive backlog waiting near the chokepoint, according to satellite intelligence from mid-March. About 22 vessels carrying crude, LPG, and liquefied natural gas remained anchored in the strait itself, awaiting confirmation of safe passage.

Skip York, a nonresident fellow at Rice University’s Baker Institute for Public Policy, tells The Cipher Brief that Iran’s closure is ultimately a one-time card.

“It works in the short-term because there are no easy bypass options for all Gulf exports, especially LNG,” he says, but stresses that it accelerates the very supply diversification it seeks to prevent and “runs the risk that shipments out of the Gulf can be seen as unreliable — thus encouraging diversification to oil and gas supplies from other regions.”

Krane is blunter about the path back to open transit.

“Hard to see the U.S. and Israelis bombing their way to an open strait,” he underscores. “Either we invade Iran with ground troops, or we call off the war.”

A fracturing coalition response

The military pressure campaign escalated sharply on March 19, when Joint Chiefs Chairman Gen. Dan Caine announced at a Pentagon press briefing that A-10 Warthog aircraft had entered the fight. “The A-10 Warthog is now in the fight across the southern flank and is hunting and killing fast-attack watercraft in the Straits of Hormuz,” Caine said, adding that AH-64 Apache helicopters from both American forces and regional allies had joined to handle Iranian one-way attack drones.

United States Central Command subsequently published footage of American strikes destroying Iranian naval assets threatening international shipping in and near the strait. Iran, despite the sustained pressure, retains significant asymmetric capabilities — mobile missile launchers, drones, and small boats that can be rapidly deployed from hidden coastal bases.

The coalition picture, meanwhile, remained fractured. At an EU summit in Brussels on March 19, European leaders doubled down on their refusal to join the American and Israeli military campaigns. EU foreign policy chief Kaja Kallas had made clear days earlier that there was “no appetite” among member states to expand the Aspides naval mission from the Red Sea to the Strait of Hormuz, and the summit produced no change in that position.

Germany’s Chancellor Friedrich Merz drew a clear line at the Brussels summit, saying his country would engage only after hostilities ceased.

“We can and will commit ourselves only when the weapons fall silent,” Merz said of potential German military support to secure shipping lanes in the Strait of Hormuz. “We can then do a great deal, up to opening sea lanes and keeping them clear, but we’re not doing it during ongoing combat operations.”

France, Germany, Italy, the Netherlands, the United Kingdom, and Japan issued a joint statement calling on Iran to “cease immediately” its drone and missile attacks and its other attempts to block the strait and expressing readiness to “contribute to appropriate efforts” to ensure safe passage — but stopping well short of deploying combat assets. NATO Secretary General Mark Rutte, meanwhile, acknowledged the urgency without offering specifics.

“Everybody agrees this strait cannot stay closed. It has to open up again as soon as possible. This is crucial for the world’s economy,” Rutte said. “I am confident that allies, as always, will do everything in support of our shared interests. So we will find a way forward.”

York’s near-term menu is narrow. Military pressure is one option, but he sees mediators as the more realistic path. Before Iran struck Ras Laffan on March 18, Qatar’s foreign ministry had said communications with different parties were ongoing — though Doha drew a hard line: no formal talks until Iran stopped attacking its neighbors.

Nothing like the broad convoy operations of the 1980s Tanker Wars — something tighter, more selective, and politically viable given how few allies have been willing to show up.

Read one way, Tehran’s approvals are nothing more than pure coercion. Read another, they are the unwritten beginnings of a framework, terms that exist in practice before anyone has put them on paper.

“This is in many ways positive news, as it indicates that Iran recognizes the need to allow shipping through and that it is open to such negotiations,” Christian Bueger, a maritime security scholar at the University of Copenhagen and the United Nations Institute for Disarmament Research, tells The Cipher Brief, adding that it could “potentially open up possibilities for a more structured and effective approach, initially only for a number of states.”

Moving from passage-by-passage to a rules-based system, he argues, would require “a sort of clearinghouse and coordination mechanism that also involves the shipping industry.”

The yuan gambit and what comes next

Reports have emerged that Iranian authorities floated the idea of allowing limited tanker traffic on the condition that oil transactions be conducted in Chinese yuan. Analysts are split on how much it matters. York’s view is that the dollar’s grip on global energy markets is structural, not symbolic.

“Chinese bond markets are relatively closed, yuan convertibility is restricted, and hedging instruments are thin compared to dollar markets,” he points out.

Krane, however, is similarly skeptical, observing that Iran already settles oil exports in yuan and that it is “not a major share of the market.”

Bueger frames it differently — as deliberate provocation rather than viable policy, “an attempt to undermine U.S. dollar centrality” that Iran will ultimately struggle to enforce.

The math is brutal. More than 75 percent of global spare production capacity is in Middle Eastern countries that ship through the strait, blunting whatever relief emergency reserves can offer. The IEA’s release of 400 million barrels, the largest in its history, covers roughly 20 days of normal Hormuz flows at best.

Under new Supreme Leader Mojtaba Khamenei, the strait continues to serve as Iran’s primary lever. As recently as March 20, he issued a written statement declaring that the “security” of Iran’s enemies “must be taken away” — a formulation that left the definition of enemy, as always, entirely to Tehran. The permission-economy Iran is now running is not a crisis to be managed in the short term, so much as a new geopolitical architecture being stress-tested in real time.

“The war with Iran is so unpopular globally that the sanctions strategy might work, because it allows opponents of the war to signal their displeasure with the U.S. and Israel,” Krane adds. “The countries that get rewarded are the ones willing to make small concessions to Iran — and in return, they gain access to important cargoes via the strait.”

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Trump’s Cyber Strategy Is a Strong Playbook, but It’s All in the Execution

OPINION — The White House is making a significant effort toward putting the nation’s cyber house in order. A newly released National Cyber Strategy represents a big step in the right direction for U.S. national security policy — advocating for the aggressive defense of our national infrastructure.

While the strategy includes important goals for the administration — streamlining regulation, developing the cyber workforce, defending federal networks, and partnering with the private sector — how the administration proceeds will determine whether it achieves the goals the strategy outlines. Across the strategy’s six pillars, the administration needs to clarify its arguments, refine its implementation plans, and improve its articulation of the challenge we face.

Defending U.S. national interests in cyberspace requires understanding the threat to our national security. Despite the prioritizing efforts to shape adversary behavior in the first of the strategy’s six pillars, it falls short of identifying America’s most aggressive adversaries — Russia and China. Both countries have repeatedly targeted American critical infrastructure without a meaningful response from the United States. It fails to mention China’s operational preparation of the battlefield on U.S. soil through its Volt Typhoon campaign against national critical infrastructure or Russia’s targeting of networking devices. Shaping adversary behavior in cyberspace requires identifying who the adversary is.

Pillar One provides a strong, effective argument for developing the offensive cyber capabilities and operations which are critical to enable success in today’s warfare. This White House showed its willingness to use these cyber capabilities in both Venezuela and Iran. There is an ongoing debate as to whether private companies should be allowed more agency to “hack back” against attackers, and the administration is reportedly considering an expanded role for the private sector. While the government should work with the private sector to develop these offensive capabilities, this should be limited to tool building and network defense rather than the actual conduct of offensive operations. If private companies conduct offensive cyber operations, the government risks losing control over escalation in conflict.

Pillar Two prioritizes streamlined regulations. Data and cybersecurity regulations help ensure companies have safe and secure practices. The proliferation of cyberattacks, however, has caused an explosion of cyber-related regulations. The federal government should work with the private sector to ensure that these regulations are comprehensive without being an unnecessary burden on the private sector.

Pillar Three focuses on the important goal of securing federal networks and modernizing procurement. The strategy wisely mentions post-quantum cryptography, zero-trust architecture, and cloud transition. To account for this emerging technology, the government must refine procurement processes to enable continuous improvement of federal networks.

Pillar Four calls for building strong private-public collaboration to defend critical infrastructure. This is a noble goal, but most of former Secretary of Homeland Security Kristi Noem’s work over the past year contradicted this goal. She eviscerated the cyber defense agency’s workforce — reducing it by nearly 40 percent — and disrupted cybersecurity grant programs, weakening the agency’s efforts to support state and local governments and public utilities. She cancelled the Critical Infrastructure Partnership Advisory Council, effectively gutting the federal government’s authority to engage private companies collectively to advance cyber defense.

The Trump administration can reverse this disastrous trend and get the United States on the right track to cyber defense of critical infrastructure. Noem’s replacement should start by rejuvenating and resourcing the Cybersecurity and Infrastructure Security Agency (CISA).

Pillar Five prioritizes American superiority in critical and emerging technologies — a necessary priority for ensuring U.S. success in cyberspace. Executing this strategy requires investment in the research centers that are the driving force for consistent improvement and development of critical and emerging technologies.

A key element of the new cyber strategy is in Pillar Six — its continued commitment to building America’s capability to develop talent in cyberspace. Without a strong cyber workforce in the government, the military, and the private sector, the nation is at risk of falling behind. The administration can validate this pillar with continued support to programs like the CyberCorps: Scholarship for Service which provides scholarships for cyber-related degrees in exchange for government service after graduation.

Because of the administration’s workforce cuts and hiring freezes, the program has faced challenges in the past year with maintaining funding and placing participants. The administration should support and expand funding for the program and prioritize hiring for participants. President Donald Trump should also establish a new military service for cyber, a U.S. Cyber Force, which would create a better mechanism for generating a military cyber workforce sufficient in size and skill to fulfill America’s strategic goals.

Trump would be wise to put the plan into action through additional executive orders (EOs) to implement the stated goals — presidentially signed orders task the federal agencies with discrete deliverables while White House strategic documents lack enforcing power. These EOs should prioritize support for CISA, cyber workforce development, and an organizational construct for taking aggressive action against U.S. adversaries. Taking the “ends” of the strategy and equipping them with “ways” and “means” via EOs will enable continued American superiority in cyberspace.

The six “Pillars of Action” in the new strategy have the potential to guide the United States toward success in cyberspace. That success will depend on whether the administration takes the necessary action to back up the sound rhetoric.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Why the ‘Day After’ Is The Most Important Day in the Iranian Conflict

OPINION — The countries that get held up as models for this kind of US led attack are worth looking at closely, because they’re instructive in the wrong direction.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

From Kyiv’s Skies to the Persian Gulf: How Ukraine’s Drone Technology Is Reshaping Global Defense

As Iranian-designed Shahed drones struck critical infrastructure across the Persian Gulf in early March, military planners in Washington confronted an uncomfortable reality. The weapons that have terrorized Ukrainian cities for four years were now exposing gaps in some of the world’s most advanced air defense networks. Gulf states burned through expensive Patriot interceptors at alarming rates, with each four-million-dollar missile destroying drones costing a fraction of that amount. The solution might come from an unlikely source: Ukrainian defense technology companies offering combat-proven systems forged in modern warfare.

The Brave1 Ukrainian Defense Tech USA Roadshow brought 17 companies to Washington recently, showcasing how rapidly the geopolitical landscape has shifted. These aren’t theoretical capabilities. They’re systems that have faced hundreds of Russian drones nightly for years, refined through trial and error on an active battlefield.

“You have the opportunity to talk with promising companies that are looking for joint partnerships in the US and looking for investors,” Iryna Zabolotna, Chief Operating Officer of Brave1, tells The Cipher Brief at a packed press conference at the Ukrainian Embassy.

Behind her, executives from companies like General Cherry, Unwave, SkyFall, and The Fourth Law represent an ecosystem that has scaled from near-nonexistence to producing millions of drones annually. The question now is whether that expertise can translate beyond Ukraine’s borders.

The numbers tell a stark story. According to Gulf defense ministries, more than 1,000 Iranian drones were detected over the United Arab Emirates alone in the first days of March, with similar waves hitting Qatar, Bahrain, Kuwait, and Saudi Arabia. Traditional air defense systems weren’t designed for saturation attacks. Each Patriot PAC-3 interceptor costs roughly $4 million. The Shahed drones they’re destroying cost between $30,000 and $100,000. Ukrainian companies offer different economics. Sergiy Orlov, Director of International Cooperation at General Cherry, explains that his company produces between 60,000 and 70,000 drones monthly, including 10,000 drone interceptors.

“This is an extremely efficient solution which allows us to defend our civilians, our cities, our country and defend on the front line,” Orlov tells The Cipher Brief. “And it’s extremely cost-effective. We are talking about a solution with a cost of four or five thousand US dollars per intercept.”

The interceptor drones work differently from traditional systems. Operated by pilots using first-person-view goggles, they physically pursue and destroy incoming threats by colliding with them. It’s an approach Ukraine developed when advanced Western systems arrived too slowly.

“If you think of electronic warfare solutions, there are jamming systems, there are amplifiers, and a lot of other things that originally were bought in China,” Yurii Shelmuk, CEO of Unwave, tells The Cipher Brief. “Right now it’s fully, 100 percent, local production in Ukraine.”

Beyond Hardware: The Knowledge Gap

The technology represents only part of what Ukraine offers. The real value is operational knowledge from years of desperate innovation.

“It would normally take years and months to prepare the armed forces of any country around the world to at least get like one-third of the knowledge our Ukrainian armed forces and companies have,” explains Ambassador Olga Stefanishyna. “And by the time they will complete their training, they will have to start over, because things are really changing very, very rapidly.”

This expertise gap became apparent when Russian drones based on Iranian designs struck Poland in September, breaching NATO airspace despite advanced fighter jets and Patriot systems. Poland discovered what Ukraine already knew: responding to mass drone attacks requires more than sophisticated equipment.

Yaroslav Azhniuk, CEO of The Fourth Law, which develops AI-powered autonomy for drones, frames it differently.

“Systems that work not in the cloud, not ChatGPT-like, but systems that work on board on the edge of the drones, I would argue that Ukraine has some of the world’s most advanced systems of that kind,” Azhniuk says.

Before the war, he spent six years in Silicon Valley building Petcube. Now he applies that expertise to weapons.

“That is extremely unique and impossible to replicate anywhere else in the world but in Ukraine, because the current strategic advantage that Ukraine has on the global stage is that it has been in a war with Russia for 12 years,” Azhniuk underscores.

The software represents a less visible but potentially more significant innovation. These systems absorb battlefield experience in ways that can’t be replicated in peacetime training. They’ve adapted to Russian electronic warfare and evolved countermeasures to operate in the most contested electromagnetic spectrum on Earth.

The Supply Chain Dilemma

Beneath the successes lies a challenge: dependence on Chinese components. When Ukraine’s drone industry exploded in 2023, most components came from China. As the sector matured, manufacturers worked to localize production. Azhniuk notes that many drones now use 80-90% Ukrainian-made first-level components.

But second-level components, components used to make components, remain problematic. Thermal camera sensors and battery cells still flow from Chinese manufacturers. This creates both a strategic vulnerability and an intelligence leak.

“When we are localizing or not localizing component production, we are also sharing or not sharing the know-how that is specific to how our warfighters use these drones,” Azhniuk explains.

The scale of demand makes complete independence difficult. Ukraine plans to produce more than seven million drones in 2026. A quadcopter requires four motors, meaning the industry needs 28 million motors annually — roughly 77,000 per day. Azhniuk’s company is now considering building a semiconductor fabrication plant in the United States to manufacture thermal camera sensors.

“We received significant interest from parties in the United States,” he points out. “It’s crucial for the defense of the free world to build this internal capability for the whole supply chain.”

The Political Calculation

The roadshow arrives amid delicate negotiations. President Trump previously announced a drone deal with Ukraine, but months passed without visible progress. Ambassador Stefanishyna acknowledges the arrangement hasn’t produced a formal memorandum but insists a real partnership has developed. Ukrainian companies have been selected for Army-led drone innovation programs, and delegations have conducted exchanges with the Pentagon.

The Iranian attacks changed the conversation. President Zelenskyy confirmed that Ukraine will deploy equipment and experts to Jordan at the American request, though operational details remain classified. This highlights Ukraine’s leverage: it possesses both the technology and trained personnel to operate these systems in combat.

This creates opportunity. Ukraine desperately needs PAC-3 missiles for Patriot systems to defend against Russian ballistic missiles — the one threat its interceptor drones cannot address. Gulf states need interceptor drones to preserve their Patriot stocks. Zelenskyy has publicly floated exchanges.

“For the future, of course, we will consider the ways we could engage on a basis that would really not undermine our own efforts but also will enable the companies,” Stefanishyna observes. “Because you see here the representatives of the companies, these are private entities. These are not state-owned companies, so we’re just happy to share the platform with them.”

The private sector nature of these companies complicates matters. Ukraine banned weapons exports after Russia’s invasion in 2022. Any sales to foreign governments require explicit authorization and are likely to involve complex arrangements between military channels rather than direct commercial transactions.

Scaling Global Ambitions

Beyond immediate Middle East needs, Ukrainian companies harbor larger ambitions. Artem Moroz, Head of Investor Relations at Brave1, describes the roadshow as part of building Ukraine’s “Defense Tech Valley”— an ecosystem modeled on Silicon Valley. The Brave1 investment community now includes more than 400 investors, with nearly 200 million dollars invested.

The roadshow spans multiple American cities through mid-March, with demo days in Washington, New York, Austin, and San Francisco. Events have drawn interest from defense contractors, venture capital firms, technology companies, and congressional representatives. Ukraine is also establishing joint grant programs with Norway, France, and other NATO countries.

“You have Silicon Valley. We would like to have a Defense Tech Valley in Ukraine,” Zabolotna says.

It’s an audacious vision for a country still fighting for survival, yet grounded in demonstrated capability. Ukrainian companies have moved from concept to mass production in months. They’ve iterated designs through actual combat rather than theoretical exercises.

“We were under pressure. We were under threat,” Zabolotna continues. “And definitely, the Ukrainian ecosystem would like to create solutions that can protect us. The main idea is that many Ukrainian companies that are now in defense — previously, before the full-scale invasion — worked more like private entities, such as civil or dual-use, and nobody was eager to create a defense ecosystem in Ukraine. I think it’s pressure and our brave hearts that Ukrainians would like to protect our land and our citizens, whatever we should do.”

In essence, the wartime pressure transformed Ukraine’s civilian tech sector into a defense innovation powerhouse driven by existential necessity and national survival.

The Replication Challenge

Whether Ukraine’s model can be replicated or exported at scale remains uncertain. The companies acknowledge that hardware represents only part of the solution. Training pilots takes at least weeks. SkyFall, one of Ukraine’s largest UAV manufacturers with drones deployed in more than two million missions, runs its own academy. The company has developed the capability to remotely pilot drones, potentially allowing operations in the Gulf to be controlled from Ukraine.

The tactical knowledge poses an even greater challenge. Russian forces continuously adapt their Shahed deployment strategies, recently implementing swarm tactics with “mothership” drones managing dozens of smaller units. Only Ukrainian military units that have experienced these evolving tactics understand how to counter them. Orlov emphasizes that effective deployment requires “mutual cooperation between us as a private company and, for sure, the state which can supply this knowledge.”

The competitive landscape is also evolving. Other countries have begun developing low-cost interceptor programs. The Pentagon has established squadrons using drones reverse-engineered from captured Iranian Shaheds. But Ukraine maintains an advantage: its systems are already in mass production and combat-proven.

As the Washington roadshow continues, Ukrainian companies face questions about whether they can scale production to serve both domestic military needs and export markets. Orlov suggests his company could double its monthly production of 10,000 interceptors within weeks. But broader supply chain constraints make rapid global expansion challenging.

The Middle East crisis has created an unexpected opportunity for Ukraine to translate battlefield necessity into geopolitical leverage. Whether that translates into sustainable partnerships will depend on political will, export controls, and the evolving dynamics of conflicts in both Eastern Europe and the Middle East.

For now, the message from the Ukrainian delegation is straightforward: they’ve solved problems others are just beginning to understand.

“You’ll actually be surprised how many countries woke up already,” Shelmuk stresses, “and you’ll be even more surprised how many expressed interest.”

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Why Hasn’t Iran Buckled Under U.S.-Israeli Pressure?

EXPERT Q&A -- There are more questions than answers around the reported delivery of a U.S. 15-point plan presented to Iranian officials via a Pakistani interlocutor, with the intention to end the war, including whether the plan has been outright rejected by Iran.

It’s not clear for example, whether Israel is onboard with the proposal, as airstrikes continue, and it is unclear how open Iran would be to any kind of deal after weeks of bombings and days of conflicting messages about whether negotiations are really underway.

Despite U.S. and Israeli air superiority and a significant degradation of Iran’s missile capabilities, Iran still has a number of ways that it is fighting back.

The Cipher Brief spoke with former senior CIA Executive Dave Pitts, who is the co-founder of The Cipher Brief’s Gray Zone Group, about what Iran’s surprising resilience in the face of the U.S. – Israeli led attacks, tells us about what we should expect next.

Pitts: Iran’s staying power and effective asymmetric response despite sustained U.S. and Israeli strikes has surprised analysts and frustrated Western and regional officials. By conventional metrics, Tehran should have crumbled or sued for peace under the sustained pressure of two of the world’s strongest militaries dominating its skies. Instead, decades of gray zone operations - gray warfare - prepared Iran for this moment.

The gray zone is the geopolitical space between peace and war, where nations take action to advance their own national interests, attack and undermine their adversaries, and set the conditions for a future war without triggering an armed response. In other words, operations below the threshold of war calculated to gain a strategic advantage and to limit deterrence and discourage a persuasive response.

Gray warfare and asymmetric warfare function as counterparts along the spectrum of conflict - one below the threshold, the other above. The same tools allowed Iran to transition rapidly from the gray zone to asymmetric warfare against superior conventional forces. How asymmetric warfare exposes the limitations of traditional military power is a topic for separate discussion.

Iran’s preparation was extensive: building surrogate armies, stockpiling concealable stand-off munitions, honing capabilities to disrupt maritime shipping, expanding the IRGC’s ability to coerce and intimidate its neighbors, conducting influence operations against Israel and the U.S., and forging transactional ties with Russia and China. These efforts produced forces and capabilities with depth, dispersion, and autonomy, shrouded in ambiguity and propagandized as undefeatable.

Today, rather than surrender or collapse, Iran is waging a deliberate asymmetric campaign relying on drones and missiles, that has destabilized the region, forced evacuations, closed airspace, and injected volatility into global energy markets. Its objective is not a military victory but cognitive and political effect: to stoke fears of a broader regional war, erode public and political will, and influence decisions that will force an end to the war on terms favorable to Tehran.

Iran’s response is not a new military development. It is the predictable outcome of years spent waging gray warfare against the West. Washington and its allies should see this as the culmination of long-term gray zone strategy, not an aberration, to avoid strategic surprise with other adversaries.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Romania Pays the Cyber Price for Backing Ukraine. Where is the EU?

OPINION – When ransomware groups hit Romania’s national water agency, its largest coal-fired power producer and oil pipeline operator all in recent months, it would have been easy to file each incident under “criminal nuisance” and move on. But the ransomware gangs targeting the national critical infrastructure, including groups like Qilin and Gentlemen, are not merely profit-driven criminals operating in a vacuum. They are key vectors of Russian hybrid warfare in Europe.

In a recent interview with Recorded Media, Romania’s top cybersecurity official Dan Cimpean highlights that these frequent cyber-attacks are not merely operations performed by non-state actors looking for extracting financial benefits. These attacks, Cimpean argues, are systematic and geopolitically timed, often coinciding with Romanian political decisions tied to support for Ukraine. As observed in the Kremlin-sponsored interference campaign targeting Romania’s presidential elections in 2024, Russia is “trying to destabilize our social, political, and economic life”.

Romania, which has NATO’s largest land border with Ukraine, is not an outlier. Polish energy infrastructure was recently hit by Moscow-linked actors. Moldovan parliamentary elections in 2025 were accompanied by cyber and disinformation operations amplified by artificial intelligence. Dutch intelligence has warned that Russian cyberattacks, sabotage, and cover influence campaigns across Europe are intensifying. The pattern is clear and so is the trajectory: fearing military loss in Ukraine, Russia attempts to destabilize Kyiv’s most supportive European partners. What is less clear is why the European Union is not acting for increasing the costs for these cyberattacks, especially since EU leaders like Emmanuel Macron and Friedrich Merz claimed earlier at the Munich Security Conference that they must take action for becoming geopolitically robust given U.S.’s ambiguity towards European engagement, coupled with Russia’s growing assertiveness.

The European Union does, in fact, possess a meaningful tool that could be deployed in cases like Romania’s: its cyber sanctions framework, established in 2019 under the Cyber Diplomacy Toolbox. This instrument was used sparingly to designate individuals and entities responsible for significant cyberattacks. In the 7 years since it was established, only 17 individuals and 4 entities were sanctioned under this cyber sanctions’ framework, despite the increasing number of offensive cyber operations in Europe in the range of thousands. Given the scale and frequency of Russian-aligned cyber operations across the continent, the EU’s restraint is not strategic patience - it is negligence and an invitation for Russian-connected ransomware groups to continue offensive operations targeting European energy, telecommunications, and water infrastructure.

The EU deploying cyber sanctions more aggressively would carry more than the symbolic value of a more strategically autonomous Europe. Sanctions create costs for the adversary. They are designed to disrupt financial flows to ransomware operators who depend on the international banking infrastructure, cryptocurrency exchanges with European exposure, and front companies operating in permissive jurisdictions. Designating ransomware groups like Qilin, Gentlemen, and their known affiliates, along with the broader ecosystem of bulletproof hosting providers, money launderers, and initial access brokers that sustain them would not outline eliminate ransomware overnight. It would, however, raise the cost to ransomware groups doing business with Russia and, at the same time, send an unambiguous political signal that the EU is treating cyber operations targeting critical infrastructure as acts of aggression, not just cybercrime.

The EU must pursue these sanctions not in isolation, but as part of a broader attribution effort including member states and candidate countries. Attribution is often a hard political choice rather than a technical operation, and Russia is actively exploiting the EU’s difficulty in making hard political decisions. The evidentiary threshold for sanctions does not require the certainty of a criminal conviction. The standard is reasonable grounds, and between national cyber agencies, Europol, ENISA, and intelligence-sharing partnerships, Europe has more than enough to build credible designation cases. Formats like the recently launched trilateral cyber alliance between Romania, Moldova, and Ukraine could be used not only for sharing threat intelligence and aligning standards for cyber hygiene, but also for crystallizing broader continental support for the EU cyber sanction’s framework.

But even stronger political will may not be enough without a structural reform of the EU cyber sanctions regime. Under the current legal framework, decisions on cyber sanctions designations require unanimity in the EU Council, implying that a single member state can veto a cyber designation, however well-evidenced. This is not a theoretical problem, it’s an operational gap that Russia understands and exploits through its sympathetic EU governments, like Hungary and Slovakia. Through the advocacy of states that are in the front line of exposure to Russian hybrid warfare, the EU must pursue qualified majority voting for cyber designations.

The argument that foreign and security policy must remain unanimously agreed is understandable in contexts where member state interests genuinely diverge. Protecting European critical infrastructure from a hostile state’s hybrid operations is not one of these contexts - it should be common ground. Moving towards quality majority voting for cyber sanctions would also help speed the pace of these decisions. The EU sanctioned people for the NotPetya campaign three years after the attack, and for the Bundestag hack five years after it occurred. This delay severely dilutes the impact of the sanctions and signals Europe's weakness.

The European Union must also look inward, at the corporate negligence that makes these cyberattacks against vital infrastructure so effective. The jarring truth is that the Russian-sponsored ransomware campaigns targeting critical infrastructure succeed not primarily because of Russian sophisticated offensive capabilities, but because of poor cyber hygiene. Unpatched systems, poor identity management practices, weak network segmentation and insufficient red teaming create the perfect storm in which these ransomware gangs operate to weaken European economies. European critical infrastructure sites are not breached because operators like Qilin are sophisticated, but because the bar is low enough to clear. The EU’s NIS2 Directive, which came into force in 2023, was supposed to change this status quo. It expanded the scope of critical sectors to mandatory cybersecurity standards and tightened reporting obligations and management-level accountability. Member states, however, have been very slow to transpose NIS2 into national law and even slower to enforce it meaningfully.

The EU must advance toward a model where entities in critical sectors that suffer a significant breach face real regulatory scrutiny as a reasonable standard. Companies that cannot demonstrate minimum cyber hygiene should face graduated financial penalties and those responsible for critical systems, whether power grids, water utilities, or pipeline operators, should face enhanced obligations and more aggressive oversight.

The moment to act is not after the next power outage, the next hospital system locked down or the next election disruption. Romania’s top cybersecurity official has warned that even if the guns in Ukraine fall silent, Russia will continue to operate in cyberspace, and the European Union must be prepared to act. Preparation does not imply reinventing the wheel, but actively using the tools already on the shelf, such as the underutilized European cyber sanctions regime for whose activation Romania needed to advocate.

The legal framework exists and the dots of Russian hybrid warfare can be connected for the political establishment to deliberate and act. Europe's continued inaction against Russian-connected offensive cyber operations targeting critical infrastructure carries real costs - ones that undermine the ideal of a geopolitically robust EU and push European elites further from their stated objective of making the continent more economically competitive.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Trump Is Getting His Way in Caracas — But It’s Complicated

In 2017, Marco Rubio, then Florida’s junior senator, was assigned a Capitol Police security detail because the U.S. received unverified but alarming intelligence that Venezuelan strongman Nicolás Maduro’s feared chief enforcer was sending a hit man to assassinate him.

Today, in an epic irony, Rubio, now Secretary of State, and his boss, President Donald Trump, have turned to that same enforcer – Diosdado Cabello, whose official title is Minister of Interior, Justice, and Peace – to calm the nation in the wake of the U.S. Special Forces raid that ripped Maduro out of his bed on Jan. 3 and deposited him in a Brooklyn lockup on federal narcoterrorism charges. The administration’s aim, Rubio told Congress, is a “friendly, stable, prosperous Venezuela…objective number one was stability.” U.S. oil majors and other potential investors have told Trump and his team that they won’t return to get Venezuela's vast but neglected oil fields pumping again until the country is rid of troublemakers, from homegrown street crooks to hardline Cuban Marxists to malign players from distant shores.

“The restoration of Venezuela will not be complete without the expulsion of the Cubans, the Iranians, and by extension, Hezbollah, the Iranian’s proxy in Venezuela, as well as really curtailing the activities of the Chinese and the Russians in Venezuela,” David Shedd, formerly acting director of the Defense Intelligence Agency, told The Cipher Brief. To clear out all those dangerous characters, Shedd, a Cipher Brief expert, said that for now, the Trump team has no choice but to collaborate with Cabello and other unsavory remnants of the Maduro regime. “The levers of power still rest with people like [acting president] Delcy Rodriguez, her brother Jorge Rodriguez, who's the head of the National Assembly, along with Diosdado Cabello at the head of the intelligence services and Vladimir Padrino, head of the military,” he said. “All very corrupt individuals, all individuals that need to go eventually. However, they have the levers of power. It's within their power to do these expulsions.”

Critics will call it a deal with the devil. But so far, it’s working. Interim president Delcy Rodriguez, once a hardcore leftist idealogue, has turned out to be a survivor with a pragmatic side. Last month, she ordered Cuban security advisers and doctors out of Venezuela, according to Reuters. Last Wednesday (Mar. 18) she sacked Defense Minister Gen. Vladimir Padrino Lopez who had held that post for more than 11 years. Named for Russian revolutionary Vladimir Lenin and educated in part at Fort Benning’s School of the Americas, Padrino was indicted for narcotics trafficking in federal court in Washington, D.C. in 2019 for allegedly facilitating Colombian cocaine traffickers who were using Venezuela as a trampoline to the U.S. and Europe. The State Department is offering a $15 million reward for his arrest. If extradited to the U.S, he could make a plea deal with federal prosecutors to testify against Maduro.

Another potential witness, Colombian-Venezuelan billionaire Alex Saab, Maduro’s chief money mover, fixer and point man for dealing with Iran and Russia, may turn up in the U.S. in handcuffs soon. As Maduro’s alleged bagman, he is believed to have detailed knowledge of how the strongman looted his country’s treasury. Saab was indicted in Miami in 2019 in a DEA bribery/money laundering case that involved, among other schemes, allegedly moving $350 million in Venezuelan government funds meant for the poor to his offshore accounts. In 2020, he was detained in Cape Verde on a DEA red notice as his private plane was refueling on his way to Tehran. The following year, he was extradited to the U.S. to face charges. He denied wrongdoing. In 2023, President Joe Biden pardoned him as part of a prisoner exchange with the Maduro government. He was sent back to Caracas, where Maduro appointed him Minister of industry and National Production. Last month, according to the Miami Herald and New York Times, he was reportedly detained by Cabello’s agents working with the FBI. Negotiations are under way for his extradition to the U.S., based on a new, still-sealed indictment.

Trump rarely misses a chance to boast about the changes he has wrought in Caracas – and how they serve as his model for pressuring other nations to bend to U.S. demands. Yesterday (March 24), speaking with reporters about his efforts to change the regime in Tehran to one friendlier to U.S. interests, he gushed, “Look at Venezuela, how well that's working out! We are doing so well in Venezuela with oil and with the relationship between the president-elect [Rodriguez] and us. Maybe we find somebody like that in Iran.”

Yet Cabello, a swaggering onetime military officer who poses for photos brandishing a cartoonish spiked cudgel and patrols the streets with scowling thugs, remains in power. Back in 2017, Cabello adamantly denied a Miami Herald and CBS News report that he had initiated a “potentially grave” threat against Rubio, but the pair carried on a heated verbal duel in the news pages and social medium with Cabello calling Rubio a “fool” and “Narco Rubio,” and Rubio labeling Maduro an “unhinged dictator” and Cabello “the Pablo Escobar of Venezuela,”

Actually, Cabello is so much more. Escobar never attained public office in Colombia. Cabello has loomed large in Venezuelan power circles since as a young Army lieutenant, he joined leftist strongman Hugo Chavez in an attempted coup in 1992. When Chavez was elected to the presidency in 1998, Cabello climbed rapidly. As interior minister since 2024, Cabello has been nicknamed Diostodo, God Almighty, because he commands the police, the dreaded internal security agency SEBIN, (for Servicio Bolivariano de Inteligencia Nacional) and the colectivos, civilian militias that prowl neighborhoods, enforce regime dictates and crush dissent. He was indicted in New York in 2020 and again this year for narcoterrorism conspiracy. He has a $25 million State Department bounty on his head, second only to the $50 million bounty offered for Maduro. Since his indictment, instead of going to ground as Escobar did, Cabello has made himself a constant media presence in Caracas, using Instagram accounts and his state-run TV show, “Bringing Down the Hammer,” to promote his brand of brutality.

Cabello has repeatedly denied involvement in the international drug trade. A former Venezuelan official who tells another story is disgraced former Venezuelan general Hugo Armando Carvajal Barrios, once head of his country’s military intelligence arm, who has been indicted at least four times in the U.S. for narcotics trafficking conspiracy, starting in 2011, Carvajal was extradited from Spain in 2023, pleaded guilty last June and is now incarcerated in the U.S. while awaiting sentencing. According to documents filed in federal court, after making a plea deal, Carvajal told federal prosecutors that he was in a pivotal high-level meeting in 2008 when Venezuelan leader Hugo Chavez personally ordered Cabello to lead a project working with Colombia’s leftist FARC guerillas to “flood” the U.S. with cocaine. At the time, the guerillas were manufacturing tons of cocaine in the Colombian jungle, near the border with Venezuela and wanted to partner with the Venezuelan military, which controlled the country’s air and seaports, to move the lucrative product to market in the States and Europe. After Chavez died of cancer in 2013 and Maduro succeeded him, Carvajal claimed, according to the documents, Cabello continued to oversee FARC cocaine shipments and to provide arms to FARC.

These charges have yet to be tested in U.S. courts. Everything Carvajal says will be challenged, because he has admitted his own corrupt involvement with the FARC’s cocaine-production arm, dating back to 1999 and the early days of Chavez’ rule. Still, as head of his country’s Directorate of Military Intelligence, DIM, from 2004 to 2014, he has been in a position to know a lot about Chavez, Maduro, Cabello and other senior figures in the leftist regime. Last December, Carvajal sent a letter from federal prison charging extensive Venezuelan government involvement, not only in narcotics trafficking and organized crime but also in intelligence operations against the U.S. According to the Miami Herald, he claimed that Russian and Cuban intelligence services were using Venezuela as a forward staging base to run joint operations against the U.S. and that Venezuelan and Cuban intelligence agencies had placed spies inside the U.S. “for decades.” Allegations that Russian and Cuban spies have infiltrated the U.S. are hardly new, and it’s far from clear whether Carvajal’s charges are specific and can be corroborated. Still, given his access to regime secrets, Carvajal’s account, coupled with those of other former Venezuelan officials who want to make deals with the U.S., underscores the risky nature of the Trump administration’s decision to leave Chavez-Maduro loyalists in power, even temporarily.

None of the regime holdovers are more hazardous to Trump’s plans than Cabello, who remains uniquely positioned to make or break Trump’s vision to restore Venezuela as a welcoming place for American business, especially Big Oil, as a Feb. 12 State Department policy statement, entitled “Actions to Implement President Trump’s Vision for Venezuelan Oil,” makes plain. It declares that as in the post-Maduro era, “U.S. firms will play a critical role in repairing and upgrading Venezuela’s oil and gas infrastructure for the benefit of the Venezuelan people…With renewed cooperation and sound economic stewardship, Venezuela can reemerge as a stable, prosperous partner whose citizens benefit from its vast natural wealth and strengthened ties with the United States.”

Cabello and the colectivos he controls could interfere with that vision. According to Reuters, before the Special Forces operation to seize Maduro, the Trump team delivered a blunt message to Cabello that if he ordered his goon squads to attack opposition activists or unleash chaos, he would suffer the same fate as Maduro and wind up in a grim cell in Brooklyn. Cabello wavered briefly, according to the Miami Herald, sending voicemail messages to military officers and regime loyalists that urged, ”Let’s go to the streets, as much as we can, in the states, mobilize our people.” Then he reversed course and fell in line with the U.S. demand, posting a torrent of social media messages showing happy citizens and proclaiming that his country was stable and safe. His Valentine’s Day post boasted, There isn’t a single place in the Americas that has better security numbers than Venezuela.” By numbers, he meant the street crime rate.

But street crime was never the issue for U.S. national security experts and federal investigators, who have been far more worried about less visible threats posed by transnational organized crime, foreign terrorism, espionage and, potentially, hybrid warfare, using Venezuela as a base from which to attack U.S. physical and cyber infrastructure and other interests vital to American and regional security.

“Venezuela has essentially been run as a narco-state, or as a vast organized crime network, for the past 20 years,” Sandalio Gonzalez, who initiated the DEA’s criminal case against Maduro and his top lieutenants, told The Cipher Brief. As a DEA agent in Caracas from 2006 to 2010 and later a senior agent in the elite DEA Special Operations Division, Gonzalez and his partners started out investigating the Chavez regime’s connections with Colombia’s FARC guerillas. They thought they were pursuing a straightforward drug corruption case, but, says Gonzalez, “During the course of the next several years, we became deeply concerned that an important country like Venezuela had become allied with our adversaries. Venezuela ought to be America’s partner and ally in stabilizing and unifying our hemisphere, not advancing the anti-American and anti-democratic interests of our adversaries.”

Others in the DEA were equally alarmed. “Venezuela is sitting on the biggest oil reserves in the world, but it had become a haven for countries and movements that were against U.S. interests, such as the Russians, Chinese, and Hezbollah,” Paul Craine, DEA’s regional director for Mexico and Central America from 2013 to 2017, told The Cipher Brief. “Different terrorist elements had safe haven in Venezuela. And obviously, the Maduro regime was in direct collusion with Russia and supporting Cuba. The Venezuelan secret police are very closely aligned with the Cuban secret police.”

Once the Trump White House and Pentagon started making plans to remove Maduro, Craine, like other experts on the Latin American criminal and terrorist underground became concerned that he would be replaced by other corrupt, duplicitous figures from the Venezuelan power elite.

“You can't leave these major criminals who have blood on their hands and who have been agents of suppression to continue to be there, or be part of the government,” Craine said.

Unraveling the Caracas-Havana connection will take a while. “I recognize that it won’t be easy,” Rubio told the Senate Foreign Relations Committee in January. “I mean, look, at the end of the day we are dealing with people over there that have spent most of their lives living in a gangster paradise, so it’s not going to be like from one day to the next we’re going to have this thing turn around overnight. But I think we’re making good and decent progress.”

For the U.S. national security community, the Caracas-Beijing connection is more subtle and even more important over the long run. On January 2, the day before Delta Force launched into Caracas to take custody of Maduro, a Chinese delegation led by Qiu Xiaoqi, the Chinese government’s special representative for Latin American affairs, was at the Miraflores Presidential Palace, meeting with Maduro. China was getting deeply discounted oil from Venezuela, was Venezuela’s second-largest trading partner after the U.S. and was selling Venezuela billions of dollars’ worth of military equipment, according to a January 2026 report by the U.S.-China Economic and Security Review Commission.

“China is a big loser in the Maduro rendition,” said Shedd, whose new book, The Great Heist, examines China’s theft of U.S. technology and intellectual property. “China has invested nearly $5 billion over the past two-plus decades in Venezuela, primarily focusing on energy projects which under Phase 2 of the transition in Venezuela will go to U.S. oil companies with first rights of refusal. How can China not lose?”

During the Chavez and Maduro regimes, Shedd said, “China has increasingly been involved in weapons sales, back-door-enabled Huawei and ZTE telecommunications networks, and dual-use tech related sales” to Venezuela. “In addition, the PRC has had an interest in – if not an actual hand in – enabling some intelligence/security capabilities in Venezuela that help Venezuela’s security apparatus, SEBIN, spy on and disrupt the political opposition. Anything that curtails Chinese influence, which is by its nature antithetical to U.S. interests, is a good outcome.”

Rubio has insisted it would be physically impossible for the U.S. military to remove all of the allies of China, Iran, Cuba and other malign influences in one or two raids. “Land within three minutes, kick down [Maduro’s] door, grab him, put him in handcuffs, read him his rights, put him in a helicopter and leave the country without losing any American or any American assets – that’s not an easy mission,” Rubio said on Face the Nation last January. “And you’re asking me why didn’t we do that in five other places at the same time? I mean, that’s absurd.”

Since that time, Washington has not demanded that Rodríguez hand over Cabello, Padrino López and other current and former senior officials indicted in the U.S. and instead has pressed Rodriguez for a more gradual transition, removing potential troublemakers from power one by one. According to the Miami Herald. Cabello has tried to stave off his own exit from power by leveraging his influence as a security insider and by asking for a guarantee that the popular opposition leader María Corina Machado won’t return to Venezuela. His eventual fate is a subject of intense speculation, but facts are scarce.

So far, the Trump administration appears to be running a charm offensive. Trump regularly praises Rodriguez and says he wants to visit Caracas at some future date. Meanwhile, the administration has dispatched a steady stream of senior American officials to get to know Rodriguez and other Venezuelan holdovers still in power, impress them with Washington’s seriousness of purpose and, as the fictional Michael Corleone counseled, keep them very close.

For instance, last month (Feb. 18) Marine Gen. Frank Donovan, a former special operations leader, now commander of the U.S. Southern Command, made a surprise visit to Caracas and met with Rodriguez, Cabello and Padrino Lopez, before he was removed. The agenda, according to Rodriguez’ X feed, was predictable, if ironic – drug trafficking, terrorism and migration, covering all the bad acts federal prosecutors and Trump have attributed to Maduro and his cronies.

In an interview with The Cipher Brief, Renee Novakoff, a former deputy director of intelligence for sensitive activities and programs at the Pentagon, described Donovan’s visit as “a historic event, even if it was a confusing one.”

“The U.S. military just forcefully removed the country's President and U.S. officials met with indicted criminals to discuss cooperation on the issues they are indicted for and for which their President is awaiting trial in the U.S.,” Novakoff said. “The U.S. continues to sink drug trafficking boats, killing those on board. The Venezuelans are saying that diplomacy is the right way forward but ....is this diplomacy or is it continued pressure on Venezuela? Usually, the first trip by the COCOM Commander is to a partner nation. The actions and the words are perplexing."

Yesterday (March 23), apparently undaunted by the deepening U.S. presence, Cabello led a protest march through the streets of Caracas, defiantly demanding an end to U.S. sanctions and restoration of some socialist policies. According to Spanish-language news reports, he promised, “We will return to the highest wage system in America. We will return to an education with everyone; we will give quality of life to Venezuelans."

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

While Washington Looks to Iran, Putin Gains Ground

OPINION - After the joint U.S. - Israeli strikes against Iran’s nuclear program last June and after the spectacular raid that resulted in the capture of Venezuelan dictator Nicolas Maduro, U.S. President Donald Trump must have begun to feel like the ruler of the world.

“For he was ruler of the world and he knew not what to do. But he would think of something.”

—Arthur C. Clarke, 2001: A Space Odyssey

He then thought of something to do: unite again with Israel and finish the job with Iran. This time, the end result is not yet clear and the result could end up looking a lot more like Iraq than Venezuela.

It’s not that the Iranian regime didn’t have it coming. The heinous regime led by Ayatollah Khamenei has been the sponsor of terrorism and regional instability in the Middle East for decades. The leadership of the Islamic Republic of Iran was unrepentantly hostile to the U.S. and Israel, the latter a target of Iran for extermination. It also had a program intent on developing a nuclear weapon, despite Iranian statements to the contrary.

It is also well and good that Maduro is in prison in the U.S. and Iran’s capability to build a nuclear weapon and engage in regional and global terrorism is being diminished and perhaps ultimately eliminated. But the opportunity cost of this is significant in that the operation against Iran has diverted resources that could have been available to support Ukraine, which is effectively, the front line of the defense of Europe and the main bulwark against the expansionist ambitions of the man at the center of a global effort against the U.S. and the West.

The reality is that the other presumed ruler of the world - at least in his own mind - Russian President Vladimir Putin - is seeing his world get smaller and smaller. The system of alliances he so carefully nurtured as he tried to re-claim for Russia a place at the rank of superpower, has shrunk materially. This alliance was given the ambitious label of the “Axis of Resistance.”

The authors of that label were apparently not too familiar with the fate of the last major “Axis,” Germany, Italy, and Japan. The fate of some members of the current axis has already been decided, with Syria’s Assad in exile in Moscow, Ayatollah Khamenei deceased, and the Islamic Republic under concentrated assault from the U.S. and Israel. Putin and Russia embarrassingly, remain on the sidelines.

In addition to the strategic setbacks Putin’s Ukraine invasion has caused the Russian Federation, (Sweden and Finland joining NATO and that organization having been given new purpose and vision) the invasion has cost Russia a staggering number of casualties estimated by some at approaching 1.5 million soldiers killed, wounded, captured or missing. An example of which is the reportedly 8,700 casualties last week alone as the price of capturing roughly 28 kilometers of Ukrainian territory.

These losses are the early cost of Russia’s Spring-Summer offensive which is expected to include mobilized troops as Putin is no longer able to buy enough volunteers to fill the depleted ranks of the Russian army.

For its part, Ukraine seems to be militarily holding its own, even recapturing some territory during counteroffensives in southern Ukraine as well as continuing to demonstrate the ability through missile or drone attacks to strike military and economic targets deep in the territory of the Russian Federation.

There is increasing evidence that things on the domestic front are becoming more difficult for the “moth” as Putin is quietly and derisively called in some circles in Russia. Russia has had to resort to conscription on a year round system and has significantly increased the penalties for draft evasion and although Russian law prevents the deployment of untrained conscripts to war zones, draftees are pressured to sign contracts for service in Ukraine.

Closer to Moscow, another Russian general, this time a commander of the Russian Air Force, Sergei Kobylash, died after falling out of a window in early 2026. His was the latest in a series of mysterious deaths of senior Russian military officers in recent years. Also to be noted, is the shooting in Moscow of the Deputy Head of Russian military intelligence (GRU) Lt. Gen. Vladimir Alekseyev in a residential building in Moscow.

Alekseyev was allegedly involved in the attack on Sergei Skripal in the UK and he was one of the officials who negotiated with Yevgeny Prigozhin after the latter’s Wagner Group mutiny. If you are a senior Russian military official, one would think you would be starting to wonder about the direction your President is taking your country or, more personally, if you will be the next to fall out of a window or be shot when leaving your apartment building.

If there is going to be regime change in Russia, it likely needs to come from these ranks.

Even some formerly ardent supporters of Putin and his invasion of Ukraine are starting to speak out against the regime. Ilya Remesto, a well known Russian blogger, propagandist, and lawyer who was in part responsible for the persecution and conviction of Alexei Navalny, suddenly published a Telegram post titled: “Five reasons why I stopped supporting Vladimir Putin.” He has since reportedly been hospitalized at a Psychiatric Hospital in St. Petersburg. One might hope he has a room on the ground floor.

The circle of advisors around Putin was also reduced with the resignation last September of Dmitri Kozak, the Deputy Chief of Staff of the Kremlin, due to his opposition to the war in Ukraine, and the very recent retirement for health reasons, of former Minister of Defense and long time Putin associate Sergey Ivanov.

Two other recent developments of note in assessing the state of play at the center of the Kremlin: Vladimir Putin’s public appearances have been dramatically reduced in recent weeks with several absences of longer than a week having been noted. There is speculation the absences are health related but there is also increasing speculation in Russia and abroad that Putin is concerned for his own security taking extra precautions. This could be similar to Putin’s seeming paranoia during the COVID crisis.

The second is the shutting down of the internet in Moscow and elsewhere in the Russian Federation for “security reasons.” This shutdown has had meaningful economic consequences in the Moscow region and has caused understandable social discontent. A reflection of that could be the appearance on Russian state television of satires about how life is better without the internet.

Here’s my issue with where we are today. As a former Intelligence Officer, I’m seeing signals that the President of the U.S. does not seem to recognize who the guiding forces are in the global effort to undermine the U.S. politically and economically. If he did, there would be much more pressure applied to the leaders of the Axis: Vladimir Putin and Chinese President Xi Jinping.

It is the former who has taken the lead in efforts to attack the U.S. and Europe, unleashing at various times, Russian intelligence operatives to conduct assassination and sabotage operations in Europe and elsewhere, as well as cyber probing and attacks on U.S. infrastructure and election integrity.

Putin is at the very center of the web. His economy was starting to seriously feel the effects of sanctions, low oil prices and more concerted efforts to crack down on sanctions evasion and Russia’s “shadow fleet” of tankers carrying oil in violation of U.S. sanctions.

The Iran conflict has led to concerns about oil supply and a rise in the price of crude oil. Unfortunately, instead of seeking to keep the pressure on Moscow, the President decided to lift some sanctions on Russian energy, resulting in a windfall of resources for the Russian dictator which will certainly be used to support his continued aggression in Ukraine.

Kyiv, on the other hand, having survived devastating attacks against its energy infrastructure during the coldest winter in eastern Europe in decades, has stepped up to provide expertise and anti drone technology to assist the efforts by the U.S. to restore shipping through the Strait of Hormuz.

This from a country that according to the U.S. President “had no cards.” Now Ukrainian anti-drone drones are the single most effective system in place to protect vital shipping lanes from Iranian drone attacks. At the same time, there are reports that Russia is providing intelligence to assist Iran in targeting U.S. forces in the region.

The U.S. president and his national security team need to focus more energy on the real enemy and architect of the effort to undermine the U.S. and the West, Vladimir Putin. A near term first step might be rejecting Putin’s ridiculous offer to stop aiding Iran if the U.S. ceases aid to Ukraine. The president should also immediately re-impose the sanctions that were recently relaxed on Russian energy. Perhaps next, the president should message Russian elites and the Russian people about regime change. Maybe he will have better luck than he has with the Iranians. It’s certainly worth a try.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

National Security Starts at Home — Not on the Battlefield

OPINION – The current conflict with Iran highlights a longstanding, core premise that national security comes from visible instruments of power - weapons. While hard power will always be critical to national security, national security is not created by accumulated hard power. It is created by enduring internal capacity that prevents the need to rely on hard power. This enduring internal capacity is the critical but overlooked and undervalued foundation of national security.

Traditional security models are not sufficient for the world we live in today. These models - hard power, Powell Doctrine, containment, deterrence - conflate a tool with an outcome, and they rely on assumptions that no longer hold or are increasingly strained: stable institutions, a cohesive society, reliable decision-making, and political continuity. National strategy is constantly changing, which shrinks planning horizons, compresses and degrades decision making, and increases the cost to prepare for and execute new priorities. Ultimately, this environment is a reactive system, and reactive systems narrow the set of good options.

Chronically reactive systems benefit adversaries who can exploit institutional fatigue, political volatility, divided populations, and cognitive overload. Adversaries do not need to out-invest or out-build us - they only need to exploit the cracks in the foundation.

I offer an updated definition and framework for national security. First, national security is a nation’s enduring capacity to protect and advance its interests, deter and mitigate threats, and sustain power and legitimacy over time. If national security is enduring capacity, strategic continuity is significant. Repeated strategic resets, electoral and leadership transitions, and compressed decision timelines destabilize institutional readiness, shorten planning cycles, and undermine the enduring capacity and stability that national security requires.

This framework focuses on the internal capacity variables that determine whether power can be generated, sustained, and effectively applied. That enduring capacity rests on four interdependent variables:

National Security is created and sustained through decision quality, institutional performance, societal resilience, and innovation and adoption capacity. If any one of these variables degrades, overall national security capacity declines - regardless of material advantage.

NS = DQ + IP + SR + IA

DQ (Decision Quality): The ability to make sound, timely choices under stress.

IP (Institutional Performance): The ability to execute strategy consistently and adapt over time.

SR (Societal Resilience): The level of trust, cohesion, and foundational stability that prevents internal fracture from becoming an external vulnerability.

IA (Innovation & Adoption Capacity): The ability to integrate emerging technologies into functioning systems at scale.

I also want to offer a note on resilience in anticipation of an argument that these variables fall under resilience rather than national security. The government defines resilience narrowly as the ability to absorb kinetic shock. Modern competition targets cognitive stability, institutional trust, and social cohesion long before kinetic thresholds are crossed. Thus, these are core elements of a proactive, preventive national security posture as well as requirements for withstanding gray zone and kinetic action.

Decision Quality

National security is high stakes, and personal psychology and leadership determine more than we acknowledge (even within the Intelligence Community, leadership analysts are viewed as a “nice to have.”) Modern geopolitical competition and gray zone conflict require leaders and institutions to make sound choices under stress and frequently without all the data. An individual leader’s psychology and temperament – a person’s root operating system that shapes the way they view the world and approaches decision making – often determine a decision before the following two critical factors for high decision quality: objective intelligence gathering and analysis and positive leadership dynamics (including access to advisors that are experienced, encouraged to debate, and present diverse recommendations). High decision quality comes from grounded leadership, objective intelligence, and trusted advisers. If these factors are not present, decision quality degrades as options and choices are made based on faulty or incomplete intelligence, personal desires, or group think, and capability does not translate into strategic success.

Institutional Performance

Government organizations must be capable, trusted, resourced, and agile as they plan and execute strategy over time. Strong institutional performance comes from workforce stability, strategic continuity, adequate resourcing, and technology adoption capacity. Organizational psychology and leadership dynamics can have significant influence on whether an institution can execute and meet expectations. Staff need to feel secure, supported, and respected in their roles and have trust in the leadership, mission, and vision. Strategic continuity supports short- and long-term planning and reduces costs associated with constantly changing mission priorities. Resources are a core requirement to ensure organizations can execute, and technology adoption can drastically optimize organizational performance.

Institutional performance also affects societal resilience. People need to believe government institutions are capable, responsive, and supportive of their needs. Without responsive organizations, societal trust and cohesion erode.

Societal Resilience

“United we stand. Divided we fall.” Social cohesion, trust, and stability prevent internal division and protect the population from becoming an external vulnerability. Likewise, having a population that is well-educated and healthy with opportunities for upward mobility generates individual strength and resilience, creating stronger immunity and resistance to adversary operations. These are not social add-ons; each is a structural input into resilience, legitimacy, and institutional effectiveness. Human flourishing is a competitive advantage: nations that invest in people generate the talent, trust, and institutional capacity that innovation and ultimately power depends on.

Societal resilience is crucial in an age of cognitive warfare: propaganda, deepfakes, mis- and disinformation, information operations, and sophisticated cyber capabilities. What is the ground truth? How do people verify what they are seeing, reading, and/or hearing are true? Adversaries can create powerful narratives that can influence and bias a population against supporting its government, divide it amongst itself, or convince a population to take/not take action that directly benefits the adversary.

Can we resist influence operations; Can we maintain social cohesion under narrative pressure; Can we sustain legitimacy during prolonged competition or conflict; Can we prevent internal fracture from being exploited externally? Ultimately, trust + cohesion + opportunity = resistance to manipulation.

Innovation & Adoption Capacity

If technology cannot be integrated effectively, innovation amplifies dysfunction rather than being an advantage. Innovation and adoption capacity are longstanding challenges within the government. More investment and innovation occur in the private sector now, and public-private partnerships are critical to translating emerging technology into tangible improvements in operations and mission outcomes. However, the core challenge remains the ability to integrate emerging technologies into existing systems at scale. The rapid development and deployment of AI across the public and private sectors right now is an excellent example of a game-changing technology struggling to be adopted and implemented effectively at scale.

Innovation and adoption capacity also support decision quality, societal resilience, and institutional performance by providing tools that enhance decision making, improve the effectiveness and efficiency of our institutions, and give us the tools to identify and counter adversary activities. Technology innovation and adoption are critical to provide the US with a strategic, asymmetric technical advantage should kinetic conflict occur.

What does this new definition and framework mean for hard power and deterrence? They remain necessary but are instruments rather than the source of national security or a strategy unto themselves. Deterrence is not strictly a function of visible military capability. Deterrence is also a function of credible execution, decision coherence, institutional reliability, political and social stability, technology integration, and escalation absorption. Enduring internal capacity determines whether hard power is credible and sustainable.

Adversaries will ask: Can they sustain; Can they respond coherently; Is their society stable; Will political volatility constrain action;Can they absorb escalation; For how long?

Security in the 21st century is not defined by what we can destroy. It is defined by what we can sustain. National security is not primarily created by accumulated military capability. It is created by durable internal capacity that prevents vulnerability from emerging in the first place. Hard power deters. Capacity endures.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Quiet Expansion of Trump’s War on Cartels

OPINION — “The [narco-trafficking] boat strikes [in the Caribbean and Eastern Pacific] aren't the answer. What we're moving for right now might be an extension of [Operation] Southern Spear, really a counter [narcotics] cartel campaign process that puts total systemic friction across this [drug] network.”

That was Marine Corps Gen. Francis Donovan, Commander of U.S. Southern Command (SOUTHCOM), testifying last Thursday before the Senate Armed Services Committee about the expanded Trump military campaign against Western Hemisphere drug cartels.

With most public attention focused on the Iran War, I decided to look at this hearing, which also received testimony from Air Force Gen. Gregory Guillot, Commander of U.S. Northern Command (NORTHCOM), who, as I will discuss below, made clear that talks are moving ahead with Greenland and Denmark and that there was little behind President Trump’s talk of invading that Arctic island.

Just months ago, the Trump administration’s repeated destruction of narco-trafficking boats and Presidential talk of taking Greenland were front page stories, causing Americans to wonder where the President was taking the country militarily, particularly after the initial one-day June 2025 bombing of Iran nuclear sites and the later January 2026 successful seizure of Venezuelan President Nicolas Maduro.

Trump’s military action appetite has clearly grown so I believe it worth using last week’s testimony to see where his earlier efforts have led.

Since September 2, 2025, when Trump first told reporters about the initial strike against a narco-trafficking boat and later published a dramatic video of the operation on Truth Social, there have been 45 more such attacks in the Caribbean and Eastern Pacific along with the killing of 159 individuals whom Trump or his officials have described as terrorists or narco-traffickers.

Last week, after Gen. Donovan told the Senators directly, “The boat strikes aren't the answer,” he later referred to creation of what has been called the Americas Counter Cartel Coalition or the Shield of the Americas.

Donovan described it as 17 Western Hemisphere countries along with the U.S. establishing on March 7. what he called “a coalition that will have a military aspect to it. When I say military, it's really partners that are willing to join with us to move forward against the cartels with different degrees based on what they can bring.”

In his prepared statement for the committee, Donovan described how the U.S. Embassy in Bogota, Colombia, has what is called an Embassy Intelligence Fusion Cell which, in partnership with Colombian officials, works to stop drugs “by committing airborne ISR [intelligence surveillance and reconnaissance] and fostering a holistic intelligence sharing effort. We [the U.S.] provide timely, critical information on cocaine labs, production and departure zones, and top FTO [foreign terrorist organization] leaders to enable Colombian security forces to take action.”

In answering a Senator’s question, Donovan said, “We just recently established an Ecuador fusion cell and with the Ecuadorian minister of defense, because they are leading the way.”

The SOUTHCOM Commander did not mention to the Senators that earlier this month he and Rear Admiral Mark A. Schafer, head of U.S. Special Operations-South, visited Quito and held talks with Ecuadorian President Daniel Noboa. The Ecuadorian president's office said in a statement that the three discussed plans for the sharing of information and operational coordination at airports and seaports.

Along with Ecuador, Donovan said, “The other nation that is really is stepping forward is Paraguay.” He said it recently signed a SOFA (status of forces) agreement with the United States which allows us to operate much more closely together with FMS (foreign military sales) of radars coming down it will increase the air domain awareness in Paraguay.

At one point Donovan said of the Americas Counter Cartel Coalition, “Putting that together, I believe actually kinetic [boat] strikes will be one of the many tools and probably not the most effective tool when we actually look at it as more of a campaign approach.”

One matter raised several times during the hearing focused on questions about the legality of the military killing of persons as alleged narco-traffickers without any trial or proof they in fact are traffickers.

Donovan more than once said he could talk about the intelligence involved in a closed session. But when asked about the targeting criteria to approve strikes in international waters Donovan replied they are using “near reasonable certainty, reasonable certainty, near certainty to make the final decision.”

Sen. Tammy Duckworth (D-Ill.), however, raised questions about terms used to by the Trump administration to describe those on the boats. She asked at one point, “What guidance have you received or issued for how to treat associates of a group differently from a confirmed direct member of a group?”

Her question implied that among those being killed are individuals “associated” with a drug cartel and she further pointed out “the administration in their legal justifications are calling these folks associates, but it's different from being a confirmed direct member of a group.”

In answering, Donovan further complicated the situation by saying, “We have a definition of affiliates tied to that classified definition. In a closed setting. I would like to share word-for-word what that definition is, Senator.”

Duckworth responded, “I'm concerned about the looseness of the term that SOUTHCOM has been using to publicly to report an individual we killed, specifically affiliate or associate. Those are the two words that were used, which implies an even weaker association with any concerning threat.”

Just before the session closed, Sen. Jack Reed (D-R.I.), ranking Democrat on the committee, raised questions about the “exords” related to the boat attacks, meaning the execute orders to initiate the military action.

Reed said, “There is a legal requirement for the [Defense] Department to provide those exords to the committee which you [Committee Chairman Sen. Roger Wicker (R-Miss.)] and I have requested multiple times…The [Defense] Secretary [Pete Hegseth] has not fulfilled this legal requirement and your testimony General Donovan further confirms in my mind that we need these documents to understand and oversee. That's our role -- oversee these operations.”

The takeover of Cuba has been on President Trump’s mind for some time. Most recently, during an Oval Office meeting March 17, he told reporters, “We'll be doing something with Cuba very soon." A day earlier, the President talked of "taking Cuba in some form," adding, “Whether I free it, take it, I think I could do anything I want with it."

Donovan, asked, “Are we currently conducting any military rehearsals that involve seizing, occupying, or otherwise asserting control over Cuba?” replied, “U.S. Southern Command is not,” and he added he knew of no other command that was.

To a subsequent question of seizing Cuba, Donovan said, “The number of forces required, we have general ideas, but the focus right now is purely on securing Guantanamo Bay and the U.S. embassy to protect American personnel. That is the only facts and figures and planning we have underway at this time.”

As for Greenland and Denmark, NORTHCOM’s Gen. Guillot said, they both had been “very cooperative… very eager to discuss ways to move forward to improve our defense capabilities.”

He said, “We are pursuing with Denmark expansion on the defense areas which are allowed under the 1951 agreement…We don't really need a new treaty. It's very comprehensive and it and it's frankly very favorable to our operations or potential operations in Greenland.

One area Guillot mentioned was expanding “the [Greenland] defense areas from Pituffik Space Force Base, where we are now, into these other areas, which would help our homeland defense mission.”

He added that the Pentagon “challenges in the Arctic start with…ports and the ability to navigate freely through the harsh conditions of the Arctic both in maritime, land and air. So I'm working with our department and others to try to develop more [sea]ports, more airfields which leads to more options for our [Defense Department] secretary and for the President should we need them up in the Arctic…that is from Alaska all the way across through Canada and into Greenland.”

Guillot said he specifically wanted “the resources and the force projection capability along that avenue of approach to North America [from Russia], which you know through the Arctic is the shortest route. So therefore, in many ways our most vulnerable route. We're very well established in Canada and Alaska and having more capability along what I call the 2:00 [o’clock] approach would be key.”

He also said, referring to Trump’s Golden Dome missile defense proposal, “the ability to launch fighters and tankers to get be the first line of defense against cruise missiles that could be launched from the Arctic [part of Greenland].” Also, Guillot mentioned, “Port presence for our our Navy, which also gives us [logistic support for] Golden Dome and [therefore] ballistic missile defense capability.”

Trump apparently was never serious about seizing Greenland; his war on Western Hemisphere drug cartels is a work in progress, as is Venezuela, although the capture of Maduro was a well-carried out special operation.

Common to the above Trump actions has been surprise, and lack of preparing the public or Congress for what was going to take place.

Attacking Iran was and has become a much bigger and more dangerous move, and as we have seen -- again undertaken without preparing the public or Congress and in this case paying attention to its worldwide economic and diplomatic longer-term implications.

Trump will pay a domestic political price for Iran, but so will the U.S. when it comes to continued world leadership.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

When Deepfakes Become Doctrine

OPINION — Since U.S. and Israeli strikes began against Iranian military and nuclear infrastructure in late February, two wars have been running simultaneously. One is kinetic. The other involves something the world has not fully reckoned with: the systematic use of artificial intelligence to manufacture reality, at scale, in real time, during active armed conflict.

Within days of the opening strikes, AI-generated video of missile impacts on the USS Abraham Lincoln was spreading across TikTok. Fabricated footage of downed U.S. fighter jets circulated on Facebook and Instagram. Tehran Times published what appeared to be satellite imagery of a U.S. radar base in Qatar showing structural damage from the strikes. BBC Verify confirmed the image was AI-generated, built from genuine satellite data of a different location and manipulated using Google AI tools. None of it was real. All of it spread.

The social media intelligence firm Cyabra documented more than 145 million views of Iranian-linked disinformation content in under two weeks. The New York Times identified over 110 unique deepfakes promoting pro-Iran narratives in the same window. These are not the crude influence operations of a decade ago. They are the product of an adversary that has been building this capability methodically and has now deployed it at wartime scale.

Understanding why this matters requires a short detour through what Iranian propaganda actually used to look like.

During the Iran-Iraq War, Tehran’s media strategy relied on radio broadcasts and print. Its efforts to persuade Iraqi Shia populations to shift allegiances were largely unsuccessful. Limited reach, poor targeting, no feedback loop. During the 1991 Gulf War, Iraq’s disinformation was described by scholars as extreme exaggerations easily ridiculed in the Western press. Baghdad claimed it had shot down dozens of allied aircraft. The press verified it had not. That was the cycle.

The digital era brought sock puppets and recycled footage. These operations required significant human labor and were detectable with basic verification tools. An account posting video from the 2015 Syrian conflict while presenting it as something current could be caught by reverse image search in minutes. The barrier to debunking was low.

December 2023 marked the first real break. Iran’s IRGC-linked group Cotton Sandstorm hijacked streaming services in the UAE, UK, and Canada and broadcast a deepfake newscast. An AI-generated anchor delivered Tehran’s narrative on the Gaza conflict to viewers who believed they were watching legitimate news. Microsoft, analyzing the operation afterward, called it the “first Iranian influence operation where AI played a key component” and a “fast and significant expansion” of Iranian capabilities.

June 2025 accelerated the model. The European Digital Media Observatory documented the 12-day Israel-Iran conflict as “The First AI War,” the first time in a major conflict that more misinformation was created through generative AI than through traditional methods. The three most-viewed fake videos collectively amassed over 100 million views.

March 2026 builds on that precedent, at significantly greater scale, with meaningful tactical innovations added.

The first is coordinated architecture. Cyabra’s forensic analysis found tens of thousands of inauthentic accounts distributing identical AI-generated assets simultaneously across every major platform, with synchronized posting windows and coordinated hashtag clusters pointing to centralized production. And it became clear that a notable percentage of accounts amplifying the campaign were inauthentic. The content was not organic. It was engineered.

The second is what journalist Craig Silverman has called “forensic cosplay”: the fabrication of technical-looking verification tools designed to discredit authentic evidence. In one documented case, fabricated heatmap visualizations were deployed to label photographs taken by credentialed photojournalists at a strike site in eastern Tehran as AI-generated. AI forensics experts who reviewed the heatmaps found them semantically incoherent. The thread nonetheless reached hundreds of thousands of views before corrections could follow. In a second case, a fake “Empirical Research and Forecasting Institute” published fabricated Error Level Analysis of a New York Times photograph, conducting the analysis on a screenshot of an Instagram post rather than the original image. That methodological error renders the output meaningless. The false conclusion still attracted over 600,000 views on X.

This is a different category of operation from making false things look real. It is making real things look false. The verification infrastructure itself becomes the target.

The third element is the amplification model. Iran does not operate alone. The Foundation for Defense of Democracies documented what it calls an “authoritarian media playbook” in which Russian bot networks launder Iranian content while Chinese state-aligned media echoes anti-U.S. narratives. No centralized coordination is required. Each actor pursues its own anti-Western objectives, and the compounding effect across the global information environment far exceeds what any single actor could achieve independently. In June 2025, Cyabra documented an Iranian bot network in the UK that had been spreading pro-Scottish independence and anti-Brexit content. It went completely silent for sixteen days following the military strikes on Iran, then returned with explicitly pro-Iran messaging. State-directed, clearly. Deniable, carefully.

What is most consequential here is not the volume of Iranian deepfakes. It is the underlying strategic logic of what they are designed to accomplish.

Traditional propaganda is built to persuade audiences toward specific false beliefs. Iranian AI operations in this conflict appear calibrated to achieve something more durable: the destruction of the shared evidentiary foundation that makes accountability possible at all. When any image can plausibly be AI-generated, when forensic tools can be fabricated, and when platforms cannot distinguish authentic from synthetic at scale, the machinery of verification collapses. You do not need to win arguments about what happened. You only need audiences to conclude that nothing can be known.

Law scholars Danielle Citron and Robert Chesney named this the “Liar’s Dividend” in 2018: as deepfake awareness grows, actors gain the ability to dismiss genuine evidence as fabricated. Empirical research published in the American Political Science Review in 2025 confirmed the hypothesis. False claims of misinformation do generate statistically significant increases in public support for political actors facing accountability. This was largely centered on text-based scandals at the time, and with the dramatic improvements in synthetic images and video since that time, one can speculate that a similar effect plays out today on our screens. Iran has operationalized this principle. By circulating enough obviously synthetic content to seed generalized skepticism, it creates cover for dismissing authentic documentation of what actually occurred.

That logic runs in two directions at the same time. Abroad, Iran deploys deepfakes to project military capability and deny accountability for strikes it conducts. At home, the same operation insulates the regime from documentation of its own conduct toward its citizens. Internet connectivity in Iran fell to approximately one percent of normal levels by early March, per NetBlocks. That near blackout creates an information vacuum. Deepfakes and fabricated forensic analysis fill that vacuum while simultaneously rendering authentic protest documentation dismissible as synthetic. The regime does not need to suppress every image from the January crackdown. It only needs to ensure that any image is plausibly deniable.

At the same time, detection has not kept pace. Danny Citrinowicz, a senior researcher at Tel Aviv University’s Institute for National Security Studies, stated this January: “There is no ability today to systematically identify AI-driven influence campaigns.” Meta’s Oversight Board formally ruled its deepfake detection “not robust or comprehensive enough” for the velocity of misinformation during armed conflicts. The EU AI Act’s labeling requirements for AI-generated content do not become enforceable until August 2026. This conflict began months before that.

The U.S. is in the middle of restructuring how it organizes the counter-influence mission. The debate over the appropriate scope of that work (including concerns about whether some previous approaches crossed into domestic speech territory) has been sincere, and it crosses political lines. And the debate is important, as we navigate delicate issues that will test the boundaries of free speech. But the timing is important as well. A new institutional architecture for this important mission is still being designed. And Iran’s campaign is not pausing while the debates continue.

Wherever U.S. policy lands on the question of combatting disinformation and deepfakes, three things will be true about this conflict when it is eventually analyzed in full.

The primary strategic objective of Iran’s information campaign is epistemic disruption, the deliberate degradation of the audience’s capacity to form reliable beliefs, not persuasion toward specific false conclusions. That is a materially different problem from countering traditional propaganda, and it requires different institutional responses.

The Russia-China-Iran amplification model is a template, not an anomaly. Future conflicts involving any permutation of those actors, or their proxies, will employ variants of this architecture. Convergent anti-Western interests are sufficient to drive convergent behavior. Coordination is optional.

Detection tools are now themselves a weapons category. The fabrication of forensic verification tools to discredit authentic evidence represents a qualitative escalation. Provenance infrastructure, not detection algorithms alone, will be required to address it.

The gap between adversary capability and institutional response is real and measurable. Deepfake incidents through Q1 2025 had already exceeded all of 2024’s total. Bot traffic surpassed human web activity at 51 percent. The information environment is, in a measurable sense, majority-synthetic. Building the cognitive security architecture to operate in that environment is not a platform moderation problem. It is a national security imperative, and it deserves to be treated as one.

Views expressed here are the author’s alone and do not represent the positions or policies of the U.S. Government or the Central Intelligence Agency.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

NATO’s Fractures Are Not Its End

OPINION — For much of its history, the North Atlantic Treaty Organization (NATO) has been portrayed as a unified military bloc bound by common values and collective defense. In reality, NATO has always been closer to a pragmatic partnership, an alliance shaped as much by disagreement and national interests as by solidarity. While current headlines suggest an alliance on the brink, NATO’s history reveals that institutional friction is not a sign of failure, but the very mechanism of its adaptation.

Arguments over defense spending, doubts about American commitment, and diverging political priorities across the Atlantic are causing some leaders to question whether NATO is nearing its end. History suggests otherwise. NATO has repeatedly endured crises that appeared existential at the time, only to adapt and continue. Recent tensions are more likely an indicator that the alliance is continuing to evolve, moving away from a post-Cold War era of European reliance on American protection toward a more balanced, albeit tense, partnership necessitated by a volatile international environment.

The lesson is simple: NATO still has a role to play, but sustaining it will require renewed commitment and investment on both sides of the Atlantic. NATO’s endurance rests less on shared sentiment and more on the reality that, in an increasingly dangerous world, the cost of fragmentation far outweighs the burden of disagreement.

Europe’s Strategic Complacency

While NATO has historically utilized institutional friction as a mechanism for adaptation, the current era of Strategic Complacency presents a unique challenge to this pattern of survival. For decades following the Cold War, European allies operated under a security guarantor model, drastically shrinking defense budgets under the assumption of indefinite American protection. This was clearly illustrated by Sweden’s transition from a global air power to a scaled-down posture.

This reliance has not only diminished American patience but has resulted in a fragmented industrial base ill-equipped for the high-intensity conflicts exposed by the war in Ukraine. The pragmatic partnership described at the alliance's outset is now being tested by a critical gap: while the diplomatic victory of a 5% GDP spending target has been established, the actual pace of military modernization and investment continues to lag behind a rapidly deteriorating threat environment.

Washington has increasingly grown less interested in the alliance. Efforts to reshape defense commitments have been impacted by disputes with countries such as Poland (over the Nobel Prize), Denmark (over Greenland), and most recently President Trump’s comments on the lack of NATO support for Iran.

These tensions are not new. NATO defense spending has declined since the 1960s, throughout the Cold War. After the Soviet Union collapsed, many European states dramatically reduced their military capabilities. Even traditionally neutral countries followed this trend. Sweden, for example, once maintained the world 4th largest Air Force but gradually scaled down its defense posture.

The United States also adjusted its military spending over time affected by conflicts such as the Vietnam War and the Global War on Terror, but defense spending cuts stabilized around 3-4 percent of GDP. American pressure led allies to commit to an increase of each country's defense spending to 5%, but this victory was hard won.

An illprepared alliance

Security officials in several European countries, including Estonia and Sweden, warn that the threat environment is changing rapidly and that a confrontation with Russia could occur within the coming years. Such warnings have not yet translated into rapid military investment. Defense spending remains politically sensitive in many democracies, and elections could reverse recent commitments.

Perhaps more concerning than defense budgets is the slow pace of military adaptation. Recent conflicts have reshaped modern warfare through the widespread use of drones, autonomous systems, long-range missiles, and electronic warfare. Recent exercises between Ukraine and NATO forces shows that NATO is not learning and modernizing fast enough. Sweeping doctrinal reforms or procurement changes are needed, with less focus on traditional concepts or local manufacturing. While spending is the cornerstone of modernization, a mindset shift is arguably more critical.

NATO Has Faced Worse

If today’s disagreements appear alarming, they are far from unprecedented. NATO’s history is filled with crises that once seemed capable of breaking the alliance.

In 1952, NATO expanded to include two long-standing rivals: Türkiye and Greece. Their membership strengthened the alliance’s southern flank but did not resolve their tensions. Those tensions erupted during the Cyprus crisis of 1974, when a coup attempted to unite Cyprus with Greece. Türkiye responded with a military intervention. The crisis prompted Greece to withdraw from NATO’s integrated military command structure, though it remained politically within the alliance until returning in 1980.

Another major shock came during the 1956 Suez Crisis, when Britain and France launched a military operation against Egypt after the nationalization of the Suez Canal. The United States opposed the invasion and used economic and diplomatic pressure to force its allies to withdraw, exposing deep divisions within the alliance.

France further complicated NATO politics in 1966 when President Charles de Gaulle withdrew the country from NATO’s integrated military command, insisting on sovereignty over French forces. France did not fully reintegrate until 2009.

Later disputes emerged during the Vietnam War, which many European governments believed diverted American attention from Europe’s security. Another rupture came in 2003 when the U.S.-led invasion of Iraq divided the alliance politically, with Germany and France strongly opposing the operation.

Under the new administration the Greenland Crisis was the first time NATO saw a United States president threaten a NATO ally over land, and more diplomatic work is needed to regain trust. The war with Iran has shown a mixed reaction by NATO allies, ranging from tardiness, refusing US access to airforce bases, but also cautious support.

Signs of Renewal

Despite disagreements, there are reasons for cautious optimism.

The war in Ukraine has served as a wake-up call causing European governments to recognize that the strategic environment has changed. Europe relies heavily on American technology and industrial capacity, but defense spending across the continent is rising and several countries are rebuilding capabilities and innovation hubs.

To be clear, the NATO alliance is symbiotic: a strong, capable NATO benefits America as much as Europe. The NATO Secretary General provided a pragmatic assessment of this interdependence during his remarks at the World Economic Forum in Davos.

One possible indicator is the fact that NATO is expanding. Finland joined the alliance in 2023 after decades of neutrality, dramatically extending NATO’s border with Russia. Sweden’s problematic relationship with NATO did not prevent it from joining in 2024 after a lengthy political process, strengthening NATO’s northern flank.

Parallel Alliances

Europe is also exploring additional security arrangements alongside NATO.

The European Union’s President von der Leyen held a speech that described a more formal defense role for the Union, including deeper military coordination among member states. Regional partnerships are emerging. The Joint Expeditionary Force, including the United Kingdom, Netherlands and Nordic and Baltic countries, is designed to deploy forces rapidly during crises. Another potential is a Nordic Plus alliance, built around protection of Finland's eastern border.

Other alliances are created in the European hemisphere. Since 2010 Israel, Cyprus and Greece have entered an alliance that was reaffirmed in 2025, focused on joint Mediterranean security.

There are also discussions about expanding nuclear deterrence arrangements within Europe. Germany and France are exploring deeper cooperation, while Poland has expressed interest in hosting U.S. nuclear weapons as part of NATO’s deterrence framework.

The most capable potential partner is Ukraine. Years of intense warfare have produced the most experienced European Army, particularly in areas such as drone warfare and air defense, capable of supporting current US operations in the Middle East and potentially in the Pacific. In fact, Ukraine’s offer of air defense support has inspired foreign policy experts, namely Admiral (Retired) Mark Montgomery, to refer to them as a “Model Ally.”

A Durable Alliance

NATO’s history proves it is a 'pragmatic partnership' born of necessity, not a social club built on shared sentiment. Its future will not be defined by the absence of disagreement, but by the ability of its members to trade 'strategic complacency' for a balanced, symbiotic burden-sharing. If Europe can transition from a protected ward to a modernized, innovative partner—exemplified by the battle-hardened experience of new and potential allies like Sweden and Ukraine—the alliance will do what it has always done: outlast the crises that were meant to break it.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Zelensky Plays His Hand

As Iran’s explosive-laden drones wreak havoc in the Persian Gulf and beyond, a wartime leader in another part of the world says he can help.

“What is happening around Iran today is not a faraway war for us because of the cooperation between Russia and Iran,” Ukrainian President Volodymyr Zelensky said in London last week. “And we do not believe we have the right to be indifferent.”

Zelensky has offered counter-drone weapons and technical knowledge to the U.S. and its allies in the Middle East and he has already dispatched more than 200 Ukrainian military experts to the region to help defend against Iran’s drone attacks.

“We are working with several other countries - agreements are already in place,” Zelensky said, noting that Ukraine’s counter-drone weapons were “far more cost effective” than the interceptors that Gulf states are using. “We do not want this terror of the Iranian regime against its neighbors to succeed.”

It’s a notable offer from a leader still fighting a war of his own. It’s also a logical and strategic play: Zelensky is seeking to leverage Ukraine’s hard-won expertise and defense capabilities to curry favor and get more support in return.

“The Ukrainians are offering to be part of the solution here,” Lt. Gen. Ben Hodges (Ret.), a former commander of U.S. Army Europe, told The Cipher Brief. “And it shows that the Russian narrative – that Russian victory is inevitable – is clearly not the case. If Ukraine is willing and able to export expertise and capability to help the Gulf states, that undermines the narrative that somehow the Ukrainians are on the verge of collapse.”

As the Iranian strikes continue – its drones hit critical oil infrastructure in three Gulf countries last week – some of the world’s richest nations are taking Ukraine up on its offer. It’s a turning of the tables that illustrates Ukraine’s evolution from battered nation to a defense technology juggernaut.

“It's a very generous offer from Ukraine to offer aid while they themselves remain under daily attack,” Kori Schake, Director of Foreign and Defense Policy at the American Enterprise Institute, told The Cipher Brief. “It's also a demonstration that Ukraine wants to contribute to the security of partner states and not just receive help.”

Iran’s drone war

While the U.S. and Israel say they have decimated Iran’s ballistic missile capability, Iranian drones continue to threaten U.S. military installations, Gulf oil facilities and critical shipping lanes.

Iran has launched more than 3,000 drones since the war began. Its Shahed drones were used in attacks on the U.S. embassies in Iraq and Saudi Arabia, and in a strike that killed six U.S. service members in Kuwait. Last week, Iranian drones damaged oil infrastructure in Qatar, Kuwait, Saudi Arabia and the United Arab Emirates, and struck two vessels in the Persian Gulf.

“They’ve hit oil and gas infrastructure, they’ve hit hotels, they’ve hit embassies, they went after a data center,” Stacie Pettyjohn, Director of the Defense Program at the Center for a New American Security, told The Cipher Brief. “They’re attacking the premise of these states’ economies, which are built on trying to attract investment and infrastructure to the region.”

Experts are divided as to how long Iran can sustain its drone operations. Prewar estimates of Iran’s drone arsenal ranged from several thousand to as many as 80,000. Gen. Dan Caine, chairman of the Joint Chiefs of Staff, told reporters on March 10 that Iranian launches of “one-way attack drones have decreased 83 percent since the beginning of the operation,” but analysts say that doesn’t mean the arsenal itself has been heavily degraded.

“Treating that change in behavior as evidence that Iran’s drone capacity has been destroyed risks creating a misleading picture of how much of the threat has actually been eliminated,” Kelly Grieco, a senior fellow with the Reimagining U.S. Grand Strategy Program at the Stimson Center recently wrote. She said the drop in cadence might reflect a “tactical recalibration,” during which Iran is stockpiling and strategizing for future attacks.

“Moscow is reportedly sharing with Tehran drone tactics developed in Ukraine, including coordinated routing strategies designed to evade air defenses, as well as overhead satellite imagery to improve targeting,” Grieco said. “Tehran could be using this time to learn, adapt, and refine its strategy and tactics.”

Whatever the case, it’s clear that Iran can cause havoc for the region and the global economy with even a low rate of drone strikes. And the economic advantages of Iran’s drone warfare are clear; a single Shahed-136 costs between $20,000 and $50,000, and while the U.S. and its allies in the region possess some of the world’s most sophisticated air defense technologies – in particular the THAAD and Patriot systems – those are expensive interceptors designed to take out ballistic missiles. A single Patriot PAC-3 MSE, which Persian Gulf states have used against Iran’s Shaheds, costs approximately $3.8 million.

“You absolutely do not want to be using a Patriot interceptor against a Shahed drone,” Lt. Gen. Hodges said. “The Patriot cannot be the only means of defending…You save your Patriot for a ballistic missile.”

Ukraine’s “Shahed-killer”

Since the early days of its full-scale war against Ukraine, Russia has used Iranian Shahed drones to devastating effect, and manufactured its own version of the Shahed with Iranian help. Russia often launches hundreds of these drones at Ukrainian territory in a single day.

The necessity to survive has sparked Ukraine’s rapid pace of military innovation – including the development of an unparalleled ability to counter Shahed drones. Ukraine now produces a range of systems that have knocked Shaheds out of the sky at a high rate, and are much cheaper than other missile interceptors; many of the Ukrainian models cost between $1,000 and $2,000 apiece.

“Innovation happens when militaries have urgent problems to solve,” the AEI’s Schake said. “Ukraine is fighting for its life, and they've done a brilliant job of developing a domestic defense industry when we failed to give them weapons of the abilities and numbers they need. We're lagging behind because we haven't directed our defense industry with urgency.”

There are more than a dozen Ukrainian counter-drone systems, including the Merops, a high-end model funded in part by former Google CEO Eric Schmidt that includes AI-driven autonomy and comes at a higher price than the others – $15,000, still vastly cheaper than a Patriot missile.

“They’re just different ways of shooting drones out of the sky that are cheaper than the really expensive missiles,” Pettyjohn said of the Ukraine-made interceptors. “And they all afford you protection.”

Perhaps the best-known of these systems is the “Sting” interceptor drone, developed by the Ukrainian manufacturer Wild Hornets. The Sting is a high-speed FPV interceptor drone designed specifically to hunt and destroy the Shaheds in flight, and it has earned a reputation embedded in its nickname: “Shahed-killer.”

“They're working incredibly well in Ukraine, where the adaptation cycle is measured in weeks, which speaks to their great value,” Schake said. “As high-end U.S. air defenses begin to get scarce, they'll be incredibly valuable.”

Ukraine plays its card

As President Zelensky understands more than most, this isn’t just about Ukraine showing off its successful innovation; the Iran war has handed his country a strategic opportunity – a chance to showcase and leverage a suddenly in-demand technology in its relations with the U.S. countries in the Middle East.

One week into the war, Reuters reported that the U.S. and Qatar were in early-stage talks to acquire Ukrainian interceptor drones as a cheap alternative to its Patriot missiles. Another Ukrainian delegation traveled to Abu Dhabi, and Zelensky confirmed that the U.S. had asked Kyiv for "specific support" to defend against Shahed strikes against American targets in the Middle East.

“I have instructed that the necessary resources be provided and that Ukrainian specialists be present to ensure the necessary security," Zelensky said of the Qatar arrangement. He also proposed swapping Ukrainian interceptor drones for U.S. Patriots — which Kyiv has been running critically short of for months.

The U.S. interest in Ukraine’s interceptors predates the war with Iran. In late February, Pentagon officials visited Kyiv to study Ukraine’s counter-drone operations. Brig. Gen. Matt Ross, director of Joint Interagency Task Force 401, said the aim was to learn from Ukraine’s experience in beating back the Shaheds. “I did it to understand the TTPs — the tactics, techniques and procedures that they’re employing very effectively,” Ross said.

Meanwhile, Axios reported that Zelensky had offered its drone interceptors to President Trump last August – in a White House presentation that included a map of the Middle East and a suggestion that Ukraine and the U.S. collaborate to create "drone combat hubs" in Turkey, Jordan and the Persian Gulf states. The Trump administration reportedly dismissed the offer.

"Somebody decided not to buy it," an unnamed U.S. official told Axios. "If there's a tactical error or a mistake we made leading up to this [war in Iran], this was it" the official said.

A White House spokesperson dismissed that criticism, referring to the unnamed sources as “outside looking in”, adding that "Iranian retaliatory attacks are down by 90% because their ballistic missile capabilities are being totally demolished."

A strategic win for Kyiv?

Now, as Ukrainian technology and experts arrive in the Middle East, Zelensky is trying to take maximal advantage of the moment.

Beyond pitching the value of the Sting and other Ukraine-made interceptors, he has highlighted Russia’s aid to Iran – calling the two countries “brothers in hatred” – and warned that as the war in the Middle East strains U.S. missile supplies, that may create problems for Ukraine’s defense against Russia.

For all these reasons, Zelensky has asked for financial compensation and technological help from the U.S. and others in exchange for sharing Ukraine’s expertise.

“The Trump administration has been very transactional on how it approaches a lot of different countries,” Pettyjohn said. “For Ukraine, having something that the U.S. wants instead of just being a recipient and always asking for support, is an important step, and a way to show that there’s value that can flow back…They can use [the drone interceptors] as a bargaining chip to fill in some other types of support that are more critical.”

One year ago, Zelensky endured an Oval Office lecture from President Trump, including the now-infamous admonition: “You don’t have the cards.”

Last week in Kyiv, as Zelensky was pitching his drone defense technology, a journalist asked him, “Do you think Ukraine has the cards now?”

“Now everyone understands, we have them,” Zelensky replied. “It’s a good feeling. This is thanks to our soldiers, our talented people, and the many industries that we have developed since the start of the war. We have reached a high level now.”

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Iran’s Long Record of Terror and a Long-Delayed Response

OPINION – Over the years, Iran has been responsible for killing hundreds of Americans and, most recently, for the killing of thousands of Iranians. After years of futile negotiations, the U.S. – and Israel -- attacked Iran on February 28, 2026.

U. S. courts and the Intelligence Community had assessed that Iran trained, supported and approved terrorist attacks that killed hundreds of Americans and foreign nationals.

In April 1983, a suicide truck bomb destroyed the U.S. Embassy in Beirut, killing 63 people, including 17 Americans. In October 1983, two suicide truck bombs struck the U.S. Marine barracks in Beirut, killing 241 Americans and 58 French paratroopers. This is one of the deadliest terrorist attacks against U.S. forces. U.S. investigations concluded that Hezbollah, backed by Iran, were responsible.

In January 1984, the U.S. Department of State designated Iran as a state sponsor of terrorism, resulting in sanctions and a ban on defense exports and sales.

In June 1996, a massive truck bomb hit U.S. Air Force housing in Dhahran, Saudi Arabia, killing 19 U.S. service members, with hundreds injured. The U.S. said Iranian officials inspired, supported, and supervised the attackers, with a U.S. federal court ruling in 2006 that Iran financed and directed the attack and owed damages to the victims. Evidence cited the Islamic Revolutionary Guard Corps (IRGC) as the organization that trained, funded, and provided explosive training to the perpetrators.

These are a few of the more prominent cases of terrorism perpetrated against the U.S. by the government of Iran. Indeed, war as a tragic necessity could have been declared after any of these bombings, to check Iran’s savagery and suffering of the innocent.

The government of Iran brutally killed Iranian protesters in 2009, 2022 and 2026.

The 2009 Iranian election protests (the Green Movement) range from dozens to over 100 killed, with many more missing or arrested. The security forces and the Basij paramilitaries brutally cracked down on demonstrations following the re-election of Mahmoud Ahmadinejad, despite widespread support to opposition leader Mir Hossein Mousavi.

And in September 2022, Jina Mahsa Amini, a 22-year-old Kurdish-Iranian died in police custody, after being arrested for improperly wearing her head scarf. Eyewitnesses reported that she was severely beaten and died due to police brutality. This sparked mass protests, resulting in the killing of at least 476 Iranians, according to Iran Human Rights.

Amini’s death gave rise to the global “Women Life Freedom” movement in Iran.

And in February 2026, over 30,000 Iranians reportedly were killed protesting for an end to clerical rule in Iran, driven by a severe economic collapse – inflation and currency devaluation -- and widespread state repression. The IRGC and Basij reportedly took the lead in brutally responding to these demonstrations.

Since 1979, this is the Iran we have been dealing with. A state sponsor of terrorism that has killed hundreds of Americans – and others – and thousands of Iranians. An Iran that had an active nuclear weapons program until 2003, and since then has been enriching uranium at 20% or 60% purity, weeks away from the 90% purity needed for nuclear weapons. The June 2026 bombing of their nuclear sites at Natanz, Fordow and Isfahan had set their nuclear program back a few years. However, these and other nuclear sites were being reconstituted prior to the current U.S. and Israeli bombing of Iran.

And Iran’s short-range and medium-range ballistic missile programs were concerning, given their impressive capabilities – solid fuel propulsion, enhanced guidance and counter defenses with hypersonic capabilities. Progress on a long-range ballistic missile, capable of targeting Europe and the U.S. was a likely goal of Iran’s leadership.

Hopefully, the new leadership in Iran will eschew terrorism and cease supporting Lebanese Hezbollah, Yemen’s Houthi movement, Hamas and various Iraqi/Syrian militias. This would result in the lifting of international sanctions and the removal of Iran’s pariah status in the international community. The millions of dollars Iran has spent on its nuclear and missile programs should go to repairing its battered economy and providing a better life to the people of Iran.

Pope Leo XIV had expressed “deep concern” regarding the war with Iran and urged an end to the “spiral of violence”, advocating for “diplomacy to regain is role to prevent wider tragedy.” Indeed, this is a time for Pope Leo XIV to help negotiate an end to the war in Iran and help to convince the new leadership in Iran that they must protect and care for its people. Supporting international terrorism and building weapons of mass destruction are threats to regional and international stability.

The author is a former associate director of national intelligence. All statements of fact, opinion or analysis expressed are those of the author and do not reflect the official positions or views of the U.S. government. Nothing in the contents should be construed as asserting or implying U.S. government authentication of information or endorsement of the author’s views.

This article was originally published by The Washington Times and is republished here with permission.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

America’s Drone Future

OPINION — America is entering a future with millions of drones in our airspace. As the federal government works to determine how to manage what will become the most crowded skies in human history, we believe state and local governments will face significant challenges in addressing this issue, regardless of what federal authorities ultimately establish. As with most public safety incidents, the first response to drone-related events—crashes, unsafe or suspicious flights, interference with emergency operations, or calls from concerned citizens—will fall to state and local first responders.

We are both investors who have managed portfolios of UAS (Unmanned Aircraft Systems) and C-UAS (Counter-Unmanned Aircraft Systems) companies. What’s top of mind for us as we consider the challenges and opportunities this new market presents? Here are five quick thoughts from conversations we had over coffee this past weekend.

1. The Growing Gap Between Drone Proliferation and Local Airspace Awareness

The FAA estimates nearly 2 million drones could be operating in U.S. airspace within the next few years—yet the United States has no broadly available, affordable solution for comprehensive low-altitude airspace monitoring accessible to state and local governments.

Federal efforts to address this are underway. The FAA’s proposed Part 108 regulations, expected to be finalized this year, attempt to address this gap through Unmanned Traffic Management (UTM) systems and Automatic Dependent Surveillance Broadcasts (ADS-B). But existing detection capabilities remain fragmented: there is no widely adopted, comprehensive, real-time network capable of tracking drones over most of the country. Unlike traditional air traffic control, smaller low-altitude drone operations lack the management infrastructure required for safe, high-density operations. And critically, it is also worth noting that while federal regulatory frameworks may succeed in shaping the behavior of cooperative, law-abiding operators, bad actors are under no obligation to comply.

The gap is felt most acutely at the local level. For a small-town police department, limited authority, limited airspace awareness, and limited counter-drone capabilities often mean that the most law enforcement can do when a drone is operating where it shouldn't is attempt to locate the pilot and ask them to land.

The technology to do more does exist—RF sensors, acoustic systems, radar, and EO/IR cameras are all available—but deploying them at scale demands personnel, training, maintenance, and infrastructure integration. Even so-called "affordable" systems carry substantial operational burdens. For many local governments facing constrained budgets and competing priorities, procuring and sustaining such systems is simply out of reach.

We believe there is a clear and largely unmet need for affordable, scalable airspace awareness and management platforms that can be deployed for safety, security, operational visibility, and situational awareness.

2. Legal and Resource Barriers Facing Local Drone Enforcement

Local governments face significant limitations in enforcing drone regulations—and the scale of the problem is likely underestimated. For instance, hundreds of drone incursions over correctional facilities are publicly reported each year, yet most go uncontested, suggesting the true volume may be orders of magnitude higher when accounting for incidents that go unnoticed or unreported.

Most agencies simply lack the funding, trained personnel, and technical infrastructure needed to respond meaningfully to drone threats at high-risk sites. A patchwork of state-level regulations further complicates enforcement. Several states require search warrants for drone surveillance, while other aspects of drone law vary widely across jurisdictions. Costs compound these challenges—detection systems range from roughly $10,000 for basic equipment to several million dollars for advanced tracking and jamming capabilities, a spectrum that puts even entry-level solutions out of reach for many municipalities.

These converging legal, operational, and financial constraints point to a clear and underserved market across several opportunity areas we see as compelling: Counter-UAS as a Service, training and certification programs, contracted subject matter experts, automated CUAS monitoring platforms, and more. Each model offers a distinct way to address the capability gaps facing local agencies.

3. The Growing Divide Between Federal Authority and Local Capability

While state and local authorities remain resource-limited, the federal government is moving quickly to expand counter-drone authorities—highlighting what we see as a growing imbalance.

Earlier this year, the U.S. Department of War announced updated homeland counter-UAS guidance through its Joint Inter-Agency Task Force 401 (JIATF-401). The guidance expands installation commanders’ authority under 10 U.S. Code §130i, removes prior “fence-line” limitations, and treats unauthorized drone surveillance as a threat before an aircraft crosses a perimeter. Commanders are now empowered to act based on the totality of circumstances, share sensor and tracking data across DHS and DOJ, and employ trained contractor personnel to operate counter-UAS systems.

This shift reflects an important reality: the federal government is acknowledging that low-cost, weaponizable drones are already being used and that waiting for a physical breach is no longer acceptable. At the same time, this expanded authority introduces an additional concern—counter-drone operations may now occur over populated areas.

But this progress also underscores the widening gap between federal and local capabilities. While military installations gain expanded authorities, local authorities remain restricted in their ability to intercept or mitigate drones.

4. The 250-Gram Decision Hiding Millions of Drones from FAA Oversight

In an attempt to manage and regulate the rise of drones, the FAA requires all commercial drones and any recreational drones over 250 grams to be registered with them for the purposes of accountability, operator identification, and to support regulatory compliance and law enforcement. Drones at or above this threshold must also be marked with a unique identifier and—under the FAA’s Remote ID rule—broadcast their location and identity in real time during flight. Sub-250g drones escape all of these requirements entirely, meaning there is no reliable way to know how many small drones exist or operate in the U.S. today.

This exemption has created a significant blind spot. Manufacturers intentionally design capable, camera-equipped drones to weigh just under the 250-gram threshold—and it’s not difficult to imagine the many ways a bad actor could exploit these unregistered small drones, whether deployed individually or as part of a larger fleet.

The scale of the problem should not be underestimated. The gap between registered drones and actual ownership suggests the unregistered population may be three to five times larger than the registered fleet—meaning a significant number of sub-250g drones are operating in U.S. airspace today, effectively invisible to FAA tracking systems and other oversight mechanisms. We see this as one of the most urgent vulnerabilities in the current regulatory framework.

What’s needed is not necessarily more regulation, but smarter solutions: new technologies and platforms for localized airspace management, as well as privacy protection coupled with safety monitoring for these smaller, unregistered aircraft.

5. Geography Is Driving A Drone Divide

When a farmer in rural Missouri launches an industrial drone to survey 3,000 acres of corn while a Brooklyn resident calls 911 to report a suspicious aircraft hovering near their apartment, we are witnessing two fundamentally different relationships with the same technology.

In rural America, agricultural drone registrations are rising. Farmers report productivity gains, local entrepreneurs are launching spraying businesses, and even first responders are using drones to cover terrain that would be impossible to patrol on foot. In these communities, drones are seen as practical tools that make difficult work safer and more efficient. Researchers have found that agricultural drone adoption has spread faster than nearly any farming technology in history.

Urban America, by contrast, is pushing back. Incidents like the New Jersey drone sightings, which triggered thousands of calls and temporary airspace restrictions, highlight deep concerns about privacy and surveillance. Many major cities now require permits for drone flights in public spaces, reflecting heightened sensitivity to their presence.

Rural and urban America are distinct markets with different risks and opportunities.

The challenges we face today are not just a drone problem—they represent the defining infrastructure challenge for the future of urban aviation. The coming wave of Urban Air Mobility vehicles and other advanced aircraft, for instance, will depend on the same robust low-altitude airspace awareness infrastructure. As millions of drones enter American airspace, success will require aligning federal authority, local capability, public trust, and the technical systems needed to keep our skies safe and secure.

Note: The authors of this article are affiliated with Brave Capital and MVA (MilVet Angels). They have invested in national security companies like Anduril Industries, Shield AI, Aetherflux, Erebor, Castelion, Hermeus, Ursa Major, and others.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

The Next Battlefield Is Perception, Not Territory

OPINION – The Gray Zone is no longer a peripheral space between war and peace. It has become the primary arena in which strategic advantage is tested and miscalculation is manufactured.

For decades, competition below the threshold of armed conflict relied on political signaling, economic leverage, proxy actors, and selective information operations. Artificial intelligence is accelerating this model. It compresses the distance between signal and reaction. It amplifies narratives at machine speed. It introduces synthetic inputs into analytical systems that were designed for slower environments.

The consequence is not simply faster influence operations. It is a structural shift in how states perceive and respond to one another.

At moments of rising geopolitical tension, the speed at which narratives form and harden can shape escalation as decisively as military posture.

The next phase of competition is unfolding not on contested territory, but in the contested space between perception and decision.

Compression and Amplification

AI does not create rivalry. It intensifies it.

Machine learning systems can generate persuasive narratives, simulate public sentiment, refine messaging, and identify cognitive vulnerabilities within target audiences. Large language models can draft diplomatic arguments, social commentary, and policy assessments at scale. Synthetic media can blur the line between authentic and fabricated signals.

Yet the most consequential impact is not public-facing propaganda.

It is the reinforcement of internal confidence.

When machine-generated outputs consistently align with preexisting assumptions - about an adversary’s weakness, cohesion, or intent, they can gradually harden analytical certainty. In AI-mediated rivalry, the danger is not simply deception - it is the gradual construction of analytical certainty around manipulated inputs.

That risk is universal.

Speed, repetition, and algorithmic coherence can create the appearance of clarity. When strategic communities begin reacting to synthetic or selectively amplified signals, escalation thresholds shift - sometimes without deliberate intent.

AI lowers the cost of narrative production. It also lowers the cost of strategic error.

Converging Models of Competitive Statecraft

Across major powers, variations of AI-enabled competition are already visible.

China has integrated data ecosystems into governance at scale, aligning state messaging, technological development, and strategic signaling. Narrative discipline and industrial capacity reinforce one another.

Russia has demonstrated adaptive information maneuver - rapidly recalibrating messaging across audiences, testing reactions, and exploiting ambiguity in fluid environments.

Iran has refined asymmetric information resilience - blending surveillance, digital monitoring, and calibrated external messaging to sustain regime durability under prolonged pressure.

These models differ in structure and scale, but they converge in one respect: influence is continuous, not episodic; perception management is strategic, not peripheral.

Artificial intelligence accelerates this convergence. It enables persistent probing, iterative testing of narratives, and the shaping of strategic tempo without conventional escalation.

Technology, however, does not determine outcomes on its own.

Engineered Confidence and Strategic Risk

The most underexamined vulnerability in this environment is not exposure to adversarial messaging. It is self-generated overconfidence.

AI systems optimize for pattern recognition and coherence. They surface correlations and reinforce trends. But coherence is not necessarily truth. Patterns can be engineered. Correlations can be induced.

When decision-makers operate within data environments shaped - even subtly - by manipulated or selectively amplified inputs, they risk constructing internally consistent but externally fragile assessments.

This is the new geometry of competition: not simply influence over others, but influence over one’s own analytical processes.

Under sustained cognitive pressure, institutions can drift toward accelerated judgment. The appearance of clarity can displace disciplined skepticism. Strategic tempo can outpace strategic reflection.

The enduring advantage will not belong to the state that perfects narrative control, but to the one that preserves analytical discipline even under sustained cognitive pressure.

Managing Uncertainty in an AI-Accelerated Era

The United States retains structural advantages: institutional depth, diverse intelligence streams, open innovation ecosystems, and alliance networks that introduce friction against uniform narratives. That friction is not weakness. It is strategic ballast.

But these advantages must be deliberately protected.

First, analytical friction must be strengthened. AI-assisted intelligence should be routinely stress-tested through adversarial review loops designed to detect synthetic amplification, data poisoning, and pattern distortion.

Second, signal authentication architecture must become a strategic priority. Verification protocols - technical and human - are essential to reduce susceptibility to manipulated inputs across military, diplomatic, and public domains.

Third, calibrated ambiguity should be preserved in response frameworks. In accelerated environments, rigid predictability invites exploitation. Clarity of intent does not require mechanical response.

Finally, alliance cohesion in the information domain must be treated as integral to deterrence. Perception gaps between partners create exploitable seams. Shared situational awareness and coordinated messaging are now as consequential as traditional interoperability.

These measures are not reactive. They are stabilizing.

Endurance in the Cognitive Arena

The next phase of competition will not be decided by territorial gains or military demonstrations alone. It will be shaped in the contested space between perception and reaction.

Artificial intelligence is not merely a tool of surveillance or propaganda. It is an instrument of cognitive pressure.

The states that endure will not be those that eliminate uncertainty, but those that manage it - deliberately, patiently, and without believing their own reflections.

In the coming decade, advantage will not belong to the state that generates the most data or the most persuasive narrative. It will belong to the one that resists the temptation to confuse engineered coherence with strategic reality.

Strategic maturity - not technological spectacle - will define advantage.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

While the World Watches the Middle East, War Is Brewing in South Asia

OPINION — For decades, strategists have warned that the most dangerous flashpoint in South Asia lies between India and Pakistan. The reasoning appeared straightforward: two nuclear-armed rivals with a long history of crises and wars. That perception only hardened last year when the two countries exchanged missile strikes during the 88-hour conflict that brought them to the brink of another major conflict.

As global attention remains fixed on US–Israeli joint military operations in the Middle East, a far more destabilizing conflict is quietly unfolding elsewhere. On March 16, a Pakistani airstrike struck a drug rehabilitation center in Kabul that reportedly killed nearly 400 civilians, marking a dramatic escalation in weeks of intensifying military confrontation between Pakistan and Afghanistan along the 2,600-kilometer Durand Line. This is not an isolated incident, but part of a broader shift in South Asia’s security landscape. The region’s most volatile fault line no longer lies along the Line of Control in Kashmir, but along the increasingly militarized frontier separating Pakistan and Afghanistan. If Western governments continue to treat this conflict as peripheral, they risk overlooking a war that could fundamentally reshape regional stability and generate consequences far beyond the subcontinent.

The “Open War” Along the Durand Line

In recent weeks, tensions between Islamabad and Kabul have escalated into what Pakistani leaders refer to as an “open war.” Pakistan has launched multiple airstrikes inside Afghan territory, while Afghan Taliban forces have retaliated by targeting Pakistani military installations along the border. In several instances, Taliban fighters have captured Pakistani forward posts and reportedly shot down a Pakistani fighter aircraft. These confrontations mark the most serious clashes between the two states since the Taliban returned to power in Afghanistan in 2021. Yet the strategic significance of the escalation is receiving surprisingly little attention outside the region.

For years, Western policymakers have viewed South Asian instability primarily through the lens of India-Pakistan rivalry. That framework, however, no longer captures the region’s most volatile dynamic. Since the Taliban’s takeover of Kabul, relations between Afghanistan and Pakistan have steadily deteriorated. Islamabad accuses the Taliban government of harboring militants from the Tehrik-e-Taliban Pakistan (TTP), the insurgent group responsible for a surge of attacks inside Pakistan. Kabul rejects these allegations and argues that Pakistan’s internal security crisis is a domestic problem rather than an Afghan conspiracy. The resulting tensions have steadily escalated into open confrontation. According to United Nations estimates, more than 100,000 people have already been displaced by fighting between Afghan and Pakistani forces. In addition to the airstrike targeting a rehabilitation center in Kabul, Pakistani airstrikes have struck other populated areas inside Afghanistan, killing dozens of civilians, including women and children. This suggests that Pakistan’s “open war” is not driven by actionable intelligence to conduct precision strikes but is designed to impose collective punishment on a population already under severe distress under the Taliban rule.

This violence is not merely the byproduct of cross-border militancy. It reflects a deeper strategic struggle over the future balance of power in the region. For decades, Pakistan’s military establishment has viewed Afghanistan through the doctrine of “strategic depth,” a Cold War-era concept that envisioned Afghanistan as a friendly rear base in the event of conflict with India. When the Taliban regained power in 2021, many in Islamabad believed that this objective had finally been achieved. Instead, relations between the two governments have deteriorated sharply. The Taliban leadership has resisted Pakistani pressure and refused to subordinate Afghan interests to Islamabad’s security demands. Faced with growing militant violence at home and an increasingly independent government in Kabul, Pakistan has turned to military coercion in an attempt to reassert its influence. The result is a conflict that is steadily reshaping the security dynamics of South Asia.

A Growing Humanitarian and Regional Crisis

The consequences of this confrontation extend far beyond the battlefield. Pakistan’s policies toward Afghanistan are now producing a severe humanitarian crisis that risks destabilizing the region further. Over the past two years, Pakistan has carried out one of the largest forced repatriation campaigns in recent history, expelling millions of Afghan refugees who had lived in the country for decades. In many cases, Afghan families were forced to leave behind homes, businesses, and property accumulated over generations. These deportations are taking place at the same time as cross-border violence is intensifying, creating a dangerous combination of displacement and instability. Refugees expelled from Pakistan are returning to a country already suffering from economic collapse, international isolation, and fragile governance under the hardliner Taliban government. The sudden influx of returnees is placing immense pressure on Afghanistan’s limited resources while fueling resentment toward Islamabad.

The humanitarian implications extend far beyond Afghanistan itself. Large-scale displacement from the country has historically produced migration flows that eventually reach the Middle East and Europe. Western governments, therefore, have a direct interest in preventing the situation from deteriorating further. More broadly, Pakistan’s escalating confrontation with Afghanistan risks transforming a bilateral dispute into a wider regional crisis. The timing of the conflict makes it particularly dangerous. With global attention concentrated on the Middle East, South Asia’s shifting security landscape is receiving relatively little scrutiny. This distraction creates an environment in which Islamabad’s aggressive policies can proceed with minimal international oversight.

Pakistan’s Strategic Calculations

Pakistan’s approach toward Afghanistan reflects a broader pattern in its regional strategy. For decades, Pakistan’s security establishment has relied on militant proxies, terrorists, and asymmetric warfare as instruments of foreign policy. While Western governments have often viewed Pakistan as an indispensable counterterrorism partner, Islamabad’s regional priorities have frequently diverged from those of its Western allies. The current confrontation with Afghanistan illustrates this divergence clearly. Rather than pursuing sustained diplomatic engagement with the Taliban government, which once relied on Pakistani funding and operational support, Islamabad has increasingly relied on military force to impose its preferred security arrangements along the Durand Line. The underlying objective appears to be the restoration of strategic leverage in Afghanistan and the reassertion of influence that Pakistan’s military once exercised during earlier phases of the Afghan conflict.

At the same time, Pakistan’s broader regional conduct raises serious questions about its reliability as a partner. Recent incidents have exposed significant gaps in Islamabad’s willingness or ability to uphold its international responsibilities. In one case, armed protesters in Karachi breached the security perimeter outside the US consulate following the death of former Iranian supreme leader Ali Khamenei, forcing US Marines to intervene to secure the facility. Similarly, despite establishing mutual defense ties with Saudi Arabia, Pakistan has shown little willingness to support Gulf security in the face of Iranian threats. These actions suggest that Pakistan’s strategic decisions are shaped primarily by domestic political calculations and regional ambitions rather than by alignment with Western security priorities.

The Risk of Strategic Neglect

If Pakistan is allowed to pursue aggressive military operations in Afghanistan without meaningful diplomatic pressure, the conflict could evolve into a prolonged war with severe regional consequences. Such a scenario would not only destabilize Afghanistan but also reinforce a pattern of coercive state behavior that undermines international norms. For a region already grappling with insurgencies, fragile states, and nuclear-armed rivalries, the implications would be profound. More importantly, a destabilized Afghanistan-Pakistan frontier could once again become fertile ground for terrorist organizations seeking to reconstitute and rearm. The collapse of security along the Durand Line would risk recreating the conditions that once allowed extremist groups to operate freely across the region.

For Western policymakers, the lesson is clear. The conflict between Pakistan and Afghanistan can no longer be treated as a secondary concern overshadowed by crises elsewhere. At a moment when Washington and its allies are attempting to dismantle global terrorist networks and maintain stability across multiple regions, they cannot afford to allow another state actor to exploit global distraction in order to reshape the strategic balance in South Asia. Ignoring the war along the Durand Line today could mean confronting a far larger crisis tomorrow.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

China’s Military Purges Were Larger Than We Thought

In China, the generals keep losing their jobs. On February 26, nine senior officers of the People’s Liberation Army (PLA) – five generals, one lieutenant general, and three major generals – were stripped of membership in China's top legislature, in the latest episode of a purge that has eviscerated the leadership of the PLA and raised questions about its readiness for a possible invasion of Taiwan.

The move came less than a week before the opening of China’s most important annual political gathering, the “Two Sessions,” and just one day after the release of a report showing that Xi’s purges have been far more sweeping than was previously known. The report, which was published by the China Power Project at the Center for Strategic and International Studies (CSIS), represents the first systematic assessment of the purges, which began in 2022 and culminated in last month’s removal of two of China’s most senior and experienced generals.

The report chronicles an "unprecedented purge of China’s military” that has swept all service branches and jettisoned more than half of the PLA’s senior officers.

Retired Rear Admiral Mike Studeman, a former Commander of the Office of Naval Intelligence, said the purges were greater in scale and scope than any in the nearly eight-decade history of the People's Republic of China.

“Xi Jinping has gone beyond even Mao’s purges,” Adm. Studeman told The Cipher Brief, referring to Mao Zedong’s elimination of the PLA high command in the early 1970s. “And he has fundamentally reshaped the way that the military is going to be led.”

The report found that the purges – carried out in the name of ridding the PLA of corruption – have led to a drop in the number and size of major military exercises, and raised questions about the PLA’s current capacity for complex operations.

“In the near term, given the significant vacancies, it would be incredibly difficult for China to launch large military campaigns against Taiwan,” Bonny Lin, the director of the China Power Project, wrote in an assessment of the report’s findings. “Even below that threshold, there is evidence that the purges have negatively impacted China’s exercises around Taiwan in 2025.”

“This is not the command that Xi Jinping wants to go to war with,” Brian Hart, the China Power Project’s Deputy Director and one of the report’s authors, told The Cipher Brief. “You don’t choose to go to war with half of your commanders missing.”

Mapping a Crackdown

The new report includes a database of China’s military leadership and identifies those officers who have been removed – including several with critical portfolios: the PLA’s head of military training; a general who commanded forces preparing for possible operations against Taiwan; and the two top officers dismissed in January – General Zhang Youxia, China’s most senior military official and by many accounts Xi’s most trusted military aide, and General Liu Zhenli, who headed the Joint Staff Department. Zhang and Liu were members of the Central Military Commission (CMC), China’s highest-level military body. As The Cipher Brief reported in January. Xi’s campaign has now claimed all but two of the CMC’s six leaders (one of whom is Xi himself); experts said the U.S. equivalent would be the firing of all but one member of the Joint Chiefs of Staff, along with dozens of other high-ranking generals.

In all, the China Power Project’s report found that 36 generals and lieutenant generals have been ousted since 2022; another 65 officers are listed as missing or “potentially purged”; and taken together, 101 of 176 officers in the PLA’s highest ranks — general or lieutenant general — are no longer at their posts. All five of China’s military theaters have seen their leaders ousted, and 56 deputy theater commanders have lost their positions as well.

Lyle Morris, a Senior Fellow at the Asia Society’s Center for China Analysis, said he had followed the purges for years but was startled by their scope.

“Beyond the four-star general level, you have the three-, two-, one-stars and all their underlings who appear to have been fully purged or in the process of being removed,” Morris, who formerly served as Country Director for China at the Office of the Secretary of Defense (OSD), told The Cipher Brief. “This has ramifications for the leadership, trust, and execution of training and missions of the PLA.”

Some of the military leaders have been fired, others placed under “investigation” – typically a career-ending proposition for a PLA officer – and others have simply vanished from public view. The report also documents a recent escalation; more than 60 top figures were removed from their posts in the last year alone. And experts believe the cleansing may not be over.

“I think we’re likely to see more purges,” Hart said. “This is not the end.”

Rebuilding the PLA

The report’s authors and several outside experts said that in the wake of the disruption – whenever it ends – Xi will face enormous challenges in rebuilding the world’s largest military.

“Having gutted the PLA’s leadership, Xi Jinping will have to turn to reconstituting the military high command in the coming years,” the report found. “Depending on what Xi intends to do, this could take years or even longer to see the full transformation.”

Experts stressed that when it comes to elevating officers to top positions, Xi will have to balance two key factors – political loyalty and competence.

“I think he’s more focused on getting it right than he is on doing it quickly,” Hart said, and he and others suggested that loyalty would be paramount. “Xi Jinping’s top priority in reconstructing the leadership is not the competence of his commanders. That’s very important, but his top priority is political loyalty to him and to the party.”

Some experts said that the full “transformation” is unlikely to be complete until late 2027, when the next Congress of the Chinese Communist Party is set to convene. In the interim, as newly-minted leaders are brought in, they may be less willing than their predecessors to present unvarnished assessments to Xi.

“The general sense is that anybody that’s going to be freshly appointed is going to be far more dependent on Xi, who has accelerated that person into the higher ranks,” Adm. Studeman said. “There will likely be more ‘yes men’ that have more to fear by crossing Xi Jinping.”

The Asia Society’s Morris concurred. The new leaders “are going to be much more accommodating to what Xi wants to do,” he said. “They’re not going to be giving bad news because that would mean the end of their careers. So for example, they’re going to be the folks who say, ‘Yes, sir, the PLA invasion plans are ready,’ even if they know internally they’re not ready.”

The Taiwan impact

You don’t need to be a China expert to grasp the potential impact of the purges – at least in the short term – when it comes to conducting major military operations, against Taiwan or anywhere else. At every level of the PLA – from top war planners to the generals who would execute those plans to lower-level officers in the Eastern Theater (the relevant command for a Taiwan operation) – multiple key positions are now vacant.

Morris said that having reviewed the scope and scale of the purges, he wouldn’t “lose any sleep” this year or in 2027 over a possible invasion of Taiwan.

“I think [Xi] and everyone in the party now knows that 2027 is not a good time to invade Taiwan,” he said. “You have to have the institutional leadership in place to give commands across the services, up through the CMC, and all of those relationships are now frayed or in disarray. I’m not sure how the PLA could actually execute it with so many senior leaders gone.”

Experts stressed that smaller-scale operations – basic training exercises, or dealing with minor skirmishes in the South China Sea – are unlikely to be affected by the purges, and that the PLA would not hesitate to respond to a crisis or engage in a war of necessity. But a conflict in the Taiwan Strait would be a large-scale and highly complex military operation, requiring the mobilization of all of China’s military services and forces – and for Beijing, it would be a war of choice.

For all those reasons, a half dozen experts interviewed by The Cipher Brief were unanimous in thinking that the 2027 time frame – which was widely reported to be the deadline Xi had given the PLA to be prepared to act against Taiwan – was no longer operative.

“If Xi had plans for 2027, I think they’re delayed,” said Dennis Wilder, a former senior CIA official and top White House adviser on China, in an interview conducted prior to the report’s publication. “There's no way that they're ready to take on a major military confrontation in these circumstances.”

“You’ve got to say this is not going to happen [by 2027],” Ambassador Joseph DeTrani, a former CIA Director of East Asia Operations, told The Cipher Brief. “I just don't see how Xi Jinping could feel even remotely confident that China’s military would be prepared, or is prepared, to use kinetic means to take over Taiwan.”

Adm. Studeman said Xi may have carried out the purges now because he never intended to move against Taiwan until 2028 or later – given the fact that a late-2027 Party gathering will determine whether he gains a fourth term as leader.

“Typically when a leader wants to get another term they need the backing of the PLA,” Studeman said. “If in fact the senior leadership in the PLA thought that Xi Jinping was being over aggressive [regarding Taiwan], then they might not be willing to cast our full support behind Xi.

“Xi Jinping may have thought, ‘I’m tired of the resistance, I want to move forward and I also need more yes men to be able to ensure an endorsement when it comes time for my fourth term.’”

The long view

Several experts said that the effects of Xi’s purges should be understood in two distinct time frames – short- and longer-term – and that for all the warnings about near-term readiness, a stronger, less corrupt and more effective PLA may ultimately emerge. They also noted that China’s military modernization and spiralling defense spending are likely to continue.

“Short term, it’s bad in many ways [for China],” Morris said. “But I think in the medium- and long-term it’s probably better, assuming – a big assumption – that they are less corrupt and cleaner, having gone through what will likely be an especially stringent vetting process.”

Meanwhile, the purges are unlikely to alter U.S. preparations for China conflict contingencies. As Morris put it, “IndoPacom [the U.S. Indo-Pacific Command] is not going to rest any easier, because their job is to prepare for worst-case scenarios.”

And while some suggested that the PLA turmoil would benefit the U.S. because it would buy time for preparations – “You've got a wonderful opportunity [with] a longer timeline,” Wilder said – others argued that the upheaval actually creates greater urgency for the U.S. and Taiwan.

Adm. Studeman made that case, warning that with more pliant leaders likely entering the PLA’s top echelons, there would be a greater need to demonstrate resolve and support for Taiwan.

“If anything, we need to impress upon these people coming into the CMC or taking some of these positions that despite their boss’ desires and hopes to solve these things through coercion, that there’s likely to be a very strong reaction that they may not be able to handle,” Studeman said. “It’s even more important, if you get somebody that’s more inclined to be rash, to ensure that they see what the consequences could be, and that means putting more material forward, strengthening the alliance system, and communicating support for Taiwan.”

In other words, while Gen. Zhang and other long-serving officers had combat experience and were willing to warn Xi Jinping of the perils of a major Pacific war, their replacements may need to be shown just what those perils are.

“That’s a way to keep the peace,” Studeman said. “To show the consequences and the dramatic effects of what could occur.”

Need a daily dose of reality on national and global security issues? Subscribe to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

Our interview has been lightly edited for clarity. You can also watch the interview and other conversations with Cipher Brief Experts by subscribing to The Cipher Brief’s Digital Channel on YouTube.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

Down But Not Out: Iran’s Axis of Resistance

OPINION — When HAMAS attacked Israel on 7 October 2023, Iran and its partners around the Middle East—collectively known as the Axis of Resistance—were riding high. Iran’s Islamic Revolutionary Guard Corps (IRGC) armed, funded, and trained HAMAS, Hizballah, the Huthis, and Iraqi Shia militias to help project Iranian power throughout the region. These groups were bound to Tehran by their Shia faith, shared antipathy toward the US and Israel, and support for fighting what they see as Israel’s illegal occupation of Palestinian lands. Now, however, after two-and-a-half years of conflict, the Axis looks more like a collection of disparate groups pursuing their own ends than a unified Shia force destabilizing the region for Iran’s benefit. Nonetheless, pronouncing the Axis dead risks missing the persistent threat these groups pose to US interests.

Since 7 October, Israel has severely degraded HAMAS and Hizballah, decimating their senior ranks and military capabilities. After the horrors of HAMAS’s attack, Israel was determined to neutralize both groups and began an unrelenting series of attacks and daring operations that have killed their most experienced leaders and commanders and destroyed many of their weapons. In Hizballah’s case, the fall of the al-Asad regime in Syria in December 2024 compounded the group’s woes by disrupting critical overland supply routes from Iran. As a result, neither group helped Iran when the US and Israel struck in June 2025. In the current war, HAMAS has remained on the sidelines. Hizballah, however, mounted a large rocket attack against Israel to retaliate for its killing Supreme Leader Ali Khamenei on 28 February. By attacking Israel and breaking a cease-fire that had largely held since November 2024, Hizballah signaled its loyalty to Iran, but also gave Israel the pretext it had been waiting for to resume the war, take (and possibly hold) territory in southern Lebanon, and try to destroy or forcibly disarm the group.

Perhaps the most surprising of Iran’s Axis partners have been the Huthis, which responded to Israel’s offensive in the Gaza Strip with regular missile and drone attacks against Israeli territory and a campaign against maritime shipping that caused disruptions that reverberated worldwide. Before 2023, the group considered Saudi Arabia its main enemy and alternately fought and negotiated with the Kingdom while consolidating control at home. Once the war in Gaza began, though, the Huthis became a persistent threat to the Israel, bleeding its supply of interceptors by launching routine attacks, and holding shipping in the Red Sea at risk in the name of the Palestinian cause, stopping only during cease-fires in Gaza. In June 2025, the Huthis made a token display of solidarity with Iran by lobbing a few missiles at Israel as it pummeled Iran, but did not materially come to Tehran’s aid. In the current war, the Huthis have held fire so far, but Huthi leader Abd al-Malik al-Huthi on 7 March publicly warned that his forces were ready to escalate militarily, which is more likely to happen the longer the war lasts. Unlike other Axis members who have suffered leadership losses and seen their arsenals devastated, the biggest brake on the Huthis’ getting involved is their responsibility for governing their own impoverished state—a burden none of the other Axis partners face. One al-Jazeera commentator posited this month that the group is particularly concerned about the potential threat from the internationally recognized Yemeni Government, which beat back secessionists in December 2025 and might be eyeing gains in Huthi-controlled Yemen next.

Like their partners in the Axis, some of the Iraqi Shia militias are prioritizing domestic political ambitions over militancy. The legislative election in Iraq in November 2025 led some of the Shia militias to focus more on winning votes than advancing Iran’s aims. Not only did the militias fear reprisals if they attacked the US or Israel, they also most likely feared the Iraqi public would blame them for violence and instability in Iraq if the militias themselves provoked US or Israeli strikes in Iraq. This calculation led them to sit out the war in June 2025, opting to hold rallies in Iraq rather than launch attacks in Iran’s defense. Several of the militias also signaled openness to disarming in December 2025, underscoring their shift from militancy to politics. At the same time, other groups, such as US-designated Kataib Hizballah (KH), the most capable of Iran’s partners in Iraq, have rejected calls to disarm and waded into the current conflict by attacking US interests. This month, KH spearheaded attacks against US facilities and personnel in Iraq, particularly in Iraqi Kurdistan and against the US Embassy in Baghdad, in response to the US and Israeli offensive in Iran. Indeed, the group publicly reaffirmed its solidarity with Iran, intent to avenge Supreme Leader Ali Khamenei’s death, and commitment to driving the US out of Iraq.

Although Iran’s Axis of Resistance is not the cohesive, potent force it was before 7 October, its members remain allied with Iran and staunchly opposed to the US and Israel. As they increasingly pursue their own ends—ranging from simply surviving to strengthening their political clout at home—they are likely to be less predictable. There are a number of factors that are likely to shape their trajectory, including:

•The extent to which new Supreme Leader Mojtaba Khamenei sees the Axis as a valuable collective that helps Tehran project power. His decision to reinvest and recommit to the Axis, particularly if he invoked the memory of his martyred father, would help reinforce ties between Iran and its partners.

•Whether the IRGC continues to fund and arm the groups. If Tehran cannot bankroll and arm its partners as it did in the past, these groups will be ever-less responsive to Iranian requests as they seek new sponsors or move away from militancy.

•To what degree groups, especially the Iraqi Shia militias, see politics as a better means to achieving their aims than militancy. If the Shia militias conclude that they can end the US presence in Iraq through negotiations rather than attacks, for example, or that they are better able to deliver economic benefits to the Iraqi Shia community by wielding political power than weapons, they will be more inclined to pursue politics than violence.

•Whether host governments or powerful neighbors curb the groups’ activities. Baghdad’s and Beirut’s ability and willingness to rein in nonstate actors like the Iraqi Shia militias and Hizballah, respectively, will be a significant brake on their ability to threaten the US or Israel. Similarly, Riyadh's success in finding a modus vivendi with the Huthis that boosts the economy in Huthi-controlled Yemen will give the group incentive to stop attacks to ensure its continued grip on power.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

GPS Denied: Time to Upgrade

OPINION — The Global Positioning System (GPS) is arguably the greatest dual-use technology ever developed. It saves us trillions of dollars in wasted fuel and inefficient logistics. However, our modern world is built on a system that is terrifyingly fragile, highly vulnerable to jamming, spoofing, and the existential threat of anti-satellite weapons.

Recent events prove this vulnerability. On February 28, ships navigating the Strait of Hormuz started appearing on tracking screens in places they couldn't possibly be. They appeared to be sitting on airport runways, parked on Iranian land, and clustered at nuclear power plants. More than 1,100 commercial vessels had their navigation systems scrambled in a single day following US-Israeli airstrikes on Iran, bringing a waterway that handles a fifth of the world's oil exports to a halt.

A similar crisis unfolded months earlier in the Caribbean. During a U.S. standoff with Venezuela, jammed signals caused commercial flights to experience severe GPS problems, resulting in a near-collision for a JetBlue pilot and forcing a cruise ship to navigate by charts and landmarks for three hours.

These are no longer isolated incidents. Today, anyone can pull up independent tracking sites like gpsjam.org—which aggregates aircraft data to visualize daily GPS disruptions worldwide—and view a heat map of the globe bleeding red with active interference.

But conflict zones aren't the only risk. In 2013, a truck driver with a $100 jammer accidentally knocked Newark Liberty International Airport's GPS offline just to hide from his employer's vehicle tracker. This system is used by over 6 billion people, yet it can be blinded by cheap gadgets.

The Invisible Metronome

GPS was designed for military position, navigation, and timing in the 1960s and 70s. Its signals travel 20,000 kilometers from space, arriving 100,000 times weaker than ambient noise. This makes them easily overwhelmed by low-cost eBay jammers emitting stronger radio noise on the same frequency.

Crucially, GPS isn't just a map; it is the invisible metronome for the modern world. The atomic clocks on GPS satellites synchronize cellular networks, timestamp billions of financial transactions, and regulate power grids. Lose the timing signal, and our global digital infrastructure fundamentally breaks down. We've wired the heartbeat of the global economy to a whispering radio signal from space.

Diverging Strategies: U.S. vs. China

The U.S. government has focused its response almost entirely on advancing military resilience measures like encrypted M-code signals and anti-jam antennas. This does nothing for commercial pilots or global logistics networks navigating denied environments. The U.S. defends GPS purely as a military asset.

Meanwhile, China has taken a radically different approach. It has poured state investment into the BeiDou satellite system, which achieved full global coverage in 2020 and surpasses the U.S. network in size. In parallel, China has built a deep bench of geospatial experts and backed BeiDou with a layered terrestrial architecture that includes a 20,000-kilometer fiber network and a national eLoran system. By actively exporting BeiDou through the Belt and Road Initiative and achieving full-stack autonomy in domestic navigation chips, China is building an ecosystem with commercial and strategic leverage that will matter as GPS-denied environments become the norm.

Moving Beyond GPS 2.0

The private sector is beginning to field alternative positioning systems, but competing against “free” will require game-changing innovation, not just incremental improvement. Inertial navigation systems are expensive and drift over time. Satellite constellations that simply move GPS-like spacecraft closer to Earth carry many of the same vulnerabilities as the system they’re meant to replace.

Commercial alternatives must go beyond GPS 2.0 to address both resilience and new use cases that justify adoption on their own merits. Remarkable new startups like EarthTraq aim to fill these gaps by providing new purpose-built constellations paired with low-cost, low-powered devices not dependent on any GPS constellations. Other companies are actively using computer vision or radar to automatically determine positions with what I call "artificial intelligence dead reckoning." Powerhouse companies like Vantor and Niantic Spatial are going big on high fidelity photogrammetric digital models of the world for precision navigation in denied environments. Other examples, Skyline Nav AI uses computer vision and deep learning to determine a vehicle's location in real time based solely on its surroundings. Similarly, European startup Vydar uses onboard AI to match live camera feeds of the ground with offline maps, computing highly accurate coordinates even during a complete GPS blackout. Daedalean AI is taking a complementary approach, building visual positioning systems that integrate seamlessly with radar and inertial sensors to operate in challenging conditions like fog or darkness. All of these alternatives offer mission performance that GPS cannot and have great promise to supplement or replace it in a denied environment.

We’re all going to have to get used to a world without GPS. The era of implicit trust in a single vulnerable satellite network is over. If we want to safely operate autonomous systems and AI in the real world, we must develop higher-fidelity methods of positioning within the eternal

reference frame that cannot be defeated by cheap eBay jammers.

Follow Mark Munsell on LinkedIn.

America Is Digitally Fragile — and Our Adversaries Know It

OPINION — America has entered a moment in which it is fundamentally more vulnerable than at any point in modern history. For the first time, the systems that underpin economic prosperity, social stability and military power are not merely digitally enabled — they are digitally dependent and tightly interconnected. At the same time, our principal adversaries have developed the capability and commitment to penetrate those systems, remain hidden and pre-position for future crises, while the United States remains organized for episodic offense and reactive defense.

Adversary cyber operations no longer aim merely to steal information or cause disruption. They are designed to control the environment before conflict begins, constrain U.S. options, and raise the domestic cost of action. The recent intrusions by Chinese malicious cyber actors — commonly known as Volt Typhoon and Salt Typhoon — clearly illustrate this challenge. These campaigns targeted water, energy, telecommunications, and ports — the industrial plumbing of American life — to establish persistent footholds in the systems modern society depends on and remain embedded there until the moment to exploit them arrives. Disturbingly, much of that access has proven extremely difficult to fully eradicate.

The uncomfortable truth is that the U.S. is perilously digitally fragile. Our economic strength, military readiness and social stability all rest on a digital nervous system that remains poorly understood, inadequately protected and insufficiently maintained. We behave as if these systems are strong and resilient. In reality, they are exposed and increasingly vulnerable. And the convergence of interconnected infrastructure, machine-speed operations, and artificial intelligence means failure can now cascade across sectors faster than leaders and operators can respond.

Imagine a crisis over Taiwan. Before the first U.S. aircraft takes off in response, power flickers, hospital software freezes, water treatment falters and banking slows. For most Americans, it would not feel like war — it would feel like everyday life coming apart. Meanwhile, the U.S. military would confront a sobering reality: its ability to mobilize and sustain operations depends on these same systems. Even the world’s most capable force can be delayed or degraded if the digital terrain beneath it cracks.

This is not fear-mongering. It is foresight. We are not merely under digital attack — we are amplifying the danger through our own unwillingness to accept how fundamentally the world has already changed.

For years, leaders hoped cyber deterrence would take hold. That hope has not been borne out. Below the threshold of armed conflict, cyber operations are cheap, deniable and consistently rewarded. Intellectual property theft, infrastructure mapping and covert pre-positioning generate enormous strategic returns at minimal risk. There has proven to be little incentive for adversaries to stop.

Further, the United States still treats intrusions as isolated incidents rather than continuous campaigns. Private reporting is voluntary and inconsistent. Government responders often learn of attacks only after the damage is visible. Offensively, U.S. cyber operations are highly capable but episodic — powerful actions without sustained strategic effect. Our adversaries play the long game; we respond in bursts.

We can and must do better. The way forward begins with establishing a national objective: Digital Dominance, the process of organizing the nation to lead and define the global digital environment. Digital Dominance is first a whole-of-society posture. Cybersecurity cannot be left to government specialists alone. Businesses, local governments, federal agencies, academia and individual users all operate on the same terrain and share responsibility for strengthening it. We must increasingly work together as teammates in the active defense of the nation.

But Digital Dominance also means ensuring that American digital capabilities — especially advanced semiconductors, large-scale compute, cloud infrastructure and artificial intelligence — become the preferred global standards. When U.S. technologies and architectures set the pace, we reinforce economic competitiveness, shape international rules and give our military the interoperable digital foundation it needs to maintain operational advantage. The future of national power will be decided across the entire ecosystem that designs, deploys, operationalizes and defends digital systems.

Further, achieving Digital Dominance requires the Department of War to pursue Analytic Superiority — the ability to sense, understand, predict and act faster than adversaries, while denying them the ability to do the same. The United States must fuse real-time data, AI-enabled analysis and machine-speed decision-making, while simultaneously disrupting and confusing adversary sensing, data pipelines and AI models/decision systems.

In modern conflict, the side that understands what’s happening first — and acts faster — drives the outcomes. Artificial intelligence makes that possible. It allows networks to spot problems early, connect the dots and respond in seconds rather than minutes or hours. AI isn’t a luxury in cyber operations; it’s the engine that makes conflict-winning speed possible. If we do not fully embrace the operationalization of AI, we will be reduced to playing catch-up with our adversaries.

These realities should also force prioritization. When everything is labeled critical, nothing truly is. The United States currently designates sixteen sectors as “critical infrastructure,” but there are five that really form the backbone of national stability: power, water, telecommunications, finance, and healthcare/emergency services. These sectors are so interdependent that failure in one can cascade rapidly into others. For them, the federal government must receive anonymized, real-time cyber data — not after incidents occur, but continuously. Reactive defense cedes initiative. True resilience requires anticipatory awareness and preemptive action.

However, defensive actions alone are not enough. Locks matter — but so does stopping burglars before they strike. The United States must shift to persistent cyber campaigning: continuous operations that disrupt adversary planning, degrade military capabilities, drain resources, put opponents on the defensive and pre-position our forces in case of conflict. But the government cannot successfully scale this mission on its own. The depth of cyber talent and technical innovation needed to compete with adversaries like China largely resides in the private sector.

A National Cyber Operations Team would integrate that talent directly into operational cyber missions using a “team-of-teams” model, with private-sector operators working under the oversight and command and control of U.S. Cyber Command. Participation would require meeting the Command’s rigorous training, certification, and security standards. This approach dramatically expands capacity while preserving unity of command, discipline, and operational accountability. Just as important, it taps into one of America’s greatest strategic advantages: our fast-moving, innovative technology ecosystem. By connecting that innovation directly to operational needs — rather than burying it inside years of contracting and acquisition bureaucracy — the United States can adapt faster than its adversaries and sustain the initiative in the digital domain.

Some will say these actions are ambitious. They are. But the alternative is far costlier: allowing adversaries persistent leverage over the systems that underpin daily life, economic strength, and national defense. Digital conflict does not resemble the wars we remember. It looks like everyday life suddenly coming to a halt — and with it, the erosion of the advantages that have long sustained American national power.

The U.S. is digitally fragile. We can choose to become digitally strong.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

I just want to read the news

Get the news and only the news!

Guardian

Back to top

Kaupunki

Back to top

Yle

Back to top

CNN

Back to top

Hesari

Back to top

Al Jazeera

Back to top

New York Times

Back to top

Reuters

Back to top

NPR

Back to top

The Cipher Brief

Europe’s Strategic Complacency

An illprepared alliance

NATO Has Faced Worse

Signs of Renewal

Parallel Alliances

A Durable Alliance

Back to top