Chinese-sponsored groups are using the popular Brickstorm backdoor to access and gain persistence in government and tech firm networks, part of the ongoing effort by the PRC to establish long-term footholds in agency and critical infrastructure IT environments, according to a report by U.S. and Canadian security offices.
ShadyPanda spent seven years uploading trusted Chrome and Edge extensions, later weaponizing them for tracking, hijacking, and remote code execution. Learn how the campaign unfolded.
A sprawling infrastructure that has been bilking unsuspecting people through fraudulent gambling websites for 14 years is likely a dual operation run by a nation-state-sponsored group that is targeting government and private-industry organizations in the US and Europe, researchers said Wednesday.
Researchers have previously tracked smaller pieces of the enormous infrastructure. Last month, security firm Sucuri reported that the operation seeks out and compromises poorly configured websites running the WordPress CMS. Imperva in January said the attackers also scan for and exploit web apps built with the PHP programming language that have existing webshells or vulnerabilities. Once the weaknesses are exploited, the attackers install a GSocket, a backdoor that the attackers use to compromise servers and host gambling web content on them.
All of the gambling sites target Indonesian-speaking visitors. Because Indonesian law prohibits gambling, many people in that country are drawn to illicit services. Most of the 236,433 attacker-owned domains hosting the gambling sites are hosted on Cloudflare. Most of the 1,481 hijacked subdomains were hosted on Amazon Web Services, Azure, and GitHub.
EXPERT OPINION / PERSPECTIVE — The2024 spy swap between Russia and the West exposed a brutal truth: Moscow still treats innocent civilians as bargaining chips, and killers as heroes. In the deal, Russia forced multiple governments to trade convicted Russian intelligence officers, including an SVR “illegal” couple arrested in Slovenia, in exchange for Western citizens that the Kremlin had deliberately entrapped. But the real prize for Russian President Vladimir Putin was Vadim Krasikov, the FSB assassin who was convicted by a German court for murdering Chechen exile Zelimkhan Khangoshvili in Berlin in 2019. Through years of negotiations, including those aimed at freeing Wall Street Journal reporter Evan Gershkovich, Krasikov’s release remained a non-negotiable demand from Russia.
When the swap finally happened, Putin greeted Krasikov on the tarmac with a public embrace, an extraordinary display of presidential affection for a convicted murderer. Days later, the Kremlin confirmed his FSB status, praised his “service,” and even highlighted his past role as a presidential bodyguard. Putin’s message to his security services—and to the world—could not have been clearer: if you kill for Putin’s regime, the regime will protect you. Killing for the regime has always been a mission forRussia’s intelligence services (RIS).
State-directed murder was long embedded in the mission and culture of the RIS and their predecessors. The practice predates the Soviet Union, reaching back to the Czarist Okhrana, which routinely hunted down dissidents when exile to Siberia failed to silence them. After the 1905 revolution, Czar Nicholas II unleashed a wave of retributive assassinations that set a precedent for the violence institutionalized by the Cheka and later the KGB. He became known as “Bloody Nicholas.” The state security “organs” (as they are still known in Russia) elevated assassination into a professional craft, giving rise to the notorious phrase in Russian: vishaya mera nakazaniya — the highest measure of punishment. The term still carries its original meaning and dreaded connotation: death at the order of the state, whether by trial or extrajudicial killing.
There were many examples both at home and abroad for Soviet citizens to be afraid. Stalin’s plot to kill his arch-rival and fellow revolutionary, Leon Trotsky, was decades in the making and ended with an ice pick to Trotsky’s head while he was in Mexico City. His assassin, Ramon Mercader, was awarded the title Hero of the Soviet Union when he was released from prison and arrived back in the USSR.
Secret institutes like the infamous “Poison Factory,” known in the KGB as Laboratory 1 or “kamera” (for “the cell”), were set up during the early years of the Cold War to study chemical and biological agents that could be used to murder quietly. Laboratory 1 specialized in refining special toxins, like the ricin pellet the KGB provided to their Bulgarian allies, and used in the infamous assassination of Bulgarian dissident Georgi Markov on a London bridge in 1978.
Today is no different. Some assassinations are believed to be directly ordered by Putin in what the Russians call “direct action” (pryamoye deistviye, also known colloquially as mokroe delo, or wet work), while others are believed to be carried out with his implied approval. Poison factories continue to function inside of Russia. Today, the FSB uses a modern “kamera” which helped refine the nerve agent Novichok for use against the defector Sergei Skripal in the 2018 Salisbury UK attack. It was the same agent used against Russian Opposition leadersAlexei Navalny in afailed assassination attempt, prior to hisdeath in a remote Russian prison, also likely wet work at the hands of the FSB.
Why does Putin let his Chekist assassins use such a well-known, state-only produced chemical weapon like Novichok to kill defectors or dissidents? The answer: because he wants the world to know the RIS were behind the attacks and that the tradition of the “highest measure” continues. Otherwise, he could certainly have his hitmen use a gun, ice pick, or other more deniable method. There is a track record now for decades, going back to the FSB defector Alexander Litvinenko and his death from polonium in the UK. The RIS will not hesitate to murder any intelligence or military defectors that the RIS can find and reach in the West. The lack of a formidable response from the UK and the U.S. to the Litvinenko poisoning only emboldened Putin and his henchmen (one of the assassins, Lugavoy, was praised so highly within Russia that he was eventually elected to the Russian duma).
Save your virtual seat now atTheCyber Initiatives GroupWinter Summit on December 10 from 1p – 4p ET for expert-led conversations on cyber, AI and the future of national security.
The Russian Record of Killing their Own: Disincentivizing Dissent
Putin and his RIS siloviki want all of their officers to know that the price for treason is death, and they don’t care what government may be offended or what international laws are broken. Otherwise, the incentive for those officers to betray Russia’s corrupt services and look to a better life for themselves and their families is too high. It matters not whether the execution is ordered by a secret court, or carried out on the street, the RIS consider it within their purview to decide how and when.
Two historical points illustrate this as practice within the RIS. For decades of the Cold War, and after, the rumor proliferated within the KGB and GRU that one or both of the first GRU spies to work for the United States, Pyotr Popov and Oleg Penkovskiy, were executed by being thrown into a furnace alive. Popov was uncovered and executed in 1960. Penkovskiy was arrested and executed in May 1963 after the vital role he played in providing intelligence to the United States during the Cuban Missile Crisis.
The practice during that time period, carried over from Stalin’s purges, was more likely a bullet to the back of the head up against a wall at the infamous Lubyanka prison. But the rumor, which was spread to the West by GRU defector Viktor Suvorov, was effective and garnered a lot of attention within the services; it still does. It was purposely spread, and taught, and continues to be, at the KGB Andropov Academy through the 1980s, now known as the modern SVR Foreign Service Academy (what they call the AVR). The same rumor is taught to officers at the GRU Military Diplomatic Academy. Defectors have confirmed for years that this rumor is whispered among classes at the academies, and as a warning against dissents—“you want to be thrown into a furnace alive, shut-up you idiot!” The very idea of being burned alive in a furnace is hard for young officers to forget.
There is another example from Cold War history that illustrates the same point. In 1985, the so-called “year of the spy,” while crypto-spy John Walker and his family ring were uncovered and arrested, CIA officer Ed Howard defected to Moscow, and many other espionage incidents took place. CIA traitor Rick Ames gave his “big dump” of classified holdings to the Soviets. Ames offered up roughly a dozen different U.S. cases to the Soviet services, including many penetrations of the KGB and GRU. Most of those assets were executed in short order, sending up a giant “CI flag” of counterintelligence warning to CIA/FBI and the entire U.S. intelligence community that something was amiss. A major mole hunt, which unfortunately took nine years, eventually led to Ames’ arrest. Ames himself commented after his arrest that he was astounded that the KGB/GRU had killed so many assets: why not keep them running as controlled cases, at least for a time, in order to protect him? It was an unprecedented, even reckless reaction.
Why did they do it?
The answer, as some senior Russian officers including former Line KR (kontrarazvedka or CI) Chief Viktor Cherkashin would later confirm (he wrote a book that was translated in the West) was that the Soviet services had no choice. The KGB and GRU had to take drastic steps to stop the flood of espionage and leaks in the Soviet services—too many traitors! An example had to be set.
Cherkashin would know since he ran both Ames and FBI spy Robert Hanssen when he served in the Washington D.C. Residency (station) of the KGB. Reportedly, the issue went to the highest ranks of the KGB/GRU and then on to the Central Committee of the Communist Party. For all their feared security prowess in the Soviet Union, the vaunted KGB had no idea that the CIA was running so many cases under their noses, literally, in Moscow and around the world. Since their own counterintelligence, the 2nd Chief Directorate of the KGB, had failed so miserably, the decision was made to execute them all (or nearly all, a previous few escaped death in the Gulag). There had to be a hard line drawn for the tens of thousands of other Soviet intelligence officers not to betray the regime - the highest measure would be the warning.
Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox.Sign up for free today.
Murder by Order or Murder to Impress the Boss?
The FSB is no less of a counterintelligence failure than their KGB predecessors. They cannot turn the tide against the U.S., our intelligence services, and those of our allies. Instead they arrest innocent civilians like those used to barter for the 2024 swap. That is why Putin likely continues to order death to all intelligence defectors. That is why he will greet a killer like Krasikov at the airport in Moscow in front of the cameras. But Putin’s RIS don’t just kill defectors and Chechen separatists. The RIS were almost certainly behind many political hits in Russia like Navalny, Boris Nemtsov and many others “falling out of windows” from Putin’s own government in recent years. Here it is important to recall that under President Yeltsin, Russia abolished the death penalty. So what were once judicial executions, ordered by the state, have become extra-judicial killings in the Putin era. But for the RIS, there is no distinction.
There have been many assaults and killings of journalists like Anna Politkovskaya. The question often arises—does Putin know about and order all of these murders? Perhaps, but there may be something else at play as well, an effort to impress “the boss.” This could also explain some of the more reckless acts of sabotage playing out in Europe at the hands of the RIS. Mafia families work in the same way - they surprise the boss with new income streams or take out a threat to the family with a hit, to earn one’s “button” and become a “made man.”
Indeed, the RIS function within mob-like cultures, fostered by patronage relationships, and corruption at every level. Officers are encouraged to pay bribes up the chain of command, and frauds of all kinds at every level infect their services. Putin has no doubt told aspiring leaders in the SVR, GRU and especially the FSB, his favorite service, to surprise him with new and inventive operations meant to hit back against the West, particularly regarding Ukraine. This has led to a cascading series of actions by the RIS, including sabotage, exploding parcels, and, yet again, like earlier in their history, attempted assassinations. The most brazen plot uncovered so far was the GRU plot that was unraveled in Germany in 2024 to assassinate the CEO of Rheinmetall, a leading provider of arms to Ukraine. GRU unit 29155 is likely behind that plot, just as they were behind the Skripal attack, and others.
The RIS attack dogs in Putin’s services are simply continuing a tradition of state-directed violence. Yet in the West, we often hesitate to assign blame, waiting for courtroom-quality evidence. But the evidence is already written across decades of Russian intelligence tradecraft, and reinforced by independent investigations.
Open-source teams like Bellingcat have repeatedly identified the GRU and FSB officers behind some of Moscow’s most feral operations - from the Skripal poisoning in Salisbury to the attempted assassination of Alexei Navalny. Still, conclusive proof of Kremlin authorization often appears only when an insider defects with hard intelligence. Those who contemplate such a step know they will be protected and given a new life in the West. They also know the stakes, however, if caught.
The absence of courtroom proof in every case of murder, poisoning, or a fall from a window should not silence the West. Putin’s record speaks for itself. His regime has presided over the killings of journalists, opposition figures, exiles abroad, and tens of thousands of Ukrainian civilians. He operates as a modern bloody czar, no different in impulse from Nicholas II—ordering assassinations, reprisals, and revenge killings with impunity. And the pattern is escalating. It is only a matter of time before Russian intelligence pushes further, testing its reach against U.S. and allied targets. The warning signs are unmistakable. The question is no longer whether the threat exists, but what the West intends to do about it.
All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the US Government. Nothing in the contents should be construed as asserting or implying US Government authentication of information or endorsement of the author’s views.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals. Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.
The Cybersecurity Coalition, an industry group of almost a dozen vendors, is urging the Trump Administration and Congress now that the government shutdown is over to take a number of steps to strengthen the country's cybersecurity posture as China, Russia, and other foreign adversaries accelerate their attacks.
In this episode, we discuss the first reported AI-driven cyber espionage campaign, as disclosed by Anthropic. In September 2025, a state-sponsored Chinese actor manipulated the Claude Code tool to target 30 global organizations. We explain how the attack was executed, why it matters, and its implications for cybersecurity. Join the conversation as we examine the […]
Last week, AI company Anthropic reported with ‘high confidence’ that a Chinese state-sponsored hacking group had weaponized Anthropic’s own AI tools to run a largely automated cyberattack on several technology firms and government agencies. According to the company, the September operation is the first publicly known case of an AI system conducting target reconnaissance with only minimal human direction.
In mid-September 2025, we detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign. The attackers used AI’s “agentic” capabilities to an unprecedented degree—using AI not just as an advisor, but to execute the cyberattacks themselves.
The threat actor—whom we assess with high confidence was a Chinese state-sponsored group—manipulated our Claude Code tool into attempting infiltration into roughly thirty global targets and succeeded in a small number of cases. The operation targeted large tech companies, financial institutions, chemical manufacturing companies, and government agencies. We believe this is the first documented case of a large-scale cyberattack executed without substantial human intervention...
Public opinion polls and other surveys rely on data to understand human behavior. New research from Dartmouth reveals that artificial intelligence can now corrupt public opinion surveys at scale—passing every quality check, mimicking real humans, and manipulating results without leaving a trace.
Governments across the Indo-Pacific are facing a critical question: who can be trusted to build and manage our most sensitive systems? Vendor choices, for everything from cloud infrastructure to identity platforms, are no longer just commercial; they are strategic. As cyber threats rise, supply chains fragment and coercive pressure grows, countries need better ways to assess technology providers and manage risk.
Researchers from Anthropic said they recently observed the “first reported AI-orchestrated cyber espionage campaign” after detecting China-state hackers using the company’s Claude AI tool in a campaign aimed at dozens of targets. Outside researchers are much more measured in describing the significance of the discovery.
Anthropic published the reports on Thursday here and here. In September, the reports said, Anthropic discovered a “highly sophisticated espionage campaign,” carried out by a Chinese state-sponsored group, that used Claude Code to automate up to 90 percent of the work. Human intervention was required “only sporadically (perhaps 4-6 critical decision points per hacking campaign).” Anthropic said the hackers had employed AI agentic capabilities to an “unprecedented” extent.
“This campaign has substantial implications for cybersecurity in the age of AI ‘agents’—systems that can be run autonomously for long periods of time and that complete complex tasks largely independent of human intervention,” Anthropic said. “Agents are valuable for everyday work and productivity—but in the wrong hands, they can substantially increase the viability of large-scale cyberattacks.”
Accusations of state-sponsored cyber espionage have come to define the cyber relations between the US and China over the years. The widespread adoption of Microsoft products has also made them prime targets for state-sponsored cyber espionage. High-profile incidents, such as the SolarWinds breach and attacks on Microsoft 365, have demonstrated how nation-state actors exploit vulnerabilities in Microsoft’s ecosystem to conduct sophisticated espionage operations.
DEEP DIVE — From stolen military credentials to AI-generated personas seamlessly breaching critical infrastructure, digital identity fraud is rapidly escalating into a frontline national security threat. This sophisticated form of deception allows adversaries to bypass traditional defenses, making it an increasingly potent weapon.
The 2025 Identity Breach Report, published by AI-driven identity risk firm Constella Intelligence, reveals a staggering increase in the circulation of stolen credentials and synthetic identities. The findings warn that this invisible epidemic, meaning it's harder to detect than traditional malware, or it blends in with legitimate activity, is no longer just a commercial concern—it now poses a serious threat to U.S. national security.
“Identity verification is the foundation of virtually all security systems, digital and physical, and AI is making it easier than ever to undermine this process,” Mike Sexton, a Senior Policy Advisor for AI & Digital Technology at national think tank Third Way, tells The Cipher Brief. “AI makes it easier for attackers to simulate real voices or hack and steal private credentials at unprecedented scale. This is poised to exacerbate the cyberthreats the United States faces broadly, especially civilians, underscoring the danger of Donald Trump’s sweeping job cuts at the Cybersecurity and Infrastructure Security Agency.”
The Trump administration’sproposed Fiscal Year 2026 budget would eliminate 1,083 positions at CISA, reducing staffing by nearly 30 percent from roughly 3,732 roles to around 2,649.
Save your virtual seat now for The Cyber Initiatives Group Winter Summit on December 10 from 12p – 3p ET for more conversations on cyber, AI and the future of national security.
The Industrialization of Identity Theft
The Constella report, based on analysis of 80 billion breached records from 2016 to 2024, highlights a growing reliance on synthetic identities—fake personas created from both real and fabricated data. Once limited to financial scams, these identities are now being used for far more dangerous purposes, including espionage, infrastructure sabotage, and disinformation campaigns.
State-backed actors and criminal groups are increasingly using identity fraud to bypass traditional cybersecurity defenses. In one case, hackers used stolen administrator credentials at an energy sector company to silently monitor internal communications for more than a year, mapping both its digital and physical operations.
“In 2024, identity moved further into the crosshairs of cybercriminal operations,” the report states. “From mass-scale infostealer infections to the recycling of decade-old credentials, attackers are industrializing identity compromise with unprecedented efficiency and reach. This year’s data exposes a machine-scale identity threat economy, where automation and near-zero cost tactics turn identities into the enterprise’s most targeted assets.”
Dave Chronister, CEO of Parameter Security and a prominent ethical hacker, links the rise in identity-based threats to broader social changes.
“Many companies operate with teams that have never met face-to-face. Business is conducted over LinkedIn, decisions authorized via messaging apps, and meetings are held on Zoom instead of in physical conference rooms,” he tells The Cipher Brief. “This has created an environment where identities are increasingly accepted at face value, and that’s exactly what adversaries are exploiting.”
When Identities Become Weapons
This threat isn’t hypothetical. In early July, abreach by the China-linked hacking group Volt Typhoon exposed Army National Guard network diagrams and administrative credentials. U.S. officials confirmed the hackers used stolen credentials and “living off the land” techniques—relying on legitimate admin tools to avoid detection.
In the context of cybersecurity, “living off the land” refers to attackers (like the China-linked hacking group Volt Typhoon) don't bring their own malicious software or tools into a compromised network. Instead, they use the legitimate software, tools, and functionalities that are already present on the victim's systems and within their network.
“It’s far more difficult to detect a fake worker or the misuse of legitimate credentials than to flag malware on a network,” Chronister explained.
Unlike traditional identity theft, which hijacks existing identities, synthetic identity fraud creates entirely new ones using a blend of real and fake data—such as Social Security numbers from minors or the deceased. These identities can be used to obtain official documents, government benefits, or even access secure networks while posing as real people.
“Insider threats, whether fully synthetic or stolen identities, are among the most dangerous types of attacks an organization can face, because they grant adversaries unfettered access to sensitive information and systems,” Chronister continued.
Insider threats involve attacks that come from individuals with legitimate access, such as employees or fake identities posing as trusted users, making them harder to detect and often more damaging.
Constella reports these identities are 20 timesharder to detect than traditional fraud. Once established with a digital history, a synthetic identity can even appear more trustworthy than a real person with limited online presence.
“GenAI tools now enable foreign actors to communicate in pitch-perfect English while adopting realistic personas. Deepfake technology makes it possible to create convincing visual identities from just a single photo,” Chronister said. “When used together, these technologies blur the line between real and fake in ways that legacy security models were never designed to address.”
Washington Lags Behind
U.S. officials acknowledge that the country remains underprepared. Multiple recent hearings andreports from the Department of Homeland Security and the House Homeland Security Committee haveflagged digital identity as a growing national security vulnerability—driven by threats from China, transnational cybercrime groups, and the rise of synthetic identities.
The committee has urged urgent reforms, including mandatory quarterly “identity hygiene” audits for organizations managing critical infrastructure, modernized authentication protocols, and stronger public-private intelligence sharing.
Meanwhile, the Defense Intelligence Agency’s 2025 Global Threat Assessmentwarns:
“Advanced technology is also enabling foreign intelligence services to target our personnel and activities in new ways. The rapid pace of innovation will only accelerate in the coming years, continually generating means for our adversaries to threaten U.S. interests.”
An intelligence official not authorized to speak publicly told The Cipher Brief that identity manipulation will increasingly serve as a primary attack vector to exploit political divisions, hijack supply chains, or infiltrate democratic processes.
Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.
Private Sector on the Frontline
For now, much of the responsibility falls on private companies—especially those in banking, healthcare, and energy. According to Constella, nearly one in three breaches last year targeted sectors classified as critical infrastructure.
“It's never easy to replace a core technology, particularly in critical infrastructure sectors. That’s why these systems often stay in place for many years if not decades,” said Chronister.
Experts warn that reacting to threats after they’ve occurred is no longer sufficient. Companies must adopt proactive defenses, including constant identity verification, behavioral analytics, and zero-trust models that treat every user as untrusted by default.
However, technical upgrades aren’t enough. Sexton argues the United States needs a national digital identity framework that moves beyond outdated systems like Social Security numbers and weak passwords.
“The adherence to best-in-class identity management solutions is critical. In practice for the private sector, this means relying on trusted third parties like Google, Meta, Apple, and others for identity verification,” he explained. “For the U.S. government, these are systems like REAL ID, ID.me, and Login.gov. We must also be mindful that heavy reliance on these identity hubs creates concentration risk, making their security a critical national security chokepoint.”
Building a National Identity Defense
Some progress is underway. The federal Login.gov platform isexpanding its fraud prevention capabilities, with plans to incorporate Mobile Driver’s Licenses and biometric logins by early 2026. But implementation remains limited in scale, and many agencies still rely on outdated systems that don’t support basic protections like multi-factor authentication.
“I would like to see the US government further develop and scale solutions like Login.gov and ID.me and then interoperate with credit agencies and law enforcement to respond to identity theft in real time,” Sexton said. “While securing those systems will always be a moving target, users’ data is ultimately safer in the hands of a well-resourced public entity than in those of private firms already struggling to defend their infrastructure.”
John Dwyer, Deputy CTO of Binary Defense and former Head of Research at IBM X-Force, agreed that a unified national system is needed.
“The United States needs a national digital identity framework—but one built with a balance of security, privacy, and interoperability,” Dwyer told The Cipher Brief. “As threat actors increasingly target digital identities to compromise critical infrastructure, the stakes for getting identity right have never been higher.”
He emphasized that any framework must be built on multi-factor authentication, phishing resistance, cryptographic proofs, and decentralized systems—not centralized databases.
“Public-private collaboration is crucial: government agencies can serve as trusted identity verification sources (e.g., DMV, passport authorities), while the private sector can drive innovation in delivery and authentication,” Dwyer added. “A governance board with cross-sector representation should oversee policy and trust models.”
Digital identities are no longer just a privacy concern—they’re weapons, vulnerabilities, and battlegrounds in 21st-century conflict. As foreign adversaries grow more sophisticated and U.S. defenses lag behind, the question is no longer if, but how fast America can respond.
The question now is whether the United States can shift fast enough to keep up.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.
The Dutch government’s decision on 30 September to impose a last-resort restraint order on China-owned Netherlands-based chipmaker Nexperia is more than a trade dispute. It’s the consequence of a belated realization that technology competition with China is real. Economic security in open and liberal democracies, including Australia, demands foresight, not last-minute intervention.
EXPERT PERSPECTIVE -- In the middle of the night, with no witnesses, a single ship flagged out of Hong Kong drags its anchor across the Baltic Sea. In silence, it severs a vital gas pipeline and the digital cables that link northern capitals. By morning, millions lose connectivity, financial transactions stall, and energy grids flicker on the edge.
The culprit vanishes behind flags of convenience, leaving blame circulating in diplomatic circles while Moscow and others look on, exploiting maritime ambiguity and the vulnerabilities of Europe's lifelines.
Meanwhile, in Warsaw and Vilnius, shoppers flee as flames engulf two of the largest city malls. Investigators soon discover the arsonists are teenagers recruited online, guided by encrypted messages, and paid by actors connected to hostile state agencies. The chaos sows fear, erodes social trust, and sends shockwaves through European communities—proxy sabotage that destabilizes societies while providing plausible deniability to those orchestrating the acts.
Thousands of kilometers away, Chinese dredgers and coast guard vessels silently transform disputed reefs into fortified islands in the South China Sea. With no declaration of war and no pitched battles, new airstrips and bases appear, steadily shifting maritime boundaries and economic interests. Each construction project redraws the strategic realities of an entire region, forcing neighbors and distant powers alike to reckon with incremental, shadowy coercion and efforts to change the status quo.
In early 2024, Chinese state-sponsored hackers, known as "Volt Typhoon," penetrated U.S data repositories and embedded themselves deep within the control systems of U.S. critical infrastructure, including communication networks, energy grids, and water treatment facilities.
Then-FBI Director Christopher Wray described it as a pre-positioning of capabilities by China that can be turned on whenever Beijing wanted - wreaking havoc and causing real-world harm to American citizens and communities. China has denied any connection to these attacks on U.S. sovereignty.
And just weeks ago, around 20 Russian drones violated Poland’s airspace. Russia’s denials were predictable and since then, Russian drones and jets have violated airspace in Romania, Estonia, and over the Baltic Sea.
Were these threats, tests of capability and resolve, provocations, or demonstrations—or maybe all of the above? Just as NATO will develop a set of lessons-learned for future incursions, it’s also likely that Russia learned from these episodes and will recalibrate future incursions.
Threaded almost invisibly through all of these gray zone activities, and countless others like them, is cognitive warfare—a persistent tool of our adversaries. It is an assault on cognition. The information and decision spaces are flooded with weaponized narratives, AI-powered disinformation, synthetic realities, and the coercive use of redlines and intimidation.
The goal is clear—deceive, change how we see the world, fracture societies, destroy faith in institutions and partnerships, erode trust, challenge and replace knowledge and belief, coerce and intimidate; and perhaps most importantly; undermine decision autonomy. It is here, in the crowded intersection of AI; cyber; traditional tools such as narratives and storytelling; and cognition; that today’s most urgent battles are fought.
These are all operations in the gray zone. We all use somewhat different terms for this, but let me share the definition of the gray zone that I think works well.
The gray zone is the geopolitical space between peace and war where adversaries work to advance their own national interests while attacking and undermining the interests of their adversaries and setting the conditions for a future war without triggering a military response.
We might refer to attacks in the gray zone as gray warfare. It is the domain of ambiguity, deniability, and incremental aggression calculated to limit deterrence and discourage persuasive response.
The 2026 Cipher Brief HONORS Awards are open for nominations. Find out more at www.cipherbriefhonors.com
Today, it is the space where global competition, particularly great power competition, is playing out.
Why are we seeing more gray zone activity today?
First, great power competition is intensifying. This includes great powers, middle powers, and impacts almost every other nation. Almost every nation has a role to play, even if involuntary: competitor, ally and supporter, enabler, spoiler, surrogate, or innocent bystander and victim. Like the African proverb says, “When elephants fight, it is the grass that suffers.”
But great powers will go to great lengths to avoid 21st Century superpower conflict, primarily because of the fear of unintended losses and damage to national power that could take decades to recover. The catastrophic damage to nations and militaries from WWII are distant—but still vivid—reminders of the impact of a war of great powers.
Today, just look at the unprecedented loss of national power by Russia in indirect superpower conflict. Superpower conflict has consequences. Given these strategic considerations, the gray zone and gray warfare provide an effective strategic alternative to conventional war. Our adversaries have calculated that there are more gains than risks in the gray zone, and that any risks they do face are acceptable.
Second, technology levels the playing field, creating new opportunities for gray zone attacks. Cyberattacks, even those that are disrupted, lead to more effective cyber capabilities by our adversaries. AI-driven cognitive warfare now delivers persuasive content with unprecedented global access and immediacy. Small kinetic drones can be wielded by state and non-state actors to pose both kinetic and cognitive threats. Technology also enables adversaries to conceal their operations and increase non-attribution. Even simple technologies have the potential to generate strategic effects in the gray zone.
Third, surrogates and proxies offer expanded reach, ambiguity, and impact
Little Green Men, hired criminals, ghost ships, unknown assassins and saboteurs, and shadowy companies that help evade sanctions blur attribution, providing bad actors with a veneer of deniability while increasing their reach, impact, and lethality. On a broader scale, Houthi attacks on global shipping and North Korean soldiers fighting Ukraine elevate the effects of this ambiguous warfare to a higher level. This trend is likely to intensify in the future.
Fourth, it is important to address the direct impacts of Russia’s war on Ukraine on an increase in gray zone attacks. Russia’s significant loss of national power and limited battlefield gains have created pressure on the Kremlin to reassert relevance, project power, and potentially punish antagonists. This dynamic almost certainly means a continued escalation of gray zone activities targeting Europe and aimed at destabilizing the continent. Many experts believe the Baltics and the Balkans may be particularly vulnerable.
That Russian gray bullseye is crowded—the U.S. is also a traditional target, and more Russia activity to undermine and weaken the U.S. is coming, despite Putin’s offers of renewed diplomatic and economic cooperation.
Finally, there are more gray zone attacks because real deterrence and persuasive responses to gray attacks are challenging, and our adversaries know it. In other words, gray zone attacks in most cases are relatively low cost, often effective, provide a level of deniability, and frustrate efforts at deterrence and response.
Our adversaries have calculated that they can hide behind ambiguity and deniability to violate sovereignty, ignore national laws and international norms, and engage in activities such as political coercion, sabotage, and even assassinations without triggering an armed response.
This “no limits” approach exploits the openness, legal norms, and ethical standards of democratic societies, making coordinated, timely, and effective response more difficult.
So, what can we do?
The most important outcome of our actions is to change the risk calculation of our adversaries. Gray zone attacks that go unanswered reward our adversaries and reinforce the idea that there are more gains than risk in the gray zone and encourage more attacks. Further, our adversaries calculate, often accurately, that our reasonable concerns for avoiding escalation will lead to indecision, weak responses, or the acceptance of false choices.
We need improved and shared gray zone intelligence to see through the fog of disinformation, synthetic realities, false risks and threats, and an overload of information by our adversaries to understand what is taking place in the gray zone.This not only strengthens our operations to counter gray zone attacks but it helps our citizens, communities, and countries to understand, recognize, reject, and remain resilient in the face of gray zone attacks.
We have to employ “strategic daylighting” to expose and put into context the gray zone activity by our adversaries—stripping away deniability and laying bare nefarious and illegal actions—knowing that our adversaries will go to great lengths to conceal, defend, and attack our efforts to expose their activities.
We have to speak frankly and convincingly to our adversaries and of course, we have to back up our words with persuasive action. Empty warnings and rhetoric will fall short. Changing the risk calculation of our adversaries means real consequences across a broad spectrum—public, diplomatic, economic, legal, informational, or even kinetic. It means a strategy on how to respond - not just a series of hasty responses. Real deterrence will result from planning and strategy; not decisions in the moment based on immediate circumstances.
Finally, we need to think of deterrence and response as a team sport - an “Article 5 mindset.” Our adversaries will seek to divide and isolate. Collective, unified action and resolve can form a powerful deterrent.
Of course, none of this is new. All of us need a solid understanding of the problems and the likely best solutions and implementation remains the greatest challenge.
We can go a long way with a good strategy, good partners, and resolve which seems like a reasonable place to start.
This Cipher Brief expert perspective by Dave Pitts is adapted from a speech he recently delivered in Sarajevo. Comments have been lightly edited for clarity. All statements of fact, opinion, or analysis expressed are my own and do not reflect the official positions or views of the US Government. Nothing in my remarks should be construed as asserting or implying US Government authentication of information or endorsement.
The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.
Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.
Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.
Read more expert-driven national security insights, perspective and analysis in The Cipher Brief
Login
