AI robot prompt injection is no longer just a screen-level problem. Researchers demonstrate that a robot can be steered off-task by text placed in the physical world, the kind of message a human might walk past without a second thought. The attack doesn’t rely on breaking into the robot’s software or spoofing sensors. It instead […]

The post Your robot could obey a sign, not you, thanks to AI robot prompt injection appeared first on Digital Trends.

Japan’s Maritime Self-Defense Force (JMSDF) confirmed on January 20, 2026, that it has taken delivery of a newly developed small unmanned underwater vehicle (UUV) designed for underwater defense missions. The announcement was made by the Ministry of Defense’s JMSDF public affairs office, which stated that the domestically developed UUV has now been formally inducted into […]

Ukraine has paused additional orders of HX-2 strike drones from German defense technology firm Helsing after the systems showed technical problems during frontline testing, according to Bloomberg. The decision follows field trials conducted by Ukraine’s 14th Regiment, a unit specializing in unmanned aerial systems, where the HX-2 experienced repeated difficulties during launch and operation. The […]

Poland has tested the KUNA configurable autonomous multi-role platform in winter terrain, confirming its ability to operate in snow, ice, and sub-zero conditions where standard wheeled vehicles lose mobility, according to information released by the Wojskowy Instytut Techniki Pancernej i Samochodowej (WITPiS). The winter evaluation focused on mobility, autonomy, and logistics support in conditions that […]

DARPA, the Pentagon’s research and technology arm, confirmed on January 14, 2026, that its Robotic Autonomy in Complex Environments with Resiliency (RACER) program has completed final operational tests and is ready for transition to U.S. military units and commercial users. The announcement follows a series of Army and Marine Corps demonstrations that showed RACER-equipped vehicles […]

India has reportedly acquired dozens of Belarus-made Berkut-BM one-way attack drones, according to defense industry sources. The Berkut-BM is a jet-powered kamikaze drone developed by the Indela company in Belarus and designed to strike time-sensitive battlefield targets before they can relocate. The system is powered by compact Chinese-made micro turbojet engines produced by Swiwin, giving the […]

Welcome back, aspiring cyberwarriors!

We are really glad to see you back for the second part of this series. In the first article, we explored some of the cheapest and most accessible ways to build your own hacking drone. We looked at practical deployment problems, discussed how difficult stable control can be, and even built small helper scripts to make your life easier. That was your first step into this subject where drones become independent cyber platforms instead of just flying gadgets. 

We came to the conclusion that the best way to manage our drone would be via 4G. Currently, in 2026, Russia is adapting a new strategy in which it is switching to 4G to control drones. An example of this is the family of Shahed drones. These drones are generally built as long-range, loitering attack platforms that use pre-programmed navigation systems, and initially they relied only on satellite guidance to reach their targets rather than on a constant 4G data link. However, in some reported variants, cellular connectivity was used to support telemetry and control-related functionality.

In recent years, Russia has been observed modifying these drones to carry different types of payloads and weapons, including missiles and MANPADS (Man-Portable Air-Defense System) mounted onto the airframe. The same principle applies here as with other drones. Once you are no longer restricted to a short-range Wi-Fi control link and move to longer-range communication options, your main limitation becomes power. In other words, the energy source ultimately defines how long the aircraft can stay in the air.

Today, we will go further. In this part, we are going to remove the smartphone from the back of the drone to reduce weight. The free space will instead be used for chipsets and antennas.

4G > UART > Drone

In the previous part, you may have asked yourself why an attacker would try to remotely connect to a drone through its obvious control interfaces, such as Wi-Fi. Why not simply connect directly to the flight controller and bypass the standard communication layers altogether? In the world of consumer-ready drones, you will quickly meet the same obstacle over and over again. These drones usually run closed proprietary control protocols. Before you can talk to them directly, you first need to reverse engineer how everything works, which is neither simple nor fast.

However, there is another world of open-source drone-control platforms. These include projects such as Betaflight, iNav, and Ardupilot. The simplest of these, Betaflight, supports direct control-motor command transmission over UART. If you have ever worked with microcontrollers, UART will feel familiar. The beauty here is that once a drone listens over UART, it can be controlled by almost any small Linux single-board computer. All you need to do is connect a 4G module and configure a VPN, and suddenly you have a controllable airborne hacking robot that is reachable from anywhere with mobile coverage. Working with open systems really is a pleasure because nothing is truly hidden.

So, what does the hacker need? The first requirement is a tiny and lightweight single-board computer, paired with a compact 4G modem. A very convenient combination is the NanoPi Neo Air together with the Sim7600G module. Both are extremely small and almost the same size, which makes mounting easier.

The NanoPi communicates with the 4G modem over UART. It actually has three UART interfaces. One UART can be used exclusively for Internet connectivity, and another one can be used for controlling the drone flight controller. The pin layout looks complicated at first, but once you understand which UART maps to which pins, the wiring becomes straightforward.

After some careful soldering, the finished 4G control module will look like this:

Even very simple flight controllers usually support at least two UART ports. One of these is normally already connected to the drone’s traditional radio receiver, while the second one remains available. This second UART can be connected to the NanoPi. The wiring process is exactly the same as adding a normal RC receiver.

The advantage of this approach is flexibility. You can seamlessly switch between control modes through software settings rather than physically rewiring connectors. You attach the NanoPi and Sim7600G, connect the cable, configure the protocol, and the drone now supports 4G-based remote control.

Depending on your drone’s layout, the board can be mounted under the frame, inside the body, or even inside 3D-printed brackets. Once the hardware is complete, it is time to move into software. The NanoPi is convenient because, when powered, it exposes a USB-based console. You do not even need a monitor. Just run a terminal such as:

nanoPi >  minicom -D /dev/ttyACM0 -b 9600

Then disable services that you do not need:

nanoPi >  systemctl disable wpa_supplicant.service

nanoPi >  systemctl disable NetworkManager.service

Enable the correct UART interfaces with:

nanoPi >  armbian-config

From the System menu you go to Hardware and enable UART1 and UART2, then reboot.

Next, install your toolkit:

nanoPi >  apt install minicom openvpn python3-pip cvlc

Minicom is useful for quickly checking UART traffic. For example, check modem communication like this:

minicom -D /dev/ttyS1 -b 115200
AT

If all is well, then you need to config files for the modem. The first one goes to /etc/ppp/peers/telecom. Replace “telecom” with the name of the cellular provider you are going to use to establish 4G connection.

And the second one goes to /etc/chatscripts/gprs

To activate 4G connectivity, you can run:

nanoPi >  pon telecom

Once you confirm connectivity using ping, you should enable automatic startup using the interfaces file. Open /etc/network/interfaces and add these lines:

auto telecom
iface telecom inet ppp
provider telecom

Now comes the logical connectivity layer. To ensure you can always reach the drone securely, connect it to a central VPN server:

nanoPi > cp your_vds.ovpn /etc/openvpn/client/vds.conf

nanoPi > systemctl enable openvpn-client@vds

This allows your drone to “phone home” every time it powers on.

Next, you must control the drone motors. Flight controllers speak many logical control languages, but with UART the easiest option is the MSP protocol. We install a Python library for working with it:

NanoPi > cd /opt/; git clone https://github.com/alduxvm/pyMultiWii

NanoPi > pip3 install pyserial

The protocol is quite simple, and the library itself only requires knowing the port number. The NanoPi is connected to the drone’s flight controller via UART2, which corresponds to the ttyS2 port. Once you have the port, you can start sending values for the main channels: roll, propeller RPM/throttle, and so on, as well as auxiliary channels:

Find the script on our GitHub and place the it in ~/src/ named as control.py

The NanoPi uses UART2 for drone communication, which maps to ttyS2. You send MSP commands containing throttle, pitch, roll, yaw, and auxiliary values. An important detail is that the flight controller expects constant updates. Even if the drone is idle on the ground, neutral values must continue to be transmitted. If this stops, the controller assumes communication loss. The flight controller must also be told that MSP data is coming through UART2. In Betaflight Configurator you assign UART2 to MSP mode.

We are switching the active UART for the receiver (the NanoPi is connected to UART2 on the flight controller, while the stock receiver is connected to UART1). Next we go to Connection and select MSP as the control protocol.

If configured properly, you now have a drone that you can control over unlimited distance as long as mobile coverage exists and your battery holds out. For video streaming, connect a DVP camera to the NanoPi and stream using VLC like this:

cvlc v4l2:///dev/video0:chroma=h264:width=800:height= \
--sout '#transcode{vcodec=h264,acodec=mp3,samplerate=44100}:std{access=http,mux=ffmpeg{mux=flv},dst=0.0.0.0:8080}' -vvv

The live feed becomes available at:

http://drone:8080/

Here “drone” is the VPN IP address of the NanoPi.

To make piloting practical, you still need a control interface. One method is to use a real transmitter such as EdgeTX acting as a HID device. Another approach is to create a small JavaScript web app that reads keyboard or touchscreen input and sends commands via WebSockets. If you prefer Ardupilot, there are even ready-made control stacks.

By now, your drone is more than a toy. It is a remotely accessible cyber platform operating anywhere there is mobile coverage.

Protection Against Jammers

Previously we discussed how buildings and range limitations affect RF-based drone control. With mobile-controlled drones, cellular towers actually become allies instead of obstacles. However, drones can face anti-drone jammers. Most jammers block the 2.4 GHz band, because many consumer drones use this range. Higher end jammers also attack 800-900 MHz and 2.4 GHz used by RC systems like TBS, ELRS, and FRSKY. The most common method though is GPS jamming and spoofing. Spoofing lets an attacker broadcast fake satellite signals so the drone believes false coordinates. Since drone communication links are normally encrypted, GPS becomes the weak point. That means a cautious attacker may prefer to disable GPS completely. Luckily, on many open systems such as Betaflight drones or FPV cinewhoops, GPS is optional. Indoor drones usually do not use GPS anyway.

As for mobile-controlled drones, jamming becomes significantly more difficult. To cut the drone off completely, the defender must jam all relevant 4G, 3G, and 2G bands across multiple frequencies. If 4G is jammed, the modem falls back to 3G. If 3G goes down, it falls back to 2G. This layering makes mobile-controlled drones surprisingly resilient. Of course, extremely powerful directional RF weapons exist that wipe out all local radio communication when aimed precisely. But these tools are expensive and require high accuracy.

Summary

We transformed the drone into a fully independent device capable of long-range remote operation via mobile networks. The smartphone was replaced with a NanoPi Neo Air and a Sim7600G 4G modem, routed UART communication directly into the flight controller, and configured MSP-based command delivery. We also explored VPN connectivity, video streaming, and modern control interfaces ranging from RC transmitters to browser-based tools. Open-source flight controllers give us incredible flexibility.

In Part 3, we will build the attacking part and carry out our first wireless attack.

If you like the work we’re doing here and want to take your skills even further, we also offer a full SDR for Hackers Career Path. It’s a structured training program designed to guide you from the fundamentals of Software-Defined Radio all the way to advanced, real-world applications in cybersecurity and signals intelligence. 

French defense tech company Harmattan AI is now valued at $1.4 billion after raising a $200 million Series B round led by Dassault Aviation, which is best known for making the Rafale fighter jet.

The partnership will grow Wing's drone delivery service to more than 270 Walmart stores by 2027.

Colombia announced on January 10 that it is launching a COP 6.2 trillion (approximately $1.6 billion) National Anti-Drone Shield, a move taken directly in response to the recent U.S. military strike on Venezuela, the Colombian government said in an official statement. According to the Ministry of Defense, the program creates a nationwide detection and interdiction […]

The United States Commerce Department has withdrawn a proposed rule that would have imposed new restrictions on Chinese-made drones, according to a government notice posted Friday. The reversal ends a months-long review process and comes ahead of President Donald Trump’s planned visit to Beijing this April. According to documents published on the federal website, Commerce […]

Ukraine’s Defense Forces have received a Latvian-made FOG unmanned surface vessel after the system was purchased and sent to Ukraine by the Latvian charity foundation Ziedot.lv. According to reporting by Militarnyi, the foundation funded the acquisition through donations from Latvian citizens and private companies. As noted by Ziedot.lv, the FOG platform was fully designed and […]

Russia has revealed a new set of battlefield tactics for its tank units, describing coordinated maneuvers that pair armored vehicles with unmanned aerial systems in ongoing combat operations, according to statements released by the Russian Ministry of Defense and the state corporation Rostec. The Ministry said frontline units now employ a two-tank method in which […]

The Defense Advanced Research Projects Agency (DARPA), the Pentagon’s research and technology arm, released a new program solicitation on January 6, 2026, for the Frosty effort to develop technology that enables new radar-based sensing modes in the Arctic environment. The notice invites industry to submit proposals by January 30, 2026, for solutions that improve detection […]

The United States Navy has issued a new Sources Sought Notice seeking industry input for low-cost Small Unmanned Aircraft Systems intended for the United States Marine Corps, publishing the request on January 6, 2026, through Naval Air Systems Command (NAVAIR). The announcement invites companies to submit detailed information on commercially available sUAS platforms with First […]

Welcome back, aspiring cyberwarriors!

I want you to imagine a scene for a moment. You are sitting at your keyboard on one of the upper floors of a secure building in the middle of a restricted area. There is a tall fence topped with electrified barbed wire. Cameras cover every angle. Security guards patrol with confidence. You feel untouchable. Then you hear it. It’s a faint buzzing sound outside the window. You glance over for just a moment, wondering what it is. That tiny distraction is enough. In those few seconds, a small device silently installs a backdoor on your workstation. Somewhere 20 kilometers away, a hacker now has a path into the corporate network. 

That may sound like something out of a movie, but it is not science fiction. In this series, we are going to walk through the process of building a drone that can perform wireless attacks such as EAP attacks, MouseJack, Kismet reconnaissance, and similar operations. A drone is an incredibly powerful tool in the hands of a malicious actor because it can carry roughly a third of its own weight as payload. But “hacking through the air” is not easy. A proper hacker drone must be autonomous, controllable over a secure channel at long distances, and resilient to jamming or suppression systems. Today we will talk through how such drones are designed and how they can be built from readily available components.

Most wireless attacks require the attacker to be physically near the target. The problem is that you can’t reach every building, every fenced facility, and every rooftop. A drone changes the entire equation. It can fly under windows, slip through partially open spaces, or even be transported inside a parcel. As a boxed payload moves through residential or office buildings, it can quietly perform wireless attacks without anyone ever suspecting what is inside. And yes, drones are used this way in the real world, including military and intelligence operations. On June 1, 2025, over 100 FPV drones that were smuggled into Russia, were concealed in modified wooden cabins on trucks, and remotely launched from positions near multiple Russian airbases. These drones conducted precision strikes on parked aircraft at bases including Belaya, Dyagilevo, Ivanovo Severny, Olenya, and Ukrainka, reportedly damaging or destroying more than 40 strategic bombers and other high-value assets.

The FPV drones were equipped with mobile modems using Russian SIM cards to connect to local 3G/4G cellular networks inside Russia. This setup enabled remote operators in Ukraine to receive real-time high-resolution video feeds and telemetry, as well as maintain manual control over the drones via software like ArduPilot Mission Planner. The cellular connection allowed precise piloting from thousands of kilometers away, bypassing traditional radio frequency limitations and Russian electronic warfare jamming in some cases. In Part 2 we will show you how this type of connection can be established.

Drones are everywhere. They are affordable. They are also flexible. But what can they really do for a hacker? The key strength of a drone is that it can carry almost anything lightweight. This instantly increases the operational range of wireless attacks, allowing equipment to quickly and silently reach places a human cannot. A drone can scale fences, reach high-rise windows, hover near targets, and potentially enter buildings. All while remaining difficult to trace. That is an enormous advantage.

Let’s start learning how the platform works.

Implementation

Most drones are radio-controlled, but the exact communication method varies. One channel is used to receive operator commands (RX) and another to transmit video and telemetry back to the operator (TX). Different drones use different communication combinations, such as dedicated radio systems like FRSKY, ELRS, or TBS for control, and either analog or digital channels for video. Some consumer drones use Wi-Fi for telemetry or even control both ways.

For a hacker, the drone is first and foremost a transport platform. It must be reliable and durable. When you are performing attacks near buildings, lamp posts, tight corridors, or window frames, high speed becomes far less important than protecting the propellers. This is why Cinewhoop-style drones with protective frames are such a strong choice. If the drone brushes a wall, the frame absorbs the impact and keeps it flying. You can find the 3D models of it here

The drone also needs enough lifting power to carry your hacking gear. Ideally at least one-third of its own weight. That allows you to attach devices such as Wi-Fi attack platforms, SDR tools, or compact computers without stressing the motors. Because distance matters, Wi-Fi-controlled drones are usually not ideal. Wi-Fi range is typically around 50–100 meters before responsiveness begins to degrade. Professional long-range drones that use dedicated control radios like FRSKY, ELRS, or TBS are a better fit. Under good conditions, these systems can maintain control several kilometers away. Since attackers typically operate near structures, precise control is critical. FPV drones are especially useful here. They allow the pilot to “see” through the drone’s camera in real time, which is essential when maneuvering near buildings or through tight openings. Open-source flight controller platforms such as Betaflight are really attractive. They are flexible, modifiable, and easy to service. If the frame is damaged in a crash, most of the core components can be reused.

In truth, the specific drone model is less important than the pilot’s skill. Good piloting matters. Before we look at attacks, we need to understand how control can be improved and how it can be extended beyond visual range.

Control via 4G

Flying a drone among urban buildings introduces challenges like concrete and steel obstruct radio signals, limiting line-of-sight range. Even if your drone has a long-range radio system, once it disappears behind a building, control becomes unreliable. But what if you could control the drone over mobile networks instead? Modern 4G cellular networks now offer reliable data coverage even inside many urban structures. If we can use cellular data as a control channel, the drone’s reachable range becomes limited only by its battery life, not by line-of-sight. Today’s 4G networks can provide sufficient bandwidth for both control signals and video feeds. Although the latency and responsiveness are not as good as dedicated radio links, they are quite usable for piloting a drone in many scenarios. Considering that drones can reach speeds up to 200 km/h and have flight times measured in tens of minutes, an attacker theoretically could operate a drone more than 20 km away from the controller using 4G connectivity.

4G > Wi-Fi Gateway > Drone

The simplest way to use 4G connectivity is to bridge it to the drone’s Wi-Fi interface. Most consumer drones broadcast a Wi-Fi access point that a mobile phone connects to for control. Commands are sent over UDP packets, and video is streamed back as an RTSP feed. In this setup, the drone already acts like a networked device. If you attach a small computing device with a 4G modem, you could connect to it over a VPN from anywhere, and relay commands to the drone. But this approach has major drawbacks. The control protocol is often closed and proprietary, making it difficult to reverse-engineer and properly relay. Additionally, these protocols send frequent packets to maintain responsiveness, which would saturate your 4G channel and compete with video transmission.

4G > Video Gateway > Drone

A much cleaner alternative is to use a video gateway approach. Instead of trying to tunnel the drone’s native protocol over the cellular link, you attach a small smartphone to the drone and connect it to the drone’s Wi-Fi. The phone itself becomes a bridge. It controls the drone locally and receives video. From the remote operator’s perspective, you are simply remoting into the phone, much like remote controlling any computer. The phone’s screen shows the drone’s video feed, and the operator interacts with the virtual sticks via remote desktop software. The phone app already handles control packet encoding, so there’s no need to reverse-engineer proprietary protocols.

This clever hack solves multiple problems at once. The phone maintains a strong local Wi-Fi link to the drone, which is hard to jam at such short range. The operator sees a video feed that survives 4G network variations better than high-bandwidth native streams. And because the app handles stick input, the operator doesn’t need to worry about throttle, roll, pitch, or yaw encoding.

You can connect to the phone over 4G from any device using remote-access software like AnyDesk. With simple GUI automation tools, you can bind keyboard keys to virtual controller actions on the phone screen.

Here is the Bash script that will help with it. You can find the link to it here

This Bash script allows you to control virtual joysticks once you connect via AnyDesk to the phone. You will use the keyboard to simulate mouse actions. When launched, the script identifies the emulator window (using xwininfo, which requires you to click on the window once), calculates the centers of the left and right virtual sticks based on fixed offsets from the window’s corner, and then enters a loop waiting for single key presses.

For each key (A/B for throttle, W/S/A/D for pitch and roll, Q/E for yaw), the script uses xdotool to move the cursor to the virtual stick, simulate a short swipe in the desired direction, and release. This effectively mimics a touchscreen joystick movement. The script runs on Linux with X11 (Xorg), requires xdotool and x11-utils, and gives a simple keyboard-based alternative for drone control when a physical gamepad isn’t available. Although Kali Linux is not suitable here, many other distros such as Debian Stable, antiX, Devuan, Linux Mint, openSUSE, Zorin OS, or Peppermint OS work well. So while Kali is often the go-to for security work, there’s still a list of usable operating systems.

Telemetry data is also available to the remote operator.

In the system we describe, another script monitors screen regions where telemetry values are displayed, uses OCR (optical character recognition) to extract numbers, and can then process them.

Here is another bash script that will help us with this. It will repeatedly screenshot a selected drone ground control window, crop out the battery and altitude display areas, use OCR to extract the numeric values, print them to the terminal, and speak a “low battery” warning if the percentage drops below 10%..

Find it on our GitHub here

With control and telemetry automated, full 4G-based drone operation becomes extremely flexible. This method is easy to implement and immediately gives you both control and status feedback. However, it does introduce an extra link, which is the Wi-Fi phone. The phone’s Wi-Fi signal may interfere with the drone’s normal operation, and the drone must carry some extra weight (about 50 grams) for this setup. In Part 2, we will go further. We will move from 4G > Wi-Fi > Drone to 4G > UART > Drone, using a custom VPN and SIM. That means the phone disappears completely, and commands are sent directly to the flight controller and motor control hardware. This will give us more flexibility.

That brings us to the end of Part 1.

Summary

Drones are rapidly transforming from hobby toys into serious tools across warfare, policing, intelligence, and hacking. A drone can slip past fences, scale buildings, hover near windows, and quietly deliver wireless attack platforms into places humans cannot reach. It opens doors to an enormous spectrum of radio-based attacks, from Wi-Fi exploitation to Bluetooth hijacking and beyond. For attackers, it means unprecedented reach. 

See you in Part 2 where we begin preparing the drone for real-world offensive operations

The post Drone Hacking: Build Your Own Hacking Drone, Part 1 first appeared on Hackers Arise.

OPINION — One of the things I loved about LEGO as a child was the ability to mix and match an endless amount of parts to create unique builds. Children (and some adults) gather around a bin of parts to create something new. Imagine being asked: “Build 10 houses in 30 minutes.” Everyone would come up with unique designs using various parts. Now, imagine a constraint: “You may only use red, 2x4, 2x2, and 1x2 bricks, white windows and doors, and it all has to fit on a green 32x32 baseplate.” Quickly, the limited supply causes a frantic scramble.

This scenario mirrors the recent call by the Department of War to field 300,000 drones over two years. The conflict in Ukraine exposed the U.S.'s lack of preparedness to equip forces with Purpose Built Attritable Systems (PBAS) at the scale of its peer competitors. Further, manufacturers are restricted by the requirement for critical components to be NDAA / BlueUAS compliant and, as of December 22nd, even more restrictions which demand non-critical components be U.S.-manufactured. The defense industrial base is struggling to meet unprecedented demand.

While numerous startups and giants have stepped up, the U.S. supply chain cannot sustain the required pace. Existing suppliers’ manufacturing capabilities are quickly surpassed as companies scramble to design, build, and market the requested systems.

sUAS are fundamentally basic, consisting of a flight controller (FC), electronic speed controller (ESC), motors, propellers, camera, radio/video transmitters, receivers, and a frame. The main problem is the availability of parts and, more critically, sub-components needed to make them. Manufacturers are all reaching into the same scarce “bin,” forcing suppliers to seek materials with increased vigor.

Motors, for instance, require neodymium and copper. The majority of motor production occurs outside of the U.S., where technology is mature, labor costs are lower, and the supply chain exists. However, the sUAS industry accounts for less than 8% of neodymium consumption in the U.S. Returning to the LEGO analogy, if a child asks for more 1x1 red bricks to make houses, LEGO, which (in this scenario) makes over 90% of its money on other parts, has little incentive to retool for large-scale 1x1 brick production.

Similarly, most FC and ESC boards are produced in Taiwan. While this was permissible under the original NDAA and BlueUAS frameworks, the new requirement for U.S. production necessitates standing up domestic manufacturing, likely to ensure production continues in the event that trade with Taiwan is disrupted. However, standing up U.S. companies, sourcing materials, hiring labor, and developing technology all create significant costs that are passed to the consumer. Since PBAS systems must remain attritable (affordable enough to be lost in combat), a higher cost per unit will force warfighters to be more judicious.

What national security news are you missing today? Get full access to your own national security daily brief by upgrading to Subscriber+Member status.

Given the intense demand and additional domestic constraints, how can the U.S. remain competitive? There are a few ways.

Incentivize existing global manufacturers to stand up U.S.-based manufacturing. Companies with existing technology, design, manufacturing, and supply chains should be incentivized to establish domestic production of like products.

Encourage raw material companies to invest upstream. Critical material mining companies (e.g., for lithium and neodymium) currently lack incentive to ensure stable, consistent supply to manufacturers. Encouraging investment upstream offers supply chain guarantees for domestic manufacturing and additional revenue for investors.

Establish a “strategic reserve” of raw materials. The U.S. maintains strategic oil and gas reserves. For future conflicts, a strategic reserve of critical sUAS materials is vital given the global stranglehold countries like China have on the market to enable rapid manufacturing scale-up even if trade is disrupted.

Increase throughput of BlueUAS and NDAA compliant components from outside the U.S. Maintaining U.S. connectivity to the global sUAS marketplace is important. While the restrictions are righteous, isolating U.S. production strains the raw material supply chain, causes allies to follow suit, and increases the overall cost per unit, reducing attritability. The U.S. should use the BlueUAS framework, with increased throughput, to identify compliant vendors across a wide section of allies and trade partners.

Expedite current NDAA compliant components manufactured overseas through BlueUAS processes. As manufacturing shifts to the U.S., the U.S. could provide ‘provisional’ BlueUAS certifications with limited durations to cover companies during the transition.

Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.

Without a temporary easement or an adequate transitional period, the U.S. drone market is likely to shift abruptly. Many companies cannot afford to stand up U.S. production, or the cost of compliance would render their price points untenable. This situation would likely result in defense giants acquiring the IP/technology from smaller companies at a steep discount, leveraging their supply networks, lobbying, and significant capital advantage to continue development and manufacturing under their umbrella, returning the U.S. defense ecosystem to its former exclusive state, prior to the recent tranche of reforms.

The U.S. is at a critical inflection point in its quest for American Drone Dominance. The foundation it establishes will define its final strength and resilience. Care must be taken to avoid supply chain degradation, continue providing affordable solutions for the warfighter, and remain flexible and responsive in future crises. Incentivizing domestic production without isolation will ensure the U.S. has all the pieces it needs to build successfully, brick by brick.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Who's reading this? 500K+ dedicated national security professionals. Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because national security is everyone’s business.

New federal restrictions on foreign-made drones, announced this week, promise to boost Washington state as a hub for domestic drone manufacturing — adding thousands or even tens of thousands of jobs in the process.

That’s the prediction from Blake Resnick, CEO of Seattle-based Brinc Drones, who says the region’s concentration of aerospace talent makes it uniquely positioned to benefit from the shift. He cites the presence of companies including Boeing, Blue Origin, Amazon (with its Prime Air unit) and SpaceX, along with an existing base of aerospace suppliers and technicians. 

“I don’t even think you have to look outside of Washington to find all the talent that’s needed to build an incredible, globally competitive drone company,” Resnick said in an interview.

The FCC this week added foreign-made drones to its list of equipment deemed national security threats. That blocks new foreign-made drone models from obtaining FCC equipment authorization — effectively preventing the import, marketing, and sale of new models.

The move primarily impacts Chinese giant DJI, which controls roughly 70% of the global drone market.

It has drawn sharp criticism from drone hobbyists, who worry it will drive up prices and limit access to affordable, high-quality options. The Academy of Model Aeronautics warned that the move will “have huge implications for both the hobbyist and commercial airspace industries moving forward.”

There is a carve-out: existing models that have received prior FCC approval can still be sold, which means that the impact will unfold over an extended period of time. But as current inventory depletes and DJI’s product line ages, U.S. manufacturers will need to scale up. 

Resnick said he foresees a need for hundreds of thousands and potentially even millions of square feet of new manufacturing space across the U.S. drone industry.

Washington’s aerospace industry employs more than 77,000 workers directly and generates more than $71 billion in total economic activity, according to a July 2024 analysis by the Seattle Metropolitan Chamber of Commerce. That gives the region a major edge in drone production.

Resnick knows this first-hand. He relocated Brinc from Las Vegas to Seattle in 2021, drawn by the region’s engineering talent pool. The company, which employs about 140 people, develops drones and related technology for police, fire, and emergency response agencies. It closed a $75 million funding round and announced a strategic alliance with Motorola Solutions earlier this year.

Brinc has spent $660,000 on lobbying over the past three years, including advocacy for controls on Chinese-made drones, Forbes reported in a story on Resnick earlier this month. The company’s prominence in the trade war has made it a target: In 2024, China formally sanctioned Brinc and Resnick, freezing any assets in the country and barring Resnick from entry.

Speaking with GeekWire this week, Resnick said DJI’s dominance stems from billions in Chinese government subsidies, making fair competition nearly impossible. 

“Frankly, I think this just evens the playing field,” he said.

Brinc, which has manufacturing operations at its Seattle headquarters, has already shifted to a non-Chinese supply chain, sourcing components from Taiwan, Germany, the U.K., and Japan. Resnick said the new restrictions will require a further shift toward domestic suppliers: “Moving forward, we are going to have to do a lot more business with American companies.”

Resnick said this shift ensures the U.S. industrial base remains resilient even if international partners face constraints during a conflict. While the transition presents a hurdle, Resnick described it as an “organizational cost that we’re very happy to pay” in exchange for a market free of state-sponsored Chinese competition.

He acknowledged that there could be a price premium in the drone market overall as American suppliers scale up, a process he estimates will take two to three years.

When asked if he sees these events as an opening for Brinc to expand into other sectors, beyond public safety, Resnick didn’t entirely rule out the possibility. “The free world,” he said, “needs more drone manufacturing capacity in a whole bunch of different verticals.”

SPECIAL REPORT — In a turbulent year, one of the biggest national security stories came in the form of a document.

The administration’s National Security Strategy (NSS), released earlier this month, upends longstanding U.S. policy toward allies and adversaries alike. It ranks drug trafficking and illegal immigration as top threats to U.S. security, places a heavy emphasis on the Western Hemisphere, criticizes Europe and downplays security challenges from China and Russia.

Eight years ago, Trump's first NSS said that “China and Russia challenge American power, influence, and interests, attempting to erode American security and prosperity.” The new NSS doesn’t name Russia as a threat to the U.S. – stating instead that “strategic stability with Russia” is a goal of American policy. Europe is presented as a bigger challenge; the U.S. should “help Europe correct its current trajectory,” which the NSS says has been damaged by immigration and a risk of “civilizational erasure.”

As for China, the document focuses on economic competition – trade, infrastructure, and technology. References to Taiwan and the South China Sea come later, and they include warnings that other Asian nations must carry a greater burden; “the American military cannot, and should not have to, do this alone.”

“The north star of great-power competition with China and Russia—around which the first Trump administration built bipartisan consensus—is gone,” Rebecca Lissner, Senior Fellow for U.S. foreign policy at the Council on Foreign Relations, wrote of the new NSS. The objective now, she said, is a “mutually advantageous economic relationship with Beijing.”

Not surprisingly, European leaders were furious about the pivot to a more Russia-friendly posture, and what the European Council President called “political interference” in the affairs of Europe.

Glenn Corn, a former CIA Senior Executive, called the document’s treatment of Europe a “shock.”

“Europeans are not the enemy,” Corn told The Cipher Brief. “And I doubt the Russians will stand side by side with us on the battlefield and support us the way that our European partners have done.”

The new NSS won praise from at least one global capital. Kremlin spokesman Dmitry Peskov said its emphasis on restoring strategic stability with Moscow “correspond in many ways” to Russia’s own vision.

Infographic with a map of the Americas showing the areas where the United States has carried out attacks against alleged drug trafficking boats in the Caribbean Sea and the Pacific Ocean since September 2, 2025, as well as the number of people killed in these attacks, as of December 16 (Graphic by AFP via Getty Images)

Missiles on the Water

While the focus on narcotrafficking was clear from the early days of Trump’s second term, the heavy U.S. military deployments and air strikes in the Caribbean took experts by surprise. The aerial campaign began with a September missile attack on a small boat that killed 11 people; a second strike that day took the lives of two survivors who were clinging to the upturned vessel. The follow-on strike sparked criticism in Congress – including from Republicans – and charges that it might have violated maritime laws.

As of mid-December, at least 25 strikes had followed, including some in the Pacific, resulting in the deaths of more than 90 people alleged to have been smuggling drugs on the water. The Trump administration justified the attacks as necessary to stem a flow of fentanyl – which Trump labeled “a weapon of mass destruction” that has killed tens of thousands of Americans. Legal experts questioned whether passengers in these boats — even if they were found to have been carrying narcotics — could be considered enemy combatants. Others noted that fentanyl and its precursors are sourced primarily from China and Mexico — not Venezuela.

A separate question loomed, as the year wound down: were the strikes a prelude to military action against Venezuela, and its president, Nicolas Maduro?

Beyond the U.S. military buildup, there were several signs in December that a move against Venezuela may be in the offing: reports that the U.S. was exploring “day-after” scenarios in the event of Maduro’s ouster; the seizure of a Venezuelan tanker that was said to be transporting sanctioned oil to Iran; and President Trump’s December 16 announcement of a naval blockade of sanctioned oil tankers from Venezuela.

“Maduro has become the epicenter for a range of activities the U.S. is determined to roll back,” Ambassador Patrick Duddy, Former U.S. Ambassador to Venezuela, told The Cipher Brief. “Seizure of the oil tanker signals that the U.S. has decided to take more active measures to achieve its goals.

Infographic with a map showing the location of strikes carried by Israel against Iran since June 13, 2025, according to data reported by the ISW (Graphic by AFP) (Graphic by VALENTINA BRESCHI,SYLVIE HUSSON,OLIVIA BUGAULT/AFP via Getty Images)

The U.S. and Israel Attack Iran

It would have been unthinkable only two years ago: a U.S.-Israeli war against Iran that provoked almost no meaningful response.

The attacks came in June – Israeli strikes on Iran’s nuclear sites and military infrastructure that were followed by American airstrikes on three nuclear installations. Iran fired missiles at a U.S. base in Qatar but its overall retaliation was minimal, a consequence of earlier Israeli campaigns that weakened Iranian air defenses and its various militias in the Middle East. The 12-day war damaged elements of Iran’s nuclear program and laid bare a tectonic shift in the region: Iran and its “axis of resistance” had been badly weakened.

For decades, war-gaming scenarios had warned that any attack against Iran would carry risks of a conflagration, given the likelihood of a coordinated response from Iran, Hezbollah, Hamas and the Houthi militia in Yemen. Now the paradigm has shifted.

“The U.S. joined Israel in military operations and people thought that had been a red line in the past,” Norman Roule, a former National Intelligence Manager for Iran at ODNI, told The Cipher Brief. “For the nuclear negotiations and other talks going forward, Iran now has to deal with a new world where there is this precedent.”

As the year ended, Iran remained a shell of what it had been, and reports suggested its leaders were conflicted about the way forward. Would the country recognize its weaknesses and move towards a rapprochement with the West — a move that might bring sanctions relief and usher in a new security dynamic in the region? Or would hardliners carry the day, resorting to one of the last levers Iran has – its nuclear program?

“If you're in Iran, you have to make a strategic decision,” Roule said. “‘If we restart the program, will the United States and Israel attack?’ They've got to ask, ‘If we do this, will we survive?’”

U.S. President Donald Trump and Ukrainian President Volodymyr Zelensky meet in the Oval Office at the White House on February 28, 2025 in Washington, DC. (Photo by Andrew Harnik/Getty Images)

Zelensky’s Oval Office Blowup – and the Rollercoaster that Followed

For Ukraine’s President Volodymyr Zelensky, 2025 brought wild swings of fortune, on the battlefield and in the global halls of power.

An Oval Office meeting on February 28 marked the low point – the encounter during which President Trump and Vice President JD Vance berated Zelensky for what they saw as insufficient gratitude towards the U.S. and – in Trump’s words – a failure to understand that Ukraine “has no cards” in the war against Russia.

The meeting “was a horrible disappointment and almost a shock to the system,” former NATO Supreme Allied Commander General Philip Breedlove told us that day. “There was only one winner…and that is Vladimir Putin.”

But fortune’s wheel took turns in Zelensky’s favor. Trump’s subsequent meetings with Zelensky – at the Vatican in April and the June NATO summit – warmed the relationship; the NATO summit itself saw Trump pivot back toward the alliance and its support for Ukraine; and then – in a startling outburst – Trump in July turned his ire towards Russian President Vladimir Putin. “We get a lot of bull**** thrown at us by Putin,” Trump said.

Alas for Zelensky, at year’s end the pendulum looked to have swung back once more. Trump’s envoys were again pushing Russia-friendly peace proposals, which included the surrender of territory beyond what Russia has already occupied. In an interview with Politico, Trump said of Zelensky, “He’s gonna have to get on the ball and start accepting things…cause he’s losing.” It sounded like a gentler version of the treatment Zelensky had gotten on that February day in the Oval Office.

Photo by Wojtek Laski/Getty Images

A Tu-95 bomber aircraft takes off for a night patrol flies out of Engels-2 airbase on August 7, 2008 in Engels, Russia. (Photo by Wojtek Laski/Getty Images)

Operation “Spiderweb” – and What Came After

It was Ukraine’s greatest military success in 2025 – and it happened far from Ukrainian territory. An operation dubbed “Spiderweb” smuggled 117 drone weapons into Russia and unleashed them against several airfields on June 1, damaging or destroying dozens of Russian warplanes. The mission was months in the planning, the drones were smuggled on prefabricated cabins disguised as hunting lodges, and unsuspecting Russians were paid to drive the trucks that moved the cabins.

“Spiderweb” showcased Ukraine's special operations capabilities and was followed by more long-range sabotage. As The Cipher Brief reported, subsequent attacks targeted Russian refineries and other sites tied to the oil sector.

“It’s very impressive,” Balazs Jarabik, a former European Union diplomat and analyst for RPolitik, told The Cipher Brief. The energy-sector attacks, he said, were “making the Russian war effort more expensive, and creating shortages so the Russian people feel the pain of the war.”

By year’s end, Ukraine had carried out an estimated 160 strikes on Russia’s oil sector – the campaign reached as far as the Siberian city of Tyumen, some 1200 miles east of Moscow, and included strikes against vessels alleged to be working in Russia’s so-called "shadow fleet” of tankers carrying sanctioned oil.

“Ukraine’s theory of victory now includes destroying Russia’s energy sector,” Lt. Gen. Ben Hodges, a former commander of U.S. Army Forces in Europe, told The Cipher Brief. “They’ve developed capabilities that can reach great distances with precision, exposing Russia’s vulnerability – its inability to protect critical infrastructure across its vast landscape.”

Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

Palestinians flock to the Netzarim Corridor to receive limited food supplies as hunger deepens across Gaza amid ongoing Israeli attacks and blockade, on August 4, 2025. (Photo by Hassan Jedi/Anadolu via Getty Images)

A Peace Deal for Gaza

It was President Trump’s signature diplomatic achievement: a truce in Gaza reached just days before the two-year anniversary of Hamas’ October 7, 2023 massacre.

The deal’s first phase took hold, albeit in violent fits and starts – the return of hostages, the freeing of Palestinian prisoners in Israeli jails, and a fresh flow of international aid for Gaza. But that may have been the easy part. As the year drew to a close, there were sporadic breaks in the ceasefire, and the fate of the deal’s next phases remained unclear.

The Trump administration’s plan for Gaza included the deployment of an international stabilization force and creation of an international “Board of Peace” (led by Trump himself) to oversee the implementation of the next phases – the transition of governance to Palestinians not affiliated with Hamas, and the beginning of a multi-billion-dollar reconstruction. The deal also included language offering a conditional pathway to Palestinian autonomy over its territories.

But as of mid-December, the announcement of the Board had been delayed, and the New York Times reported that while the U.S. was pressing other nations to contribute troops to a 8,000-member force for Gaza, it had yet to win any commitments. Countries were said to be worried their troops might be ensnared in fresh fighting; and the UN Security Council resolution to deploy the force gave no precise terms of engagement. Nor was there agreement on the makeup of a transitional government.

As these hurdles appeared, reports suggested Hamas was rebuilding its presence in the territory.

“Who’s really calling the shots there?” Ralph Goff, a former CIA Senior Executive, asked at The Cipher Brief’s annual Threat Conference, speaking of the uncertainty inside Gaza. “I remain pretty pessimistic on the idea of any kind of internal governing force being able to compete with Hamas at this point.”

By year’s end, two things were clear: the Gaza ceasefire itself was a welcome achievement after two years of carnage; and uncertainty hung over the truce’s critical next phases. This was one major story that will continue to unfold — with hope but also apprehension — well into 2026.

The commissioning and flag-presenting ceremony of the Fujian, China's first aircraft carrier equipped with electromagnetic catapults, is held at a naval port in Sanya City, south China's Hainan Province, on Nov. 5, 2025. (Photo by Li Gang/Xinhua via Getty Images)

China's Military Boom

China held a “Victory Day” parade in September – its way of marking 80 years since the end of World War II – and it was above all a show of military prowess. 12,000 troops marched alongside an arsenal of newly-minted battle tanks and rocket launchers, drone weapons and hypersonic missiles, and more. It was a fitting symbol for a year in which China turbocharged its military buildup.

As The Cipher Brief reported, China took a “leap forward” in drone weaponry in 2025: a huge new “stealth endurance drone,” mosquito-sized “micro drones,” and the deployment of a new “drone mothership.” The latter, known as the Jiu Tian, was billed as the world’s largest drone carrier – an 11-ton aircraft that is itself an uncrewed aerial vehicle. According to the South China Morning Post, the Jiu Tian can hold 100 smaller UAVs and carry them more than 4,000 miles.

“They have the production, they have large inventory and now they also have the AI,” Dr. Michael Raska, a professor at the Military Transformation Programme at the S. Rajaratnam School of International Studies, told The Cipher Brief. “With all these combined, they have been experiencing a leap forward in the quality and quantity of all their drones.”

China also made leaps in maritime power. In November, the People’s Liberation Army Navy (PLAN) commissioned the 80,000-ton Fujian, the country’s third aircraft carrier and largest to date. A week later came news that the Sichuan, one of the world’s largest amphibious assault ships, would be ready for deployment next year.

Retired Rear Admiral Mike Studeman, a former Commander of the Office of Naval Intelligence, told The Cipher Brief that China had achieved its longstanding goal of building “a world-class Navy,” which had surpassed the size of the U.S. fleet.

“It's not just not in the numbers, it's in the quality,” RADM Studeman said. “These ships are modern by any standard.”

“It's impressive,” another former Rear Admiral, Mark Montgomery, told The Cipher Brief. “They're building a hundred merchant ships for every one we build, and two warships for every one we build.”

The Trump Administration issued an executive order in April to jumpstart the U.S. shipbuilding industry and restore “American maritime dominance,” but experts said the U.S. faces an uphill road. As The Cipher Brief reported, China is on track to have a 425-ship fleet by 2030, while the U.S. Navy currently has fewer than 300 deployable battle-force vessels – a total which may drop as aging ships are retired faster than new ones are put to water.

Police cars are seen on November 17, 2025 close to the railways that were damaged in an explosion on the rail line in Mika, next to Garwolin, central Poland, after the line presumably was targeted in a sabotage act. (Photo by Wojtek Radwanski/AFP via Getty Images)

Europe Wakes Up to the “Gray-Zone” War

2025 was the year when Europe formally recognized – and began to respond to – a growing threat from the east: the so-called “gray-zone” war attributed to Moscow.

These attacks mushroomed in 2025 – from cyberattacks to railway bombings, the cutting of undersea cables to drone incursions into Poland and the Baltic states, and more. Experts said they were designed to be difficult to trace, and non-kinetic, so as not to draw a military response; as The Cipher Brief reported, the Kremlin was likely “aiming to create disruption without triggering escalation.”

But there were also signs that European leaders were waking up to the gravity of the threat.

NATO’s Secretary General Mark Rutte warned repeatedly of the dangers, and the alliance moved to improve detection and deterrence measures.

Nations took steps of their own. Finland acquired hundreds of drone jammers and outfitted border forces with high-end drone detectors; leaders from Poland, the Czech Republic and the Baltic states said they might shoot down Russian aircraft if Moscow continued its provocations; in a September speech to the United Nations, Polish Foreign Minister Radoslaw Sikorski went so far as to warn Moscow that “if another missile or aircraft enters our space without permission, deliberately or by mistake, and gets shot down and the wreckage falls on NATO territory, please don’t come here to whine about it.”

Even nations far from the Russian frontier were waking up to the dangers; Ireland unveiled a €1.7 billion, five-year defense plan that included systems to counter drones and protect undersea cables from Russian sabotage. And in her first public speech, MI6 chief Blaise Metreweli described the gray-zone threat bluntly: “The new frontline is everywhere,” she said.

Writing in The Cipher Brief, former Senior CIA Executive Dave Pitts stressed the need “to change the risk calculation.”

“We need to think of deterrence and response as a team sport - an Article 5 mindset,” Pitts wrote. “Gray-zone attacks that go unanswered reward our adversaries and reinforce the idea that there are more gains than risk…and encourage more attacks.”

Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.

Heavy trucks haul earth and rock at the construction site of Wubian Xiangshang Reservoir on the top of Pandao Mountain in Zhangye, China, on March 3, 2025. (Photo by Costfoto/NurPhoto via Getty Images)

America’s Rare Earth Crisis

Not long ago, rare earth minerals rarely made global headlines. 2025 was the year when that changed. And for the U.S. government, it was also the year in which rare earths took center stage.

Two basic facts underscored the urgency: rare earths are essential building blocks for everything from smart phones to home appliances to cars to all manner of military equipment and weapon systems; and China now produces an estimated 60 percent of the world’s rare earths and processes nearly 90 percent of them. The U.S. Geological Survey said that in 2024, the U.S. imported more than 95 percent of the total rare earths that it consumed.

Those realities spurred multiple U.S. efforts to change the dynamic: deals with Australia and Japan; negotiations with other resource-rich countries, including Congo, Indonesia, Kazakhstan and Malaysia; and threats to annex mineral-rich Greenland. Even the negotiations with Russia and Ukraine reportedly included plans for U.S. firms to invest in rare-earth extraction in Russia.

China’s imposition of rare-earth export restrictions only heightened the concerns – and while those were lifted as part of a deal with Washington, the message was clear: China’s rare-earths dominance now poses a huge problem for the U.S., and gives China a powerful lever in any future negotiations with Washington.

Susan Miller, a Former Assistant Director of the CIA’s China Mission Center, called the rare earth access “vital” to U.S. technology and national security.

“We democracies must do more to assure we have continuous access to these metals, and we also need to start producing more,” Miller told The Cipher Brief. “All democracies must focus on this issue; we must act now.”

Then-National Security Agency Director General Timothy Haugh, FBI Director Kash Patel, Director of National Intelligence Tulsi Gabbard, Central Intelligence Agency Director John Ratcliffe, and then-Defense Intelligence Agency Director Jeffrey Kruse appear during a Senate Committee on Intelligence Hearing on March 25, 2025 in Washington, DC. (Photo by Andrew Harnik/Getty Images)

The Overhaul of the Intelligence Community

Before his return to the White House, Donald Trump promised to remake the U.S. intelligence community (IC). “We will clean out all of the corrupt actors in our national security and intelligence apparatus,” Trump said soon after the 2024 election.“The departments and agencies that have been weaponized will be completely overhauled.”

In 2025, it was a promise he kept.

There were widespread cuts in staffing at the CIA, FBI, and the Cybersecurity and Infrastructure Security Agency (CISA), and the biggest reductions appeared to come at the Office of the Director of National Intelligence (ODNI), which coordinates the 18 agencies of the IC. Roughly 40% of ODNI staff were cut, including the elimination or consolidation of the Foreign Malign Influence Center and some cyber threat units into other agencies.

Other high-level dismissals drew particular attention: National Intelligence Council acting head Mike Collins was fired after presenting an assessment on Venezuela that contradicted the White House line; and NSA Director Gen. Timothy Haugh lost his job after Trump “influencer” Laura Loomer questioned his loyalty to the administration.

Depending who you asked, the changes were a much-needed streamlining of a bloated intelligence apparatus; a reorganization to focus less on Russia and China and more on border security and drug trafficking; or a Trump-driven retaliation against institutions and individuals he had blamed for investigations or views with which he disagreed.

The high-level firings troubled several experts. Jon Darby, a longtime NSA veteran who served as director of operations, told The Cipher Brief he was “very disheartened” by Gen. Haugh’s ouster. “We need an explanation of the underlying rationale,” he said.

Beth Sanner, a Cipher Brief expert who served as Deputy Director for National Intelligence at ODNI, warned of a broader politicization of the IC.

“The intelligence community is not like asking people to hit the easy button and the ‘I agree with you’ button,” she said. “That's not our role. Our role is to say what we think and why we think it…The intelligence community isn't always right. But when done correctly and behind closed doors, I cannot understand why anybody would say that presenting an intelligence assessment that disagreed with policy needed to stop, or was an example of deep state. It's not. And it's really important.”

All that said, the nature of the IC makes it difficult, even at the end of a tumultuous year for the various agencies, to know precisely what the impact of the “overhaul” has been – or will be in the future.

Fingers on laptop. (Photo by Silas Stein/picture alliance via Getty Images)

A Cybersecurity “Watershed”

It seemed like a headline from a science fiction journal. An artificial intelligence system had conducted a large-scale espionage operation.

But it wasn’t science fiction – or fake news. The AI giant Anthropic confirmed the first real-world case of the use of an AI system to do exactly that.

“Today marks a watershed in cybersecurity,” Jennifer Ewbank, a former Deputy Director of the Central Intelligence Agency for Digital Innovation, told The Cipher Brief. “AI has now crossed from tool to operator,” Ewbank said, “blurring the line between human intent and machine execution...a threshold has been crossed.”

Anthropic said that Chinese state-sponsored hackers had exploited its Claude AI system to carry out cyberattacks on corporations and foreign governments in September, and that the hackers had succeeded with only minimal human oversight. Anthropic’s threat intelligence chief said the campaign had targeted about 30 entities, and represented a new level of AI-enabled hacking. The hackers posed as security auditors and successfully breached several systems, accessing privileged accounts and private data before being blocked.

The good news? The number of breaches and scale of the damage appeared small, and no U.S. government agencies were compromised. But the incident gave ammunition to doomsayers who have warned of AI nightmares – and showed that AI is already a valuable tool for hackers and state-backed cyber operations.

Experts called it the latest code-red warning for securing AI systems and deploying effective cyber defenses. As Ewbank put it, “This is no longer a hypothetical threat being researched in a lab.”

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief.

In the city that’s home to Microsoft, Redmond Police Chief Darrell Lowe isn’t just watching technological innovation from the sidelines — he’s integrating it into his department’s daily operations.

Lowe, a 30-year law enforcement veteran, views Redmond as the ideal staging ground for a new era of policing that capitalizes on advancements ranging from drones as first responders to artificial intelligence. When he became chief six years ago, his vision was to transform the department into a premier agency; technology has been a cornerstone of that mission.

“The public safety tech space is blowing up right now with a lot of interest and investment and VC money,” Lowe told GeekWire. “Being in Microsoft’s backyard doesn’t hurt, but it’s not like Microsoft is cutting checks for the Redmond Police Department.”

Lowe, who also runs his own public safety tech consultancy, primarily seeks tools that increase staff efficiency and simplify officer tasks. An AI-powered investigative platform from San Francisco-based Longeye fits that bill. Longeye ingests digital information such as surveillance video, phone records, crime scene photos and interviews to analyze data at speeds that exceed human review.

Lowe recently told KING 5 how the tool helped investigators confirm key evidence in a cold case by combing through 60 hours of jail phone calls in minutes.

However, he maintains that such tools are part of the equation rather than the total solution.

“It’s really important for law enforcement agencies and officers not to get lazy and think AI is the answer, because you still have to corroborate whatever that is,” Lowe said.

While AI is a newer addition to Lowe’s tech toolbox, the department has a history of technical adoption. Previous deployments included adhesive GPS trackers fired at cars to catch fleeing suspects and handheld narcotics analyzers that can scan through transparent packaging and identify more than 530 controlled substances, such as fentanyl, methamphetamine, and heroin.

But drones — specifically drones as first responders — are Lowe’s pride and joy. He equates their impact on modern policing to the era when handheld radios replaced police call boxes.

With a current staff of approximately 85 officers, Lowe employs two full-time drone pilots operating from a flight control center equipped with autonomous drones from Seattle-based Brinc and Skydio. Integrated directly into the department’s dispatch system, the drones can launch and arrive on-scene in under two minutes.

Lowe recalls a recent call regarding an individual experiencing a mental health crisis on a street corner. The person was screaming at the sky and waving his arms.

“Typical police response is you send an officer on the ground to make contact. We’ve seen those calls escalate and go wrong,” Lowe said.

Instead, a drone arrived in 30 seconds. From 250 feet, a pilot observed the individual, determined no crime was occurring and no one was in danger, and watched as the person eventually walked away.

“We canceled the ground unit response. There was no need for police contact,” Lowe said.

To address privacy concerns, Lowe implemented a “horizon-first” policy: drone cameras are pointed at the sky during transit and only tilt down once they reach the specific GPS coordinates of a call.

While drones have been a “game changer,” other technologies have hit speed bumps. The Redmond City Council recently paused the department’s license plate reader program following regional concerns about data sharing and whether U.S. Immigration and Customs Enforcement (ICE) could access the data.

Redmond PD started deploying Automated License Plate Readers (ALPRs) this summer to alert officers and analysts when a vehicle linked to a crime, missing person, stolen vehicle, or other critical incident is detected.

Lowe pushed back on what he calls “hysteria” surrounding the technology, arguing that cameras have a proven, valuable place in law enforcement.

“There is no expectation of privacy in a public place on a tax-funded road,” Lowe said, noting that Washington’s tolling cameras often capture more personal data (including driver faces) for longer periods than his ALPR systems. “The privacy concerns, while I understand they are legitimate, they also have to be balanced against what the law says.”

Because the City of Redmond signed a contract to launch the ALPR technology, Lowe noted that the council must now consider any legal ramifications of a potential breach of contract.

Reflecting on a long career that began in an innovative department in Santa Monica, Calif., under then-Chief Jim Butts, Lowe feels fortunate to have technology embedded in his “cop DNA.”

Now he laughs at how much the job description has evolved.

“When we all got into this, we wanted to go out there and catch bad guys … play cops and robbers and that whole thing,” he said. “I never imagined that I’d be negotiating multi-million-dollar, multi-year [tech] contracts as a cop.”

But even with modern advances, Lowe insists technology will never replace an officer’s empathy.

“We can never take the human out of the loop,” he said. “When people contact the police, it’s often not on their best day. It’s to have another human there to empathize and sympathize. It’s the reason why most of us got into this profession — to help others.”