U.S. focus on IW and its subset, cognitive warfare, has been erratic. The U.S. struggles with adapting its plans to the use of cognitive warfare while our leaders have consistently called for more expertise for this type of warfare. In 1962, President Kennedy challenged West Point graduates to understand: "another type of war, new in its intensity, ancient in its origin, that would require a whole new kind of strategy, a wholly different kind of force, forces which are too unconventional to be called conventional forces…" Over twenty years later, in 1987, Congress passed the Nunn-Cohen Amendment that established Special Operations Command (SOCOM) and the Defense Department’s Special Operations and Low-Intensity Conflict (SO/LIC) office. Another twenty years later, then Secretary of Defense Robert Gates said that DoD needed “to display a mastery of irregular warfare comparable to that which we possess in conventional combat.”

After twenty years of best practices of IW in the counter terrorism area, the 2020 Irregular Warfare Annex to the National Defense Strategy emphasized the need to institutionalize irregular warfare “as a core competency with sufficient, enduring capabilities to advance national security objectives across the spectrum of competition and conflict.” In December 2022, a RAND commentary pointed out that the U.S. military failed to master IW above the tactical level. I submit, we have failed because we have focused on technology at the expense of expertise and creativity, and that we need to balance technology with developing a workforce that thinks in a way that is different from the engineers and scientists that create our weapons and collection systems.

Adversaries Ahead of Us

IW and especially cognitive warfare is high risk and by definition uses manipulative practices to obtain results. Some policy leaders are hesitant to use this approach to develop influence strategies which has resulted in the slow development of tools and strategies to counter our adversaries. U.S. adversaries are experts at IW and do not have many of the political, legal, or oversight hurdles that U.S. IW specialists have.

Chinese military writings highlight the PRC’s use of what we would call IW in the three warfares. This involves using public opinion, legal warfare, and psychological operations to spread positive views of China and influence foreign governments in ways favorable to China. General Wang Haijiang, commander of the People's Liberation Army's (PLA) Western Theatre Command, wrote in an official People’s Republic of China (PRC) newspaper that the Ukraine war has produced a new era of hybrid warfare, intertwining “political warfare, financial warfare, technological warfare, cyber warfare, and cognitive warfare.” The PRC’s Belt and Road Initiative and Digital Silk Road are prime examples of using economic coercion as irregular warfare. Their Confucius Centers underscore how they are trying to influence foreign populations through language and cultural training.

Russia uses IW to attempt to ensure the battle is won before military operations begin and to enhance its conventional forces. Russia calls this hybrid war and we saw this with the use of “little green men” going into Crimea in 2014 and the use of the paramilitary Wagner forces around the world. Russia also has waged a disinformation campaign against the U.S. on digital platforms and even conducted assassinations and sabotage on foreign soil as ways to mold the battle space toward their goals.

What Is Needed

U.S. architects of IW seem to primarily focus on oversight structures and budget, and less on how to develop an enduring capability.

Through the counterterrorism fight, the U.S. learned how to use on-the-ground specialists, develop relationships at tribal levels, and understand cultures to influence the population. The U.S. has the tools and the lessons learned that would enable a more level playing field against its adversaries, but it is not putting enough emphasis on cognitive warfare. A key to the way forward is to develop SOF personnel and commensurate intelligence professionals to support the SOF community who understand the people, the geography, and the societies they are trying to influence and affect. We then must go further and reward creativity and cunning in developing cognitive warfare strategies.

The Department of Defense and the intelligence community have flirted with the need for expertise in the human domain or social cultural sphere for years. The Department of Defense put millions of dollars into socio cultural work in the 2015-time frame. This focus went away as we started concentrating more on near peer competition. Instead, we focused on technology, better weapons and more complex collection platforms as a way to compete with these adversaries. We even looked to cut Human Intelligence (HUMINT) to move toward what some call a lower risk approach to collection—using technology instead of humans.

SOF personnel are considered the military’s most creative members. They are chosen for their ability to adapt, blend in, and think outside the box. This ingenuity needs to be encouraged. We need a mindful balancing of oversight without stifling that uniqueness that makes IW so successful. While some of this creativity may come naturally, we need to ensure that we put in place training that speaks to inventiveness, that pulls out these members’ ability to think through the impossible. Focused military classes across the services must build on latest practices for underscoring creativity and out of the box thinking. This entrepreneurial approach is not typically rewarded in a military that is focused on planning, rehearsals, and more planning.

Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

Focusing on Intelligence and Irregular Warfare

An important part of the equation for irregular warfare is intelligence. This foundation for irregular warfare work is often left out in the examination of what is needed for the U.S. to move IW forward. In the SOF world, operators and intelligence professionals overlap more than in any other military space. Intelligence officers who support IW need to have the same creative mindset as the operators. They also need to be experts in their regional areas—just like the SOF personnel.

The intelligence community’s approach to personnel over the past twenty or so years works against support for IW. Since the fall of the Soviet Union, the intelligence community has moved from an expertise-based system to one that is more focused on processes. We used to have deep experts on all aspects of the adversary—analysts or collectors who had spent years focused on knowing everything about one foreign leader or one aspect of a country’s industry and with a deep knowledge of the language and culture of that country. With many more adversaries and with collection platforms that are much more expensive than those developed in the early days of the intelligence community, we cannot afford the detailed expert of yore anymore. The current premise is that if you know the processes for writing a good analytical piece or for being a good case officer, the community can plug and play you in any context. This means, we have put a premium on process while neglecting expertise. As with all things—we need to balance these two important aspects of intelligence work.

To truly understand and use IW, we need to develop expert regional analysts and human intelligence personnel. Those individuals who understand the human domain that they are studying. We need to understand how the enemy thinks to be able to provide that precision to the operator. This insight comes only after years of studying the adversary. We need to reward those experts and celebrate them just as much as we do the adaptable plug and play analyst or human intelligence personnel. Individuals who speak and understand the nuances of the languages of our adversaries, who understand the cultures and patterns of life are the SOF member’s best tool for advancing competition in IW. Developing this workforce must be a first thought, not an afterthought in the development of our irregular warfare doctrine.

CIA Director William Casey testified before Congress in 1981:

“The wrong picture is not worth a thousand words. No photo, no electronic impulse can substitute for direct on the scene knowledge of the key factors in a given country or region. No matter how spectacular a photo may be it cannot reveal enough about plans, intentions, internal political dynamics, economics, etc. Technical collection is of little help in the most difficult problem of all—political intentions. This is where clandestine human intelligence can make a difference.”

Not only are analytical experts important in support of IW but so are HUMINT experts. We have focused on technology to fill intelligence gaps to the detriment of human intelligence. The Defense Intelligence enterprise has looked for ways to cut its HUMINT capability when we should be increasing our use of HUMINT collection and HUMINT enabled intelligence activities. In 2020, Defense One reported on a Defense Intelligence Agency (DIA) plan to cut U.S. defense attaches in several West African countries and downgrade the ranks of others in eight countries. Many advocate for taking humans out of the loop as much as possible. The theory is that this lowers the risk for human capture or leaks. As any regional expert will tell you, while satellites and drones can provide an incredible amount of intelligence from pictures to bits of conversation, what they cannot provide is the context for those pictures or snippets of conversation. As Director Casey inferred, it is only the expert who has lived on the ground, among the people he/she is reporting on who can truly grasp nuances, understanding local contexts, allegiances, and sentiments.

While it is important to continue to upgrade technology and have specialists who fly drones and perform other data functions, those functions must be fused with human understanding of the adversary and the terrain. While algorithms can sift through vast amounts of data, human operatives and analysts ensure the contextual relevance of this data. Technologies cannot report on the nuances of feelings and emotions. The regional experts equip SOF operators with the nuanced understanding required to navigate the complexities that make up the “prior to bang” playing field. This expertise married with cunning and creativity will give us the tools we need to combat our adversary in the cognitive warfare domain.

The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.

Conclusion

The need for contextual, human-centric understanding for being able to develop plans and operations for cognitive warfare that can compete with our adversaries and keep us from a kinetic fight is paramount. Those who try to make warfare or intelligence into a science miss the truth, that to be proficient in either, art is a must. We need expertise to be able to decipher the stories, motives, and aspirations that make cognitive warfare unique. Regional intelligence experts discern the patterns, motives and vulnerabilities of adversaries; key needs for developing IW campaigns and for influencing individuals and societies. We need seasoned human intelligence personnel, targeters, and analysts who are experts on the adversary to be able to do this. We also need to develop and reward creativity, which is a must for this world.

We also have to be upfront and acknowledge the need to manipulate our adversaries. U.S. decision makers must concede that to win the next war, cognitive warfare is a must and it is essential for these leaders to take calculated risks to mount those campaigns to influence and manipulate.

The cost of cognitive warfare is but a rounding error when compared to the development of new technical intelligence collection platforms and the platforms’ massive infrastructures. This rounding error is a key lynchpin for irregular warfare and irregular warfare is our most likely avenue for avoiding a kinetic war. Human operatives, out of the box thinking, and expert analysts and human intelligence personnel are the needed bridges that connect data into actionable insights to allow our SOF community to practice the type of irregular warfare we have proven historically that the U.S..S. can provide and must provide to counter our adversaries and win the cognitive war we are currently experiencing.

Who’s Reading this? More than 500K of the most influential national security experts in the world. Need full access to what the Experts are reading?

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

DEEP DIVE — When Secret Service agents swept into an inconspicuous building near the United Nations General Assembly late last month, they weren’t tracking guns or explosives. Instead, they dismantled a clandestine telecommunications hub that investigators say was capable of crippling cellular networks and concealing hostile communications.

According to federal officials, the operation seized more than 300 devices tied to roughly 100,000 SIM cards — an arsenal of network-manipulating tools that could disrupt the cellular backbone of New York City at a moment of geopolitical tension. The discovery, officials stressed, was not just a one-off bust but a warning sign of a much broader national security vulnerability.

The devices were designed to create what experts call a “SIM farm,” an industrial-scale operation where hundreds or thousands of SIM cards can be manipulated simultaneously. These setups are typically associated with financial fraud or bulk messaging scams. Still, the Secret Service warned that they can also be used to flood telecom networks, disable cell towers, and obscure the origin of communications.

In the shadow of the UN, where global leaders convene and security tensions are high, the proximity of such a system raised immediate questions about intent, attribution, and preparedness.

“(SIM farms) could jam cell and text services, block emergency calls, target first responders with fake messages, spread disinformation, or steal login codes,” Jake Braun, Executive Director of the Cyber Policy Initiative at the University of Chicago and former White House Acting Principal Deputy National Cyber Director, tells The Cipher Brief. “In short, they could cripple communications just when they’re needed most.”

Sign up for the Cyber Initiatives Group Sunday newsletter, delivering expert-level insights on the cyber and tech stories of the day – directly to your inbox. Sign up for the CIG newsletter today.

How SIM Farms Work

At their core, SIM farms exploit the fundamental architecture of mobile networks. Each SIM card represents a unique identity on the global communications grid. By cycling through SIMs at high speed, operators can generate massive volumes of calls, texts, or data requests that overwhelm cellular infrastructure. Such floods can mimic the effects of a distributed denial-of-service (DDoS) attack, except the assault comes through legitimate carrier channels rather than obvious malicious traffic.

“SIM farms are essentially racks of modems that cycle through thousands of SIM cards,” Dave Chronister, CEO of Parameter Security, tells The Cipher Brief. “Operators constantly swap SIM cards and device identifiers so traffic appears spread out rather than coming from a single source.”

That makes them extremely difficult to detect.

“They can mimic legitimate business texts and calls, hide behind residential internet connections, or scatter equipment across ordinary locations so there’s no single, obvious signal to flag,” Chronister continued. “Because SIM farms make it hard to tie a number back to a real person, they’re useful to drug cartels, human-trafficking rings and other organized crime, and the same concealment features could also be attractive to terrorists.”

That ability to blend in, experts highlight, is what makes SIM farms more than just a criminal nuisance.

While SIM farms may initially be used for financial fraud, their architecture can be easily repurposed for coordinated cyber-physical attacks. That dual-use nature makes them especially appealing to both transnational criminal groups and state-backed intelligence services.

Who Might Be Behind It?

The Secret Service, however, has not publicly attributed the network near the UN to any specific individual or entity. Investigators are weighing several possibilities: a transnational fraud ring exploiting the chaos of UN week to run large-scale scams, or a more concerning scenario where a state-backed group positioned the SIM farm as a contingency tool for disrupting communications in New York.

Officials noted that the operation’s sophistication suggested it was not a low-level criminal endeavor. The hardware was capable of sustained operations against multiple carriers, and its sheer scale — 100,000 SIM cards — far exceeded the typical scale of fraud schemes. That raised the specter of hostile governments probing U.S. vulnerabilities ahead of potential hybrid conflict scenarios.

Analysts note that Russia, China, and Iran have all been implicated in blending criminal infrastructure with state-directed cyber operations. Yet, these setups serve both criminals and nation-states, and attribution requires more details than are publicly available.

“Criminal groups use SIM farms to make money with scams and spam,” said Braun. “State actors can use them on a bigger scale to spy, spread disinformation, or disrupt communications — and sometimes they piggyback on criminal networks.”

One source in the U.S. intelligence community, who spoke on background, described that overlap as “hybrid infrastructure by design.”

“It can sit dormant as a criminal enterprise for years until a foreign government needs it. That’s what makes it so insidious,” the source tells The Cipher Brief.

From Chronister’s purview, the “likely explanation is that it’s a sophisticated criminal enterprise.”

“SIM-farm infrastructure is commonly run for profit and can be rented or resold. However, the criminal ecosystem is fluid: nation-states, terrorist groups, or hybrid actors can and do co-opt criminal capabilities when it suits them, and some state-linked groups cultivate close ties with criminal networks,” he said.

The Broader National Security Blind Spot

The incident during the United Nations General Assembly also underscores a growing blind spot in U.S. protective intelligence: telecommunications networks as contested terrain. For decades, federal resources have focused heavily on cybersecurity, counterterrorism, and physical threats. At the same time, the connective tissue of modern communications has often been treated as a commercial domain, monitored by carriers rather than security agencies.

The Midtown bust suggests that assumption no longer holds. The Secret Service itself framed the incident as a wake-up call.

“The potential for disruption to our country’s telecommunications posed by this network of devices cannot be overstated,” stated U.S. Secret Service Director Sean Curran. “The U.S. Secret Service’s protective mission is all about prevention, and this investigation makes it clear to potential bad actors that imminent threats to our protectees will be immediately investigated, tracked down and dismantled.”

However, experts warn that U.S. defenses remain fragmented. Carriers focus on fraud prevention, intelligence agencies monitor foreign adversaries, and law enforcement investigates domestic crime. The seams between those missions are precisely where SIM farms thrive.

The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.

Hybrid Warfare and the Next Front Line

The rise of SIM farms reflects the evolution of hybrid warfare, where the boundary between criminal activity and state action blurs, and adversaries exploit commercial infrastructure as a means of attack. Just as ransomware gangs can moonlight as proxies for hostile intelligence services, telecom fraud networks may double as latent disruption tools for foreign adversaries.

Additionally, the threat mirrors patterns observed abroad. In Ukraine, officials have reported Russian operations targeting cellular networks to disrupt battlefield communications and sow panic among civilians. In parts of Africa and Southeast Asia, SIM farms have been linked to both organized crime syndicates and intelligence-linked influence campaigns.

That same playbook, experts caution, could be devastating if applied in the heart of a global city.

“If activated during a crisis, such networks could flood phone lines, including 911 and embassy hotlines, to sow confusion and delay coordination. They can also blast fake alerts or disinformation to trigger panic or misdirect first responders, making it much harder for authorities to manage an already volatile situation,” Chronister said. “Because these setups are relatively cheap and scalable, they are an inexpensive but effective way to complicate emergency response, government decision-making, and even protective details.”

Looking Ahead

The dismantling of the clandestine telecom network in New York may have prevented an imminent crisis, but experts caution that it is unlikely to be the last of its kind. SIM farms are inexpensive to set up, scalable across borders, and often hidden in plain sight. They represent a convergence of cyber, criminal, and national security threats that the U.S. is only beginning to treat as a unified challenge.

When it comes to what needs to be done next, Braun emphasized the importance of “improving information sharing between carriers and government, investing in better tools to spot hidden farms, and moving away from SMS for sensitive logins.”

“Treat SIM farms as a national security threat, not just telecom fraud. Limit access to SIM farm hardware and punish abuse. Help smaller carriers strengthen defenses,” he continued. “And streamline legal steps so takedowns happen faster.”

Chronister acknowledged that while “carriers are much better than they were five or ten years ago, as they’ve invested in spam filtering and fraud analytics, attackers can still get through when they rotate SIMs quickly, use eSIM provisioning, or spread activity across jurisdictions.”

“Law enforcement and intelligence have powerful tools, but legal, technical, and cross-border constraints mean detection often outpaces confident attribution and rapid takedown. Make it harder to buy and cycle through SIMs in bulk and strengthen identity verification for phone numbers,” he added. “Require faster, real-time information-sharing between carriers and government during traffic spikes, improve authentication for public alerts, and run regular stress-tests and red-team exercises against telecom infrastructure. Finally, build joint takedown and mutual-assistance arrangements with allies so attackers can’t simply reconstitute operations in another country.”

Are you Subscribed to The Cipher Brief’s Digital Channel on YouTube? There is no better place to get clear perspectives from deeply experienced national security experts.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief because National Security is Everyone’s Business.

EXPERT PERSPECTIVE — In 1943, a body washed up on a beach in Huelva, Spain. It was the body of a Royal Marine officer, Major William Martin. Martin was carrying papers, cuffed to his wrist in a briefcase, suggesting that the Allies would invade Greece and Sardinia, not Sicily. Spain was officially neutral, but a few Spanish officials sympathetic to the Nazis allowed German agents to discreetly photograph the documents before Spain quietly passed the documents to the British. Those British officials appeared to be in a state of panic over the lost briefcase.

Would this opportunistic espionage expose a critical Allied operation? In reality, Major William Martin never existed. The body was that of Glyndwr (“Glendure”) Michael, a Welsh drifter who died from consuming rat poison. You probably recognize this as Operation Mincemeat. British intelligence developed this incredible ruse, with American approval, and painstakingly developed a plan for the body to wash up near Huelva Spain and provided background and a personal story for Michael that allowed the body to pass convincingly as a Royal Martine officer who perished at sea while delivering sensitive documents.

The Germans took the bait. Convinced by this fabricated narrative, Hitler diverted significant forces away from Sicily. When the Allies landed in Sicily, they encountered far less resistance than expected, saving countless lives and accelerating the collapse of Axis defenses in southern Europe.

Beyond innovation and sheer audacity, this was a master class in story-telling, in knowing the pressures facing the target audience (Hitler), in creating a believable altered reality, in understanding how information moved through Nazi circles and among those who enabled them and, most importantly, in persuading our adversaries to make consequential decisions that advanced our interests over theirs. It was cognitive warfare on the offense, it represented a cognitive advantage during a perilous period, and it remains a reminder of the timeless power of cognitive persuasion.

History has many other examples of where commanders and leaders have stepped beyond traditional thinking and conventional operations into the information and cognitive space to confuse our adversaries, to win the day, and, at times, to change history.

Is this important today? Let us put cognitive warfare in strategic perspective.

First, great power competition is intensifying and the stakes are high.

The U.S is now facing the most significant global challenges than at any time in our history. We face more capable peer adversaries, more aspiring regional nations, and more proxy threats than ever before. The global environment is more uncertain than ever, and our place in it is not guaranteed. If we are to remain the global leader, we’ll have to be ready for today’s and tomorrow’s rapidly evolving competition and warfare. We must look to prioritize and commonly orient our Nation’s capabilities toward actively maneuvering and gaining advantage across the cognitive landscape to help ensure our security interests, and to actively deny any adversary their own advantage.

Second, great powers will go to great lengths to avoid direct military engagement that could have catastrophic consequences. Russia has lost the equivalent of what would be one of the world’s largest militaries and it has experienced a massive reduction in national power in the war with Ukraine. We also know the examples from WWII when nations and great militaries were defeated and even decimated as a result of great power conflict.

China has advocated winning without fighting for decades, and it still does. Khrushchev famously said “We will take American without firing a shot. We do not have to invade the U.S. We will destroy you from within.” Putin is a believer and practitioner in that approach.

Their approaches are not a mystery. Our adversaries have telegraphed how they plan to attack us, and to defeat us, without direct military engagement.

Third, given those considerations, our adversaries are increasingly relying on operations in the gray zone, or gray warfare, to advance their national interests and to take steps to undermine and weaken the United States, without risking a superpower conflict. They have prioritized their resources, decisions, and actions toward this end.

China and Russia, and even Iran and North Korea, believe there are more gains than risks in the gray zone, and any risks they do face are manageable, so we should expect them to expand their activities. If we solely maintain an unblinking stare at the conventional military capabilities of our adversaries, we might miss the real war already well underway in the gray zone.

Finally—cognitive warfare stands as the most prevalent and consequential activity our adversaries conduct in the gray zone.

This is not your grandfather’s Cold War disinformation. This is an assault on cognition, powered by advanced technology and enabled by an information environment that provides camouflage, infrastructure, and operational resources for our adversaries. Ultimately, cognitive warfare is a contest for truth and knowledge—a struggle to shape perception, control understanding, and influence both the decision-making process and its outcomes.

The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.

Never before in history have individuals, organizations, societies, and nations faced such a sustained assault on our ability to make our own decisions—our autonomy to think, decide, and act in our own best interests. From our adversaries’ perspective, controlling perceptions, manufacturing realities, steering decision-making, intimidation as persuasion, decision fatigue, and manufactured false choices make for persuasive and effective strategy.

In this global information landscape, where technology levels the playing field, any individual or group, and state or non-state actors can reach global audiences almost immediately. Thousands of internet sites, fake users, fabricated organizations, bots, and willing surrogates, managed by Russia, China, Iran, and North Korea, wage cognitive warfare against the U.S., our allies, and our partners at unprecedented scale and velocity. Artificial intelligence now serves as a force multiplier—amplifying reach, supercharging deception, automating the manipulation of public opinion, and constricting time in the information maneuver space.

As individuals and groups within America, this is everything from how we see the world, how we vote, how we invest, whom and what we trust, which policies we support or oppose, and who we believe are our friends and partners—locally, regionally, and globally.

For national security leaders, policymakers, and corporate and military decision-makers, our adversaries seek to influence consequential decisions on issues like Ukraine, Taiwan, trade, military posture, supply chains, alliances, participation in international organizations, technology development, and a host of other issues that could tip the balance in our adversaries’ favor.

For China, Russia, Iran, and North Korea, this is integrated national strategy where the instruments of national power—government, private sector, and surrogates—are combined to achieve strategic impact. Further, the willingness of our adversaries to defy international law; challenge economic interests, and violate the sovereignty and laws of every country including the U.S.; engage in bribery, political coercion, sabotage, and assassinations—essentially a “no limits” approach” to cognitive warfare—gives them considerable leverage—made more effective by our lack of focused emphasis on recognizing, prioritizing and taking action to mass and commonly orient our great national strengths.

If we are to make consequential decisions with confidence, we must have high certainty in the information we receive, value, and share. In the cognitive domain, truth is a strategic asset—precious, powerful, and fragile. To endure, it must be shielded from the relentless assault of manipulation, coercion, and altered realities initiated by our adversaries to shape the strategic landscape and create influence attack vectors intended to undermine and disable our ability to do the same.

Churchill recognized both the strategic value and fragile nature of truth in a time of conflict. He famously said, “In wartime, the truth [is] so precious that it should always be attended by a bodyguard of lies.” The lesson is clear. Today, just as in 1943, we must seize and defend the cognitive advantage if we are to navigate these equally perilous times.

What do we need to do to achieve a cognitive advantage?

- First, we need to reassert a strong U.S. national narrative.

In the cognitive domain, our national narrative is both sword and shield. It projects power, influence, and advances our interests. It tells the story of our values, our history, our aspirations, our view of the world, and our resolve and is reinforced by actions and deeds. Our military and economic strength and our global leaderships are strong parts of this narrative. It supports confidence in our actions, our institutions, and our commitments. It also counters adversary narratives and actions that seek to undermine America within our own borders and across the world. We all know today that our national narrative is being questioned by some at home and abroad. Regardless of how we see the political environment, we must articulate and advance a strong seamless U.S. national narrative as foundational to a cognitive advantage. We must take this on.

- Second, we need to empower our master storytellers.

Our master storytellers are not just communicators; they are architects of persuasion. We all know this; we read, we watch movies, and we listen. Facts are fleeting, but stories remain with us—they shape how we feel which in turn drives how we behave. In the cognitive domain, well-crafted stories—including those tailored to navigate today’s hyper-technical environment and chaotic information environment—shape threat perceptions, influence our perception of reality, sustain resolve, and can tip the balance in competition or conflict.

Adversaries recognize the power of narrative and weaponize it; even the truth is more persuasive when it is delivered as part of a compelling story. History proves the advantage: in cognitive warfare, facts alone rarely shift outcomes—compelling narratives and persuasive storytelling do. As in 1943, our edge will be defined by those who can craft and deliver the stories that influence minds and shape events. Yes, we need our master storytellers as much today as we did in 1943.

- Third, we need to see and understand our adversaries’ capabilities and intentions in the cognitive domain—where perception, knowledge, and decision-making are contested. Our adversaries, of course, go to great lengths to mask and conceal their activities. It is time for cognitive intelligence—intelligence in and about the cognitive domain and our ability to reliably understand how, where, and why adversaries seek to shape our thinking and decisions—to emerge as a priority.

- Fourth, we need a sustain a technological edge in AI, Cognitive Science, Cyber, and other technologies that force our adversaries to go on the defensive. China in particular is working to take that advantage from us by its own means but also by stealing U.S. data, technologies, and intellectual property to use against us. We must safeguard the extraordinary capabilities of U.S. technologies—including those small, bold startups—that not only provide a critical national security advantage but are also relentlessly targeted by our adversaries.

- Fifth—and critically important—we need to plan, organize and drive designed strategies and actions across our governmental institutions, international partners, and private sector at the intersections of shared security interests to defend against adversary tactics that target our economic, military, infrastructure, informational and Cyber pillars of security each fueled by human perception, reasoning, and effective decision-making. If you remember anything from this article, please remember this. As a priority, we need a strategy and a commitment to play offense in a quiet but relentless manner that confuses our adversaries, shatters their confidence, and forces them—not us—to deal with the uncertainties of cognitive warfare.

- Finally, if all of this is to work, we need to harness the incredible intellectual power, critical thinking, and collaboration among government, private sector, academia, and in many cases, our allies. We need to work at the nexus of shared interests. In this collaboration; we need leaders; not to overly prescribe or to build bureaucracy, but to inspire, convene, add clarity of purpose, and to enable the incredible capability this community offers. We must use the power to convene to commonly inform and set conditions for mutually beneficial action and outcomes, and to help close the relationship seams used by our adversaries as attack vectors.

Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

For our leaders, a reminder that when relegated to small tasks and small thinking, influence operations in the cognitive domain will achieve small results. This is a time for vision, for big thoughts, innovation, and audacity. With those attributes, and thinking back to the remarkable achievements of 1943, today’s operations in the cognitive domain can and will do remarkable things.

Those elements, we believe, are the foundation of a cognitive advantage. If we are successful, it means we have a sustained ability to protect our decision-making autonomy at all levels; we preserve domestic and allied social cohesion; we retain global influence, credibility and narrative power; we expose and undermine adversary efforts at cognitive warfare; and we achieve U.S. objectives without resulting in direct conflict. Challenging?—Yes. Attainable?—Certainly.

A final word. Last June, Dave Pitts visited Normandy for the 80^th Anniversary of D-Day—which was our last conventional war of great powers. It was a war that resulted in a devastating loss of human life and unprecedented destruction. Omaha Beach, the Drop Zones around St. Mere Eglise, and the American Cemetery were vivid reminders. That war established the U.S as a global superpower and established a world order that has lasted 80 years. It also enshrined in history the “Greatest Generation.”

Today, authoritarian rule is on the rise, national sovereignty around the world is being undermined, and the global order as we know it is under attack. Once again, our preeminence, leadership, and resolve are being challenged. Let’s be clear, the next war—a quieter war, a gray war—is already underway. The outcome of that war will be as consequential as conventional war.

Cognitive warfare may very well be the defining contest of this era—a generational challenge—given the threats it poses to U.S. national security, our place and influence in the world, and our commitment to our own self-determination. If you are a professional in this space—government, private sector, academia, and ally—this is clearly your time.

Today, we are surrounded by threats, but we are also surrounded by opportunities, by extraordinary expertise, and by willing partners. The challenges ahead are formidable, but so are our experiences and capabilities as a nation. The incredible resolve, sacrifice, and refusal to fail—hallmarks of the Greatest Generation—are woven into the fabric of America and will continue to serve us well. Securing our future now demands leadership, collaboration, a bias for action, and adaptability—the hallmarks of this generation. We have what it takes.

Yes, confidence is clearly justified—but we must just as clearly match that confidence with decisive action. Time is not on our side as others have already decided to prioritize cognitive related strategies. It is time to take a bold step forward in the cognitive domain and to seize the cognitive advantage.

All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the U.S. Government. Nothing in the contents should be construed as asserting or implying U.S. Government authentication of information or endorsement of the author's views.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

OPINION — In early 2024, the American public received a stark warning from top U.S. security officials. Chinese state-sponsored hackers, known as "Volt Typhoon," had penetrated not just data repositories but embedded themselves deep within the control systems of U.S. critical infrastructure—including communication networks, energy grids, and water treatment facilities. As FBI Director Christopher Wray testified, the intent was a "pre-positioning of capabilities that can be turned on whenever they see fit" to "wreak havoc and cause real-world harm to American citizens and communities." This was not espionage in the traditional sense—it was operational preparation of the environment at a strategic scale.

No shots were fired, nor territory seized—yet this was an act of calculated, strategic hostility. Volt Typhoon is one battle in a much larger, undeclared conflict: the gray war the PRC is waging against the United States.

How did we get here? In the late 20th and early 21st centuries, the People’s Republic of China (PRC) began to formally articulate a new approach to conflict that diverged significantly from traditional warfare. This strategic evolution was first evident in 1999 with the publication of "Unrestricted Warfare" by two People's Liberation Army (PLA) colonels, Qiao Liang and Wang Xiangsui. This groundbreaking conceptualization expanded the battlefield beyond purely military engagements to encompass a vast array of domains, including economic, legal, and informational spheres.

Further solidifying this new paradigm, the PRC subsequently adopted the "Three Warfares" doctrine in 2003. This formalized framework specifically outlined three interconnected non-kinetic operations: psychological warfare, public opinion warfare, and legal warfare. Together, "Unrestricted Warfare" and the "Three Warfares" doctrine laid a profound intellectual and doctrinal foundation for China's strategy of confronting powers like the United States in ways that intentionally stopped short of direct military conflict. Despite their significant implications for global security and China's evolving approach to international relations, these paradigms largely escaped widespread public notice and critical scrutiny in the Western world at the time of their introduction. It’s hard to know precisely when China’s gray war began, but we can see the doctrinal basis for that war taking shape in 1999 and 2003.

Today, the gray zone can be described as the geopolitical space between peace and war where nations conduct activities to advance their national interests, attack and weaken their adversaries, and possibly set the conditions for a future war without triggering a military response. It is the domain of deniability, ambiguity, and incremental aggression. As scholar Hal Brands has argued, it is the preferred tool of revisionist powers seeking to challenge the existing order.

The PRC’s aggressive actions are not isolated, unconnected events to achieve tactical gains, but rather the gray zone is the central front in Beijing’s strategic competition with the United States. Its objective is not to defeat the United States on a conventional battlefield, but to orchestrate a strategic defeat by a thousand cuts—eroding American power, influence, and resilience, while reshaping the international order to suit Beijing’s ambitions, all without triggering a direct military response. Its ultimate aim is to achieve a victory so complete that by the time America recognizes the totality of its loss, the cost of reversing it will have become insurmountably high.

Defining Strategic Defeat in a Gray War

The concept of strategic defeat has historically been tied to the battlefield: the surrender of an army, the fall of a capital, the destruction of cities and infrastructure, the massive loss of life, the signing of a treaty on an adversary’s terms. In a gray war, the metrics of victory and defeat are fundamentally different. They are not measured in territory lost but in access and influence ceded, not in ships sunk but in alliances fractured and capabilities sidelined, not in casualties but in confidence shattered and decision autonomy undermined.

Strategic defeat in the context of a gray war can be defined as: The cumulative loss of relative power, autonomy, and global influence across cognitive, geopolitical, military, economic, and technological domains—resulting in a diminished ability to deter, resist, or effectively respond to an adversary’s actions and ambitions.

What does this mean in practical terms? For the United States, it would mean a future where the U.S. dollar is no longer the undisputed global reserve currency, weakening America’s ability to levy effective sanctions. It would mean a world where American security guarantees are no longer trusted by allies, forcing nations in the Indo-Pacific and Europe to accommodate Beijing’s demands.

For prospective partners, it would mean the path of least resistance is to align with a new center of gravity in Beijing. And for our global adversaries, it would signal that the era of American primacy is over, emboldening them to challenge the international norms the United States has long championed.

As the 2022 U.S. National Security Strategy states, the PRC is "the only competitor with both the intent to reshape the international order and, increasingly, the economic, diplomatic, military, and technological power to do it." Strategic defeat is the realization of that intent.

The Cipher Brief brings expert-level context to national and global security stories. It’s never been more important to understand what’s happening in the world. Upgrade your access to exclusive content by becoming a subscriber.

The Six Fronts of China's Gray War

Beijing has evolved its original “Three Warfares” doctrine and is now waging a coordinated gray war across six interconnected fronts. Success on each axis is not necessary; rather, incremental gains in one area generate vulnerabilities in another, creating a cascading strategic effect. The struggle is not confined to the military domain but extends to economics, technology, diplomacy, and cognition itself. If left uncontested, Beijing could erode U.S. alliances, undermine deterrence, and shape a strategic environment in which America’s choices are constrained before conflict ever begins.

Dominate the Cognitive Environment

China seeks to control the global narrative, portraying itself as a responsible rising power while casting the United States as a declining, chaotic hegemon. PLA doctrine explicitly identifies the cognitive domain as a new battlefield, where perception and belief are as contested as territory.

The State Department’s Global Engagement Center – which was disbanded earlier this year – documented Beijing’s tactics: seeding pro-PRC messaging through foreign media, deploying bot networks to inflame divisions in democratic societies, and spreading disinformation on issues ranging from COVID-19’s origins to the integrity of U.S. elections. Through its United Front system—a unique blend of influence and interference activities, as well as intelligence operations that the CCP uses to shape its political environment—Beijing targets individuals, social and political groups, academia, business leaders, military leaders, policy makers and U.S. allies with persuasive narratives, manipulated imagery, and coercive pressure. It is an assault on cognition. The objective is to isolate the United States from its allies and demoralize the American public, thereby undermining the national capability—and will—to compete. This is a war over knowledge, belief, and decision-making autonomy—one that could prove decisive.

Limit U.S. Military Deterrence Options

The PLA has spent three decades developing a formidable Anti-Access/Area Denial capability. As detailed in the Pentagon’s annual China Military Power Report, this network of long-range anti-ship missiles, integrated air defenses, and advanced naval platforms is designed to make it prohibitively dangerous for U.S. forces to operate in the seas and skies around China's periphery. The goal is to neutralize America’s primary strength—its power projection—and create a scenario, particularly over Taiwan, where Washington hesitates to intervene.

The PRC’s intent is that intimidation, threats, and stated redlines add cognitive strength to its military deterrence and its efforts to shape U.S. military decisions to its advantage. PLA’s “deterrence by demonstration”—which employs constant aggressive maneuvers in the Taiwan Strait, missile launches, and aggressive intercepts—is designed to increase psychological pressure and a sense of inevitability, erode resolve, intimidate, and coerce decisions favorable to China. The rapid expansion of China’s nuclear arsenal (DF-41 ICBMs, new silos) also broadens Beijing’s deterrence toolkit.

It is likely that the PRC will be more provocative if it believes the United States is unlikely to respond for fear of escalation. Furthermore, Beijing closely observes the Western response to Russia’s war in Ukraine, treating it as a live-fire case study of Western resolve and military-industrial capacity, calibrating its own gray war accordingly in what amounts to a strategic partnership with Moscow.

Erode and Displace U.S. Power, Altering Geopolitical Norms

Where the U.S. once led in building the post-war international order, China now works diligently to co-opt or supplant it. Through initiatives like the Belt and Road Initiative, the PRC has used its vast economic resources to create dependencies, gaining political leverage and, in cases like Sri Lanka's Hambantota Port, control of strategic assets, while also working to undermine American access and influence. As the U.S. signals an intent to withdraw investments and presence from some countries and regions, the PRC will seek to fill those vacuums.

The PRC's construction and weaponization of new islands to change international boundaries in the South China Sea are also part of its strategy to create new geopolitical realities that expand PRC presence and influence. Simultaneously, Beijing has successfully placed its officials in key leadership positions within United Nations bodies, influencing the setting of international standards on everything from technology to aviation in ways that favor its own authoritarian model. PRC influence in the International Telecommunication Union and efforts to set standards for 5G, AI governance, and internet “sovereignty”—all erode the liberal international order in an attempt to sideline American influence.

Weaken and Compromise Essential U.S. National Systems

The Volt Typhoon intrusions are the most visible element of a concerted campaign to hold American critical infrastructure at risk and “prepare the battlefield,” but there are others. According to media reports, the PRC has attempted to penetrate and compromise, with mixed results, U.S. energy, water, communications, transportation, and information infrastructure as well as government organizations. U.S. space infrastructure and emerging AI infrastructure, such as data centers, are also vulnerable.

The PRC’s state-sponsored hackers have also engaged in persistent, widespread economic espionage, targeting U.S. corporations, universities, and research labs to steal the intellectual property that forms the backbone of the American economy. Former FBI Director Wray has stated that the PRC’s hacking program is larger than that of every other major nation combined. This front of the gray war aims to weaken America from within, creating systemic brittleness and giving Beijing coercive leverage in a crisis.

Manipulate Economic Dependencies and Supply Chains

For decades, the West viewed economic interdependence with China as a force for liberalization. Beijing, however, saw it as a strategic vulnerability to be cultivated and exploited. The PRC has weaponized its dominant position in critical supply chains, as seen when it restricted exports of gallium and germanium in 2023 in response to U.S. semiconductor controls. Its control over the processing of some 90% of the world’s rare earth minerals gives it a chokehold over inputs essential to the U.S. defense and technology industries. This economic statecraft, documented in case studies by the Peterson Institute for International Economics, is used to punish and coerce other nations, demonstrating to the world the costs of defying Beijing.

Other dependencies are equally concerning. The United States remains reliant on China for pharmaceuticals and active pharmaceutical ingredients , batteries, and solar panel components—sectors where Beijing could impose sharp costs on adversaries. Through such statecraft, China demonstrates the penalties for defiance and signals that economic integration is a vulnerability, not a safeguard.

Gain Technological Superiority over the U.S.

The final and perhaps most crucial front is the race for technological supremacy. Through state-directed policies like "Made in China 2025" and its "Military-Civil Fusion" strategy, the PRC is mobilizing the full power of its state and society to dominate the foundational technologies of the 21st century: artificial intelligence, quantum computing, biotechnology, and next-generation telecommunications.

China already leads the world in patent filings for AI, fintech, and quantum encryption. Leadership in these fields, as argued in reports by the Special Competitive Studies Project (SCSP), will not only drive future economic growth but will also confer decisive military and intelligence advantages. China’s theft of U.S. intellectual property has directly accelerated its technological advancement in both commercial and military sectors, often allowing Chinese firms and state entities to leapfrog developmental obstacles and compete globally with U.S. companies. The PRC is not merely seeking to catch up; it is determined to leapfrog the United States at any cost and write the rules for the next technological era.

Need a daily dose of reality on national and global security issues? Subscriber to The Cipher Brief’s Nightcap newsletter, delivering expert insights on today’s events – right to your inbox. Sign up for free today.

American Vulnerabilities and Responses

China's gray war strategy is effective because it expertly exploits the inherent vulnerabilities of an open, democratic society. The openness of the U.S. economy and academic institutions, a traditional source of strength, creates avenues for technology theft and malign influence. America’s political polarization, amplified by social media, is a fertile ground for PRC information operations. A chaotic global information environment, which is at the fingertips of information-hungry Americans, further provides infrastructure, camouflage, and endless surrogates for China’s cognitive warfare efforts.

The United States is not idle. It has finally awakened to the challenge. The 2022 CHIPS and Science Act represents a historic investment to restore domestic semiconductor manufacturing. Stricter export controls, led by the Commerce Department, aim to slow China's progress in advanced computing. New and strengthened alliances, chief among them the AUKUS pact with Australia and the United Kingdom, are designed to bolster collective deterrence in the Indo-Pacific.

These responses, while necessary, remain largely fragmented and they are created within the context and the confines of the “rules-based global order” that the PRC often ignores. As many analysts at institutions like the Center for a New American Security have argued, the U.S. government is still largely structured for a bygone era. It lacks the integrated, whole-of-government machinery required to effectively counter a holistic, long-term gray zone competitor. We are waging a networked war with a hierarchical bureaucracy, responding to discrete crises rather than waging a proactive, continuous campaign. And the tools that we often choose to employ, such as relying solely on diplomacy and limited assistance to regional allies to dissuade Beijing from asserting its sovereignty in the South China Sea, are unsuccessful in inducing PRC compliance.

China’s Confidence and Risks

Beijing’s confidence in this strategy is rooted in its own strategic culture and its perception of American decline. The Chinese Communist Party’s (CCP) ideology, especially under Xi Jinping, is saturated with the narrative of an "East rising and West declining," a belief that history is on China's side. This modern confidence is layered atop an ancient strategic tradition, epitomized by Sun Tzu, that prizes victory without direct conflict (shangbing fa mou). A gray war is the ultimate expression of this philosophy: to win by outmaneuvering, outwitting, and demoralizing the opponent until their will to resist collapses.

Yet, this strategy is fraught with risk—for China. In his book The Long Game, Rush Doshi argues that Beijing’s aggressive turn has prematurely awakened a sleeping giant, galvanizing the very anti-China coalition it sought to avoid. Every coercive trade action, every act of cyber aggression, and every belligerent statement pushes the United States. and its allies closer together. The greatest risk of all is miscalculation. A gray zone action over Taiwan—such as a declaration of a "quarantine"—could easily be misinterpreted, spiraling into a devastating hot war that would shatter China’s economic ambitions and potentially threaten the CCP’s grip on power.

Disrupting China's Gray War and Imposing Costs

Recognizing that we are in a gray war is the first, foundational step. Winning it requires a fundamental shift in American strategy from reaction to proaction. As noted in a previous Cipher Brief article, the U.S. has to rethink, retool, and reorient so that it is as prepared for a gray war as it is for traditional conflict; that has yet to be achieved. Further, the U.S. must understand and manage risk in the gray zone. The gray zone is filled with real threats, many things that aren’t real, and outright deception.

Russia, China, and Iran flood the information environment with false and manipulated information; fabricated organizations and events; persuasive but false national narratives; and calculated threats and intimidation intended to weaken our resolve, impair our judgment, and push us toward decisions that favor their interests. Despite this gray zone “fog of war”, the U.S. and its allies must move beyond simply defending against China's gray zone aggressions and begin to actively disrupt them, impose meaningful costs, and shift from a defensive to an offensive posture. A strategy to do so must include four key lines of effort:

First, systematic exposure. The United States must win the battle for truth by systematically declassifying and publicly attributing PRC gray zone activities in near-real-time. By stripping away the cloak of deniability from actions like Volt Typhoon or covert influence operations, Washington can rally domestic and international opinion, making it harder for Beijing to operate. This exposure can also occur at very senior levels. China should not be able to engage in trade or diplomatic talks with the United States without answering for its systematic attacks on U.S. sovereignty, institutions, critical infrastructure, and global influence.

Second, impose proportional costs. For too long, China’s gray zone actions have been low-cost and low-risk. Washington. must change the PRC’s risk-gain calculation, which currently demonstrates that the PRC sees more gains than risks in its gray zone actions. U.S.leaders must speak clearly to the PRC and other adversaries on the costs of their gray zone attacks. The United States must lead a coalition to develop a menu of pre-planned, rapid-response options. If China uses economic coercion against an ally, the G7 should respond with coordinated relief funds and joint legal challenges. If a Chinese entity is caught stealing intellectual property, it should face crippling sanctions.

Third, build collective resilience—not just at the national level, but across society and allied networks. Strengthening resilience means ensuring U.S. intelligence collection and analysis is sharply focused on evolving gray zone threats. The United States should deepen security, intelligence, and crisis response cooperation with core allies through frameworks like AUKUS and the so-called “Quad alliance” (an informal security dialogue involving Australia, India, Japan, and the United States), while also investing in broader multi-level partnerships that include the private sector and academia. The U.S. and its allies should pioneer an "economic NATO" model, creating shared safety nets and coordinated defense packages so that an economic or cyberattack against one is met with rapid collective support from all members.

Domestically, resilience is important because PRC cyberattacks, threats to critical infrastructure, and efforts to sow dissent, undermine U.S. institutions, interfere with supply chains, and influence U.S. decision-making can impact all Americans. Resilience starts with informed leadership at all levels of government and timely information sharing so communities and businesses can trust public information and know how to respond.

Finally, target the architects. Sanctions and other punitive measures should not only target corporate entities but also the specific Chinese Communist Party officials and PLA officers who design and direct these gray zone campaigns. Making the conflict personal for the individuals involved raises the stakes and can deter future aggression.

The challenge posed by China’s gray war is formidable, but it is not insurmountable. The United States stands at a critical juncture: either we continue to respond in a disjointed manner, or we forge a unified, proactive strategy to counter Beijing's multifaceted aggression. This demands an immediate, integrated, whole-of-nation response across all domains—governmental, private sector, and civil society—to systematically expose and build collective resilience against Beijing’s coercive actions. And it requires U.S. decisionmakers to overcome their fear of escalation and finally impose real costs on Beijing for engaging in gray warfare against the U.S. Failure to act decisively now risks a strategic defeat by incremental erosion, fundamentally reshaping the international order and diminishing American influence for generations to come.

All statements of fact, opinion, or analysis expressed are those of the author and do not reflect the official positions or views of the U.S. Government. Nothing in the contents should be construed as asserting or implying U.S. Government authentication of information or endorsement of the author's views.

The Cipher Brief is committed to publishing a range of perspectives on national security issues submitted by deeply experienced national security professionals.

Opinions expressed are those of the author and do not represent the views or opinions of The Cipher Brief.

Have a perspective to share based on your experience in the national security field? Send it to Editor@thecipherbrief.com for publication consideration.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief