Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Director’s note: Moving toward PNT resilience amid heavily reliance on GPS

U.S. Space Force Sgt. Jonathan Ojeda, 527th Space Aggressor Squadron (SAS), right, conducts GPS electromagnetic interference training with a GPS electromagnetic attack system at Schriever Space Force Base, Colorado, July 18, 2023. (U.S. Space Force photo by Ethan Johnson)

By Frank Cilluffo

Dear readers,

Positioning, navigation and timing (PNT) services underpin almost every aspect of modern society, from emergency response and financial transactions to transportation, agriculture and military operations. Yet our dependence on the space-based global positioning system (GPS) remains one of America’s least-appreciated strategic vulnerabilities: The criticality of PNT functions and our heavy reliance on GPS is too often overlooked, yet we do so at our peril. In a welcome analysis this week at Small Wars Journal, Muhammad Waqas Haider writes about our “silent dependency” on this “invisible substrate,” and how irregular warfare practitioners whose operations depend entirely on these services have not yet developed the doctrine, training or technology choices to confront one of the most exploitable vulnerabilities in the contemporary battlespace.

Reliance on space-based assets for transit and targeting requirements expands the potential attack surface. Retired USAF Gen. William Shelton, who served as commander of Air Force Space Command, wrote at Breaking Defense that a recent report about Russian satellites purposely interfering with GPS signals shows that an electronic weapon is being covertly exercised – underscoring the need for the United States to act on establishing critical terrestrial systems that complement and back up essential navigation and timing signals from space in the event of GPS disruptions. As with cybersecurity more broadly, resilience – not redundancy alone – must become the organizing principle for protecting these essential capabilities.

From under-covered threats to those understandably garnering the lion’s share of headlines, Raphael Satter reported at Reuters that CISA is using Anthropic’s AI model Mythos to audit government software. Spurred by the rapid advent of powerful frontier models, Illinois became the first state to require that AI labs with more than $500 million in revenue must submit third-party audits of their safety plans every year, Miranda Nazzaro reported at The Hill. In a RAND paper, Brian A. Jackson argued a case for resilience and risk management as core elements of a competitive national AI strategy. Collectively, these developments suggest the AI conversation is beginning to mature – from a singular focus on capability toward a more balanced discussion of resilience, governance and operational security.

These questions of cyber defense in the age of AI, the increasingly contested domain of space and the future of electronic warfare converged on this week’s Cyber Focus as I sat down with Nightwing Chief Technology Officer Chris Jones, former Associate Deputy Director for Science and Technology at the CIA. Our discussion included why foundational cybersecurity investments are more important than ever, why democratic institutions must maintain a clear edge in technological innovation, securing vulnerable infrastructure technology, developing the cyber workforce and more. “In order to be really effective, it’s not just the application of advanced technology – it’s the application of advanced technology by really well-trained and experienced operators of that technology,” he said.

As competition for AI leadership intensifies, geopolitical competition increasingly mirrors technological competition. China has been reaping the windfall from American companies’ addiction to their cheap AI models but is now considering a stronger grip on the PRC’s homegrown technology, Raffaele Huang and Tina Li reported at The Wall Street Journal. This comes as American companies building artificial intelligence systems are pleading with officials to do something about Chinese competitors unfairly copying their technology, Cade Metz reported at The New York Times. Innovation leadership is becoming inseparable from national security leadership. Meanwhile, Chinese cyber espionage targeting the American innovation base continues unabated. This latest campaign focuses on university physics and engineering departments, particularly administrators and professors with national security ties or organizations conducting research in astrophysics and particle physics, Matt Kapko reported at CyberScoop.

Electronic warfare and the new age of drone warfare collided in a report from Max Hunder of Reuters on observations from Ukrainian drone commanders and pilots that Russian forces are trying to jam Starlink to counter drone attacks. The jamming systems can reportedly destabilize a Starlink connection in a nearly 8-square-mile area, so Ukrainian drone operators are trying to target the jammers. At the Modern War Institute at West Point, Sandor Fabian argued that the drone revolution isn’t what it seems: “Policymakers, security experts, and even some defense planners are mistaking a tactical innovation for a strategic revolution,” he wrote, and “doing so risks distorting procurement priorities, weakening combined arms capabilities, and encouraging the repeatedly refuted belief that technology can substitute for strategy.” Technology changes warfare. It does not replace strategy.

And this week the European Commission unveiled an action plan on cybersecurity and artificial intelligence, committing to nine measures on model evaluation, access to frontier systems and vulnerability management, Alexander Martin reported at The Record. In a comprehensive overview and road map of continental resilience, the European Cyber Security Organisation released a comparative analysis of EU member states’ national cybersecurity strategies. Increasingly, allies recognize that cybersecurity strategy and AI strategy can no longer evolve on separate tracks.

This week by the numbers:

  • When mounted to a vehicle, the U.S. Army’s Volcano mine dispenser can blanket roughly 32 acres with up to 960 mines. Now, the service is testing a system that can do the same thing without a driver behind the wheel. (Defense News)
  • The threat actor Kairos claimed access to more than 2 TB of data, including approximately 1.6 million files, after reportedly targeting a U.S. government entity with a brute-force attack in 2025. The group’s initial demand was $3 million, which was later reduced to a successful final ransom payment of $1 million. (Ransom-ISAC)
  • 80% of quick service and fast-casual restaurants surveyed experienced at least one “cyber incident” in the past 12 months and 76% had sensitive data leaked. (MassLive)
  • 55% of IT and cybersecurity professionals said they were told to keep quiet about a breach, rising from 42% in 2024 to 58% in 2025 – a plateau this year that “is arguably just as troubling as the initial spike,” Bitdefender analysts wrote. (Cybersecurity Dive)
  • A new attack that researchers have named HalluSquatting gives hackers the potential to use 9 of the most popular AI tools to assemble massive botnets, perform large-scale DDoSes and infect devices at scale, a first for prompt-injection attacks. (Ars Technica)

One additional item worth highlighting this week comes closer to home. Writing for Auburn Engineer, Joe McAdory highlighted the work of the McCrary Institute’s Alabama Cybersecurity Intelligence Center (ACIC), which is helping strengthen the cyber resilience of local governments across Alabama. By providing municipalities with cyber monitoring, incident response support and practical security assistance, the program reflects an important principle: resilience is built not only through national strategy, but through sustained investments in state and local capabilities. As cyber threats continue to grow in both frequency and sophistication, it is another reminder that national resilience is built from the ground up, with states and local communities serving as the front lines of our nation’s cyber defense.

The most intriguing deep dive this week assesses the scope and aims of 18 months of Russian drone incursions into European airspace, including over U.S. military installations. In their IISS report, Charlie Edwards, Rex Fox O’Loughlin and Louis Bearn write that this exploitation of European air-defense vulnerabilities – in which “current counter-UAV architecture does not yet match the threat” – likely had a number of aims including testing response times and decision-making thresholds of defenders, mapping vulnerabilities around critical infrastructure, disrupting aviation and public confidence in airspace security, and normalizing low-level airspace violations below the threshold of a direct allied military response. It is a reminder that our adversaries rarely begin with decisive attacks. They begin by observing, probing, mapping and learning. Recognizing those patterns early – and building resilience before a crisis – remains one of our greatest strategic advantages.

War Eagle,

Frank Cilluffo

Click to listen highlighted text!