Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Director’s note: Transatlantic conversations on the broader strategic implications of evolving AI

(Image by María Bonmatí from Pixabay)
By Frank Cilluffo

Dear readers,

This week I and others on the McCrary Institute team traveled to the Paris Cyber Summit, where we engaged key cyber policy officials from France and other European nations. I was encouraged by the lively dialogue, which centered on strengthening the critical transatlantic relationship and addressing the growing cyber and national security challenges posed by increasingly capable AI systems. It was also heartening to see a strong U.S. presence, with officials from agencies including CISA, the FBI and the Department of War. For my part, I had the opportunity to lead a discussion on offensive cyber capabilities and what a new era of cyber operations may require. Lastly, we were able to foster important and frank conversations regarding China and the many growing threats posed by the PRC. A recurring theme was the prospect that nations may increasingly have to choose between competing technology stacks. While some in Europe continue to frame this as a choice between equivalent commercial alternatives, I was encouraged that many participants recognized the broader strategic implications. There is no moral or strategic equivalency between technology developed by trusted partners and technology that can be leveraged by authoritarian states for surveillance, coercion or geopolitical advantage.

This week’s Cyber Focus centered on a unique threat posed by AI: the risks for underage users and how to navigate this landscape of psychological and data privacy risks. I sat down with Geoffrey Fowler, head of public engagement for the Youth AI Safety Institute at Common Sense Media and a longtime technology journalist, to discuss how teenagers are using AI companions, ChatGPT and therapy chatbots and why traditional media rating frameworks can’t be applied to dynamic frontier models and conversational AI toys that can easily bypass standard content guardrails. Our conversation included Common Sense Media’s recent risk reports, which red-team popular AI tools and therapy apps to label acceptable vs. unacceptable risks for children, and how independent safety standards and “crash testing” AI models can push tech companies to design products with child safety in mind from the start.

With an eye toward getting a preview of powerful frontier AI models that in the wrong hands can breach critical systems, President Trump signed an executive order this week asking AI companies to give the administration access to these models 30 days before public release, Amrith Ramkumar reported at The Wall Street Journal. The EO says it’s not for “the creation of a mandatory governmental licensing, preclearance, or permitting requirement for the development, publication, release, or distribution of new AI models, including frontier models” but asks national security and cyber officials to work with agency heads and top tech companies to address software vulnerabilities.

The company behind the frontier model that sent officials scrambling to address the fallout announced this week that it’s expanding access through the collaborative Project Glasswing initiative. Anthropic is making Mythos available to 150 additional organizations in more than 15 countries after wisely determining that critical sectors such as power, water, healthcare, communications and hardware were underrepresented in the initial launch, Samantha Subin reported at CNBC. Anthropic released a report this week detailing how AI has been used over the past year to make cyberattacks more dangerous, including a shift from AI-enabled techniques to gain initial access to a system toward activity carried out once bad actors are inside. And the leaders of OpenAI, Anthropic and Google’s DeepMind AI lab urged Congress to protect against biological threats posed by AI by requiring safeguards when companies order synthetic DNA and RNA, Amrith Ramkumar reported at The Wall Street Journal. Taken together, these developments suggest that policymakers are beginning to move beyond abstract debates about AI safety and toward a more practical question: how to responsibly provide defenders with access to powerful capabilities before adversaries exploit them first.

Beyond AI, this week’s reporting offered another reminder that strategic competition increasingly spans every domain: human intelligence, cyber operations, critical infrastructure and the seabed itself. The U.S. and intelligence allies issued a rare joint warning about China as nations in the Five Eyes intelligence partnership said fake profiles and job offers are targeting military officers, spies and others with access to classified or sensitive information, Greg Miller reported at the Washington Post. Three senior European intelligence officials told The Associated Press that Russia’s intelligence agencies have grown more aggressive in their efforts to steal Western technology and defense secrets as sanctions squeeze the country’s wartime economy, Emma Burrows reported. And the U.S., UK and Australia announced a new joint project to develop underwater drone technology to protect undersea cables as Australia’s defense minister warned “the seabed is becoming a battlefield” with a series of attacks witnessed against subsea critical infrastructure over the past 18 months “at a scale and frequency that is historically unprecedented,” Ben Doherty reported at The Guardian.

The lessons of cyber conflict are increasingly being applied to space. As nations become more dependent on space-enabled capabilities, the domain is beginning to resemble cyberspace in its early years: highly contested, difficult to deter and increasingly vulnerable to disruption below the threshold of war. Theresa Hitchens reported at Breaking Defense on how the loss of Space Force capabilities during Operation Epic Fury in Iran has highlighted the need for the service to invest in disaggregating its ground-based space operations centers and new “tactical” electronic warfare centers both at home and abroad. Brig. Gen. Christopher Fernengel told the State of Space Industrial Base conference that they saw, “for the first time, that our space capabilities have been targeted and destroyed.” David Denhard, SPACECOM’s chief scientist and technical advisor, told the conference that developing capabilities for operations in cislunar space, including offensive space control, is on the “what’s hot for tomorrow” list of S&T priorities, Hitchens reported.

And the CSIS Commission on U.S. Cyber Force Generation released an anticipated report on its 10-month study of how policymakers might best organize and sustain a dedicated cyber service. Commission co-chair Joshua Stiefel called the conversation “facing an inevitability” in presenting the report that estimates between $10 billion and $11 billion would be needed to establish a Cyber Force, Tabitha Reeves reported at National Defense. Whether or not policymakers ultimately establish a dedicated Cyber Force, the report highlights a broader challenge: demand for cyber talent, operational capacity and cyber effects continues to grow faster than our ability to generate and sustain them.

Stepping back, one theme emerged repeatedly this week from discussions in Paris to developments in AI, cyber and space: technology choices are increasingly becoming national security choices. The systems that power our economies, connect our societies and enable military operations are also becoming targets for adversaries seeking strategic advantage. Whether the issue is frontier AI models, undersea infrastructure, space systems or trusted technology ecosystems, the challenge is no longer simply defending individual networks. It is ensuring that innovation, security and resilience advance together in an era of persistent strategic competition.

This week by the numbers:

  • A JP Morgan analysis last month found that more than 60% of data center capacity planned for completion in 2027 isn’t yet under construction, and another 7% is delayed. (WSJ)
  • Six Microsoft 365 Android apps contain an identical flaw that could risk billions of downloads being compromised, an AI-powered exploitable bug hunter discovered. (Security Week)
  • Authorities in the Netherlands said they dismantled a botnet that comprised more than 17 million devices managed by 200 servers. (Ars Technica)
  • An unknown threat actor managed to spy on a senior member of an unnamed global stock exchange for at least 5 months. (Dark Reading)
  • We know all too well the devastating impacts that extreme weather can have on critical infrastructure. With this week’s official start to hurricane season, and 14 named storms predicted, here are 3 things to know. (The Weather Channel)

With China and space infrastructure among the week’s top stories, this weekend’s long read explores the challenges faced when collaborating with China on space research and technology. At RAND, Cortney Weinbaum, Christopher G. Pernin, Camille Reeves, Libby Weaver and Shanshan Mei write that late-stage, dual-use research and development is especially prone to diversion into People’s Liberation Army applications, and institutions that do not partner with China are not insulated from risk as the PRC and its proxies have targeted foreign space organizations with espionage, insider threats and cyber operations to obtain sensitive IP and operational access.

War Eagle,

Frank Cilluffo

Read More

Click to listen highlighted text!