蘑菇视频

During the Cold War, the national security community had one defining challenge鈥攃ontaining the Soviet Union. After 9/11, attention turned to counterterrorism. Today, the nation faces a vast array of threats. Increasingly, these are 鈥済ray zone鈥� activities鈥攃oercive or subversive actions below the threshold of armed conflict.

Recent cyber intrusions into U.S. critical infrastructure attributed to People鈥檚 Republic of China (PRC) and Russian cyber actors, attempts by Iran and Russia to , and ransomware attacks against U.S. healthcare providers by Russian cyber criminals are leading examples of this dangerous trend.

Director Christopher Wray says the PRC dangerously 鈥渃ombines cyber means with traditional espionage and economic espionage, foreign malign influence, election interference, and transnational repression,鈥� but he鈥檚 quick to add that 鈥淐hina is not the only adversary we鈥檙e up against, Russia, Iran, and North Korea are all determined to use cyber means to take aim at things we all hold sacred鈥攐ur freedoms, prosperity, and democratic norms.鈥� 听听

Malign activities in cyber, economic, information, legal, military/security, and space domains all fall under this umbrella. They either violate global norms or exploit normative gaps. They鈥檝e become weapons of choice for U.S. adversaries who often fail to discriminate between civilian and government boundaries and see instead one contiguous target-rich battlespace. These threats undermine democratic institutions, threaten critical infrastructure and economic resources, and subvert international order. They can only be countered by thoughtfully and comprehensively applying all elements of national power in partnership with allies.

Between now and 2030, the intelligence community (IC) forecasts more frequent, diverse, and damaging acts of coercion and subversion by the PRC, Iran, Russia, and North Korea, according to a on conflict in the gray zone. The IC expects more hostile activity as these four governments look to challenge the U.S. and advance their goals while also aiming to avoid direct war.聽

Such shadowy campaigns are likely to increase and diversify as new technologies enable them, countervailing norms are eroding or missing entirely, attribution remains challenging, and adversaries consider the campaigns useful. Fundamentally, in the eyes of adversaries, the risks for conducting these activities are low and the benefits are high. The PRC, for instance, has a strategy for annexing Taiwan without fighting.

What鈥檚 more, the NIE notes there is a rising risk that adversaries could collaborate more directly on gray zone activities in the future.聽

Current challenges are pressure testing the U.S. defense and national security community, partners, allies, and industry like never before. As Director of National Intelligence Avril Haines to Congress, the dynamics are creating 鈥渦nprecedented burdens on the institutions and the relationships that the United States relies on to manage such challenges.鈥�

To be fair, there are examples of successful actions by the U.S. government and foreign partners to contest malign influence operations and disruptive cyberattacks. Successful operations are intelligence driven, may be led by law enforcement, and often include collaboration with foreign partners and commercial providers.

• September 2024 鈥� The FBI and partners dismantled a botnet created by PRC actor Flax Typhoon, denying the PRC access to a vector for malign activity, from espionage to disruptive attacks.
  
• September 2024聽鈥� The Department of State exposed Russian malign influence operations by RT (formerly Russia Today) for engaging in information operations, covert influence, and military procurement.
• March 2024聽鈥� The Treasury Department sanctioned individuals and corporations affiliated with PRC actor Volt Typhoon for cyber intrusions into U.S. critical infrastructure.
• January 2024聽鈥� The FBI and partners dismantled a botnet used by PRC actor Volt Typhoon to enable intrusions into U.S. critical infrastructure.

But there is a lot more that needs to be done. Recent disruptive cyber threats and malign influence activities are so significant that they require an urgent and decisive whole of-nation response.聽

By strengthening U.S. policy, as well as partnerships abroad and with industry, national security leaders can accelerate the speed, scale, persistence, and effectiveness of efforts to counter and diminish the impacts of gray zone activities.

• Elevate the problem: Achieving measurable effects against adversary cyber and malign influence activities requires a whole-of-nation effort. The National Security Council should immediately conduct a comprehensive review of the problem with all relevant stakeholders across the U.S. government, foreign partners, and industry.

• Create unity of effort: Designate a lead U.S. agency responsible for coordinating counter-cyber and counter-malign influence efforts. Create the appropriate supporting operational activities鈥攆or instance, joint interagency task forces (JIATF) or mission centers. Designate clear roles, responsibilities, and authorities for all supporting efforts.

• Think like a hacker: Defeating these threats requires a deep understanding of the motivations, rewards, tactics, and technology of the adversary. Recruit the best and brightest subject matter experts from across the citizenry, industry, academia, and the government to help drive innovative solutions.

• Update policy and law: Review and change, update, or create relevant policy and law to enable law enforcement, the IC, and defense forces to operate at the speed of the adversary. For instance, are any new legislative authorities needed to expand innovation and accelerate the development and fielding of new acquisition programs designed to counter emerging threats?

• Intelligence drives operations: Review and update policies and processes to enable collection, analysis, reporting, and sharing at mission-relevant speed for all-source intelligence across the interagency, foreign allies, partners, and industry.

• Attack the networks: Focus on and defeat the human networks that form adversary malign cyber and influence networks. Impose real costs on all elements of the malign cyber and influence supply chain.

• Follow the money: Trace the movement of funds that underpin illicit financial actions supporting malign cyber and influence activities to enable the prosecution or disruption of threat actors.

• Define the outcomes: Establish clear and measurable outcomes to define progress and success. Focus on measures of effect and rapidly adjust as facts and assumptions change.

• Enable and leverage foreign partners: Enable foreign partners with the technology and training to harden their defenses, share intelligence and information, and protect their sovereignty. Draw on more capable foreign partners for intelligence production and technical solutions. Through diplomatic channels, continue to strengthen global norms of behavior.

• Effectively partner with industry: Reduce the barriers to information and intelligence sharing between government and industry. Create streamlined processes to better access technology, trained talent, and thought leadership.

• Improve security and resilience: Incent investments by citizenry, small businesses, and critical infrastructure providers to harden networks and data. Develop and deliver education for cybersecurity and countering malign influence.

• Exploit the U.S. technological advantage: Deploy best-of-breed AI capabilities, zero trust solutions, and quantum-resistant encryption to defeat adversary attacks. Incentive academia and industry to partner with the government on advanced security standards.聽

Together, the U.S., partners, and industry can chart a clear path for national security through the gray zone.