Introduction

The militarization of space is rapidly expanding as modern militaries become increasingly dependent upon satellites for communication, navigation, intelligence, and missile defense warning. Space-based systems now serve as early indicators of precision strikes, global surveillance, and real-time battlefield coordination. Nations are investing in both deploying resilient satellite constellations and developing counter-space capabilities, including jamming, cyberattacks, and anti-satellite weapons. This has turned space into a contested domain, where disabling or disrupting orbital assets could have significant strategic consequences. The trend underscores the urgency for international norms to prevent escalation and manage the risks of weaponizing space.^[1],[2],[3]

The Growing Use of Space for Modernization

Space is a vital driver of modernization and innovation. Satellite deployments have revolutionized communication, facilitating instant data transfer and enhanced connectivity. Investment in space infrastructure by governments and the private sector supports smart cities, climate monitoring, and precision agriculture, showcasing the direct benefits of outer space technologies on life on Earth.^[3],[4]

Space-based technologies also enhance scientific research and national security, with modern navigation systems being essential for transportation, logistics, and emergency services. Additionally, space assets contribute to surveillance and defense, offering strategic advantages and promoting international collaboration. In the commercial sector, space is fostering innovation through companies like SpaceX and Blue Origin, which are lowering costs and promoting space tourism, asteroid mining, and orbital manufacturing.^[5],[6]

 Increasing Importance of Technological Warfare

Command, Control, Communications, Computers, Intelligence, Surveillance, and Reconnaissance (C4ISR) is an integrated framework enabling the Department of War (DoW) to collect and analyze information for real-time decision making. Its purpose is to provide a comprehensive operational view of the battlefield. Furthermore, the framework facilitates swift and informed decisions across command levels, effectively functioning as the decision maker for military operations by linking sensors, commanders, and operations. Recently, militaries have been exploring AI to enhance data analysis and augment strategic planning.^[7],[8]

The C4 (Command, Control, Communications, and Computers), focuses on the tools and infrastructure necessary to direct forces effectively. This includes everything from secure radios and satellite links to advanced computing systems that process data. These systems are responsible for ensuring that orders can be issued, received, and executed with crucial precision, even in contested environments. Modern military units depend on reliable communication networks and computer systems to coordinate movements, logistics, and engagements across multiple domains.^[8],[9]

Intelligence, Surveillance, and Reconnaissance (ISR) focuses on collecting and analyzing data to assess enemy positions and activities. It uses satellites, drones, radar, signal interception, and human intelligence to monitor large areas, identify threats, and anticipate enemy actions. In conflict zones, including the Middle East and Ukraine, ISR tools have been crucial for tracking adversaries, conducting targeted operations, and minimizing civilian casualties.^[8],[9]

C4ISR is integral to multi-domain operations, enhancing strategic planning. For example, drone detection of enemy positions can send data through secure networks to facilitate immediate targeting by aircraft or artillery. This rapid response is vital in modern combat. It prompts significant investment in C4ISR modernization by the U.S. military, NATO, and allied forces to maintain an advantage in evolving battlefields. In today’s world, C4ISR is the driver behind the rapid development of technology in the military, such as AI-driven decision-making, cyber warfare, and space-based command centers. AI enhances the processing of vast ISR data, which leads to rapid and accurate command actions, while satellites ensure global surveillance and communication in challenging environments. As warfare evolves to be more digital and decentralized, C4ISR systems are essential for ensuring situational awareness and strategic coordination.^[8],[9],[10]

Adversarial C4ISR Tactics and

China’s investment into C4ISR capabilities is pivotal to the modernization of its People’s Liberation Army (PLA). This architecture integrates satellites for communication, navigation (notably BeiDou), imaging, airborne and maritime sensors (manned aircraft, patrol planes, and UAVs), coastal radars, and advanced ground networks. Enhanced command-and-control nodes and secure communication systems link these components, allowing for the rapid fusion of information from dispersed sensors into an operational picture for commanders and weapons systems.^[11],[12]

Beijing has already leveraged its capabilities to enhance missions that impact American interests and regional stability. In the South China Sea and the Taiwan Strait, integrated ISR and command networks allow for ongoing surveillance of naval and aerial assets, enabling the PLA to monitor American allies, direct strike forces, and implement anti-access/area-denial (A2/AD) strategies. Furthermore, space-based systems provide support for long-range targeting and operations, increasing the PLA’s capacity to challenge U.S. military assets and logistics without direct conflict. China’s C4ISR investments extend beyond kinetic modeling to include non-kinetic and gray-zone competition, complicating American military operations and decision-making. These investments enhance signals and imagery collection for intelligence and targeting, empower cyber and electronic-warfare capabilities to disrupt U.S. command and communications, and involve space developments aimed at protecting Chinese assets while challenging American reliance on satellite systems. Additionally, ongoing peacetime surveillance and frequent military operations increase pressure on U.S. and allied forces by raising operational risks and political costs of escalation.^{[10],[12],[13],[14]}

China’s implementation of integrated C4ISR enhances the information landscape and, thus, situational awareness for commanders, refining PLA force precision and coordination and offering alternatives to challenge U.S. dominance in the Indo-Pacific without engaging in direct conflict. This approach has prompted the U.S. to prioritize resilience, adopt distributed command structures such as Joint All-Domain Command and Control (JADC2), fortify communications, and invest in counter-ISR and cyber defense, as information superiority and robust networks are crucial in modern warfare.^{[14],[15],[16]}

Russia has also significantly invested in C4ISR capabilities as part of its military modernization since the early 2000s, focusing on battlefield awareness, long-range targeting, and strategic command. This strategy combines Soviet-era doctrine with modern technologies such as satellite communications, electronic warfare, and advanced reconnaissance drones. Centralized command and rapid data sharing between units are key features, demonstrated in operations in Ukraine, Syria, and along NATO’s borders.^[17],[18]

Russia utilizes integrated C4ISR systems in regional conflicts to effectively coordinate its forces and gather intelligence on adversaries. In Ukraine, this includes the use of drones, signal intelligence, and electronic warfare capabilities to detect, track, and disrupt Ukrainian forces. The use of reconnaissance-strike complexes (RSCs) integrates sensor data with long-range strike capabilities, enabling rapid targeting of significant objectives and emphasizing tempo superiority in combat operations. Russia employs its C4ISR assets to observe and challenge NATO and U.S. military operations, utilizing space-based surveillance, electronic intelligence, and cyber capabilities. These tools enable Russia to watch U.S. troop movements, intercept communications, and assess defense systems. Additionally, strategic bombers and submarines conduct patrols near U.S. airspace to gather ISR data. Investments in anti-satellite weapons and counter-C4ISR tools further aim to undermine Western dependency on space and communications in potential conflicts.^{[18],[19],[20]}

Russia’s C4ISR infrastructure is vital to its “information confrontation” strategy, encompassing cyberattacks, disinformation, and electromagnetic warfare. Moscow acknowledges that modern warfare involves not only conventional weaponry but also data. Its capacity to disrupt U.S. forces in Europe through cyber intrusions and GPS spoofing poses a significant threat. In response, the U.S. is bolstering investment in resilient communications, satellite hardening, and rapid ISR integration to mitigate threats.^[18],[21]

 The Usage of C4ISR in the U.S.

The U.S. remains a foremost leader in C4ISR integrating space capabilities into its military strategy. These systems enhance operations, facilitating precision warfare and real-time situational awareness through assets like GPS and communication satellites. In response to the expanding space and C4ISR capabilities of near-peer rivals such as China and Russia, the U.S. has improved its networks and invested in redundancy and expedited decision-making. Militarization of space by the U.S. has intensified since the creation of the U.S. Space Force in 2019 and the reactivation of U.S. Space Command. These entities aim to maintain space superiority, safeguard American satellite infrastructure, and prepare for potential orbital conflicts. Initiatives like the Next-Generation Overhead Persistent Infrared (OPIR) satellites and expanded Low Earth Orbit constellations for missile detection illustrate the integration of space with national defense. Concurrently, the DoW is developing space-based data relays and robust communication systems designed to withstand jamming, cyber threats, and kinetic attacks in contested environments.^[21],[22]

U.S. C4ISR assets are critical for power projection and joint operations, providing real-time intelligence via satellites and drones for target identification, strike coordination, and damage assessment. Secure communication networks facilitate rapid order issuance across vast distances. The development of systems like JADC2 aims to unify sensors, shooters, and decision-makers, enhancing military response to threats. This integration highlights the inseparability of C4ISR and space in contemporary warfare.^[16],[23]

Figure 1 – Command and Control Network^[24]

Outlook

The global military landscape is rapidly changing, with C4ISR and space capabilities becoming essential for modern warfare. The U.S., China, and Russia are investing more in command and control, surveillance, satellite communications, and networked weapons to enhance operational superiority. These advancements enable faster and more accurate detection, tracking, and striking of targets, emphasizing the importance of speed and information dominance over mere numbers. Space has transformed from a support domain to a contested area of operations (AOR), where critical infrastructure like GPS and communication satellites are now potential targets.^[2],[3],[4]

China and Russia are enhancing their C4ISR systems to modernize their military capabilities and counter American advantages by investing in reconnaissance satellites, electronic warfare, and cyber capabilities. This is designed to disrupt U.S. operations and raise costs for interventions in key regions like the Indo-Pacific and Eastern Europe. In response, the U.S. is fortifying its own C4ISR architecture, creating the U.S. Space Force, and deploying new systems like Next-Gen OPIR and JADC2 to maintain global command and control across all domains. These advancements indicate a shift where future conflicts may depend more on the speed and security of information processing than on mere firepower. Looking ahead, the U.S. is preparing for a future where space is a contested warfighting environment. DoW strategies involve space domain awareness, satellite defense, and offensive counterspace capabilities. Developments in AI surveillance and space-based missile interceptors indicate further militarization. The U.S. sees dominance in C4ISR as crucial for winning and deterring conflicts, aiming to keep its military agile and globally connected.^{[11],[18],[19],[23]}

The merging of C4ISR systems with technologies like AI, hypersonic weapons, and cyber warfare enhances both capabilities and vulnerabilities. Nations are prioritizing deployment and the protection of these systems. The strategic emphasis is on resilience, interoperability, and real-time decision-making. Future efforts in diplomacy, arms control, and international standards will be vital in navigating these dynamics, while C4ISR and space capabilities remain central to military strategy and national security planning.^[2],[3],[5]

 

[1] Kaczmarek, M. (2025, June 12). Ground Control Goes Cloud: The Digital Overhaul of Satellite Operations (2025–2030). Tech Space 2.0. Retrieved from https://ts2.tech/en/ground-control-goes-cloud-the-digital-overhaul-of-satellite-operations-2025-2030/

[2] Ruitenberg, R. (2025, September 17). Space is the new frontier of war, officials say in change of tone. Defense News. Retrieved from https://www.defensenews.com/global/europe/2025/09/17/space-is-the-new-frontier-of-war-officials-say-in-change-of-tone/

[3] Dian Purnomo, W. (2025, August 14). Militarization of Space Explained: Satellites, Space Force, and the Future of Warfare. Civilization Today. Retrieved from https://civilization.today/militarization-of-space/

[4] TrendPulse Finance. (2025, July 27). The Strategic Case for Investing in Space Infrastructure Amid SpaceX’s Starlink Expansion. AInvest. Retrieved from https://www.ainvest.com/news/strategic-case-investing-space-infrastructure-spacex-starlink-expansion-2507/.

[5] Hays, P. (2024, October 31). The Spacepower Needed to Secure Space and Improve U.S. National Security. CSIS. Retrieved from https://www.csis.org/analysis/spacepower-needed-secure-space-and-improve-us-national-security.

[6] GovFacts. (2025, September 06). How SpaceX and Blue Origin Have Transformed America’s Space Program. GovFacts. Retrieved from https://govfacts.org/explainer/how-spacex-and-blue-origin-have-transformed-americas-space-program/

[7] DSIAC. (n.d.). C4ISR. DSIAC. Retrieved from https://dsiac.dtic.mil/communities/c4isr/

[8] Government Procurement. (2024, July 12). C4ISR Systems: The Backbone of Military Operations. Government Procurement. Retrieved from https://www.governmentprocurement.com/news/c4isr-systems-the-backbone-of-military-operations.

[9] Legal Clarity. (2025, August 18). What Does C4ISR Stand For and How Does It Work?. Legal Clarity. Retrieved from https://legalclarity.org/what-does-c4isr-stand-for-and-how-does-it-work/.

[10] KBV. (n.d.). US Defense Forces Embrace C4ISR: A New Era of Military Intelligence and Control. KBV Research. Retrieved from https://www.kbvresearch.com/blog/c4isr-defense-solutions-for-modern-military/.

[11] Air & Space Forces Magazine. (2023, August 31). The China Threat. Air & Spaces Forces Magazine. Retrieved from https://www.airandspaceforces.com/article/the-china-threat/.

[12] Wood, P. & Cliff, R. (2020, November). China Airborne C4ISR. CASI. Retrieved from https://www.airuniversity.af.edu/Portals/10/CASI/documents/Research/Infrastructure/2020-12-17%20PRC%20Airborne%20C4ISR_eBook.pdf.

[13] Lin, B., Garafola, C.L., McClintock, B., Blank, J., Hornung, J.W., Schwindt, K., Moroney, J.D.P., Orner, P., Borman, D., & Denton, S.W. (2022, March 30). Competition in the Gray Zone. RAND. Retrieved from https://www.rand.org/pubs/research_reports/RRA594-1.html.

[14] Chang, F.K. (2021, May 05). China’s Maritime Intelligence, Surveillance, and Reconnaissance Capability in the South China Sea. FPRI. Retrieved from https://www.fpri.org/article/2021/05/ chinas-maritime-intelligence-surveillance-and-reconnaissance-capability-in-the-south-china-sea/.

[15] Defense One. (n.d.). C4ISR: The Military’s Nervous System. Defense One. Retrieved from https://www.defenseone.com/insights/cards/c4isr-military-nervous-system/?oref=d1-cards-continue.

[16] Loewenson, I. (2023, February 23). How JADC2 is like a high-tech grill, according to one Marine colonel. Marine Times. Retrieved from https://www.marinecorpstimes.com/news/your-marine-corps/2023/02/23/how-jadc2-is-like-a-grill-according-to-one-marine-colonel/.

[17] DIA. (2022). Challenges to Security in Space. DIA. Retrieved from https://www.dia.mil/Portals/ 110/Documents/News/Military_Power_Publications/Challenges_Security_Space_2022.pdf.

[18] McDermott, R. (2020, December 04). Tracing Russia’s Path to Network-Centric Military Capability. Jamestown. Retrieved from https://jamestown.org/program/tracing-russias-path-to-network-centric-military-capability/.

[19] McDermott, R. (2020, April 08). Russia’s Military Exploitation of Outer Space. Jamestown. Retrieved from https://jamestown.org/program/russias-military-exploitation-of-outer-space/.

[20] Davis, G.B.. (2023) Lessons From The Russia-Ukraine War For  Nato C4isr And Future Needs. Atlantic Council. Retrieved from https://www.jstor.org/stable/pdf/resrep48478.7.pdf.

[21] Space Force. (2025). Space Threat Fact Sheet. Space Force. Retrieved from https://www.spaceforce.mil/About-Us/Fact-Sheets/Fact-Sheet-Display/Article/4297159/space-threat-fact-sheet/.

[22] Space & Aero. (2025, August 07). Next-Gen OPIR GEO-Based Missile Warning Satellite Testing. Joint-Forces. Retrieved from https://www.joint-forces.com/space-and-aero/84329-next-gen-opir-geo-based-missile-warning-satellite-testing.

[23] Beebe, E. (2024, August 09). C4ISR & JADC2: Navigating the Next Frontier in Military Command and Control. IDGA. Retrieved from https://www.idga.org/command-and-control/articles/c4isr-jadc2-the-next-frontier-in-military-command-and-control.

[24] (U) Tunnicliffe, A. (2022, September 12). Multi-Domain Operations In The Future Battlespace. Army Technology. Retrieved from https://www.army-technology.com/features/multi-domain-operations-in-the-future-battlespace/?cf-view.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Introduction

North Korea’s cyber strategy combines high-visibility, state-sponsored campaigns with low-visibility, revenue-driven infiltration in order to pursue intelligence collection and disruption, and to avoid sanctions. As a state-sponsor, the Democratic Peoples Republic of Korea (DPRK)-linked groups such as the Lazarus Group (aka APT38), Andariel, and Kimsuky have executed some of the most high-profile attacks. These include the 2014 Sony Pictures breach, the 2016 Bangladesh Bank heist, and the 2017 WannaCry ransomware outbreak. Additional sophisticated attacks include espionage campaigns against defense contractors, think-tanks, and multimillion-dollar financial heists from cryptocurrency exchanges worldwide. Concurrently, Pyongyang fields thousands of “remote IT workers” who embed themselves in targeted organizations under the guise of legitimate software developers, system administrators, and cloud engineers. These remote IT workers operate through networks with codenames such as Jasper Sleet, Storm-1877, and Moonstone Sleet. The operatives leverage forged credentials, virtual private networks, and legitimate remote-management tools to establish insider access. Once hired by an organization, the operatives install backdoors, exfiltrate intellectual property, and facilitate follow-on ransomware or extortion attacks. Leading cybersecurity firms estimate North Korean IT infiltrators have compromised hundreds of U.S. corporations, from technology and manufacturing to transportation and defense. There is an immediate need for integrated defenses within the international community, including robust threat intelligence sharing, enhanced vetting, monitoring of remote personnel, and strengthened public-private collaboration to detect and deter both overt and covert DPRK cyber operations.^{[1],[2],[3],[4],[5],[6],[7],[8],[9],[10],[11]}

Background and Strategic Objectives

North Korea’s cyber strategy emerged in the late 1990’s with the establishment of Bureau 121, a highly secretive cyberwarfare agency within North Korea’s Reconnaissance General Bureau (RGB). The RGB is North Korea’s premier foreign intelligence agency, which is responsible for clandestine operations including intelligence gathering, psychological warfare, and special operations abroad. Over time, the regime has cultivated elite cyber talent through rigorous training at institutions like the University of Automation in Pyongyang, after which, the RGB would deploy operatives abroad to generate revenue and conduct cyberattacks. The Lazarus Group, which is among the most notorious North Korean advanced persistent threat (APT) units and widely believed to be a component of Bureau 121, gained global attention following after the aforementioned the 2014 Sony Pictures hack and the 2017 WannaCry ransomware attack. These events marked North Korea’s transition from regional cyber provocations to globally disruptive operations.^[12],[13]

In addition to the Lazarus Group, the RGB also oversees the groups Kimsuky and Andariel. While Lazarus focuses on large-scale financial theft and disruptive malware attacks, Kimsuky specializes in espionage targeting think tanks, journalists, and government entities. Andariel conducts intrusions into defense and industrial systems, often stealing sensitive data. These groups frequently collaborate, as demonstrated in coordinated attacks on South Korean defense firms where each unit played a distinct role in infiltrating networks and exfiltrating data. The RGB’s centralized control ensures strategic alignment across the many operations and makes North Korea’s cyber network a potent extension of its geopolitical ambitions.^{[14],[15],[16]}

North Korea’s cyber agenda has served as a critical tool for circumventing international sanctions and funding its weapons programs. Following the imposition of UN sanctions in 2016, the regime pivoted toward financially motivated cybercrime, particularly targeting cryptocurrency exchanges. In 2024 alone, North Korea reportedly stole $1.34 billion in digital assets, with the Lazarus Group breaching Bybit for a record $1.5 billion in 2025. These funds are believed to directly support the Pyeongyang’s nuclear and missile development programs. Beyond financial gain, North Korean cyber units aim to gather intelligence on adversaries. Focusing heavily on the United States and South Korea, DPRK continuously strides to disrupt critical infrastructure, including at defense contractors and medical institutions. According to South Korea’s National Intelligence Service (NIS), 80 % of cyberattack attempts against South Korea’s public sector by state-sponsored or international hacking groups are attributed to North Korea, amounting to approximately 1.3 million attempts per day. The use of disguised IT workers abroad further amplifies the regime’s reach, enabling covert infiltration of foreign systems under the guise of legitimate employment.^[17],[18]

IT Worker Infiltration Tactics

The infiltration by North Korean IT workers is a state-backed initiative designed to generate revenue, gather intelligence, and enable broader cyber operations. Operatives present themselves as freelance developers or remote employees, often using stolen or fabricated identities to pass background checks. They employ VPNs, proxy servers, and remote monitoring tools to disguise their true location, frequently operating from North Korea, China, or Russia. Many of the would-be hires secure contracts through platforms like Upwork, Freelancer, LinkedIn, and GitHub, where they build convincing developer profiles and portfolios. Advanced deception techniques include AI-generated profile photos, voice-changing software, and falsified employment histories. Once hired, these workers may initially perform legitimate tasks to build trust before leveraging access for data theft, financial fraud, or insertion of malicious code.^[6],[19]

DPRK’s IT worker operations focus on sectors that provide both high revenue potential and valuable technical access. Software development roles are a primary target, offering opportunities to insert backdoors or exfiltrate proprietary code. Blockchain and cryptocurrency firms are especially attractive due to the regime’s emphasis on stealing digital assets to bypass sanctions. Campaigns, such as “Contagious Interview,” have specifically targeted crypto developers. Artificial intelligence companies are pursued for both commercial and military applications, while cybersecurity firms are infiltrated to gain insight into defensive tools and exploit zero-day vulnerabilities. By embedding operatives in these industries, North Korea not only secures illicit income but also positions itself to undermine its adversaries’ infrastructure from within.^{[6],[8],[20],[21]}

In one (1) documented case involving the U.S.-based fintech startup company Starter Labs, a North Korean operative used a stolen American identity and secured a remote developer position within the company. The worker gained access to payment processing systems and sensitive financial Application Programming Interface (APIs). While initially delivering high-quality code, the operative quietly siphoned transaction data and credentials which were later linked to fraudulent transfers and cryptocurrency theft. Investigators found that the individual had been operating from a “laptop farm” in China and remotely accessed the company-issued device via AnyDesk. This infiltration not only caused direct financial losses, but also exposed the firm to regulatory penalties for unknowingly employing a sanctioned worker. Another incident involved DPRK-linked actors using stolen credentials to infiltrate a U.S. software company’s private GitHub repository. The attackers posed as legitimate contractors and cloned sensitive source code for proprietary security tools. For weeks they maintained access by creating hidden admin accounts and leveraging proxy infrastructure to avoid detection. The stolen code was later tied to malware development efforts attributed to the Lazarus Group, suggesting the breach was part of a broader campaign to weaponize stolen intellectual property. This case underscores how infiltration by North Korean IT workers can serve as both a direct revenue stream and a force multiplier for state-sponsored cyber operations targeting the U.S. and its allies.^{[19],[21],[22],[23],[24]}

Cyberattack Patterns and U.S. Vulnerabilities

In November 2014, the Lazarus Group launched a destructive cyberattack on Sony Pictures Entertainment. The breach was reportedly in retaliation for the comedy film, The Interview, which featured two (2) fictional American journalists tasked with interviewing Supreme Leader Kim Jong Un. The retaliatory cyberattack resulted in the theft and public release of vast amounts of confidential data including unreleased films, employee records, and internal communications. The attackers deployed wiper malware to destroy data on Sony’s systems, which crippled operations for weeks. This incident demonstrated North Korea’s willingness to use cyberattacks as a tool of political coercion, targeting not only infrastructure but also free expression in the U.S.

In May 2017, the WannaCry ransomware outbreak infected more than 200,000 systems across 150 countries that included hospitals, corporations, and government agencies. The U.S. Department of Justice later charged a North Korean programmer for his role in developing and deploying the malware. WannaCry also exploited a leaked NSA-developed Windows vulnerability “EternalBlue” to spread rapidly, encrypt files, and demand Bitcoin ransom payments. While the attack caused billions in damages globally, it also revealed North Korea’s capacity to weaponize advanced exploits for indiscriminate disruption, blurring the line between cybercrime and cyberwarfare. Additionally in March 2022, the Lazarus Group was linked to the theft of approximately $615 million in cryptocurrency from the Ronin blockchain network, which supports the popular game Axie Infinity. The U.S. Department of the Treasury sanctioned the wallet address used in the heist and confirmed it was controlled by DPRK operatives. This attack highlighted North Korea’s strategic pivot toward targeting the blockchain and decentralized finance platforms, exploiting their often-lax security to generate funds for weapons programs. It remains one (1) of the largest cryptocurrency thefts in history and a prime example of how cybercrime directly supports the regime’s geopolitical ambitions.^{[25],[26],[27]}

North Korean cyber units employ a variety of attack vectors to infiltrate targets. Phishing and social engineering remain core tactics within DPRK, with operatives posing as recruiters, investors, or colleagues to trick victims into downloading malware. Supply chain compromises have also emerged as a favored method, such as the 2023 JumpCloud incident where DPRK actors inserted malicious code into a trusted software-as-a-service provider’s update processes to reach downstream customers. Additionally, North Korean hackers have demonstrated the ability to exploit zero-day vulnerabilities favoring cryptocurrency platforms and defense-related systems to gain privileged access before patches are available. The widespread adoption of remote work has also expanded their attack surface. According to the Federal Bureau of Investigation (FBI), North Korean IT workers have successfully posed as U.S.-based contractors using a mix of stolen identities, AI-enhanced photos, and “laptop farms” in the United States to spoof local logins. Many companies lack robust identity verification processes for remote hires and rely on easily forged documents and virtual interviews. This decentralized hiring environment allows DPRK operatives to embed themselves in sensitive roles from software development to cybersecurity where they can exfiltrate proprietary data or insert malicious code. Despite repeated federal advisories, many private-sector organizations remain unaware of the scale and sophistication of North Korea’s cyber tactics. The FBI has warned that DPRK IT workers often blend legitimate work with covert operations, which makes detection difficult until significant damage is done. Smaller firms, startups, and even some large enterprises often underestimate the risk and may assume that they are too minor to be targeted. This lack of awareness combined with insufficient employee training on phishing and social engineering leaves U.S. businesses vulnerable to infiltration, data theft, and extortion while also directly funding North Korea’s sanctioned weapons programs.^{[28],[29],[30],[31],[32],[33]}

Policy Recommendations

The FBI recommends that one (1) tory background checks for all remote hires. This should include direct verification of prior employment and education with listed institutions, cross-referencing identification documents with multiple databases, and the use of live on-camera verification to confirm the applicant’s location and identity. The FBI advises that companies should also scrutinize identifying documents for inconsistencies and require in-person or verified biometric checks whenever possible. Additionally, the FBI states companies should delay granting system access until all vetting is complete. These measures can help prevent the onboarding of operatives using stolen or fabricated identities. Given that many DPRK operatives are embedded in software development roles, organizations could also deploy AI-driven anomaly detection tools to monitor code contributions and system interactions. Such tools can flag unusual coding patterns, unauthorized repository access, or the insertion of obscure code that could serve as a backdoor. The North Korean IT workers’ combination of legitimate work with covert malicious activity makes behavioral analytics essential for early detection. By integrating these systems into DevSecOps pipelines, companies can identify suspicious acts or access attempts in near real-time and reduce the risk of long-term compromise. Human resources and hiring managers are often the first line of defense against infiltration, yet may lack the training to spot red flags in applications or interviews. Regular cyber hygiene training should cover common DPRK tactics such as the use of AI-generated profile photos, deep-faked video interviews, and “facilitators” who attend meetings on behalf of operatives. Training could also emphasize the importance of verifying digital footprints, such as checking for duplicate or recycled resumes and recognizing anomalies in communication patterns. Equipping HR teams with this knowledge can significantly reduce the likelihood of inadvertently hiring a sanctioned individual.^{[1],[6],[7],[34]}

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) will continue to expand sanctions against cryptocurrency wallets linked to DPRK cyber operations that are used in the laundering of stolen digital assets like the Axie Infinity hack. The sanctioning of these wallets disrupts the regime’s ability to convert stolen funds into usable currency and signals the importance of compliance to exchanges and DeFi platforms. Enhanced blockchain analytic partnerships between government agencies and private firms can further improve identification and freeze illicit funds before they are cashed out. The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued multiple advisories on DPRK IT worker threats, but deeper operational collaboration with private firms is needed. This could include secure information-sharing platforms, joint threat-hunting exercises, and rapid incident response teams dedicated to suspected DPRK infiltration cases. By fostering real-time intelligence exchange, companies can receive actionable indicators of compromise (IOCs) and behavioral profiles of known DPRK tactics, techniques, and procedures (TTPs), enabling faster detection and mitigation. A sustained public awareness campaign, similar to those used for phishing and ransomware, could be launched to educate businesses, staffing agencies, and freelance platforms about the DPRK IT worker threat. This campaign could leverage case studies, red flag checklists, and provide reporting hotlines to encourage proactive defense measures. Normalizing vigilance and making infiltration awareness part of the standard cybersecurity culture the U.S. can reduce the pool of potential victims and disrupt lucrative and persistent cyber-enabled revenue streams for North Korea.^{[1],[35],[36]}

Conclusion

North Korea’s IT worker infiltration campaign represents a calculated fusion of cybercrime, espionage, and sanctions evasion that exploits the structural vulnerabilities of the global remote work economy. By embedding DPRK operatives in the U.S. and allied companies under fabricated or stolen identities, Pyongyang has created a low-cost operational environment that produces high-yield methods to generate hard currency, steal proprietary technology, and position itself for follow-on cyber operations. These actors leverage sophisticated tradecraft, such as AI-generated resumes, manipulated video feeds, VPN obfuscation, and U.S. based facilitators, to bypass conventional hiring safeguards and gain trusted access to sensitive systems. The revenue streams from these operations, the most preferred being stolen cryptocurrency, directly fund the regime’s nuclear and ballistic missile programs and transforms from what might appear to be isolated hiring fraud into a strategic national security threat. Countering this threat will require a sustained, multi-layered response that integrates corporate due diligence with government-led disruption campaigns. The private sector must adopt enhanced identity verification, continuous behavioral monitoring, and tailored training for HR and hiring managers to detect infiltration attempts before access is granted.^{[1],[23],[37]}

[1] Federal Bureau of Investigation. (2025, July 23). North Korean IT Workers Threats to U.S. Businesses. DOJ. Retrieved from https://www.ic3.gov/PSA/2025/PSA250723-4.

[2] U.S. Department of the Treasury. (2020, March 2). Treasury Sanctions Individuals Laundering Cryptocurrency for Lazarus Group. Retrieved from https://home.treasury.gov/news/press-releases/sm924.

[3] United States Attorney’s Office. (2021, February 17). 3 North Korean Military Hackers Indicted in Wide-Ranging Scheme to Commit Cyber-attacks and Financial Crimes Across the Globe. DOJ. Retrieved from https://www.justice.gov/usao-cdca/pr/3-north-korean-military-hackers-indicted-wide-ranging-scheme-commit-cyber-attacks-and.

[4] Bruce, T. (2025, July 8). Sanctioning Malicious North Korean Cyber Actors. Department of State. Retrieved from https://www.state.gov/releases/office-of-the-spokesperson/2025/07/sanctioning-malicious-north-korean-cyber-actors/.

[5] U.S. Department of State. (2025, August 27). U.S.-ROK-Japan Joint Statement on DPRK Information Technology Workers. Retrieved from https://www.state.gov/releases/2025/08/u-s-rok-japan-joint-statement-on-dprk-information-technology-workers/.

[6] Microsoft Threat Intelligence. (2025, June 30). Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations. Retrieved from https://www.microsoft.com/en-us/security/blog/2025/06/30/jasper-sleet-north-korean-remote-it-workers-evolving-tactics-to-infiltrate-organizations/.

[7] Starks, C., Barnhart, M. et al. (2024, September 23). Staying a Step Ahead: Mitigating the DPRK IT Worker Threat. Google Cloud Threat Intelligence. Retrieved from https://cloud.google.com/blog/topics/threat-intelligence/mitigating-dprk-it-worker-threat.

[8] Dutta, T. (2025, May 13). Researchers Uncovered North Korean Nationals Remote IT Worker Fraud Scheme. Cyber Security News. Retrieved from https://cybersecuritynews.com/remote-it-worker-fraud-scheme/.

[9] Johns Hopkins. (2017). The 2014 North Korean Cyber Attack on Sony and Lessons for US Government Actions in Cyberspace. Retrieved from https://apps.dtic.mil/sti/pdfs/AD1046744.pdf.

[10] Martelle, M. and Tropeano, R. (2019, February 20). Tainted Trove. National Security Archive. Retrieved from https://nsarchive.gwu.edu/news/cyber-vault/2019-02-20/tainted-trove.

[11] Cybersecurity & Infrastructure Security Agency. (2018, June 7). Indicators Associated with WannaCry Ransomware. CISA. Retrieved from https://www.cisa.gov/news-events/alerts/2017/05/12/indicators-associated-wannacry-ransomware#top.

[12] Wallace, Z. (2023, March 20). The Lazarus Group: Understanding North Korean Cybercrime. ThreatStop. Retrieved from https://www.threatstop.com/blog/the-lazarus-group-understanding-north-korean-cybercrime.

[13] Digital Finance News. (2025, August 9). An In-Depth Analysis of the Lazarus Group: North Korea’s State-Sponsored Cyber Entity. Retrieved from https://digitalfinancenews.com/research-reports/an-in-depth-analysis-of-the-lazarus-group-north-koreas-state-sponsored-cyber-entity/.

[14] Boram, P. (2024, April 23). 3 N.K. hacking groups execute concerted attacks on 10 S. Korean defense firms: police. Yonhap News Agency. Retrieved from https://en.yna.co.kr/view/AEN20240423004200315.

[15] Barnhart, M., Cantos, M. et al. (2022, March 23). Not So Lazarus: Mapping DPRK Cyber Threat Groups to Government Organizations. Google Cloud Threat Intelligence. Retrieved from https://cloud.google.com/blog/topics/threat-intelligence/mapping-dprk-groups-to-government/.

[16] U.S. Department of the Treasury. (2019, September 13). Treasury Sanctions North Korea State-Sponsored Malicious Cyber Groups. Retrieved from https://home.treasury.gov/news/press-releases/sm774.

[17] Bae, S. (2025, April 1). Deterrence Under Pressure: Sustaining U.S.-ROK Cyber Cooperation Against North Korea. Center For Strategic & International Studies. Retrieved from https://www.csis.org/analysis/deterrence-under-pressure-sustaining-us-rok-cyber-cooperation-against-north-korea.

[18] Stent, D. (2024, May 27). How North Korea’s Cryptocurrency Theft Supports Foreign Policy Goals. Georgetown Journal of International Affairs. Retrieved from https://gjia.georgetown.edu/2024/05/27/how-north-koreas-cryptocurrency-theft-supports-foreign-policy-goals/.

[19] Dutta, T. (2025, March 20). North Korean IT Workers Exploiting GitHub to Attack Organizations Worldwide. Cybersecurity News. Retrieved from https://cybersecuritynews.com/north-korean-it-workers-exploiting-github/.

[20] Insikt Group. (2025, February 13). Cyber Threat Analysis: North Korea, Inside the Scam: North Korea’s IT Worker Threat. Recorded Future. Retrieved from https://assets.recordedfuture.com/insikt-report-pdfs/2025/cta-nk-2025-0213.pdf.

[21] FlashPoint. (2025, May 12). Flashpoint Investigation: Uncovering the DPRK’s Remote IT Worker Fraud Scheme. Retrieved from https://flashpoint.io/blog/flashpoint-investigation-uncovering-the-dprks-remote-it-worker-fraud-scheme/?CRO1=control_%233007.

[22] FINTECH Circle. (2025, April 14). How North Korea IT Workers Are Infiltrating Fortune 500 Companies-And What it Means for Global Cybersecurity. Retrieved from https://fintechcircle.com/insights/how-north-korean-it-workers-are-infiltrating-fortune-500-companies-and-what-it-means-for-global-cybersecurity/.

[23] Yee, I., Rebane, T. et al. (2025, August 5). Inside North Korea’s effort to infiltrate US Companies. CNN. Retrieved from https://www.cnn.com/interactive/2025/08/05/world/north-korea-it-worker-scheme-vis-intl-hnk/index.html.

[24] Himmelsbach, V. (2025, October 1). North Korean agents infiltrated Atlanta mans business as ‘super talented’ IT workers, then stole $1M in crypto. MSN. Retrieved from https://www.msn.com/en-us/crime/general/like-i-was-in-a-movie-north-korean-agents-infiltrated-this-atlanta-man-s-business-as-super-duper-talented-it-workers-then-stole-1m-in-crypto/ar-AA1NEKbd.

[25] Department of Justice. (2018, September 6). North Korea Regime-Backed Programmer Charged with Conspiracy to Conduct Multiple Cyber Attacks and Intrusions. DOJ. Retrieved from https://www.justice.gov/archives/opa/pr/north-korean-regime-backed-programmer-charged-conspiracy-conduct-multiple-cyber-attacks-and.

[26] Kan, M. (2018, September 6). US Charges North Korea for WannaCry, Sony Pictures Hacks. PCMag. Retrieved from https://www.pcmag.com/news/us-charges-north-korean-for-wannacry-sony-pictures-hacks.

[27] Reuters. (2022, April 15). U.S. links North Korea hacker group to Axie Infinity crypto theft. CBS News. Retrieved from https://www.nbcnews.com/tech/crypto/north-korea-lazarus-axie-infinity-crypto-theft-rcna24518.

[28] Microsoft Threat Intelligence. (2024, November 22). Microsoft shares latest intelligence on North Korean and Chinese threat actors at CYBERWARCON. Microsoft Defender Threat Intelligence. Retrieved from https://www.microsoft.com/en-us/security/blog/2024/11/22/microsoft-shares-latest-intelligence-on-north-korean-and-chinese-threat-actors-at-cyberwarcon/.

[29] Larsen, A., Kelly, D. et al. (2023, July 24). North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack. Google Cloud Threat Intelligence. Retrieved from https://cloud.google.com/blog/topics/threat-intelligence/north-korea-supply-chain/.

[30] Paganini, P. (2024, October 19). North Korea-Linked APT37 Exploited IE Zero-Day In A Recent Attack. Security Affairs. Retrieved from https://securityaffairs.com/169983/apt/north-korea-apt37-ie-zero-day.html.

[31] Perry, B., Kinslow, T. et al. (2025, March 20). FBI Warns of Hidden Threats in Remote Hiring: Are North Korean Hackers Your Newest Employees. National Law Review. Retrieved from https://natlawreview.com/article/fbi-warns-hidden-threats-remote-hiring-are-north-korean-hackers-your-newest.

[32] Martinez, A. (2025, April 25). North Korean Hackers Pose as Remote Workers to Infiltrate U.S. Firms. Forbes. Retrieved from https://www.forbes.com/sites/alonzomartinez/2025/04/25/north-korean-hackers-pose-as-remote-workers-to-infiltrate-us-firms/.

[33] Federal Bureau of Investigation. (2025, January 23). North Korean IT Workers Conducting Data Extortion. DOJ. Retrieved from https://www.ic3.gov/PSA/2025/PSA250123.

[34] Verosint Team. (2025, August 21). Detect and Stop North Korean IT Worker Infiltration. Retrieved from https://verosint.com/post/detect-and-stop-north-korean-it-worker-infiltration.

[35] Office of Foreign Assets Control. (2022, May 16). Publication of North Korea Information Technology Workers Advisory. U.S. Department of the Treasury. Retrieved from https://ofac.treasury.gov/recent-actions/20220516.

[36] Department of Justice. (2025, January 23). Two North Korean Nationals and Three Facilitators Indicted for Multi-Year Fraudulent Remote Information Technology Worker Scheme that Generated Revenue for the Democratic People’s Republic of Korea. DOJ. Retrieved from https://www.justice.gov/opa/pr/two-north-korean-nationals-and-three-facilitators-indicted-multi-year-fraudulent-remote.

[37] Cyber Centaurs Team. (2024, October 26). Unmasking North Korean IT Infiltration. Retrieved from https://cybercentaurs.com/blog/unmasking-north-korean-it-infiltration/.

Introduction

Longstanding tensions and the ongoing conflict between Israel and Iran have significantly contributed to the current geopolitical landscape, including ideological divides, nuclear fears, and conflicting visions for the Middle East. Amid Israel’s actions in Gaza in response to the attacks of 07 October 2023, Iran’s attack on Israel with ballistic missiles in 2024 escalated tensions. Isreal subsequently used their air force to dismantle Iranian air defenses, attack military targets, and set conditions for the U.S. to bomb three (3) nuclear facilities in June of 2025. As all sides calculate their next moves, Iran’s proxy militias are targeting Israeli and U.S. forces.

Conflict Origins

The Israel-Iranian conflict commenced with Iran’s Islamic Revolution in 1979. Prior to the revolution, Israel and Iran shared military and diplomatic ties. When the revolution began, ties between the two (2) parties disintegrated, and Tehran’s foreign policy emphasized opposing Western influence. The conflict gave way to decades of ideological tension and Iran’s self-appointed leadership role in the region. As such, Iran has helped arm and support proxy militias like Hezbollah and the more nebulous ideology of Islamic Jihad. Iran has historically leveraged these proxy groups to pressure and harass Israel. Since the start of the conflict in Gaza, the Houthi rebels in Yemen have also targeted Western shipping interests in the Red Sea, disrupting global trade. However, the use of proxy networks is not new and was already underway in 1984 when the U.S. designated Iran as a state sponsor of terrorism.^{[1],[2],[3],[4]}

To further their agenda, Iran has leveraged its Islamic Revolutionary Guard Corps (IRGC), which has its own chain of command and deployable assets separate from the regular Iranian military. Because the IRGC also operates through other groups via its Quds Force (including the Houthis in Yemen, Hamas in Gaza, and Hezbollah in Lebanon), the U.S. Department of State designated its Quds Force as a Foreign Terrorist Organization (FTO) in April 2019. While the proxy groups leveraged by the IRGC may not always align ideologically, a transactional relationship exists among them. The proxy groups carry out attacks, and Iran ensures that they receive the proper training, intelligence, money, and weapons for their operations.^[5]

Military support to Israel initially began after it was recognized as a nation by President Truman in 1949 and escalated in 1967 following the Six-Day War. Israel has continued to rely upon Washington to improve their technological, military, and strategic capabilities. While tensions in the region may ebb and flow, this support is still leveraged to support shadow warfare by Israel including targeted strikes, cyberattacks, and sabotage operations. These background operations are engaged in by both nations and have deepened the conflict even further, as both Israel and Iran will maintain plausible deniability. However, most recently, the Iranian nuclear program has become a primary target of overt Israeli efforts.^[1],[6]

In July 2015, Iran and other world powers announced the Joint Comprehensive Plan of Action (JCPOA), which was an agreement that would limit the enrichment of uranium by Tehran and lift economic sanctions. However, the next presidential administration withdrew the U.S. from the agreement in May 2018. Following the withdrawal, there was an increase in Israeli attacks against Iran’s nuclear program. During 2020, an Iranian centrifuge production plant at Natanz was attacked, and an Iranian military nuclear scientist was assassinated later in the year. Both acts were attributed to Israeli efforts. In April 2021, another major power outage and sabotage event struck Natanz, damaging centrifuge cascades. Israel was the suspected actor but has maintained plausible deniability.^[7]

 Operation Rising Lion

 While Iranian nuclear efforts were initially supported by the U.S. in the 1950s for energy purposes, the 1979 Islamic Revolution ended U.S. support and focused Tehran’s efforts on nuclear weapons. Then in 2012, Israeli Prime Minister Netanyahu created a “red line” that stated Israel would act if Iran increased their nuclear capabilities and came close to acquiring enough uranium for a nuclear weapon. Iran broke the red line in April 2025 and received a 60-day warning from U.S. President Donald Trump to halt nuclear production. On 13 June 2025, day 61 since the warning, Israel executed a series of strikes targeting the Iranian nuclear threat in what it called Operation Rising Lion.^[8]

Named for its Biblical and symbolic roots, Operation Rising Lion is intended to portray Israel as a strong force while referencing pre-1979 Iranian flags through the emblem of a lion standing before a rising sun. The operation’s mission has primarily been to garner international and domestic support and deter Iran’s nuclear plans. On 13 June 2025, Operation Rising Lion was initiated by Israel to target Iranian military and nuclear infrastructure. Israel claimed to have planned the operation for several years. Seven (7) days after the operation began, the U.S. conducted missile strikes on specific Iranian nuclear facilities in Operation Midnight Hammer.^[8]

Recent Developments

As of late 2024 and mid-2025, Israel has launched preemptive precision strikes against Iranian-linked facilities related to nuclear research, weapons depots, and missile programs. As shown in the figure below, intelligence confirmed that Iranian nuclear facilities were attacked in Natanz and Isfahan.^[1]

 

 

 

 

 

 

 

Figure 1 – Israeli Attacks on Iran^[1]

While these strikes were occurring, regional proxy groups continued to clash with Israeli special forces. Iranian proxy militias in Lebanon also increased the frequency of exercises near the Israeli border and escalated their threats. Hezbollah increased exercises and long-range missile acquisitions. As Iran expanded its reach in Syria, Iranian officials also issued threats of retaliation for future attacks. Warnings increased after the Israeli offensive in June of 2025. During the offensive, Iran attacked Israeli infrastructure with missiles and drones.^[1]

In June 2025, Iranian military and nuclear infrastructure have been struck by Israeli drones and warplanes. As Iranian forces continued to attack via drone and missile strikes in June, Israeli forces targeted the Iranian energy industry. However, some Iranian ballistic missiles and drones were able to evade Israeli air defenses and hit buildings in the middle of the country.^[7],[9]

In July 2025, Iran’s internal divisions became increasingly evident in the post-war environment. Both hardliners and moderates continued to air opposing views during this time. Moderates have supported de-escalation efforts with the U.S., while hardliners have rejected negotiations over Iran’s nuclear capabilities. Iranian parliamentarians opposed collaboration with the International Atomic Energy Agency (IAEA) and advised that negotiating with the U.S. could be seen as weakness, which could result in increased U.S. sanctions or subsequent military strikes. However, the U.S. has not expressed interest in entertaining Iranian demands.^[10]

Following the June 2025 attack, the E3 (the United Kingdom, France, and Germany) has set a deadline for the Iranian regime to resume U.S. nuclear negotiations. The goal is to work toward a diplomatic resolution of the ongoing nuclear issue and to encourage renewed cooperation with the International Atomic Energy Agency (IAEA). An Iranian delegation met with E3 officials in Geneva, Switzerland on 26 August 2025 to discuss the potential activation of snapback sanctions. The E3 have indicated that unless Iran confirms a robust agreement, the snapback mechanisms could be triggered, resulting in United Nations Security Council (UNSC) sanctions. Although the E3 offered to postpone the deadline to October 2025 to provide Iran additional time for negotiations, Iran has rejected this extension, citing concerns that it would allow the E3 to activate the snapback mechanism.^[11]

Iranian leadership has also rejected reformist officials’ recent calls to evolve its foreign and domestic policies. In a speech by Iranian Supreme Leader Ali Khamenei on 24 August 2025, reformist calls were rejected, as Khamenei claimed that Iran’s enemies are attempting to sow discord in the country. However, on 13 August 2025 former Iranian President Hassan Rouhani prompted the regime to reduce tensions with the West, make concessions for the Iranian people, and improve social resilience. On 17 August 2025, the Iranian Reformist Front also issued a statement urging foreign policy shifts and political reforms. Khamenei has ultimately rejected these claims and remains opposed to direct collaboration with the U.S.^[11]

Regional and Global Implications

 The conflict has garnered an international response and significantly increased public attention. The U.S. has also become increasingly involved, with Washington’s continued public support of Israel. With the fear of broader regional war, officials have advised restraint. However, a hedging strategy has been observed with U.S. naval and air assets repositioned close to the Persian Gulf. The escalation of conflict has impacted partnerships and raised concerns over a potential collapse of nuclear non-proliferation efforts. Currently, the international community remains divided.^[1]

The potential economic, political, and military ramifications continue to impact both Israel and Iran, the broader Middle East, and global partners as a whole. A larger Middle Eastern war remains the top concern of all parties. Proxy militia groups feed into this fear and may cause the conflict to further escalate. An ill-timed strike might compel outside actors like Jordan, Iraq, and the Gulf states to enter into the conflict.^[1]

Despite controversy, even among some of its allies,, U.S. support of Israel has been reinforced during the escalation of conflict in 2025. With eastern Mediterranean and Persian Gulf deployments, U.S. naval forces have served as a deterrent and a force of solidarity with Tel Aviv. Other states like Qatar, the UAE, and Saudi Arabia have had to tread lightly during the conflict. Public opinion has significantly impacted cooperation with both Iran and Israel. Overall, outside governments have promoted de-escalation with the fear of declining their national interests in the middle of the conflict.^[1]

In the immediate future, there are multiple courses of action to pursue. These possibilities include prolonged but contained conflict, limited de-escalation, and regional war. Limited de-escalation would require both sides to agree to scale back operations and limit future strikes. This option would involve increased levels of diplomacy and input by neutral parties like Turkey, Oman, or other European entities. The second option of prolonged but contained conflict would involve back and forth attacks such as missile exchanges, cyberattacks, and skirmishes by proxy groups. However, these actions would have to avoid crossing a red line, thereby prompting a larger full-scale war. Both Iran and Israel may revert to this state if tensions stabilize. Finally, regional war would involve various Middle Eastern and global groups, including non-state actors, and would result in civilian casualties, impact regional stability, and weaken the global economy.^[1]

[1] Ellis, H. (2025, June 19). Israel-Iran Conflict 2025 Explained: Timeline, Causes & What’s Next. Defense Feeds. Retrieved from https://defensefeeds.com/analysis/conflicts/israel-iran-conflict/.

[2] Kumar, A. (2025, June 15). From 1967 To 2025: A 58-Year Timeline Of Tensions, Hostilities Between Israel and Iran. Times Now. Retrieved from https://www.timesnownews.com/world/ middle-east/israel-iran-war-conflict-timeline-1967-to-june-2025-tensions-missile-attack-tel-aviv-tehran-article-151962721#google_vignette.

[3] Kaur, H., Kottasová, I. (2020, January 20). The US-Iran conflict: A timeline of how we got here. CNN. Retrieved from https://www.cnn.com/interactive/2025/06/world/us-iran-conflict-timeline-dg/.

[4] Byman, D., Jones, S., & Palmer, A. (2024, October 4). Escalating to Wat between Israel, Hezbollah, and Iran. CSIS. Retrieved from https://www.csis.org/analysis/escalating-war-between-israel-hezbollah-and-iran

[5] Council on Foreign Relations. (2023, September 16). A historical timeline of U.S. relations with Iran. PBS News. Retrieved from https://www.pbs.org/newshour/world/a-historical-timeline-of-u-s-relations-with-iran?1.

[6] Mansfield, E. (2025, June 24). Timeline: See how 70 years of history led to the U.S. bombing in Iran. USA Today. Retrieved from https://www.usatoday.com/story/graphics/2025/06/24/us-iran-israel-timeline-history-1953-1979-2025/84307399007/.

[7] Associated Press. (2025, June 15). Timeline of tensions and hostilities between Israel and Iran. Associated Press. Retrieved from https://apnews.com/article/israel-iran-timeline-tensions-conflict-66764c2843d62757d83e4a486946bcb8.

[8] FIRM Staff. (2025, June 26). Operation Rising Lion: Israel and Iran at War. FIRM. Retrieved from https://firmisrael.org/learn/operation-rising-lion-israel-and-iran-at-war/.

[9] U.S. Naval Institute Staff. (2025, June 27). Report to Congress on Israel-Iran Conflict, U.S. Strikes. USNI News. Retrieved from https://news.usni.org/2025/06/27/report-to-congress-on-israel-iran-conflict-u-s-strikes.

[10] Rezaei, B., Morrison, N., Borens, A., Wells, K., Schmida, B., Reddy, R., Carter, B., (2025, July 10). Iran Update, July 10, 2025. ISW. Retrieved from https://www.understandingwar.org/ backgrounder/iran-update-july-10-2025.

[11] Borens, A., Rezaei, B., Moorman, C., Fattah, A., Schmida, B., Wells, K., Moore, J., & Ganzeveld, A. (2025, August 25). Iran Update, August 25, 2025. ISW. Retrieved from https://www.understandingwar.org/backgrounder/iran-update-august-25-2025.

Introduction

On 20 January 2025, Executive Order 14157 redesignated certain drug cartels and transnational criminal organizations (TCOs) as foreign terrorist organizations (FTOs) and specially designated global terrorists (SDGTs). Under E.O. 14157, the United States Department of State redesignated Tren de Aragua (TdA), Mara Salvatrucha (MS-13), the Sinaloa Cartel, the Jalisco New Generation Cartel (CJNG), the Northeast Cartel (CDN), the New Michoacán Family (LNFM), United Cartels (CU), and the Gulf Cartel (CDG) as such.^[1]

Overview

TdA has operations in the U.S., Venezuela, Colombia, Peru, Chile, Ecuador, Bolivia, and Brazil. The organization is involved in kidnappings, extortion, bribery, targeted assassinations, and has sanctioned the killing of American law enforcement officials. MS-13 has operations in El Salvador, Honduras, Guatemala, Mexico, and within the U.S. The group has conducted targeted assassinations and IED bombings against both government officials and civilians in El Salvador, where the group controls territory through violent intimidation. The Sinaloa Cartel in Sinaloa, Mexico, has also committed murders, kidnappings, and intimidation of government officials and civilians. The Sinaloa Cartel brings large quantities of illegal drugs, including fentanyl, into the U.S. CJNG is based in Mexico but has connections in the Americas, Australia, China, and Southeast Asia. The cartel is involved in extortion, theft of oil and minerals, migrant smuggling, the arms trade, and drone strikes against Mexican law enforcement and military personnel, along with targeted assassinations against Mexican officials. CDN is present in northeastern Mexico and has perpetrated attacks against government officials. The group also engages in kidnapping, extortion, human smuggling, and drug trafficking. LNFM is based in several Mexican states and has attacked government officials using explosives and unmanned aircraft system (UAS) strikes. LNFM is also involved in kidnapping, extortion, and drug trafficking. CDG has operations in northeast Mexico where it engages in kidnapping, extortion, human smuggling, drug trafficking and assassinations of government officials and civilians. CU is composed of multiple cartels in Michoacán, Mexico; the organization has been involved in the death of military and law enforcement personnel, along with civilians.^[2]

Background

According to the Federal Bureau of Investigation (FBI), TCOs are groups that engage in organized illegal activity for profit. Ideological concerns are usually secondary. Foreign Terrorist Organizations (FTOs) are designated in accordance with sections of the Immigration and Nationality Act (INA) and meet the following standards: being a foreign organization, engaging or having the capability or intent to engage in terrorism or supporting activity, and threatening U.S. national security or American nationals. An FTO designation is intended to impede funding for terrorism, isolate an organization, deter transactions with the named FTO, increase public awareness, and garner support from other nations and governments. FTOs are generally subject to more significant penalties than TCOs.^{[3],[4],[5],[6]}

As these respective types of organizations have evolved their tactics, techniques, and procedures (TTPs), there has been a growing convergence between TCOs and FTOs. The line between an act of terror and a criminal act is increasingly blurred. TCOs that are not driven by ideologies like traditional terrorist organizations still have the motivation to act in ways that parallel them. Section 140 (d)(a) of the Foreign Relations Authorization Act defines terrorism as an act of violence that is both politically motivated and premeditated. Cartels in Mexico have been intertwined in Mexican politics for decades, fostering or forcing advantageous circumstances for their illicit activities. The political motivations for cartels can be distinguished from those of FTOs because they are a means to an end, which is to amass power and support their illegal operations. However, the recent designation of multiple TCOs as FTOs was ordered as a result of TTPs that mirror terrorist activity.^[5],[7]

The majority of the TCOs designated as FTOs are based in Mexico. The rise of Mexican Transnational Criminal Organizations (MTCOs) is the culmination of both historical efforts by law enforcement and legitimate trade agreements. Several Colombian cartels were disrupted in the 1990s by U.S. and Colombian joint efforts to fight the drug trade in the Caribbean, leading to a transition in smuggling routes in which cocaine and methamphetamines traveled through Mexican terrain via area cartels. In 1994, the North American Free Trade Agreement (NAFTA) between the U.S., Canada, and Mexico removed tariffs on legal trade but also facilitated illegal imports. The Institutional Revolutionary Party (PRI) gained power through a centralized political system and became the dominant political party in Mexico for 71 years. The reigning PRI had, in effect, formerly controlled the reach of MTCOs to an extent by working with the cartels but also restraining their influence. The decline of the PRI in the 1980s and 90s led to a power struggle between cartels to seize plazas and take over drug markets. These factors led to the growth of sophisticated cartel monopolies throughout Mexico that mirror globalized conglomerates and operate as quasi-governmental organizations in certain areas. These cartels have established dominion over most illicit traffic through the U.S. southern border.^[1],[7],[8]

Criminal and Terror Activity and Operations

Historically, many FTOs have been involved in drug trafficking, arms trafficking, and money laundering to finance their operations. For example, the Revolutionary Armed Forces of Colombia (FARC) is a Marxist insurgency that has been designated by the U.S. government as an FTO due to its long-term involvement in bombings, kidnappings and assassinations. FARC has used drug trafficking to support its political activities and seize control over areas where populations are dependent on the cultivation and trade of illicit crops. FARC was already bringing in between $60 and $100 million annually by the 1990s. The Taliban originally became involved with drug trafficking to consolidate political power and now relies heavily on profits from illicit activity. The Afghan poppy trade was estimated to have brought in $416 million in 2020. Terrorist operations are expensive: recruitment, compensating members and informants, and purchasing equipment all require financing. Criminal enterprises bring in significant funds and simultaneously aid FTOs in guarding operations from detection. Drug trafficking constitutes an enormous revenue stream for these newly designated organizations, and profits in Mexico are estimated to be in between $30 to $35 billion a year. The designated FTOs have established relationships with American drug trafficking organizations to distribute and sell illicit substances, fueling both criminal violence and the overdose crisis in the U.S. In 2024, 84,076 Americans died from a drug overdose. Illicit activities by designated FTOs include, but are not limited to, drug trafficking, extortion, money laundering, theft of oil and gasoline, migrant smuggling, human trafficking, arson, and counterfeiting.^{[7]],[9],[10]}

For the newly designated FTOs, drug trafficking has been used to fund military-grade weapons and training, all of which are necessary to intimidate, coerce, and threaten the public, the government, and other organizations. The CDN was recruited from the Mexican Army’s Airborne Special Forces Group (GAFEs) and the Guatemalan Kiabiles Special Forces. Both groups have sophisticated expertise in intelligence, communications and countersurveillance operations, as well as training in military-grade weapons and irregular warfare. This creates a climate where cartels resemble paramilitary forces rather than simply drug trafficking organizations. In many cases, the criminal activity of designated FTOs has grown to resemble traditional terror TTPs. For example, MTCOs leverage social media in a manner similar to al-Qaeda by recording and uploading videos depicting extreme violence. Extortion has also escalated to the point that the Mexican government has compared several incidents to acts of terror. On 25 August 2011, the CDN set fire to the Casino Royale San Jeronimo, which resulted in the death of 53 individuals, after the casino’s owners failed to make an extortion payment. These deliberately extreme and provocative acts of retaliation have a profound psychological impact on both the Mexican government and the public.^[7],[11]

The recently designated FTOs also conduct targeted assassinations, bombings, and attacks on critical infrastructure as well as kidnappings. In order to secure their illicit operations and threaten competition, the Sinaloa Cartel has regularly been involved in kidnappings, leading to a State Department ban on government travel in states where the cartel is based. The frequency of kidnappings, assassinations, and other forms of extreme violence perpetrated by the Sinaloa cartel has had implications for both American security interests and foreign relations. The CDG kidnapped four (4) American citizens in 2023 and detonated explosives at a U.S. consulate in 2008. The JNGC assassinated the former Governor of Jalisco State, Aristoteles Sandoval, and has been connected to more than 100 assassinations of government officials in all three (3) branches of Mexican government. These assassinations and attacks demonstrate a threat to American national security interests by eliminating potential governmental allies in foreign relations and joint counter- drug-trafficking plans, as well as threatening cross-border trade. FTOs also use UAS to surveil and circumvent U.S. Customs and Border Patrol (CBP) operations, posing a threat to personnel, aircraft, and border security. Cartels within Mexico have even conducted drone strikes against both Mexican law enforcement and rival cartels in the past, raising the possibility of similar attacks against CBP assets or personnel.^{[7],[12],[13]}

Complicity of Mexican Government and Law Enforcement

The wealth and capabilities of the cartels have grown substantially. Consequently, Mexican government and law enforcement agencies often lack the capacity to control them and sometimes become complicit in their dealings. De facto paramilitary groups using irregular warfare TTPs cannot easily be compared to the typical organized criminal gangs that law enforcement agencies are more qualified to handle. Bribery and corruption may also pose a threat, as cooperating law enforcement officials may impede investigations and diminish the general public’s confidence, leading to unreported crimes. An estimated 90% of crimes in Mexico go unreported, and between 72% and 77% of Mexican citizens believe the police are mostly or completely corrupt. In 2019, the largest survey on citizen perception of corruption, the Global Corruption Barometer, found that bribes were reported to have been taken in 52% of police cases that interacted with the surveyed Mexican population. This data was collected from individuals that had contact with police within the previous year.^{[7],[14],[15]}

Figure 1 – Perception of Corruption in Mexican Institution^[16]

Political corruption also puts U.S. and Mexican joint security measures at an impasse. Bilateral security cooperation is affected by a lack of trust on either side. For example, money generated by drug trafficking in the U.S. can be used by the newly designated FTOs to bribe government and security officials, who can, in turn, undermine American efforts to combat drug operations. In some cases, money laundering from corrupt Mexican officials is conducted through the U.S. by means of real estate and business transactions. Security cooperation between the U.S. and Mexico has been difficult in the past, illustrated by the collapse of the Mérida Initiative. After a Mexican defense minister was arrested on drug charges through an investigation by the U.S. Drug Enforcement Agency in 2020, Mexico’s parliamentary body, Congreso de la Unión, passed a law that requires foreign agents to report any intelligence they obtain to Mexican federal authorities, which restricted U.S. law enforcement operations. The Mérida Initiative, which sought to fight corruption in Mexico and combat drug, weapons, and bulk currency trafficking from the U.S. into Mexico, saw most of its programs come to a halt. The implications of the FTO designation may include increased tensions with Mexican officials as corruption cases will be increasingly scrutinized, potentially impeding cooperation and intelligence sharing. On the other hand, the designation could motivate the Mexican government to revert from its semi-isolationist posture concerning operations on the border so as to not let the U.S. make additional policy decisions without its input.^{[12],[16], [17],[18]}

Statute 18 U.S.C. §2339B prohibits any “material support or resources” granted to FTOs and enforces civil or criminal penalties under U.S. counterterrorism designations. Material support statutes may apply regardless of impact on commerce and can reach beyond U.S. borders if dealings are committed outside of the country. Any transaction that provides material support between a citizen or an entity and an FTO may result in criminal penalties, whether or not a transaction was deliberate or had any material consequences. Material support is very broadly defined. Support can consist of financial resources, property, arms, personnel, documents, equipment, transportation, housing, counsel, as well as payments for extortion, protection, or ransom. While the First Amendment of the U.S. Constitution protects the speech of American citizens, even verbal support for FTOs, material support of any kind is a crime.^[19],[20]

In the past, by using the material support statute, the U.S. has been able to interrupt ISIS fundraising via false charities and cryptocurrency laundering. The U.S. Treasury Department, by 2020, froze over $22 million in assets that were associated with Hezbollah. In 2022, the U.S. Department of Justice (DOJ) used a wire transfer through a U.S. bank account and U.S. email accounts to prosecute French cement company Lafarge for providing material support to ISIS and the al-Nusrah Front, resulting in an agreement to pay $778 million in fines.^[12],[19]

On 05 February 2025, U.S. Attorney General Pam Bondi issued a memorandum that removed approval requirements to prosecute drug cartels on the basis of terrorism charges, expediting the process. This means that the Material Support statute and the Racketeer Influence Corrupt Organizations (RICO) Act are much easier to leverage. The RICO Act permits civil lawsuits against individual entities within criminal organizations with more severe penalties. The RICO Act can also be used to penalize leading individuals in criminal groups, therefore directing penalties against and destabilizing entire organizations. By removing complex requirements, attorneys and prosecutors will possibly have more motivation to use these tools. However, the review process for RICO was formulated to establish universal usage of the act. This may lead to discrepancies in criminal and civil cases in terms of whether or not statutes are utilized. The DOJ’s National Security Division has also re-tasked anti-money laundering teams through the Foreign Corrupt Practices Act (FCPA) and allocated forfeiture prosecutors to aid in drug trafficking and cartel cases.^{[21],[22], [23]}

The recent FTO designation marks a transition in strategies for sanctions compliance among both U.S. and non-U.S. entities due to increased uncertainty over the gap of regulatory risk between legal frameworks for FTOs as compared to TCOs. The cartels have long been intertwined with Mexico’s economy. Front businesses, shell companies or other tactics to launder money may pervade many industries in areas such as agriculture, transportation, retail or real estate. American businesses run an elevated risk of breaking the law by interacting knowingly or unknowingly with FTOs that permeate these sectors. Financial institutions will likely develop a more mindful posture, as there is a significant increase in both of U.S. jurisdictional reach and unclarified questions within applicable statutes. The scope of the sanctions risk concern is wide-ranging and covers foreign subsidiaries of domestic companies, joint ventures, and international businesses.

Jurisdictional Implications and U.S. Agency Direction

The 1981 Executive Order 12333 on United States Intelligence Activities grants intelligence agencies the authority to gather intelligence outside of the U.S. Intelligence efforts are often determined by the priorities of the federal administration, which is currently focused on drug cartels across the border.^[21],[26]

The Foreign Intelligence Surveillance Act (FISA) authorizes the interception of electronic signals through U.S. communications providers. As of 2024, Congress has re-authorized FISA to include counternarcotics when defining foreign intelligence. Section 702 of FISA permits the collection of foreign intelligence information from non-U.S. persons outside of the country. The designation of certain cartels as FTOs recognizes classified information associated with them as “foreign intelligence,” which is subject to Section 702 collection. Conversely, Title I of FISA may be more useful in investigations. Title I of FISA authorizes the collection of information from U.S. corporations or individual entities if the Foreign Intelligence Surveillance Court (FISC) determines, by probable cause, that an intelligence target is an agent of a foreign power. FISA defines a foreign power as an organization involved in international terrorism, and FTO designations have been previously used to fulfill FISC requirements.^[21],[27]

There are many other resources used in combating terrorist threats to the U.S. that have been leveraged following the designation. The Organized Crime Drug Enforcement Task Force (OCDETF) was developed to disrupt transnational criminal organizations and was included in the President’s Strategy to Combat Transnational Organized Crime, as well as Executive Order 13773, which gave the task force further direction. The OCDETF has focuses on narcotics and financial criminal activity. The International Organized Crime Intelligence and Operations Center (IOC-2) works closely with the OCDETF and has a component to investigate non-drug operations, which expands its purview over cartels. The FBI’s Joint Terrorism Task Forces (JTTFs) coordinate through the National Joint Terrorism Task Force in efforts against terrorism and towards interagency collaboration. U.S. President Donald Trump issued orders to establish Homeland Security Task Forces (HSTFs) in all states for the purpose of dismantling criminal cartels. The HSTFs will be manned by agencies that also staff and contribute to OCDETF and JTTFs, facilitating intelligence sharing. Current operations Liquid Death and Take Back America are pooling the efforts of many U.S. agencies including the DEA, FBI, ICE-HIS and IRS CI, illustrating the current administration’s emphasis on its efforts to eliminate cartels.^{[21],[28],[29],[30],[31]}

Outlook

The State Department’s aggressive expansion of FTO designations escalates the risks of operations and financing for these organizations. Money laundering networks may also become less effective or gain new vulnerabilities Cartel leadership may also face aggressive targeting. Designated FTOs may be forced to adopt more caution in recruiting new members. As of May 2025, two (2) individuals have been indicted under Material Support, money laundering and smuggling charges in South Texas connected to the CJNG. This indicates that the DOJ will likely escalate prosecutions related to the designated FTOs. U.S. businesses may engage in due diligence overhauls to ensure sanctions compliance based on the increased risk of exposure to Material Support statutes. Any direct or indirect involvement with designated FTOs has the potential for severe civil or criminal penalties, and actions such as processing money laundered by the cartels or extortion payments will face higher scrutiny. As the U.S. boasts a robust economy, cartel operations will likely face resistance, as transactions through American financial institutions and operations may experience asset freezes, depending on exposure.^{[12],[24],[31]}

The new U.S. designations were recognized by Canada on 20 February 2025 when the Canadian government branded seven (7) of the cartels in question as terrorist entities. On the other hand, the Mexican government’s outlook on this matter is still uncertain. Relations between the U.S. and Mexico may be strained following the designations, as it presents the U.S. with enhanced jurisdictional powers to collect and act on intelligence in Mexico without the government’s consent, with the potential to be seen as undermining its national authority. The dispute regarding what other governments define as “terrorism” may potentially lead to fallout both internationally and domestically. Some FTOs (notably Hamas and Hezbollah) already attempt to use their political activities to feign legitimacy. However, if this recent series of designations sets a precedent, and other instances follow, American legal and federal systems may see a drastic increase in the number of qualifying FTO-related investigations.^[32],[33]

[1] President Trump, Donald. (2025, January 20). Executive Order 14157: Designating Cartels and Other Organizations as Foreign Terrorist Organizations and Specially Designated Global Terrorists. Federal Register. Retrieved from https://www.hsdl.org/c/view?docid=894766.

[2] U.S. Department of State. (2025, February 20) Designation of International Cartels. U.S. Department of State. Retrieved from https://www.state.gov/designation-of-international-cartels/.

[3] Bureau of Counterterrorism. Foreign Terrorist Organizations. U.S. Department of State. Retrieved from https://www.state.gov/foreign-terrorist-organizations/.

[4] Office of the Coordinator for Counterterrorism. (2008, April 8). Immigration and Nationality Act Section 212. U.S. Department of State Archive. Retrieved from https://2001-2009.state.gov/s/ct/rls/fs/08/103399.htm/.

[5] Office of the Coordinator for Counterterrorism. (2008, April 8). Foreign Relations Authorization Act, Fiscal Years 1988 and 1989: Terrorism Definition. U.S. Department of State Archive. Retrieved from https://2001-2009.state.gov/s/ct/rls/fs/08/103401.htm.

[6] Federal Bureau of Investigation. Transnational Organized Crime. Federal Bureau of Investigation. Retrieved from https://www.fbi.gov/investigate/transnational-organized-crime.

[7] Schofield, R. (2015, December). Crime-Terrorism Nexus, and the Threat to U.S. Homeland Security. Naval Postgraduate School (U.S.) Retrieved from https://www.hsdl.org/c/view?docid=790384.

[8] Helfgott, A. (2023, October 24). El Partido Revolucionario Institucional (PRI) – Explainer. Wilson Center. Retrieved from https://www.wilsoncenter.org/article/el-partido-revolucionario-institucional-pri-explainer.

[9] Drug Enforcement Administration. (2025, May). 2025 National Drug Threat Assessment (NDTA). Drug Enforcement Administration. Retrieved from https://www.hsdl.org/c/view?docid=895355.

[10] Felhab-Brown, V. (2021, September 15). Pipe dreams: The Taliban and drugs from the 1990s into its new regime. Brookings. Retrieved from https://www.brookings.edu/articles/pipe-dreams-the-taliban-and-drugs-from-the-1990s-into-its-new-regime/

[11] Manwaring, M. (2009, January 9). A “New” Dynamic in the Western Hemisphere Security Environment: The Mexican Zetas and Other Private Armies. US Army War College. Retrieved from https://press.armywarcollege.edu/cgi/viewcontent.cgi?article=1620&context=monographs.

[12] Witte, C. (2024, April 5) From the Halls of Montezuma: The Promise and Pitfalls of Designating Mexican Drug Cartels as Foreign Terrorist Organizations. Center on Law, Ethics and National Security. Retrieved from https://sites.duke.edu/lawfire/files/2024/04/Witte_Final_LENS_Essay_ Combined.pdf.

[13] U.S. Government Publishing Office. (2022, March 31). Assessing the Department of Homeland Security’s Efforts to Counter Unmanned Aircraft Systems, Joint Hearing Before the Subcommittee on Oversight, Management, and Accountability and the Subcommittee on Transportation and Maritime Security of the Committee on Homeland Security, House of Representatives, One Hundred Seventeenth Congress. U.S. Government Publishing Office. Retrieved from https://www.hsdl.org/c/ view?docid=868550.

[14] Aldana, A. et al. (2022, November 10). Modeling the role of police corruption in the reduction of organized crime: Mexico as a case study. Scientific Reports. Retrieved from https://www.nature.com/articles/s41598-022-23630-x.

[15] Pring, C et al. (2019, September). Global Corruption Barometer: Latin America & The Caribbean 2019. Transparency International. Retrieved from https://images.transparencycdn.org/images/ 2019_GCB_LatinAmerica_Caribbean_Full_Report_200409_091428.pdf.

[16] Martínez-Fernández, A. (2021, February). Money Laundering and Corruption in Mexico: Confronting Threats to Prosperity, Security, and the US-Mexico Relationship. American Enterprise Institute. Retrieved from https://www.jstor.org/stable/pdf/resrep30205.pdf .

[17] Congressional Research Service. (2024, October 1) U.S.-Mexico Security Cooperation: From the Mérida Initiative to the Bicentennial Framework. Congressional Research Service. Retrieved from https://www.hsdl.org/c/view?docid=892649.

[18] U.S. Department of State. (2021, March 30). 2020 Country Reports on Human Rights Practices: Mexico. U.S. Department of State. Retrieved from https://www.state.gov/reports/2020-country-reports-on-human-rights-practices/mexico/.

[19] Allen, B. et al. (2025, March 25). Understanding and Mitigating Legal and Compliance Risks Relating to Cartels and Transnational Criminal Organizations. Skadden. Retrieved from https://www.skadden.com/insights/publications/2025/03/understanding-and-mitigating-legal-and-compliance-risks-relating-to-cartels.

[20] Legal Information Institute. (n.d.). 18 U.S. Code § 2339B – Providing material support or resources to designated foreign terrorist organizations. Cornell Law School. Retrieved from https://www.law.cornell.edu/uscode/text/18/2339B.

[21] Galdo, M. (2025, April 1). The Justice Department’s Multifront Battle Against Drug Cartels. Lawfare. Retrieved from https://www.lawfaremedia.org/article/the-justice-department-s-multifront-battle-against-drug-cartels.

[22] Office of the Attorney General. (2025, February 5). Memorandum for all Department Employees: Total Elimination of Cartels and Transnational Criminal Organizations. U.S. Department of Justice. Retrieved from https://www.justice.gov/ag/media/1388546/dl?inline.

[23] 18 U.S. Code Chapter 96 Part I- Racketeer Influenced and Corrupt Organizations. Cornell Law School Legal Information Institute. Retrieved from https://www.law.cornell.edu/uscode/text/ 18/part-I/chapter-96.

[24] Knickmeyer, E. et al. (2025, February 19). Trump administration labels 8 Latin American cartels as ‘foreign terrorist organizations’. AP News. Retrieved from https://apnews.com/article/trump-cartels-foreign-terrorist-organizations-eb35567b69fc66f13f7f79fb90906a50

[25] Troutman Pepper Locke. (2025, February 24). US Declares War on Cartels: Historic Terrorist Designations Reshape Sanctions Compliance Risks. Troutman Pepper Locke. Retrieved from https://www.troutman.com/insights/us-declares-war-on-cartels-historic-terrorist-designations-reshape-sanctions-compliance-risks.html.

[26] Office of the Director of National Intelligence. (2008). Executive Order 12333: United States Intelligence Activities. ODNI. Retrieved from https://www.odni.gov/files/NCSC/documents/ Regulations/EO_12333.pdf.

[27] U.S. Code. (n.d.). Title 50, Chapter 36 [War and national defense]. Legal Information Institute. Retrieved from https://www.law.cornell.edu/uscode/text/50/chapter‑36.

[28] U.S. Department of Justice. (n.d.). About OCDETF. Organized Crime Drug Enforcement Task Forces. Retrieved from https://www.justice.gov/ocdetf/about-ocdetf.

[29] U.S. Department of Justice. (n.d.). Joint Terrorism Task Forces. Federal Bureau of Investigation. Retrieved from https://www.fbi.gov/investigate/terrorism/joint-terrorism-task-forces.

[30] The White House. (2025, January 20) Protecting the American People Against Invasion. The White House. Retrieved from https://www.whitehouse.gov/presidential-actions/2025/01/protecting-the-american-people-against-invasion/.

[31] United States Attorney’s Office Southern District of Texas. (2025, May 30). Father and son indicted for providing material support to Mexican cartel engaged in terrorism. United State’s Attorney’s Office. Retrieved from https://www.justice.gov/usao-sdtx/pr/father-and-son-indicted-providing-material-support-mexican-cartel-engaged-terrorism.

[32] Public Safety Canada. (2025, February 20). Government of Canada lists seven transnational criminal organizations as terrorist entities. Government of Canada. Retrieved from https://www.canada.ca/en/public-safety-canada/news/2025/02/government-of-canada-lists-seven-transnational-criminal-organizations-as-terrorist-entities.html.

[33] 118^th Congress. (2023, June 07). Transnational Criminal Organizations: The Menacing Threat to the U.S. Homeland. Congress. Retrieved from https://www.congress.gov/event/118th-congress/house-event/116069/text.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Introduction

In June 2023, RMC produced a White Paper entitled “China-Cuba Relations: Recent Developments and Implications for U.S. National Security.” This paper will be a continuation of the subject, providing a brief history of the longstanding relationship between China and Cuba and an update on their military and intelligence collaborations.

Background

China and Cuba’s relationship began in the mid-1800s, when Chinese laborers were brought to the island to work in the sugar industry. Following Fidel Castro’s rise to power in 1959, Cuba officially recognized the People’s Republic of China in 1960. Both revolutionary governments shared anti-imperialist views, implemented land reforms, and opposed American influence on the global stage. Over the decades, their relationship has expanded to include robust economic cooperation, with China becoming one of Cuba’s largest trading partners, along with that of other Latin America and Caribbean countries (for more information, see RMC White Paper, “Chinese Investment and Influence in Latin America and the Caribbean”). Huawei and ZTE, two (2) Chinese tech giants blacklisted by the U.S. due to concerns about espionage, serve as the foundation of Cuba’s telecommunications infrastructure. In June 2023, U.S. officials observed personnel from the companies entering and leaving suspected Chinese intelligence facilities in Cuba. Ongoing technical collaborations between Cuban institutions and Chinese state-supported universities and tech companies have also promoted the transfer of technology.^{[1],[2],[3],[4],[5]}

Signals Intelligence (SIGINT) Collection Facilities

Satellite imagery appearing on the Center for Strategic and International Studies (CSIS) website has identified SIGINT sites with suspected connections to China near Havana in Wajay, Bejucal, and Calabazar. The fourth site is in the southern part of Cuba in El Salao.^[6]

Figure 1 – Locations of Cuban SIGINT Sites^[6]

These facilities are equipped with sophisticated antenna arrays and radar systems designed to intercept electronic communications from both civilian and military sources. The densely populated southeastern U.S. coast is particularly vulnerable, as it is home to key military installations, launch sites, and strategic infrastructure.^[7]

Bejucal (Near Havana)

The Bejucal facility is the country’s largest active SIGINT site, with historical ties to Cold War espionage and proximity to former Soviet nuclear positions. Since the Cold War, Bejucal has been suspected of supporting Chinese intelligence operations. This suspicion has been echoed in U.S. government reports and political discourse. The site has undergone significant modernization over the past decade, as satellite imagery reveals the expansion of antenna fields, underground facilities, and the addition of a radome in 2014, which is likely used for electronic surveillance.^[8],[9],[10]

Recent imagery from April 2025 reveals major upgrades underway, including the removal of older antennas and construction of a large Circularly Disposed Antenna Array (CDAA), which is a Cold War-era system used for high-frequency direction finding. CDAAs can trace the origin of radio signals thousands of miles away, which could enable the monitoring of U.S. air and maritime activity. The new array at Bejucal is notably larger than the previous version on-site, increasing its potential for precision and reach.^[11],[12]

Figure 2 – Bejucal SIGINT Facility^[11]

While CDAAs have become less common in modern SIGINT due to technological advancements, they remain relevant, especially for military powers such as China, which deploys similar arrays in the South China Sea to monitor activity near contested areas. The upgraded Bejucal CDAA could enhance Cuba’s intelligence capabilities and provide valuable information to China or other adversaries, raising concerns about regional surveillance and U.S. national security.^[11],[13]

El Salao (Southern Cuba)

Roughly 500 miles southeast of Bejucal, near El Salao on Cuba’s eastern side, is another CDAA facility. This site was first publicly identified in 2024 through satellite imagery found on the CSIS website, which showed a CDAA under construction. However, by April 2025, new imagery indicated that construction had halted. Only minimal activity, such as roofing support for buildings, has occurred since then. Vegetation is overtaking the graded area, suggesting that the site is no longer actively maintained.^[11]

Figure 3 – El Salao CDAA Facility (April 2025)^[11]

If completed, the El Salao CDAA would offer a strategic position for monitoring Atlantic air and maritime traffic, particularly near U.S. Naval Station Guantanamo, which is located just 40 miles away. The halt in development raises questions. While no direct evidence publicly links China to the El Salao or Bejucal sites, and Beijing denies involvement, U.S. officials have asserted that China has access to spy facilities in Cuba. These sites remain top candidates for supporting Chinese intelligence operations. As such, continued U.S. monitoring is likely, as changes at these SIGINT facilities could signal an increase in intelligence-gathering activity against U.S. interests.^[11],[5]

Wajay (Near Havana)

A little more than six (6) miles north of Bejucal, the Wajay facility is a smaller but an expanding SIGINT site. Security fencing and guard posts indicate its use for military or sensitive operations. Since 2002, the compound has grown from a single antenna and a few buildings into a larger complex featuring 12 antennas, operations and support structures, and a small solar farm. While there is no direct evidence of China’s involvement, it is possible that Beijing is involved in the site’s development and recent upgrades. The absence of dish antennas suggests the facility is focused on terrestrial signal interception and transmission. The diversity of antenna types indicates that Wajay is engaged in a sophisticated SIGINT role.^[6]

Figure 4 – Wajay SIGINT Site (March 2024)^[6]

Calabazar (Near Havana)

Near the town of Calabazar, a small Cuban military complex exhibits clear signs of SIGINT activity. The secured site features over a dozen dish antennas of various sizes and two (2) pole antenna arrays. Consistent with typical military intelligence operations, the configuration of antennas has changed over time, reflecting shifts in the site’s mission. The most recent addition, a new dish antenna, was installed in 2016.^[6],[14]

Figure 5 – Calabazar SIGINT Site (April 2024)^[6]

Strategically, China’s access to SIGINT sites in Cuba allows it to close longstanding gaps in its global intelligence network, especially in the Western Hemisphere. These facilities enable China to monitor encrypted and unencrypted U.S. military and commercial communications, observe space launches at Cape Canaveral, and collect economic and technological data from key southern U.S. industries. Even without deciphering message contents, metadata from signals, such as their origin, timing, and frequency, can reveal valuable insights about U.S. military posture and capabilities. These developments mark a Cold War-style resurgence of foreign intelligence operations against the U.S., now powered by modern surveillance technologies.^[15],[16]

Outlook

The combination of China’s significant financial investment in Cuba’s infrastructure and the appearance of the two (2) countries collaborating on intelligence and military facilities, just 100 miles from Florida, represents a significant threat to national security due to their proximity to sensitive U.S. military and civilian infrastructure. The southeastern U.S. is home to critical Department of Defense (DoD) assets, including CENTCOM, SOUTHCOM, Cape Canaveral, Kennedy Space Center, and multiple submarine bases. By intercepting signals in this region, China could build a clearer picture of U.S. force posture, military exercises, and potentially even response times, which would be valuable in any future conflict or geopolitical standoff.

If China uses these signal-collecting sites, it marks a shift in Beijing’s intelligence capabilities. Historically limited in the Western Hemisphere, China is now closing that gap through access to Cuban infrastructure. This gives Beijing greater reach to monitor U.S. satellite launches and strategic communications. It also allows for telemetry and tracking of space-based assets, potentially compromising American advantage in space and near-Earth surveillance. This would also force the DoD to contend with not only Chinese military modernization in Asia but also a persistent surveillance threat near U.S. shores. It also raises the stakes for diplomatic and intelligence efforts to monitor, contain, or counter China’s intelligence infrastructure buildup in the Americas.

[1]Council on Foreign Relations. (2022, June 3). U.S.-Cuba Relations. https://www.cfr.org/backgr ounder/us-cuba-relations.

[2]Center for Strategic & International Studies. (2018, February 28). Cuba’s Changing of the Guard and Sino-Cuban Relations. https://www.csis.org/analysis/cubas-changing-guard-and-sino-cuban-relations.

[3]Defense News. (2023, July 7). China’s Ties To Cuba, Growing Presence In Latin America Raises Concerns. https://www.defensenews.com/opinion/commentary/2023/07/07/chinas-ties-to-cuba-growing-presence-in-latin-america-raise-concerns/.

[4]The Wall Street Journal. (2023, June 21). U.S. Tracked Huawei, ZTE Workers at Suspected Chinese Spy Sites in Cuba. https://www.wsj.com/politics/u-s-tracked-huawei-zte-workers-at-suspected-chinese-spy-sites-in-cuba-355caddc?mod=article_inline.

[5]Fox News. (2024, December 12). China Denies New Report Linking CCP To Four Sites In Cuba Allegedly Used To Spy On The US. https://www.foxnews.com/politics/china-denies-new-report-linking-ccp-four-sites-cuba-allegedly-used-spy-us.

[6]Center for Strategic & International Studies. (2024, July 1). Secret Signals Decoding China’s Intelligence Activities in Cuba. https://features.csis.org/hiddenreach/china-cuba-spy-sigint/.

[7]Federation of American Scientists. (2022, April 27). AN/FLR-9. https://irp.fas.org/program/collect/an-flr-9.htm.

[8]The Diplomat. (2018, June 08). Satellite Images: A (Worrying) Cuban Mystery – The New Radome In Cuba Is Unprecedented. Who’s Behind It? https://thediplomat.com/2018/06/satellite-images-a-worrying-cuban-mystery/.

[9]Bustle. (2016, March 10). Marco Rubio’s Cuba Answer Brought The House Down. https://www.bustle.com/articles/147319-marco-rubios-cuba-answer-at-the-gop-debate-brought-the-house-down.

[10]The National Security Archive. (2008, June 18). One Minute To Midnight Kennedy, Khrushchev and Castro on the Brink of Nuclear War. https://nsarchive2.gwu.edu/nsa/cuba_mis_cri/dobbs/warheads.htm.

[11] enter for Strategic & International Studies. (2025, May 6). At The Doorstep A Snapshot of New Activity at Cuban Spy Sites. https://features.csis.org/hiddenreach/snapshots/cuba-china-cdaa-base/.

[12]National Photographic Interpretation Center (2010, August 11). Lourdes Central Sigint Complex (S). https://www.cia.gov/readingroom/docs/CIA-RDP80T01782R000100710001-8.pdf.

[13]Asia Maritime Transparency Initiative. (2018, February 16). Comparing Aerial & Satellite Images Of China’s Spratly Outposts. https://amti.csis.org/comparing-aerial-satellite-images-chinas-spratly-outposts/.

[14]Newsweek. (2024, December 9). Map Shows China’s Suspected Spy Bases In Cuba. https://www.newsweek.com/china-news-map-shows-suspected-spy-bases-cuba-1997464.

[15]Office of the Director of National Intelligence. (2024, February 5). 2024 Annual Threat Assessment of the U.S. Intelligence Community. https://www.odni.gov/files/ODNI/documents/assessments/ATA-2024-Unclassified-Report.pdf.

[16]Office of the Director of National Intelligence. (2025, March). 2025 Annual Threat Assessment of the U.S. Intelligence Community. https://www.dni.gov/files/ODNI/documents/assessments/ATA-2025-Unclassified-Report.pdf.

Introduction

The United States Department of Homeland Security (DHS) was initially created to combat the growing threat of transnational terrorists. However, it now concerns itself with both domestic and transnational threat actors. The recent efforts to enforce immigration law have given DHS and other responding agencies a new set of challenges.

Efforts Against Terrorism

In recent years, homeland security itself has faced growing threats from terrorists and criminals who use dynamic, innovative methods and sophisticated tactics. According to a 2021 study, there were at least 230 unsuccessful domestic terrorist attacks or plots since 11 September 2001. Of those plots, 118 were committed by homegrown violent extremists (HVEs), 84 by domestic terrorists, and 28 by transnational terrorist organizations. The Center for Prevention Programs and Partnerships (CP3) was created within the DHS to identify and prevent radicalization.^[1],[2],[3]

DHS has made several efforts to combat terrorism at the local, state, and federal levels. For example, Additionally, there are prevention forums in place to showcase tactics, techniques, and procedures (TTPs) used by terrorists, and how to prevent, mitigate, and respond to them. CP3 continues to work to highlight prevention resources that can be used to increase awareness of targeted violence. The program is also responsible for collaborating with international partners to advance terrorism prevention initiatives, thereby enhancing global engagement.^[2]

Despite DHS’s efforts to bolster national security, there have still been recent terrorist attacks. On 01 January 2025 a man who self-identified with the Islamic State of Iraq and Syria (ISIS) drove his truck through Bourbon Street in New Orleans after strategically placing Improvised Explosive Devices (IEDs) around the area. The man struck and killed 14 people while injuring at least 57 others. Among those injured, were two (2) police officers who responded to the attack and were able to neutralize the attacker. According to New Orleans police, the barriers that would normally prohibit vehicles from entering the streets were not utilized due to recent malfunctions. Following the attack, a report from the Louisiana Governor’s Office of Homeland Security revealed that there may have been problems with some of the emergency alert systems put into place that . The report was used to analyze and identify issues in the response to the attack. The incident stood as a reminder that the terror threat to the U.S. is alive and persistent as transnational terrorist organizations continue to recruit Americans, some of whom self-radicalize via online propaganda and social media engagement. In the latter cases, the perpetrator may have had little or no contact with transnational terrorists but become radicalized over time before carrying out an attack.^{[1],[4],[5],[6],[7]}

On 01 June 2025, an Egyptian national attacked a weekly march by pro-Israel activists campaigning for the release of hostages in Gaza. Using homemade Molotov cocktails and a makeshift flamethrower, he attacked the participants. While 12 attendees were injured, there were no fatalities. He had planned the attack for a year and expressed a desire to commit acts of antisemitic violence. He reportedly shouted “Free Palestine!” during the attack The suspect had overstayed a non-immigrant visa, which expired in February 2023, although he later applied for asylum. He has been charged with multiple felony counts and a federal hate crimes charge.^[8]

The Rapidly Industrializing Threats to the Border

Rapidly advancing technology has created new threats along the U.S.-Mexico border. Drug cartels have used Unmanned Aerial Systems (UAS) to smuggle deadly narcotics into the U.S. According to Judicial Watch, drug cartels in one (1) year conducted at least 9,000 drone flights across U.S. airspace. Foreign nationals also used drones for intelligence.^[9][10],[11]

In May 2024, authorities dismantled a smuggling operation after a year-and-a-half long investigation that resulted in charges against three (3) individuals. The suspects allegedly used a $630,000 drone to transport drugs between New York and Canada. U.S. Border Patrol agents tracked the drone’s flight path from New York to a winery in Ontario and, upon its return, recovered a package containing at least six (6) pounds of ecstasy. As of 01 April 2025, over one (1) million drones are registered within the United States. In response to these emerging threats (including drug smuggling at borders and in correctional facilities) U.S. Representatives Josh Riley and Zach Nunn introduced the “Stop Fentanyl Smuggling Act” on 29 April 2025. The proposed legislation aims to support the development of advanced detection technologies that would enable DoD personnel to identify and disrupt drug trafficking operations.^{[9],[12][13][14]}

On 01 February 2025, officials received intelligence indicating Mexican cartel leaders authorized the use of drones equipped with explosives to be used against U.S. Border Patrol agents and Department of Defense (DoD) personnel along the U.S.-Mexico border. This report likely led to heightened security. As of 29 April 2025, the Pentagon is preparing to deploy counter-drone capabilities there due to threats made and in support of increased federal enforcement of immigration and security mandates. While tensions along the border have risen, DHS has acted to prevent and combat any attacks targeting DoD personnel and property. ^[15],[16]

Immigration at the Border

While history shows that Mexican nationals and individuals from other Central and South American countries have historically been the largest demographic groups encountered at the Southern Border, a dramatic increase in Chinese illegal immigration is on track to break records. FY22 reported an increase of more than 2,000 Chinese immigrants compared to FY21. FY23 reported a total of 24,314 Chinese immigrants. Furthermore, FY24 recorded 18,750 encounters by the end of January. The month of December 2024 recorded nearly 6,000 immigrants alone. Law enforcement officials working at the border have also reported illegal immigrants from more than 150 other countries.^[17]

From 20 through 26 January 2025, there were 7,287 migrant encounters at the southern border. This number represents a 63% decrease after the Customs and Border Patrol (CBP) One app, which serves as a single portal to CBP services, was shut down. In addition to the CBP services provided, the app allowed immigrants to schedule appointments at different U.S. ports to enter into the country using humanitarian parole. In a sustained effort to secure the border, the U.S. recorded at least a 60% decrease in encounters between ports of entry along the southwest border from May 2024 to December 2024,  the lowest it had been since August 2020. Under Title 8 of the U.S. Code, the DHS has legal authority to detain, process, or deport migrants who enter illegally. Migrants who cross the border illegally or arrive without proper documentation may be detained in detention facilities. These facilities are managed by the DHS and Immigration and Customs Enforcement (ICE). Additionally, in Arizona, there was a 30-foot wall that had gaps that hundreds of migrants would use daily to approach the Border Patrol. In 2024, the wall was completed, which stopped the flow of migrants from entering, leading to a significant decrease in immigrants at that port of entry.^{[18],[19],[20],[21]}

In FY23, CBP reported 189,402 migrant encounters at the northern border. This number represented a 73% increase from 2022 and a 597% increase from FY21’s 27,180 migrant encounters. The Swanton Sector, which spans nearly 300 miles through eastern New York, Vermont, and New Hampshire, was responsible for more than two-thirds (2/3) of all reported apprehensions at the northern border during FY23. CBP agents at the northern border have reportedly expressed concerns about the U.S.-Canadian border being overlooked due to the threats at the U.S.-Mexico border. As a result, the potential for illegal border crossings at the northern border may have increased.^{[22],[23],[24]}

Figure 1 – Migrant Encounters at the Northern Border FY22-FY25TD[24]

Figure 2 – Migrant Encounters at the Southern Border FY22-FY25TD24^[24]

Outlook

Despite recent incidents, DHS has expanded its national security mission scope to include responding to natural disasters, thwarting terror plots on U.S. soil, and strengthening digital defenses to combat cyber adversaries, while collaborating with other agencies to tackle illegal immigration and border enforcement. As a result, DHS has become the third-largest cabinet department in the federal government. The threat to the country’s borders and to overall national security has been growing and evolving since the attacks on 11 September 2001. After the creation of DHS, the department has had to grow, advance, and evolve to safeguard the nation’s borders efficiently. While both domestic and transnational terrorists pose a threat to national security, other threat actors are enhancing their capabilities to disrupt DoD operations and jeopardize national security. Terrorists continue to illegally cross the nation’s borders while also recruiting and radicalizing individuals who are already on U.S. soil. Mexican cartels have advanced capabilities that allow them to remotely conduct surveillance operations and carry out lethal attacks along the border. Furthermore, migrants continue to approach U.S. borders with the hope of unlawfully entering the country. Recent data has shown that Chinese immigrants are accessing the borders more than ever before. The threat of espionage is obvious, and it demonstrates that Chinese intelligence entities leveraged the relaxed border enforcement of the previous four (4) years. The threat of cartels and their use of new and sophisticated technology at the border is present and ongoing. However, the influx of migrants from multiple countries from 2020 through 2024 may represent a latent threat of not only intelligence collection but kinetic attacks months, years, or even decades in the future.^[25],[26]

[1] Dahl, E. (2021, November 07). Assessing the Effectiveness of the Department of Homeland Security, 20 Years After 9/11. Brown University. Retrieved from https://watson.brown.edu/costsofwar/files/cow/imce/papers/2021/Assessing%20DHS_Dahl_Costs%20of%20War.pdf.

[2] DHS. (n.d.). Partnerships and Engagement. DHS. Retrieved from https://www.dhs.gov/cp3/partnerships-and-engagement.

[3] CP3. (n.d.). Targeted violence and terrorism are preventable. DHS. Retrieved from https://www.dhs.gov/sites/default/files/2025-01/2025_0129_cp3-overview.pdf.

[4] Lowrey, E. (2025 January 29). New Orleans terror attack response riddled with issues highlighted in after-action report. WDSU. Retrieved from https://www.wdsu.com/article/new-orleans-terror-attack-response-action-report/63609441.

[5] Homeland House. (2025, January 22). House Homeland Releases Updated “Terror Threat Snapshot” Assessment in Wake of New Year’s Day ISIS-Inspired Terrorist Attack in New Orleans. Homeland House. Retrieved from https://homeland.house.gov/2025/01/22/house-homeland-releases-updated-terror-threat-snapshot-assessment-in-wake-of-new-years-day-isis-inspired-terrorist-attack-in-new-orleans/.

[6] FBI. (2025, January 14). Bourbon Street Attack Investigation Updates. FBI. Retrieved from https://www.fbi.gov/news/press-releases/bourbon-street-attack-investigation-updates.

[7] Adelson, J. (2025, January 07). Attacker drove down 3 blocks of Bourbon Street with no barriers. How did that happen?. Retrieved from https://archive.ph/4gwOW#selection-3925.0-3925.85.

[8] Haubner, A., Milton, P., & Swanson, C. (2025, June 2). Attack in Boulder, Colorado, burns 12 people at march for Israeli hostages, officials say; suspect charged. CBS News Colorado. Retrieved from https://www.cbsnews.com/colorado/news/colorado-police-responding-to-boulder-pearl-street-mall-attack-multiple-injured/.

[9] Edward, B. (2025, May 02). Drones Smuggling Deadly Drugs Across U.S. Borders, Report Reveals. Digital Chew. Retrieved from https://digitalchew.com/2025/05/02/drones-smuggling-deadly-drugs-across-u-s-borders-report-reveals/.

[10] AXON. (2025, February 07). Countering cartel drone threats: How CUAS systems can protect U.S. Border Patrol Agents. AXON. Retrieved from https://www.axon.com/blog/countering-cartel-drone-threats.

[11] Suarez, K. (2021, June 02). Drug cartels attack enemies and spread terror with weaponized drones in US, Mexico. USA Today. Retrieved from https://www.usatoday.com/story/news/nation/2021/06/02/mexican-drug-lords-use-drones-spread-terror/7506312002/.

[12] AP News. (2024, May 16). Drones smuggled drugs across Niagara River from Canada, 3 suspects caught in NY. AP News. Retrieved from https://apnews.com/article/drone-drug-smuggling-niagara-new-york-426468e8cc99bae3531ff2ac3a404043.

[13] Federal Aviation Administration. (2025, April 01). Drones. FAA. Retrieved from https://www.faa.gov/uas.

[14] House. (2025, April 29). Rep. Riley Introduces Bipartisan Bill to Crack Down on Fentanyl Smuggling at Border and in Prisons. House. Retrieved from  https://riley.house.gov/media/press-releases/rep-riley-introduces-bipartisan-bill-crack-down-fentanyl-smuggling-border-and.

[15] Fitz-Gibbon, J., & Taer, J. (2025, February 3). Mexican drug cartels plan attacks on Border Patrol agents with kamikaze drones and other explosives to fight US crackdown. New York Post. Retrieved from https://nypost.com/2025/02/03/us-news/mexican-cartels-order-suicide-drone-attacks-on-border-patrol/.

[16] Vincent, B. (2025, April 29). DOD to deploy counter-drone capabilities at US-Mexico border as cartels surveil troops. Defense Scoop. Retrieved from https://defensescoop.com/2025/04/29/dod-counter-small-drones-u-s-mexico-border-cartels-surveil-troops/.

[17] Hopkins, J. (2024, February). Record Number Of Chinese Nationals Illegally Crossing Into US, Latest Data Shows. MSN. Retrieved from https://www.msn.com/en-us/news/us/record-number-of-chinese-nationals-illegally-crossing-into-us-latest-data-shows/ar-BB1mwdSm?ocid=BingNewsVerp.

[18] Shaw, A. (2025, January 28). Trump-era southern border sees migrant encounters plummet by over 60% as new policies kick in. Fox News. Retrieved from https://www.foxnews.com/politics/trump-era-southern-border-sees-migrant-encounters-plummet-over-60-new-policies-kick-in.

[19] ICE. (n.d.). Detention Management. ICE. Retrieved from https://www.ice.gov/detain/detention-management.

[20] House. (n.d.). Title 8—Aliens And Nationality. House. Retrieved from https://uscode.house.gov/view.xhtml?req=granuleid%3AUSC-prelim-title8&edition=prelim.

[21] Lapidus, S. (2025, 09 May). US wants migrants to know that crossing the border illegally could mean jail time. AZ Central. Retrieved from https://www.azcentral.com/story/news/politics/border-issues/2025/05/09/us-officials-warn-migrants-not-to-cross-border-illegally/83522227007/.

[22] Robinson, M. (2024, May 31). Migrant Encounters at US-Canada Border Rise More Than 1,000% in 3 Years. Newsweek. Retrieved from https://www.newsweek.com/us-migrant-crisis-encounters-rise-over-1000-percent-northern-border-three-years-1906786?.

[23] Chapman, C. (2024, August 19). Northern border communities see a dramatic increase in unauthorized migrant crossings. KCSM. Retrieved from https://www.kcsm.org/npr-news/2024-08-19/northern-border-communities-see-a-dramatic-increase-in-unauthorized-migrant-crossings.

[24] CBP. (12 May 2025). Nationwide Encounters. CBP. Retrieved from https://www.cbp.gov/newsroom/stats/nationwide-encounters.

[25] Warwick, T. (2021, September 13). State of DHS: 20 Years After 9/11, Which Way Forward?. HS Today. Retrieved from https://www.hstoday.us/featured/state-of-dhs-20-years-after-9-11-which-way-forward/.

[26] Jingnan. H. (2024, August 09) What drove last year’s surge in Chinese migrants at the southern border?. NPR. Retrieved from https://www.npr.org/2024/08/07/nx-s1-5032835/chinese-migrants-southern-border.

Introduction

The U.S. Navy faces critical backlogs in the production, repair, and maintenance of warships because of issues facing the nation’s shipbuilding industry, which impact readiness and increase risk. At the same time, China is expanding its shipbuilding capacity by increasing the number of shipyards and making them dual use for commercial and military production. The result is a People’s Liberation Army Navy (PLAN) that is numerically superior to the U.S. Navy and is catching up in terms of technology and capability. Should tensions across INDOPACOM become a kinetic conflict, China’s shipyard model will provide significant advantages in the repair of damaged warships.

Comparison of U.S. and Chinese Naval Shipyard Infrastructure and Capacity.

Issues that hinder the U.S. Navy’s production, repair, and maintenance of warships are varied. They stem from a limited number of shipyards and contractors, each specializing in specific vessel classes. Some issues include limited competition and redundancy, inconsistent defense budgets and shifting U.S. Navy requirements, supply chain issues (including rising material costs due to inflation), lack of skilled labor force to meet production requirements and increasing costs of labor, reliance on raw materials and components from overseas, and lack of coordination among stakeholders.^[1],[2],[3]

The result of limited contractors and shipyards affect nearly every class of U.S. Navy warship. The Block-IV Virginia Class attack submarine and Constellation Class guided missile frigate programs are approximately three (3) years behind schedule. The USS Enterprise, the Navy’s next Ford Class Aircraft Carrier, is between 18 to 26 months behind schedule. The first Columbia Class ballistic missile submarine is between 12 to 16 months behind the planned delivery date. Reports indicate that 40% of the 49 available U.S. Navy submarines were waiting shipyard level maintenance in 2023 due to lack of capacity. Such examples will only increase as the fleet continues to age.^[1],[2],[3]

Chief of Naval Operations Admiral Lisa Franchetti stated that the U.S. Navy needs to be ready for the possibility of war with China by 2027, just two (2) years from now. There is no quick solution to the production, repair, and maintenance issues faced by the U.S. Navy. For the U.S. Navy to remain a credible strategic deterrent and remain prepared for peer-to-peer conflict, significant investments in shipyard capacity will be necessary. These investments include streamlining design and procurement processes, attracting and training a skilled workforce, ending reliance on overseas supply chains, and building new shipyards.^[1],[2],[3]

Reports indicate that China has the largest Navy in the world and now has 370 ships and submarines operational in its Navy, which is up from the 340 ships estimated in 2022. While the U.S. Navy has plans to keep the fleet consistently greater than 300 ships, they have averaged 10 ships lower than procurement plans since 2017. Since 2003, the Navy has also sustained less than 300 warships. During this same time period, China has increased fleet capacity by 150 ships. China’s rapid naval growth is largely the result of extensive civil-military cooperation. Over the last few decades, China invested in shipbuilding infrastructure, becoming the number one shipbuilding nation in the world. Unlike U.S. shipyards, Chinese shipyards are dual use, producing both civilian and military vessels. China’s political and economic systems avoid the political budgetary infighting often associated with U.S. defense budgets. This allows China to plan the development and construction of new warships with little to no disruptions in the process. China’s Belt and Road Initiative (BRI) set conditions for China to better secure its supply chains including rare earth minerals necessary for advanced technological systems onboard modern warships. The result is a numerically superior Chinese Navy that is rapidly catching up to the U.S. Navy in advanced technology.^[4],[5]

In July 2024, the National Defense Authorization Act (NDAA) amendment requested funding for the purpose of private and public shipyard investments. This funding is essential to maintaining the fleet and continuing with research and development efforts. The authorization bill, which includes the amendment, created a course of action for Congress and was signed into law in December 2024. Lawmakers have also worked to pass language to be used in legislation to surge production of amphibious ships. These actions work to continue production, along with keeping workers and factories active. As China expands its naval capacity, the U.S. must continue to pass legislation in order to be prepared in the upcoming years.^[4],[5]

Lack of Skilled Labor Available to Support U.S. Naval Shipyards’ Needs

In order to increase American ship production, the Navy has looked toward reactivating idled facilities. However, a skilled labor force is needed. In order for a shipyard to succeed, human capital is essential, and adequate preparations must be considered. Modern shipyards do not offer a guarantee of work after current needs are met and force workers to find other employment once their work is over. This cycle fails to facilitate expansion efforts and impacts the overall U.S. shipbuilding industry.^[3]

Considering the rapid growth of Chinese naval power and tensions over Taiwan, recent findings of substandard construction practices at the U.S. Navy’s largest shipyard are concerning. U.S. shipbuilding, which is segregated into civilian and military shipyards, does not have the capacity to compete with the number of Chinese shipyards that all serve a dual civilian-military use. Many U.S. Navy shipbuilding and maintenance programs are behind schedule because of supply chain issues and a lack of skilled labor since the COVID-19 pandemic. Quality control issues can lead to long-term maintenance issues and maritime mishaps, which only exacerbate the backlog in the U.S. Navy’s shipyards and diminish its readiness and credible deterrence to hostile nations.^[6],[7],[8]

For example, the U.S. Navy and Department of Justice (DOJ) are investigating faulty welds onboard Virginia and Columbia class submarines, as well as Ford class aircraft carriers reported by the Newport News Shipyard. The House Armed Services Committee is conducting a separate investigation. While most of the substandard welds were identified on vessels under construction in the shipyard, a small number of in-service Virginia class submarines are also affected.^[6],[7],[8]

Newport News Shipyard is owned by Huntington Ingalls Industries (HII), the largest U.S. Navy shipbuilding contractor. Quality assurance teams at the shipyard identified issues with welds that developed into a larger investigation, which found the same issues across multiple vessels. The initial investigation conducted by HII revealed that welders knowingly violated procedural standards, which prompted the company to notify the U.S. Navy and the DOJ. The investigation did not find evidence of malice.^[6],[7],[8]

This is not the first issue with welding quality assurance at Newport News Shipyard. The Navy concluded that welders used the wrong filler material in non-nuclear pipping on Virginia class submarines in 2007. A shipyard inspector admitted to falsifying inspection reports in 2009, resulting in nine (9) submarines and four (4) aircraft carriers requiring reinspection by the Navy, which took years to complete.^[6],[7],[8]

The lack of skilled labor at shipyards is attributed to various factors including a lack of access to training, undesirable working conditions, negative associations with the shipyard industry, reliance on private shipyards, COVID-19 impacts, and competition with other skilled trades. These factors all have an impact on each other and the lack of skilled shipyard labor as a whole. Moving forward, mitigations must be implemented including indirect actions, direct actions, and future research.^[9]

Direct actions to address this issue include recruitment and training initiatives. Indirect actions include premium pay and industrial work mitigations. Future research should focus on the topics of business case analysis on the shipyard workforce, sustaining the shipyard industry, and business case analysis on private versus public shipyards. With the closure of public shipyards, the need for private employment increased. This privatized employment, while in a higher demand, is a less stable career option. With the closures, the number of federal employees decreased. More research is needed to explore the reliance on a contract workforce by the U.S. Navy and impacts of public shipyard closures. If these issues are addressed effectively, on-time naval asset delivery delays will be reduced, and national security measures will be supported.^[9]

Supply Chain Issues Negatively Effecting U.S. Naval Shipyard Capacity

Since the COVID-19 pandemic, global supply chains have experienced severe disruptions due to lockdowns, border closures, and transportation restrictions. These interruptions have delayed the delivery of essential materials and components required for shipbuilding leading to significant setbacks in naval shipyard operations. The pandemic also caused a surge in demand for goods like electronics and household items, diverting resources away from other industries and increasing the strain of supply shortages. These challenges have collectively strained the shipbuilding industry, making it difficult to maintain production schedules and meet project deadlines.^[10],[11]

The U.S. reliance on foreign sources for intermediate inputs and critical minerals has further exposed vulnerabilities within its supply chains. Countries such as China, Canada, and Mexico are major suppliers of these essential materials. Disruptions in these regions whether due to geopolitical tensions or trade disputes can significantly impact U.S. production capabilities. The dependence on foreign sources for critical minerals such as rare earth elements and industrial diamonds has been a particular concern as these materials are crucial for advanced manufacturing processes. The ongoing geopolitical landscape has heightened these risks, making it imperative for the U.S. to seek alternative and more resilient supply chains.^{[12],[13],[14]}

Rising costs due to inflation have compounded the challenges faced by U.S. naval shipyards. High inflation rates driven by increased demand, supply chain disruptions, and rising energy costs have resulted in higher prices for raw materials and components needed for shipbuilding. Transportation costs have also surged due to higher fuel prices and logistical challenges, which further increase the overall cost of production for shipyards. Additionally, rising energy costs have impacted manufacturing and transportation expenses. These issues have led to delays in shipbuilding projects and increased operational costs. To address these challenges the Navy is working on stabilizing demand, investing in workforce development, and implementing multiyear procurement contracts to ensure more predictable workloads for shipbuilders. These measures aim to enhance the resilience of naval shipyards and ensure the timely completion of critical projects.^{[13],[14],[15]}

Inconsistent U.S. Defense Budgets and Shifting U.S. Navy Requirements

The U.S. defense budgetary process, particularly the practice of continuing resolutions (CRs), creates significant challenges for defense contracts and project completion. CRs are stopgap measures that fund government operations at the previous fiscal year’s levels when a new budget hasn’t been approved leading to funding constraints and delays in initiating or continuing projects. This is particularly problematic for the Navy which needs to rapidly integrate new technologies to stay ahead of advancing Chinese naval capabilities. The uncertainty and instability caused by CRs make it difficult for defense contractors to plan and execute projects efficiently resulting in increased costs and project delays. According to the U.S. Government Accountability Office (GAO), the Department of Defense often postpones contracts and nonessential training early in the fiscal year during CRs, which leads to lost time and increased costs. These inefficiencies result in the hinderance of the Navy’s ability to modernize its fleet with the latest technologies.^[16],[17]

Inflation increases these issues by driving up the cost of skilled labor. As the cost of living rises, workers demand higher wages to maintain their standard of living, which puts pressure on employers to offer competitive wages and benefits. This is particularly challenging for the defense industry which faces labor shortages and high demand for skilled workers with specialized expertise. Additionally, inflation affects the costs of health benefits, training, development, equipment, and supplies, further increasing the overall expenses of defense projects. These rising costs add to the difficulty of completing contracts on time and within budget. The combination of budgetary instability and rising labor costs creates a challenging environment for the Navy to keep pace with technological advancements and maintain its competitive edge against rapidly advancing Chinese naval capabilities.^[18],[19]

Results of U.S. Naval Shipyard Difficulties

Should the U.S. become involved in its first major naval conflict since World War II, production and repair capacity likely will not meet requirements. For perspective, the U.S. Navy increased the number of ships eight-fold to 6,768 ships between the attack on Pearl Harbor and the end of WWII, all while repairing battle damaged vessels. The U.S. shipbuilding system is not prepared for such an increase, should a kinetic conflict occur.^[1],[2],[3]

The challenges faced by U.S. naval shipyards have resulted in significant delays and cost overruns in shipbuilding programs. The construction of new guided-missile frigates at Marinette Marine, for example, has been delayed with the first frigate now scheduled for delivery in 2029, three (3) years later than planned. Similarly, the Columbia-class submarine program and the Virginia-class attack submarine program are experiencing delays and cost overruns. These setbacks, combined with an increase in vessels awaiting repairs and routine maintenance, have strained the Navy’s overall readiness as ships are not available for deployment when needed. Notable examples include the USS Boxer (LHD-4) and the USS James E. Williams (DDG-95) both of which are currently undergoing maintenance at General Dynamics NASSCO-Norfolk.^{[19],[20],[21],[22]}

These delays and backlogs hinder the Navy’s ability to deter threats particularly from China’s rapidly advancing naval capabilities. China’s shipbuilding industry has outpaced the U.S. producing ships at a much faster rate. The U.S. Navy’s reduced readiness compounded by issues such as maintenance delays for the San Antonio-class amphibious transport docks and the Arleigh Burke-class destroyers means it may struggle to respond effectively to potential conflicts or threats in critical regions such as the Indo-Pacific. This situation underscores the urgent need for stable funding, efficient shipyard operations, and a skilled workforce to maintain a competitive edge and ensure national security.^{[20],[21],[22],[23],[24]}

The combination of budgetary instability as highlighted by the reliance on continuing resolutions and rising labor costs due to inflation further increases these challenges. Skilled labor shortages and increased costs of living, health benefits, training, development, equipment, and supplies make it more difficult to complete contracts on time and within budget. The Navy’s ability to rapidly integrate new technologies is also hindered affecting its overall readiness and ability to deter emerging threats. Addressing these vulnerabilities is crucial to safeguarding national security and maintaining the U.S. Navy’s ability to project power and maintain international stability.^{[14],[16],[22],[23],[24]}

[1] Panella, C. (2024, November 17). Weak shipbuilding could be the US Navy’s Achilles’ heel in a war with China. Business Insider. Retrieved from https://www.businessinsider.com/us-shipbuilding-problems-could-be-navys-achilles-heel-china-war-2024-11.

[2] Kim, J. (2024, September). The Case for a Fifth Naval Shipyard. U.S. Naval Institute. Retrieved from https://www.usni.org/magazines/proceedings/2024/september/case-fifth-naval-shipyard.

[3] Pitrof, T. (2024, September). The Shipyard Shortage Is a People Problem. U.S. Naval Institute. Retrieved from https://www.usni.org/magazines/proceedings/2024/september/shipyard-shortage-people-problem.

[4] Reuters. (2024, December 18). What is most significant in the Pentagon’s China military report?. Reuters. Retrieved from https://www.reuters.com/world/what-is-most-significant-pentagons-china-military-report-2023-10-21/.

[5] Roaten, M. (2023, January 26). ANALYSIS: Shipyard Capacity, China’s Naval Buildup Worries U.S. Military Leaders. National Defense Magazine. Retrieved from https://www.nationaldefensemagazine.org/articles/2023/1/26/analysis-shipyard-capacity-chinas-naval-buildup-worries-us-military-leaders.

[6] Lagrone, S. (2024, September 26). DoJ Notifies of Suspected Faulty Welds on Subs, Aircraft Carriers at Newport News Shipbuilding. U.S. Naval Institute. Retrieved from https://news.usni.org/2024/09/26/doj-notified-of-suspected-intentionally-faulty-welds-on-subs-aircraft-carriers-at-newport-news-shipbuilding.

[7] Lagrone, S. (2024, September 27). Lawmakers to Investigate Faulty Sub, Carrier Welding at Newport News Shipbuilding. U.S. Naval Institute. Retrieved from https://news.usni.org/2024/09/27/lawmakers-announce-investigation-into-faulty-submarine-carrier-welding-at-newport-news-shipbuilding-ships-affected-in-low-single-digits-officials-say.

[8] Ziezulewicz, G. (2024, September 27). Lawmakers demand answers over reports of faulty Navy ship welding. Navy Times. Retrieved from https://www.navytimes.com/news/your-navy/2024/09/27/lawmakers-demand-answers-over-reports-of-faulty-navy-ship-welding/.

[9] Cirone, A., Glaeser, N., Kadlec, C. (2023, March). Root Cause Analysis Of Labor Shortages In The Skilled Trades Supporting Navy Shipyard Maintenance And Modernization. Calhoun: The NPS Institutional Archive DSpace Repository. Retrieved from https://calhoun.nps.edu/server/api/core/bitstreams/9ca7083c-b6b5-46ba-a78f-19f3ec4c534b/content.

[10] Marine Insight. (2024, April 4). US Navy’s Biggest Shipbuilding Projects Delayed Due to Labour Shortages & Disrupted Supply Chains. MI Network. Retrieved from https://www.marineinsight.com/shipping-news/us-navys-biggest-shipbuilding-projects-delayed-due-to-labour-shortages-disrupted-supply-chains/

[11] Construction Week. (2022, December 20). Raw Materials Cost: Inflation From a Supply Chain Perspective. Retrieved from https://www.constructionweekonline.com/business/raw-material-costs-inflation-from-a-supply-chain-perspective.

[12] U.S. Geological Survey. (2017, April 12). Risk and Reliance: The U.S. Economy and Mineral Resources. USGS. Retrieved from https://www.usgs.gov/news/featured-story/risk-and-reliance-us-economy-and-mineral-resources

[13] Santacreu, A. (2021, May 13). Investigating the U.S. Reliance on Foreign Suppliers. Federal Reserve Bank of St. Louis. Retrieved from https://www.stlouisfed.org/on-the-economy/2021/may/investigating-us-reliance-foreign-suppliers

[14] Ricadela, A. (2023, December 8). Supply Chain and Inflation: Issues and Impacts. Oracle. Retrieved from https://www.oracle.com/scm/supply-chain-inflation/

[15] Luckenbaugh, J. (2025, January 16). SNA News: Navy Trying to Stabilize Shipbuilding Demand Signal. National Defense Magazine. Retrieved from https://www.nationaldefensemagazine.org/articles/2025/1/16/sna-news-navy-trying-to-stabilize-shipbuilding-demand-signal

[16] Young, S. and Gilmore M. (2019). Operating Under a Continuing Resolution: A Limited Assessment of Effects on Defense Procurement Contract Awards. Rand Corporation. Retrieved from https://apps.dtic.mil/sti/trecms/pdf/AD1086181.pdf

[17] U.S. Government Accountability Office. (2021, September 13). Defense Budget: DOD Has Adopted Practices to Manage Within the Constraints of Continuing Resolutions. GAO. Retrieved from https://www.gao.gov/products/gao-21-541.

[18] Industry Insights. (2025, January 5). Inflations Impact on Retaining Skilled Workers in Construction. Retrieved from https://ironcloudcreative.com/blog/inflations-impact-on-retaining-skilled-workers-in-construction/

[19] Marine Insight. (2024, August 12). U.S. Navy Faces Worst Shipbuilding Struggles in 25 Years Due to Labor Shortages and Rising Cost. MI News Network. Retrieved from https://www.marineinsight.com/shipping-news/u-s-navy-faces-worst-shipbuilding-struggles-in-25-years-due-to-labor-shortages-rising-costs/

[20] Grady, J. (2024, May 7). GAO Tells Senate Panel U.S. Shipyards Are Major Readiness Concern. U.S. Naval Institute. Retrieved from https://news.usni.org/2024/05/07/gao-tells-senate-panel-u-s-shipyards-are-major-readiness-concern

[21] Luckenbaugh, J. (2024, October 2). Navy Investing in Industrial Base to Fix Sub Schedule, Cost Overruns. National Defense Magazine. Retrieved from https://www.nationaldefensemagazine.org/articles/2024/10/2/navy-investing-in-industrial-base-to-fix-sub-programs-cost-schedule-challenges

[22] Eckstein, M. (2024, April 2). U.S. Navy Ship Program Faces Years-Long Delays amid Labor, Supply Woes. Defense News. Retrieved from https://www.defensenews.com/naval/2024/04/02/us-navy-ship-programs-face-years-long-delays-amid-labor-supply-woes/

[23] DredgeWire. (2024, November 20). Weak Shipbuilding could be the U.S. Navy’s Achilles’ Heel in a War with China. Retrieved from https://dredgewire.com/weak-shipbuilding-could-be-the-us-navys-achilles-heel-in-a-war-with-china/

[24] Slayton, N. (2023, February 5). The Navy’s Maintenance Troubles are Getting Worse. Task and Purpose. Retrieved from https://taskandpurpose.com/news/navys-maintenance-troubles-gao-report/

Introduction

The alliance between the countries of Brazil, Russia, India, China, and South Africa (BRICS) has transitioned from one of economic cooperation to a geopolitical force that challenges Western dominance. Initially formed to facilitate collaboration among emerging markets, BRICS has gradually expanded its scope into political and security discussions. While not a formal military or intelligence alliance, cooperative efforts among member states suggest an evolving strategic framework. This white paper will examine BRICS’s military potential, economic advantages, intelligence collection concerns, and potential geopolitical implications for Western security.^[1],[2],[3]

The G7 versus BRICS

The G7 and BRICS represent two (2) distinct economic and political blocs with contrasting approaches to global governance. The G7 comprises advanced industrial nations and prioritizes financial stability, market-driven policies, and institutional frameworks that shape the global economy. Its influence extends across international financial institutions, trade agreements, and security alliances. Conversely, BRICS is primarily comprised of emerging economies. BRICS provides an alternative to the Western-led financial order while emphasizing economic cooperation among developing nations. The bloc seeks to challenge the dominance of Western financial institutions by promoting multipolarity in global decision-making and advocates for reforms in international governance structures.^[4],[5],[6]

The advantages of the G7 lie in its established financial institutions, technological advancements, and ability to maintain stability in global markets. Economies like the United States, Japan, and Germany lead technological innovation and trade policies, keeping the G7 dominant in shaping international regulations. However, its shortcomings include limited representation of emerging markets and a perceived Western-centric approach to global economics. BRICS offers benefits in economic inclusivity by granting developing nations a stronger voice in global affairs. Its initiatives, such as the New Development Bank (NDB), provide alternative funding mechanisms that reduce reliance on Western financial institutions.^[4],[5]

The geopolitical impact of both blocs remains a critical point of contention. The G7’s strong military alliances and security partnerships allow the group to exert influence on global conflicts, yet it faces challenges in maintaining diplomatic credibility among non-Western nations. BRICS, while advocating for a multipolar world order, risks deepening ideological divides between emerging and developed economies. As BRICS continues to expand its political and economic influence, its success will depend on its ability to foster mutually beneficial collaboration among its members while addressing internal disparities. Similarly, the G7 will likely adapt to global economic shifts and ensure its influence remains relevant amid rising competition from emerging economies. The interaction between these two (2) blocs will continue to shape international policy, economic stability, and geopolitical alliances.^[4],[5],[6]

Economic and Political Influence

The BRICS alliance presents significant economic advantages by offering an alternative platform for emerging economies to shape global financial policies. Unlike the G7, which consists of advanced industrial nations, BRICS represents a diverse mix of rapidly growing markets. Collectively, BRICS markets contribute substantially to Global Domestic Product (GDP), with their trade accounting for over 25% of global GDP and approximately 40% of the world’s population. Through initiatives like the NDB and South-South Trade, BRICS nations finance infrastructure projects without the restrictive conditions imposed by Western financial institutions. BRICS countries are also advocating for the de-dollarization in international trade, opting instead for local currencies and alternative financial mechanisms that could reshape the global economic order and reduce vulnerabilities associated with Western monetary policies.^[7]

Figure 1 – How BRICS compares to the G7 GDP^[5]

Figure 2 – How BRICS Countries Compare in Population and Economy; 2023^[2]

Aside from economic collaboration, BRICS has evolved into a powerful political force that challenges Western-dominated institutions and advocates for a multipolar global governance model. The alliance allows its member nations with opportunities to negotiate economic and political strategies independently from Western financial organizations such as the International Monetary Fund (IMF) and The World Bank. BRICS reduces the dependency on Western economies by emphasizing cooperation among its emerging markets and fostering financial self-sufficiency, while strengthening regional development efforts.^[2],[8]

Politically, BRICS enhances the influence of its members by fostering diplomatic initiatives that challenge Western-centric policies. Its expansion efforts allow developing nations to assert their interests in international affairs and ensure that their perspectives are considered in global decision-making forums. As opposed to the G7, which often reflects the priorities of established Western economies, BRICS advocates for governance reforms that address the concerns of emerging markets. By promoting trade, security, and environmental policy cooperation, the bloc empowers underrepresented nations and enables them to counter unilateral policies imposed by dominant global powers.^[5],[8]

Despite its advantages, BRICS faces internal challenges that complicate its effectiveness as a unified bloc. Coordinated policymaking is challenging because member nations have stly different economic models, political systems, and strategic interests. China’s economic dominance within the group creates imbalances that affect decision-making policies and resource allocation while Russia’s geopolitical stance often complicates diplomatic efforts. Additionally, the absence of a formal governance mechanism limits BRICS’ ability to function as a cohesive political entity, restricting its ability to implement significant global policies effectively.^[9]

As BRICS expands its reach, it also presents risks associated with global instability. The alliance’s efforts to de-dollarize trade and finance could disrupt financial markets and affect international currency stability and trade flows. Its deepening relationship with authoritarian regimes raises concerns about potential tensions with democratic nations and security frameworks. Furthermore, BRICS’s growing influence introduces ideological divisions that could increase political polarization and make global cooperation more challenging.^[1],[7]

The most significant concern regarding BRICS’s economic and political influence is the potential to create a fragmented world order. If BRICS successfully develops parallel institutions rivaling existing Western-led organizations, global governance could become divided, increasing economic uncertainty and geopolitical competition. Its engagement with nations facing Western sanctions, such as Russia and China, further exacerbates international tensions and could potentially provoke countermeasures from established global powers. As BRICS continues to grow, its future will depend on whether it fosters cooperation or deepens ideological divides between emerging and established nations.^[1],[9],[10]

The Foreign Nation-State Military Prospect of BRICS

The military prospects of BRICS as a foreign nation-state alliance remain complex. The bloc is not a formal military coalition, but increased defense cooperation among member countries is well documented. Russia and China, two (2) of the most militarily advanced nations within BRICS, have increased joint military exercises and defense technology exchanges, which have signaled a potential shift toward deeper security collaboration. India has engaged in defense dialogues with its BRICS partners while maintaining their strategic autonomy and balancing its relationships with their Western allies. The expansion of BRICS by including Iran and the United Arab Emirates (UAE), further raises questions about its future military posture and its countering of Western influence in global security affairs. While BRICS does not currently function as a unified military alliance, its growing defense partnerships and geopolitical positioning suggest it could evolve into a more structured security bloc, challenging traditional Western-led military frameworks such as the North Atlantic Treaty Organization (NATO).^[1],[4],[11]

The Shanghai Cooperation Organization (SCO) is a vital geopolitical and security framework for Eurasia that enhances military coordination among its key members, such as Russia, China, and India. Established in 2001, the organization has gradually expanded its mission beyond economic and political collaboration to encompass defense-related efforts. Joint military drills, labeled as “Peace Mission exercises,” enable real-time coordination in counterterrorism operations, intelligence-sharing, and strategic defense planning. Russia and China are the primary military powers within the bloc and frequently conduct cyber defense exercises, simulated warfare scenarios, and advanced weapons development programs to strengthen their strategic alignment. While India actively participates in SCO-led defense initiatives, ongoing tensions, like its border disputes with China, have complicated deeper military cooperation. Despite these complexities, India continues to utilize the SCO as a platform for security discussions while maintaining its autonomous stance.^[12]

Although SCO encourages defense interoperability, its ability to function as a cohesive military alliance is strained by diplomatic sensitivities and conflicting national interests. Russia and China advocate for greater security integration, while India remains cautious in balancing its partnerships with both Western allies and SCO member states. The Regional Anti-Terrorist Structure (RATS) is a critical intelligence-sharing mechanism that strengthens surveillance, cybersecurity, and counterterrorism operation efforts. However, imbalances in military procurement, defense policies, and geopolitical strategies limit the bloc’s ability to operate as a unified defense entity similar to NATO. Adding to the complexities, including new members such as Iran, introduces further issues in aligning security interests. Despite these obstacles, the SCO remains an influential force in regional military cooperation that reinforces Eurasian security strategies and serves as a potential counter to Western-led defense alliances.^[12]

Figure 3 – Shanghai Cooperation Organization Members and Dialogue Partners; 2023^[12]

Mosi II, a joint exercise designed to strengthen naval cooperation and interoperability, took place in February 2023. Russia, China, and South Africa conducted joint maritime drills along the Indian Ocean coast near Durban and Richards Bay, South Africa. The exercise focused on disaster management, anti-piracy maneuvers, and air defense operations. The Russian Navy deployed the Admiral Gorshkov, a Project 22350-class guided missile frigate equipped with Zircon hypersonic cruise missiles designed for multirole operations equipped with advanced stealth technology, other long-range strike capabilities, and antisubmarine warfare systems, alongside a tanker ship. China contributed a destroyer, a frigate, and a support ship, while South Africa fielded a frigate and two (2) auxiliary vessels. The drills marked the second such exercise following November 2019’s Cape Town-based operation, signaling closer defense ties between the three (3) nations.^[13],[14]

The exercise drew political controversy, particularly within South Africa. Opposition groups criticized the participation alongside Russia, accusing the ruling African National Congress (ANC) of favoring Moscow despite claims of neutrality. The timing of the drills coincided with the anniversary of Russia’s invasion of Ukraine, raising diplomatic concerns. South Africa’s Defense Ministry defended its involvement emphasizing the military benefits of joint security cooperation and maritime knowledge exchange. Viewed by some as a counterbalance to Western-led maritime alliances, the Mosi II exercise highlighted the growing complexity of global military partnerships amid shifting geopolitical landscapes.^[13],[14]

Another example of BRIC member joint exercises, “The Maritime Security Belt 2025,” took place in the Gulf of Oman and involved naval forces from Russia, China, and Iran, and observer nations such as South Africa, Oman, Kazakhstan, and Pakistan. The drills were designed to enhance maritime security and counterterrorism and encourage naval interoperability, marking the second joint operation following a 2018 iteration. Russian, Chinese, and Iranian warships assembled at Iran’s Chabahar Port before launching the sea phase operation, which included hypersonic missile tests, air defense drills, and simulated hijacking scenarios. Russia deployed frigates and corvettes, including the Admiral Gorshkov, armed with Zircon hypersonic cruise missiles. China contributed destroyers and frigates from its Naval Escort Task Force, and Iran mobilized multiple vessels from both its Navy and Islamic Revolutionary Guard Corps Navy (IRGCN). The exercise also focused on joint operations in shipboard security, countering unmanned aerial and surface threats, and coordinating multinational naval maneuvers. The exercise showcased a deepening military coordination between Russia, China, and Iran, raising concerns about evolving strategic alignments in Eurasian and Indo-Pacific security affairs.^[15]

BRICS as a Foreign Intelligence Entity Against the U.S. and G7

From an intelligence perspective, BRICS members have demonstrated cyber capabilities, counter-surveillance strategies, and data-sharing agreements that could impact Western intelligence operations. China and Russia are known for their advanced cyber espionage programs and have collaborated on AI-driven intelligence gathering, satellite surveillance, and electronic warfare technologies. Additionally, BRICS’s push for de-dollarization and alternative financial mechanisms could limit Western intelligence agencies’ ability to track financial transactions, reducing transparency in global economic monitoring. BRICS does not function as a formal intelligence entity, but its strategic partnerships, military collaborations, and cybersecurity initiatives suggest a growing intelligence network that could challenge the dominance of U.S. and G7 intelligence frameworks.^[16],[17]

BRICS nations like China and Russia have developed advanced cyber and intelligence capabilities and frequently engage in operations targeting Western governments and corporations. These activities range from cyber espionage, data theft, and disinformation campaigns to AI-driven intelligence gathering and electronic warfare. China has invested heavily in satellite surveillance, cyberwarfare units, and AI-powered intelligence systems, while Russia has refined its hacking operations, cyber sabotage techniques, and influence campaigns. Both nations have collaborated on cybersecurity frameworks and actively share tradecraft and intelligence methodologies to counter Western surveillance and digital dominance. The Digital Silk Road initiative spearheaded by China aims to establish secure digital infrastructure across BRICS nations and reduce reliance on Western technology while enhancing data sovereignty and cyber resilience. Russia continues to leverage its military intelligence units, such as the GRU, to conduct covert cyber operations, often targeting NATO and Western financial institutions.^{[17],[18],[19]}

The intelligence node between China and Russia has evolved into a strategic partnership with both nations exchanging cyberwarfare techniques, surveillance technologies, and counterintelligence strategies. Russia’s GRU and SVR intelligence agencies have collaborated with China’s Strategic Support Force, focusing on military-technical espionage and cyber-enabled influence operations. Additionally, the Foreign Policy Research Institute has highlighted how China and Russia strategically employ information operations to undermine Western alliances like NATO by using disinformation campaigns and online propaganda.^{[17],[18],[19]}

Additionally, BRICS members Russia and China have been actively working to establish a financial system independent of Western control or scrutiny while also aiming to reduce reliance on the U.S. dollar and circumvent economic restrictions imposed by Western institutions. One (1) of the key initiatives in this effort is the development of digital currencies like Russia’s digital ruble and China’s digital yuan. Both are designed to facilitate cross-border transactions without using Western financial networks like The Society for Worldwide Interbank Financial Telecommunications (SWIFT). The introduction of BRICS Pay, a decentralized payment system, further strengthens the bloc’s ability to conduct international trade using national currencies and digital assets, effectively bypassing Western financial oversight. These efforts directly challenge U.S. economic influence as they undermine the dollar’s role as the global reserve currency and limit the effectiveness of economic sanctions as a political tool.^{[20],[21],[22]}

BRICS’s financial strategies raise concerns about sanctions evasion, economic disruptions, and the potential for alternative financial networks that operate outside Western or G7 regulatory frameworks. The digital ruble is positioned as a tool to help Russian businesses continue international transactions despite sanctions and to offer a stable alternative to traditional banking systems. Additionally, BRICS nations are exploring blockchain-based financial tools that could enhance transaction security and anonymity, making it more difficult for Western intelligence agencies to track financial transactions and trends. As BRICS asserts its financial independence, American and G7 intelligence efforts will likely focus on monitoring these developments and assessing their impact on global financial stability.^{[20],[21],[22]}

BRICS has strategically expanded its global influence networks by strengthening diplomatic and economic ties with Saudi Arabia, Iran, and African states, positioning itself as the opposition to American and G7 geopolitical strategies. The bloc’s recent expansion welcomed Saudi Arabia, Iran, Egypt, Ethiopia, and the UAE. This expansion reflects a broader effort to consolidate influence across the Middle East and Africa. China and Russia actively engage in intelligence-sharing agreements, military collaborations, and economic partnerships with these nations, further developing the multipolar world order. Saudi Arabia’s addition to BRICS is another step towards shifting away from the exclusive reliance on U.S.-led financial and security frameworks, while Iran’s participation strengthens alternative trade and defense networks. BRICS nations have also leveraged African partnerships to secure critical resources, infrastructure investments, and intelligence cooperation, reinforcing their ability to challenge Western dominance in global governance. BRICS’s expanding diplomatic reach enables it to gather intelligence effectively and influence regional security policies to counter Western intelligence efforts. BRICS’s engagement with the Middle Eastern and African nations strengthens its ability to shape regional security frameworks, particularly in energy, counterterrorism, and defense technology transfers. As BRICS expands its footprint, its intelligence networks will likely evolve into a more structured framework that will challenge traditional Western intelligence dominance^.[23],[24]

Conclusion

The economic rivalry between BRICS and the G7 continues to shape global financial dynamics. Both blocs are vying for influence over international trade and monetary policies. As of 2024, the BRICS nations collectively account for approximately $30.7 trillion in GDP, representing 29% of the global economic output, while the G7 maintains a position of $45.9 trillion, or 43% of global GDP. However, the projected growth rate for BRICS far exceeds those of the G7, with India and China accounting for most expansion efforts, potentially narrowing the economic gap by 2050. BRICS’s push for de-dollarization, alternative financial systems, and digital currencies threatens the G7’s control over global financial transactions and reduces Western oversight of international trade. The bloc’s increasing resource independence via adding Saudi Arabia, Iran, and the UAE strengthens its ability to challenge Western economic dominance in energy markets and commodity trade. As of now, BRICS lacks any formal form of a military alliance like NATO. For BRICS to become a structured military alliance like NATO, it must establish a formal security framework. This framework could include collective defense commitments, centralized command structures, and standardized military doctrines among its member states. The alliance would also need to expand bilateral military collaborations into multilateral training exercises, create a joint defense council, and integrate cyber warfare and intelligence-sharing mechanisms. However, such a transformation would pose a significant security risk for the G7 as Russia and China would most likely dominate a BRICS-led security pact. This could challenge Western geopolitical influence, disrupt surveillance operations, and expand arms development beyond NATO oversight. Additionally, BRICS’s economic independence being driven by the de-dollarization and alternative financial networks would reduce the Western leverage in global financial monitoring, making economic sanctions less effective. If BRICS successfully establishes a structured defense alliance, it could intensify the strategic competition with the G7 and increase political fragmentation.

[1] Patrick, S., Hogan E. et al. (2025, March 31). BRICS Expansion and the Future of World Order: Perspectives from Member States, Partners, and Aspirants. Carnegie Endowment For International Peace. Retrieved from https://carnegieendowment.org/research/2025/03/brics-expansion-and-the-future-of-world-order-perspectives-from-member-states-partners-and-aspirants?lang=en

[2] Ferragamo, M. (2024, December 12). What is the BRICS Group and why is it expanding? Council on Foreign Relations. Retrieved from https://www.cfr.org/backgrounder/what-brics-group-and-why-it-expanding

[3] Garcia, Ana. (n.d.) Three Perspectives of BRICS Analysis. The American University in Cairo. Retrieved from https://bricspolicycenter.org/wp-content/uploads/2024/08/BRICS-Analysis-compactado.pdf

[4] Adebisi, A. (2023, August 11). BRICS vs G7: Head-to-Head Comparison and Statistics. Investing Strategy. Retrieved from https://investingstrategy.co.uk/financial-news/brics-vs-g7-head-to-head-comparison-and-statistics/

[5] Rao, P. (2025, January 15). Charted: How BRICS Stacks Up Against the G7 Economies. Visual Capitalist. Retrieved from https://www.visualcapitalist.com/charted-how-brics-stacks-up-against-the-g7-economies/

[6] Conte, N. (2023, October 23). Charted: Comparing the GDP of BRICS and the G7 Countries. Visual Capitalist. Retrieved from https://www.visualcapitalist.com/charted-comparing-the-gdp-of-brics-and-the-g7-countries/

[7] World Reporter. (2025, April 14). How BRICS Nations Are Reshaping Global Trade Patterns and Reducing Dollar Dependence. World Reporter. Retrieved from https://worldreporter.com/brics-nations-reshaping-global-trade-patterns/

[8] Das, U. (2024, November 05). BRICS daringly autonomous model for financial sovereignty. Official Monetary and Financial Institutions Forum. Retrieved from https://www.omfif.org/2024/11/brics-daringly-autonomous-model-for-financial-sovereignty/

[9] Cossa, R. and Marantidou, V. (2014, November 19). Cooperation among BRICS: What Implications for Global Governance. Pacific Forum CSIS. Retrieved from https://pacforum.org/wp-content/uploads/2019/02/issuesinsights_vol15no4.pdf

[10] Muna, A. (2025, January). BRICS and the Global South: Redefining Power in a Multipolar World. BIPSS. Retrieved from https://bipss.org.bd/pdf/BRICS%20and%20the%20Global%20South_Abida%20Farzana.pdf

[11] Erkol, B. (2024, February 22). Will BRICS Become The New Warsaw Pact. Foreign Analysis. Retrieved from https://foreignanalysis.com/will-brics-become-the-new-warsaw-pact/

[12] Helms, S. (2024, January). The Shanghai Cooperation Organization. Army University Press. Retrieved from https://www.armyupress.army.mil/Journals/Military-Review/English-Edition-Archives/January-February-2024/Shanghai/

[13] Chenglong, J. (2023, February 20). China, Russia, South Africa to hold 2^nd joint naval exercises. China Daily. Retrieved from https://asianews.network/china-russia-south-africa-to-hold-2nd-joint-naval-exercises/

[14] Lesedi, S. (2023, February 23). Exercise MOSI II underway in South Africa. Military Africa. Retrieved from https://www.military.africa/2023/02/exercise-mosi-ii-underway-in-south-africa/

[15] Mahadzir, D. (2025, March 12). Russia, China and Iranian Warships Drilling Together in the Gulf of Oman. USNI News. Retrieved from https://news.usni.org/2025/03/12/russia-china-and-iranian-warships-drilling-together-in-gulf-of-oman

[16] Jiang, M. and Belli, L. (2024). Digital Sovereignty in the BRICS Countries. Cambridge University Press. Retrieved from https://cyberbrics.info/wp-content/uploads/2024/06/Digital-Sovereignty-in-the-BRICS_-Structuring-Self-determination-Cybersecurity-and-Control.pdf

[17] BRICS Today. (2025, February 28). The Digital Silk Road: Cybersecurity and Tech Alliances in the BRICS Bloc. Retrieved from https://bricstoday.com/the-digital-silk-road-cybersecurity-and-tech-alliances-in-the-brics-bloc/

[18] Galeotti, M., Eftimiades, N. and Herd, G. (2021, December 14). Russia and China’s Intelligence and Information Operations Nexus: Implications for Global Strategic Competition. George C. Marshall Center for Security Studies. Retrieved from https://www.marshallcenter.org/en/publications/clock-tower-security-series/strategic-competition-seminar-series/russia-and-chinas-intelligence-and-information-operations-nexus

[19] Stradinger, J. (2024, November 5). Narrative Intelligence: Detecting Chinese and Russian Information Operations to Disrupt NATO Unity. Foreign Policy Research Institute. Retrieved from https://www.fpri.org/article/2024/11/intelligence-china-russia-information-operations-against-nato/

[20] Congressional Research Service. (2018, February 8). Digital Currencies: Sanctions Evasion Risk. Congressional Research Service. Retrieved from https://www.congress.gov/crs_external_products/IF/PDF/IF10825/IF10825.3.pdf

[21] FINCRIME CENTRAL. (n.d.). Russia’s Tools For Sanctions Evasion: The Digital Ruble and BRICS Currency Plan. Retrieved from https://fincrimecentral.com/russia-digital-ruble-brics-evade-sanctions/

[22] Ciccomascolo, G. (2025, March 27). BRICS Pushing Forward With Digital Cross-Border Payment System, Russia’s Finance Minister Confirms. CCN. Retrieved from https://www.ccn.com/news/business/brics-digital-cross-border-payment-system-russia-finance-minister/

[23] Zaccara, L. and Battaloglu, N. (n.d.). BRICS Membership: Gulf States’ Strategic Pivot in Shifting Global Dynamics. Gulf International Forum. Retrieved from https://gulfif.org/brics-membership-gulf-states-strategic-pivot-in-shifting-global-dynamics/

[24] Pillai, K. and Savio, T. (n.d.). The Latest BRICS’ Expansion, But Probably Not the Last. The International Affairs Review. Retrieved from https://www.iar-gwu.org/blog/iar-web/the-latest-brics

Introduction

The relationship between land development and military growth has an extensive history worldwide. Military land acquisition and development can create tension between community members and installation personnel. The U.S. Navy Dairy Farm Solar Proposal in Gambrills, Maryland, is a recent example. Since both agriculture and the military demand large areas of land for operations, disagreements may arise with landowners who may feel displaced and attribute their concerns to the expanding military presence.

History of Military Land Acquisition and Relationships with Communities

Located in Gambrills, Maryland, the U.S. Naval Academy Dairy Farm occupies 857 acres. Originally purchased in 1909 by the Navy, the property is now managed by Naval Support Activity (NSA) Annapolis. The land’s original purpose was as a farm to supply the Brigade of Midshipmen at the U.S. Naval Academy with dairy products. At one time the farm sustained a staff of 15 individuals, around 300 cows, and provided 700 to 1,000 gallons of milk a day. The dairy farm milked around 175 to 250 Holstein cows and raised replacement calves. As of 1997, operations halted to reduce management costs, and Anne Arundel County now leases the farm.^[1],[2],[3]

Before the land was converted into a dairy farm, the U.S. Naval Academy used public sources to obtain milk. However, in the early 1900s an outbreak of typhoid fever affected the milk supply, prompting the Naval Academy to become self-sufficient and operate their dairy farm for nearly 90 years. A Naval officer managed the dairy and closely followed industry sanitary regulations. The farm consisted of 62 buildings, including a pasteurization building, cow barns, storage buildings, silos, chemical storage, grain elevators, feeding troughs, machine sheds, and homes for farm workers. The milk was originally packaged in glass bottles and eventually changed to paperboard milk containers in the 1970s.^[3],[4]

In 1967, the issue of whether the USNA should operate its own dairy farm was brought to the attention of Congress. Local milk producers filed complaints with their representatives about the presence of government-subsidized competition. While these concerns were present, the dairy farm improved community relations by hosting events for the public, including seasonal farm events, corn mazes, schools and group tours, and the Anne Arundel 4-H Dairy Leasing Club operation. However, the Department of Defense (DoD) suggested selling the farm due to continued community opposition and budget cuts. The House Armed Services Committee denied this effort and wrote an order into the Military Authorization Act of 1968 to keep the farm operational. The farm eventually closed in the late 1900s because of economic concerns. Afterward, the Navy-owned land was leased to Anne Arundel County and was later subleased as a private farm. Since that time, the land has been leased to multiple tenants, including the Horizon Organic Farm and Maryland Sunrise Farm.^[3],[4],[5]

As in the example above, military land acquisition can significantly shape economic and social dynamics in the community. These dynamics can simultaneously present the installation and the community with opportunities and obstacles. Generated employment opportunities, the businesses drawn to the area that cater to military personnel and their families, enhanced civic engagement, and the strengthening of public safety and disaster responses may all contribute to economic and social stability. Alternatively, acquisition may include land use changes, pollution, and subsidized competition. Community land use changes can also alter urban planning efforts and local geography.^[6]

Looking forward, increased environmental sustainability initiatives could provide a strong starting point for collaboration between the military and community members. By providing other energy generation technologies, like active farming and agrivoltaics, developers can help benefit installations and the community. Installations can also integrate available cultural resources, development activities, and environmental policy management requirements. As with the Naval Dairy Farm solar revamp, the community should continue to actively participate in future projects and discussions to improve efficiency. This transformation can lead to modified land use patterns, construction of training/operations facilities, and infrastructure expansion.^[6],[7]

Another example of military land acquisition and solar farm construction occurred in Georgia at SUBASE Kings Bay. As of 2015, the Department of the Navy (DoN) and Georgia Power signed a real estate outgrant moving forward with plans for large-scale solar generation at the installation. The plan was to create a 42 MW direct current (DC) facility to bolster DoN energy security and the portfolio of Georgia Power, along with decreasing fossil fuel demand. Since opening in 2016, the solar facility has provided cost-effective renewable energy for the installation and local community. This project has successfully improved solar power in the area, bolstered community investment, and strengthened bases in Georgia.^[8],[9]

The overarching theme surrounding these projects and possible encroachment issues involves the availability of suitable and expansive land. Encroachment near military installations is not a new problem, it is often seen when installations are not able to expand due to land restrictions. Both the military and communities require land to support their needs. As shown in Figures 1 and 2, these tracts of land are often farmlands. The yellow markings in Figure 1 demonstrate that the land around the dairy farm is comprised of deciduous forest, lightly developed land, woody wetlands, and grass/pasture areas.

Figure 1 – Land Use in Gambrills, Maryland^[10]

Figure 2 – Gambrills, Maryland Land Use Breakdown^[10]

Solar Farm Revamp Proposal

As of 2024, the Navy has made the land available for lease for the planned solar facility project. The end goal of the mixed-use energy generation project is to maximize overall energy generation. The Navy has taken steps to convert the 857-acre Gambrills property into an effective solar farm that would offset the electrical demand of NSA Annapolis and work toward the overarching goal of a net-zero Naval Academy. The Navy first conducted the request for information (RFI) period in February 2024 and gathered various ideas to move forward with the project, including concepts in solar energy generation and agrivoltaics. As of 12 September 2024, NSA Annapolis completed the request for proposal phase (RFP) to meet larger DoD Carbon Free Electricity (CFE) goals. Proposals were reviewed through the end of October 2024 and the Phase Two submission process lasted through January 2025.^{[11],[12],[13]}

The Navy has begun to review the Phase Two proposals. After this review, the Navy will select an appropriate developer whose proposal has similar environmental goals. Prior to reviewing these proposals, the Navy must complete an environmental assessment in accordance with the National Environmental Policy Act. This assessment will evaluate the project’s potential impacts on natural resources. After the assessment is completed, the chosen developer will sign a lease agreement. The project may be delayed further if a suitable developer is not selected. Overall, the renewable energy source has not been identified and the projected timeline for the project is uncertain, with construction possibly years away. It is uncertain what this will mean for the current leases and businesses that occupy the property at this time.^[14]

Possibility of Continued Public Pressure

As the solar farm project has progressed, the community has expressed some pushback. Citizens, many of them farmers, believe this loss of farmland may impact the entire community. Many are not opposed to solar energy or solar panels in general, they are just skeptical of how much the project may cost and how it may intensify agricultural production loss in the county. Uncertainty over land use can also be seen in previous military examples in the area, including Greenbury Point, which is a Navy property located in Anne Arundel County that is managed by NSA Annapolis. The area serves as a natural resources conservation space that simultaneously supports the installation’s mission and is a popular recreation spot for citizens. The land has remained open to the public, while supporting the installation’s needs. The land use of both the dairy farm and Greenbury Point bring up similar logistical concerns regarding shared land between the installation and the community.^[15],[16]

With concerns growing as the dairy farm project proceeds, continued public pressure is likely, which increases the possibility of protest activity. During Navy information sessions for the project, community members have critiqued the vagueness of the proposal and still have unanswered questions. For example, co-owner of De Novo Farm states that their business, and others in the community, depend on the green space to conduct lessons, boarding, training, and breeding. The community will have another opportunity to voice concerns during the public review process, where they can comment on the proposal.^[15],[17]

Community Implications Moving Forward

Future implications may include a decrease in profitable farming land, possible unrest, and a strained relationship between military personnel and the community. While the Navy plans to keep the community involved in this process, citizens are still asking for more clarity on decisions regarding the land. Moving forward, information sessions will be an important forum for citizens, local officials, and military personnel to share updates and concerns.

[1] Naval District Washington. (n.d.). U.S. Naval Academy Dairy Farm. Naval District Washington. Retrieved from https://ndw.cnic.navy.mil/Installations/NSA-Annapolis/Operations-and-Management/Dairy-Farm/.

[2] Anne Arundel County Maryland. (n.d.). Dairy Farm. Anne Arundel County Maryland. Retrieved from https://www.aacounty.org/county-council/council-districts/district-5/district-5-blog/dairy-farm.

[3] Moore, S. (2019, September 19). Early 1900s: When the Navy ran a dairy farm. Farm and Dairy. Retrieved from https://www.farmanddairy.com/columns/early-1900s-when-the-navy-ran-a-dairy-farm/575536.html.

[4] Naval History and Heritage Command. (2023, January 24). Milk Carton from the United States Naval Academy Dairy Farm. Naval History and Heritage Command. Retrieved from https://www.history.navy.mil/our-collections/artifacts/Ashore/naval-academy/milk-carton–usna-dairy-farm.html.

[5] Enright, M. (2024, October 11). Navy Moves to Next Phase of Dairy Farm Solar Project. Lancaster Farming. Retrieved from https://www.lancasterfarming.com/farming-news/dairy/navy-moves-to-next-phase-of-dairy-farm-solar-project/article_c50eeece-872d-11ef-9487-abd6c85ba671.html.

[6] Editorial Team. (2024, July 19). The Impact of Military on Local Communities: An In-Depth Analysis. Total Military Insight. Retrieved from https://totalmilitaryinsight.com/impact-of-military-on-local-communities/.

[7] NAVFAC. (n.d.). Naval Academy Dairy Farm Renewable Energy Initiative Information Session & Community Conversation. NAVFAC. Retrieved from https://ndw.cnic.navy.mil/Portals/75/NSA_Annapolis/Documents/NSAA%20Dairy%20Farm%20Public%20Meeting_6AUG24.pdf.

[8] Department of the Navy. (2015, July 13). Navy and Georgia Power Ink Deal to Build 42 MW Solar Farm at SUBASE Kings Bay. Department of the Navy. Retrieved from https://www.navy.mil/Press-Office/News-Stories/Article/2265286/navy-and-georgia-power-ink-deal-to-build-42-mw-solar-farm-at-subase-kings-bay/.

[9] Department of the Navy. (2016, September 19). SUBASE Kings Bay Celebrates Opening of 42 MW DC Solar Facility. Department of the Navy. Retrieved from https://www.navy.mil/Press-Office/Press-Releases/display-pressreleases/Article/2256346/subase-kings-bay-celebrates-opening-of-42-mw-dc-solar-facility/.

[10] RMC. (n.d.). Landcover Summarizer. Retrieved from https://portal.geo.nga.mil/portal/apps/experiencebuilder/experience/?id=5921eed3776a466f864bf6e1faf92282.

[11] Enright, M. (2024, August  2). Planned Solar Facility on Former Navy Dairy Farm Has Ag Industry Concerned. Lancaster Farming. Retrieved from https://www.lancasterfarming.com/farming-news/news/planned-solar-facility-on-former-navy-dairy-farm-has-ag-industry-concerned/article_cb133334-4ea2-11ef-8b0b-cfb0ac43f267.html.

[12] Enright, M. (2024, October 11). Navy Moves to Next Phase of Dairy Farm Solar Project. Lancaster Farming. Retrieved from https://www.lancasterfarming.com/farming-news/dairy/navy-moves-to-next-phase-of-dairy-farm-solar-project/article_c50eeece-872d-11ef-9487-abd6c85ba671.html.

[13] Naval Support Activity Annapolis. (2024, May 17). Press Release. Naval Support Activity Annapolis. Retrieved from https://ndw.cnic.navy.mil/Portals/75/NSA_Annapolis/Documents/Dairy%20Farm/005-%20Dairy%20Farm%20RFP.pdf.

[14] Matheson, J. (2025, January 27). Plans for renewable energy at former Navy Dairy Farm inch along, questions remain. Capital Gazette. Retrieved from https://www.capitalgazette.com/2025/01/27/plans-for-renewable-energy-at-former-navy-dairy-farm-inch-along-questions-remain/.

[15] Enright, M. (2024, August 7). U.S. Navy Dairy Farm Solar Proposal Draws Deep Skepticism. Lancaster Farming. Retrieved from https://www.lancasterfarming.com/farming-news/news/u-s-navy-dairy-farm-solar-proposal-draws-deep-skepticism/article_e8472c4e-54dd-11ef-a9da-2334731e7682.html.

[16] Serna, Oliver. (2022, August 12). What You Need To Know About Greenbury Point. Respect The Rules And Stay Safe!. Naval District Washington. retrieved from https://ndw.cnic.navy.mil/News/News-Detail/Article/3125600/what-you-need-to-know-about-greenbury-point-respect-the-rules-and-stay-safe/.

[17] Cribbs, J. (2024, August 9). Reps face criticism over solar project. The Delmarva Farmer. Retrieved from https://americanfarm.com/articles/delmarvafarmer/reps-face-criticism-over-solar-project/.