This is the story of a magazine article about a computer worm, a network of intelligence professionals who built companies around America’s critical infrastructure, and the months I spent inside one of those companies before being fired by a letter left in my mailbox. The connection between these threads is not that one caused the other, but that I was inside the second before I understood the first, and understanding the first is what eventually made the second make sense.

On the very first morning I reported to Accenture as a Senior Manager — newly hired to lead the FusionX team, one of the most respected red-teaming operations in American cybersecurity — co-founder Tom Parker stepped out of an elevator, strode through the glass doors, took one look at me, and said, “Who are YOU?” I gave my name and my title, and politely informed him I was a new hire starting that day. He grimaced, said nothing further, and walked away.

That was early June. By November of that same year, I would be terminated without cause by a letter mailed to my Manhattan apartment. In the intervening months, I had not been permitted to do the job I had been hired to do: lead a team of elite consultants to help solve the Fortune 500’s most pressing technical security concerns. A direct report who had followed me from a previous employer and I were assigned a single foreign financial client, taken off that job without explanation, and given nothing else. He has since confirmed this account. I was then placed on administrative leave, also without explanation — my equipment seized, my access revoked, and presence maintained just enough to be monitored while we were both excluded from everything of consequence.

I initially mentally framed what happened in common terms: I was the only dark-skinned woman in the group, and some of the hostility I encountered felt like it might have something to do with that. The cybersecurity industry has a well-documented problem with both racism and sexism, and I have been on the receiving end of both throughout my career. I spoke publicly about sexism and discrimination in the field after working on the Biden campaign in 2020. When the DerbyCon security conference shut down in 2019 after women and minorities raised concerns about harassment, the community blamed the people who spoke up — including me, just for having been quoted in the story.

What I experienced at FusionX was part of that broader pattern. But the deeper story, which I have reconstructed from public records, patent filings, corporate registrations, my own email inbox, and the documented career trajectories of the people involved, concerns what FusionX actually was, who controlled it, and the web of intelligence community veterans, oligarch capital, and privatized state power standing behind a company entrusted with the security architectures of U.S. government agencies and major multi-national corporations.

The Article That Knew Too Much

On October 5, 2010, Tablet Magazine published a brief essay on the Stuxnet worm, “Modern Warfare, Too” by Michael Tanji. The worm had recently been discovered infecting industrial control systems worldwide with a pronounced concentration in Iran. Tanji’s byline identified him as “a former supervisory intelligence officer who worked on information warfare issues at the Defense Intelligence Agency.” The article appeared in a curated “Web Wars!” series alongside a companion piece by Yossi Melman, the veteran Israeli intelligence correspondent for Haaretz, whose connections to the Mossad establishment are well documented. In 2020, Donald Trump elevated Melman’s account of the killing of the head of Iran’s nuclear program on Twitter.

Israeli journalist Shimon Aran, who served in the IDF’s Unit 8200, claimed to have notified Melman of the retweet, and that he was “very surprised..”

Melman’s article “Coded,” published in Tablet Magazine in October 2010, argued that Israel “may or may not” have been behind Stuxnet, and that it didn’t particularly matter. Tanji’s American-perspective article reached the same conclusion by a different route. On its surface, “Modern Warfare, Too” reads as competent analysis from a highly qualified commentator. Tanji correctly identified Stuxnet as targeting Siemens SCADA software, noted the worm’s sophistication, and speculated about Israeli involvement. When the article is mapped against what was publicly known in October 2010 and what would be confirmed months or years later, it is strikingly prescient.

The Symantec Stuxnet dossier, published in late September 2010, had concluded that “the ultimate target of Stuxnet remains unknown.” Ralph Langner, the German industrial control systems researcher who first speculated publicly that Natanz was the target, described his own assessment as “speculation.” The precise mechanism by which Stuxnet destroyed centrifuges by manipulating frequency converters manufactured by Fararo Paya and Vacon on Siemens S7-315 PLCs would not be confirmed until November 2010 at the earliest.

Joint U.S.-Israeli authorship under Operation Olympic Games was not reported until a New York Times piece in January 2011, and not fully confirmed until David Sanger’s June 2012 account. Kim Zetter's Countdown to Zero Day, the definitive account of Stuxnet's discovery and the operation behind it, provided much of the framework I used to verify what was and was not publicly established at each point in this timeline.

Tanji, writing in early October 2010, got the strategic picture almost perfectly right while remaining conspicuously vague on technical details.

He characterized Stuxnet as designed “not to kill, but simply to disorient: cyber tear gas.” Langner’s 2013 analysis, “To Kill a Centrifuge,” would confirm this framing years later, finding that the attackers “took great care to avoid catastrophic damage” and instead sought to induce early rotor failures that would be indistinguishable from routine engineering problems. He described digital weapons as “disposable sniper rifles, not cluster bombs,” a metaphor that reflects offensive cyber doctrine of the kind that has since become standard material at war colleges, but had no place in public discourse in 2010.

He observed that Stuxnet was “sophisticated enough, it is targeted enough, to make the sufficiently suspicious in Iran wonder if there is in fact not someone on the inside who has passed information.” In 2024, the Dutch newspaper De Volkskrant revealed that a recruited AIVD agent named Erik van Sabben had been the human penetration vector who physically introduced the malware into Iranian facilities. What Tanji had framed as speculation now reads more like a description of the actual effect.

He invoked Effects-Based Operations doctrine by name: “you don’t want to destroy the power plant, you just want to turn it off, because eventually you want the lights to come back.” At the time of that writing, no one outside a small circle of officials understood that this was the operational philosophy of Olympic Games. Each of these judgments was subsequently confirmed. None were established in the public record when Tanji wrote them down. All of them served the strategic communication interests of the operation’s sponsors.

In response to a request for comment from this publication, Tanji said that his article relied on no classified knowledge.

He said that he does not know Yossi Melman, and had not read Melman’s companion piece. He acknowledged maintaining “a decent sized network of friends and former colleagues with extensive experience in IW/CNO” (Information Warfare and Computer Network Operations) but said he has “no idea if any of them was involved with Stuxnet.”

While the article was remarkably prescient, the author says it was solely the product of publicly available analytic tradecraft.

The Author’s Credentials

Tanji was not a casual observer of cyber operations. His career placed him at the center of the American military cyber apparatus during its formative period. He began as a U.S. Army SIGINT analyst, served in Desert Storm, and moved through a succession of increasingly sensitive positions: intelligence specialist at U.S. Army Intelligence and Security Command (INSCOM), then the Defense Intelligence Agency, where from 1998 to 2004 he served as Supervisory Intelligence Officer in the Information Warfare Office within the Transnational Warfare Group. Profiles published by OODA Loop and CSO Online also place him at NSA and the National Reconnaissance Office.

At DIA, Tanji was selected as one of a “handful of intelligence officers selected by-name” to support the Joint Task Force for Computer Network Defense (JTF-CND), the direct precursor to U.S. Cyber Command. He represented DIA on National Security Council and National Intelligence Council cyber projects, deployed in a counterintelligence and HUMINT role during Operation Allied Force, and after September 11 created the Department of Defense’s first computer forensics and intelligence fusion team. He left government in 2005 and co-founded Kyrus Tech, which later partnered with Microsoft to disrupt the Zeus botnet. He is also listed as one of the co-founders of security firm Carbon Black.

In 2009, Tanji edited Threats in the Age of Obama, a compendium of national security essays published by Nimble Books. Among the twenty-one contributors were Matt Devost and Bob Gourley.

The Book and Its People

Bob Gourley was a Naval Intelligence officer who became the first Director of Intelligence (J2) at JTF-CND, the same organization Tanji had supported, and later served as Chief Technology Officer of the Defense Intelligence Agency, the same agency where Tanji had worked in the Information Warfare Office. After leaving government, Gourley co-founded OODA LLC with Matt Devost. His website CTOvision.com published approving coverage of Tanji’s work at Kyrus Tech.

Devost’s biography takes a different turn. He arrived at SAIC in 1995. By his own account, buried in keywords at the bottom of his LinkedIn resume, he directed the Coalition Vulnerability Assessment Team, supported the President’s Commission on Critical Infrastructure Protection and the Defense Science Board, served on the President’s National Security Telecommunications Advisory Committee, and provided support during the Solar Sunrise investigation — the 1998 Department of Defense cyber intrusion that directly led to the creation of JTF-CND. He was twenty-five years old.

In 1996, Devost co-founded the Terrorism Research Center and began operating from devost@terrorism.com. A 2004 USPTO trademark filing shows the organization attempting to register “TERRORISM.COM” from an office on North Fairfax Drive in Arlington, Virginia. The trademark was refused as “merely descriptive.” Today, terrorism.com redirects to the website of DEV Capital, Devost’s investment entity. At iDEFENSE, he built a cyber-intelligence operation serving Fortune 500 clients. At Security Design International, he ran penetration testing and vulnerability assessments against what he described as “every critical infrastructure segment.”

Then, in 2006, Erik Prince purchased Devost’s companies and merged them with the consulting group led by Cofer Black, the former Director of the CIA’s Counterterrorism Center, to create Total Intelligence Solutions. Devost became its president. Rob Richer, former CIA Associate Deputy Director of Operations, served as CEO. The Washington Post reported that Prince had “built Total Intel” from Devost’s firms.

Total Intelligence Solutions functioned as something akin to a privatized CIA: staffed with former senior Agency officers, capitalized by the Blackwater fortune, and selling intelligence services to governments and corporations alike. Devost ran its day-to-day operations with more than sixty employees.

Both Sides of the Table

In June 2010, Devost co-founded FusionX LLC with Tom Parker, a British cybersecurity expert who had presented with him at Black Hat on adversary characterization back in 2003. FusionX offered red-teaming, penetration testing, and cyber defense, promising that its “best in class technical assessment teams will target your information assets using the highly tailored tactics, techniques and procedures (TTP’s) of your most likely attackers.” Its clients included Fortune 500 companies and government agencies.

From March 2010 through April 2013, Devost simultaneously held an appointment as a Special Government Employee advising the Under Secretary of Defense for Policy, the Deputy Assistant Secretary of Defense for Cyber Policy, and “other senior leadership” on cyber strategy. This period encompassed the discovery of Stuxnet, the operational peak of Olympic Games, the achievement of full operational capability by U.S. Cyber Command, and the formulation of the country’s first comprehensive cyber strategy.

The dual position would have given Devost visibility into both the government’s offensive and defensive cyber posture and the vulnerability landscape of the private sector at the same time.

In 2015, Accenture acquired FusionX. Devost became a Managing Director leading Accenture’s Global Cyber Defense practice, while Parker took on global growth and strategy for Accenture Security’s 6,200-person organization, which generated more than $1.8 billion in annual revenue. Their access scaled accordingly. After both left Accenture, Parker served as Deputy CISO at AIG and then founded Hubble Technology, which was acquired by NetSPI/KKR in 2024.

As of early 2026, both Parker and Harvey work in IBM’s cybersecurity division.

The reporting that follows — on the Blavatnik-funded institution at the center of Devost’s public image, the WINTERMUTE patents, and the months I spent at Accenture’s FusionX before being terminated by mail — is available to paid subscribers.

Hacking, but Legal has no access to protect. Only readers. Paid subscribers are the reason this piece exists, and the reason the next one will.

Read more

She joined the Oxford Programme for Cyber and Technology Policy, known as OxCTP, which is co-directed by Ciaran Martin, the founding CEO of the United Kingdom’s National Cyber Security Centre, an operational cyber arm of GCHQ. Martin had joined the Blavatnik School as Professor of Practice in September 2020, the day after stepping down from his government role.

The two most recent leaders of civilian cyber defense in the United States and the United Kingdom now work in the same program, at the same school, under the same name. That name belongs to a Soviet-born billionaire whose business history, according to former senior Treasury sanctions officials, places him alongside sanctioned Russian oligarchs in every respect except his U.S. passport: Len Blavatnik.

That characterization is contested. Blavatnik’s representatives reject the oligarch label, and as this piece will discuss, several major news outlets have published corrections after using it. But in November 2020, two former senior U.S. government officials with direct sanctions expertise published an Atlantic Council report stating plainly that Blavatnik’s “funding can hardly be considered legitimate” and that he escapes sanctions only because he is a U.S. citizen.

There are reasons this convergence has gone unreported that have nothing to do with its importance. Blavatnik’s reputation apparatus — PR responses within hours of publication, legal letters, and corrections extracted from major outlets — makes writing about his network expensive. The facts are public; the cost of a single imprecise phrase is not. Institutional capture becomes invisible not because no one sees it, but because describing it carefully exceeds what most deadlines allow.

What follows is an accounting of what it means that the people the sanctions machinery could not touch are now funding the institutional home of the most senior Western cyber officials.

The Donor

Len Blavatnik was born in Odessa in 1957, when it was part of the Ukrainian Soviet Socialist Republic. His family moved to Yaroslavl, north of Moscow, where he attended the Moscow State University of Railway Engineering before emigrating to the United States in 1978. He earned a master’s in computer science from Columbia University and an MBA from Harvard Business School. In 1986, he founded Access Industries, the holding company through which he conducts most of his business operations, and which now controls Warner Music Group.

After the collapse of the Soviet Union, Blavatnik used Access Industries to acquire former state assets during Russia’s privatization era, accumulating shares in aluminum smelters and energy companies that became the foundation of his fortune. As of April 2026, Forbes estimates his net worth at $31.4 billion, making him the sixty-ninth richest person in the world. He holds dual American and British citizenship and was knighted by Queen Elizabeth II in 2017.

His early business partnerships are what counterintelligence professionals would focus on. This is not a matter of individual bad actors. As former Bush administration official Philip Zelikow and three co-authors argued in Foreign Affairs in mid-2020, the Kremlin has transformed corruption itself “into an instrument of national strategy,” a doctrine under which ostensibly private business relationships, philanthropic giving, and elite social access are tools of statecraft rather than peripheral side effects of it.

Blavatnik reportedly became close friends with Viktor Vekselberg at the Moscow State University of Railway Engineering. Together, they co-founded the Renova investment vehicle and accumulated stakes in Russian aluminum smelters. In 1997, Blavatnik’s Access Industries joined with Vekselberg’s Renova Group and Mikhail Fridman’s Alfa Group to form the AAR consortium, which acquired a 40% stake in Tyumen Oil Company (TNK) for $800 million. AAR later partnered with BP to form TNK-BP, one of the largest oil companies in Russia.

The venture was enormously profitable: when the state-owned Rosneft purchased AAR’s stake in 2013, the consortium received $28 billion in cash, having already collected $19 billion in dividends. Blavatnik was also a board member of Rusal, one of the world’s largest aluminum producers, from 2007 to 2016. The company was founded by Oleg Deripaska and controlled through his EN+ Group; Blavatnik held an indirect minority stake of approximately 8% through SUAL Partners (jointly with Vekselberg), which held ~22%.

Vekselberg was sanctioned by the U.S. Treasury in April 2018 under E.O. 13662 “for operating in the energy sector of the Russian Federation economy.” Deripaska was sanctioned “for having acted or purported to act for or on behalf of, directly or indirectly, a senior official of the Government of the Russian Federation” under E.O. 13661 and 13662.

Blavatnik himself has not been sanctioned by the United States or the United Kingdom, and his representatives have been aggressive in defending that distinction. Spokespersons for Access Industries have said repeatedly that he “hasn’t had any contact with president Vladimir Putin since 2000,” “plays no role in Russian politics,” and “is not Russian,” emphasizing that he has been an American citizen since the 1980s, was born in Soviet Ukraine, and holds dual U.S.–U.K. citizenship.

Despite this, in December 2023, Ukrainian President Volodymyr Zelensky signed a decree imposing sanctions on 51 individuals, Blavatnik among them. He remains off the U.S. OFAC Specially Designated Nationals list and the U.K. OFSI sanctions list, but the country of his birth has formally sanctioned him. Blavatnik’s fortune was built alongside and intertwined with individuals who have since been sanctioned, and his business history in post-Soviet Russia appears inseparable from the political economy of the oligarch era.

Two former senior Treasury and National Security Council officials made the same assessment explicitly in a 2020 Atlantic Council report on Russian dark money. Anders Åslund, a former economic adviser to the Russian government from 1991 to 1994, and Julia Friedlander, who served as Senior Policy Advisor for Europe in Treasury’s Office of Terrorism and Financial Intelligence during the period when Vekselberg and Deripaska were sanctioned, wrote that Blavatnik “became a naturalized US citizen in 1984” but “made his big money much later on in the Russian heavy industry, notably in TNK-BP, in partnership with Viktor Vekselberg, who was sanctioned by the US government as a Kremlin oligarch in April 2018.”

Their conclusion: “Blavatnik is a US citizen and cannot be sanctioned by the United States, but his funding can hardly be considered legitimate.” That sentence, written by someone who sat inside Treasury’s sanctions apparatus during the relevant period, is the clearest public statement from a former U.S. government official that the only thing separating Blavatnik from his sanctioned partners is his passport.

In 2019, Quartz published Panama Papers–based reporting describing an indirect business link between Blavatnik and a Russian Interior Ministry official. The connection ran through Amediateka, a Russian streaming company majority-owned by Access Industries, which had outsourced services to Nemo TV, a company in which Alexander Makhonov, then Russia’s Deputy Minister of Internal Affairs, held a stake via offshore entities.

Quartz was careful to note that “it’s unclear whether Blavatnik had any interaction with Makhonov” and that “there is no allegation of any illegality.” The relationship was a vendor arrangement between a subsidiary and a company part-owned by a Russian official, not a direct partnership — perhaps a meaningful distinction on paper, though one that still places a Russian Interior Ministry figure inside Blavatnik’s corporate supply chain during a period when his holdings remained deeply embedded in Russia.

Access Industries has described his donations as driven by a “pro-business, pro-Israel agenda” — a framing that is only partially borne out by the FEC record. Blavatnik’s political giving spans both American parties and multiple countries, but is bipartisan in name only. Between 2009 and 2014, his federal donations were modest and roughly balanced, peaking at $273,600 in the 2013–2014 cycle, according to FEC data compiled by the Dallas Morning News and Quartz.

Starting in 2015, his spending transformed: he poured at least $6.35 million into Republican committees and PACs during the 2015–2016 cycle with the overwhelming majority directed at the Senate GOP leadership and the PACs of presidential and Senate candidates. Mitch McConnell’s Senate Leadership Fund received roughly $2.5 million in that cycle and approximately $3.5 million total between 2015 and 2017, by far the largest single destination.

The McConnell donations sit alongside a sequence of events the Atlantic Council report describes as “public and legal” but impossible to ignore.

Blavatnik was a minority owner of Rusal when the Treasury Department sanctioned Rusal along with its controlling owners in April 2018. After what Åslund and Friedlander describe as “intense lobbying by Rusal” in a campaign led by Lord Gregory Barker, the new British CEO of Rusal’s parent company EN+, and including former Senator David Vitter of Louisiana, then at the lobbying firm Mercury Public Affairs, the Treasury lifted the sanctions against Rusal in January 2019. “Almost immediately afterward,” Åslund and Friedlander write, “Rusal committed to investing $200 million in a company in Kentucky, McConnell’s home state.”

McConnell led the Senate effort to block Chuck Schumer’s resolution of disapproval, which would have kept the Rusal sanctions in place. The resolution narrowly failed, 57-42, falling three votes short of the 60 needed to overcome a filibuster. Eleven Republicans crossed McConnell to vote with Democrats — including, notably, Marco Rubio, who had received $1.5 million in Blavatnik-connected contributions through his Conservative Solutions PAC and Florida First Project. Blavatnik’s donations did not purchase Rubio’s vote on this specific question. They appear, however, to have had a different effect on the Republican leadership: according to TIME magazine’s August 2019 investigation, two of the three votes needed to save the sanctions came from Kentucky’s own delegation: McConnell himself and junior Senator Rand Paul.

There is no public record of Blavatnik personally lobbying McConnell on the Rusal question; the documented relationship between them is financial. What is documented, through TIME’s reporting, is that Braidy Industries CEO Craig Bouchard met with a Rusal sales executive in Zurich in January 2019, while Rusal was still under U.S. sanctions, and was told: “If we get the sanctions off, let’s meet again.” The next day, McConnell blocked the Schumer resolution on the Senate floor. Ten days later, Treasury formally lifted the sanctions. Eleven weeks after that, Braidy and Rusal announced a $200 million partnership in Ashland, Kentucky. Senate Finance ranking member Ron Wyden opened an investigation in October 2019 asking whether the Braidy-Rusal discussions had taken place while sanctions were still in force. Bouchard never fully answered on the record.

McConnell told reporters in May 2019 that his position on Rusal was “completely unrelated to anything that might happen in my home state.” Michael McFaul, the former U.S. Ambassador to Russia under the Obama administration, told the Washington Post: “It is shocking how blatantly transactional this arrangement looks.” Heather Conley, a former Deputy Assistant Secretary of State under George W. Bush, put it more structurally in TIME:

The Kentucky mill was never built. Rusal ultimately invested approximately $65 million of its $200 million pledge before suspending further investment in March 2021. Braidy Industries was renamed Unity Aluminum, eventually merged with Steel Dynamics, and the mill project moved elsewhere. Kentucky recouped its $15 million taxpayer investment in September 2022, and the site was donated back to the regional industrial authority. The political function of the Rusal-Kentucky deal — the lifting of sanctions through the promise of American jobs — appears to have outlived its economic function by several years.

Beyond McConnell, Blavatnik’s Republican giving continued down the ticket: $1.1 million to Scott Walker’s PAC, $800,000 to Lindsey Graham’s PAC, $250,000 to John Kasich, and $200,000 to John McCain. Blavatnik then added $1 million to Donald Trump’s 2017 inaugural committee. His donations to Democrats over the same period to Kamala Harris, Chuck Schumer, Ron Wyden, Bob Menendez, and Hillary Clinton were described by Quartz as “relatively small sums” totaling in the low hundreds of thousands across multiple recipients. In the 2020 cycle, he gave $5,200 to Pete Buttigieg and $5,600 to Joe Biden.

Framing this as “bipartisan” would obscure a donation ratio of at least ten to one in favor of Republicans during the pivotal 2015–2017 period, concentrated in the hands of GOP leadership. The identities of the recipients, including the top foreign policy official in the United States government and the chairman of the Senate committee responsible for the federal budget blueprint, matter more now than they did when the donations were made.

Marco Rubio was confirmed as the 72nd Secretary of State on January 20, 2025 by a 99–0 Senate vote, and was sworn in the following day; since May 1, 2025, he has also served concurrently as acting National Security Advisor, the first person to hold both positions simultaneously since Henry Kissinger. Lindsey Graham was elected Chairman of the Senate Budget Committee for the 119th Congress on December 20, 2024, and has since used that chair to shepherd the FY 2025 budget resolution and the “One Big Beautiful Bill Act” through the Senate.

In 2024, the Washington Post reported that Blavatnik belonged to a WhatsApp group of powerful U.S. business leaders, whose stated goals included shifting public opinion in favor of Israel and coordinating with Israeli government officials after October 7th. Members discussed receiving private briefings from Israeli officials and pressuring Columbia University’s administration to permit police action against student protesters.

The Washington Post’s reporting drew pushback. NYC Deputy Mayor for Communications Fabien Levy, who is Jewish, called the framing “offensive” and “antisemitic” in a post on X:

None of this is secret; it is the documented financial and political biography of the man whose name is on the school where America’s and Britain’s top cyber officials now work. With that said, billionaires have deep pockets with which to handle legal and media matters. Blavatnik’s representatives have publicly rejected the “oligarch” label as “both highly inaccurate and offensive,” and major outlets including the Guardian and the Times of London have published formal corrections after describing him as a “Putin pal” or “Putin associate.”

His lawyer, Martin Singer, told Quartz in a December 2018 letter that Blavatnik had “zero” involvement in Russian politics.

Bloomberg wrote in May 2023 that “naturalized US citizen” Blavatnik had divested “his last major asset in the country where he seeded his fortune,” exiting a chapter that began with TNK-BP’s sale to Rosneft in 2013 and his departure from the Rusal board in 2016.

The Institutional Network

The Blavatnik philanthropic footprint across Western academic institutions is extraordinary in both scale and strategic positioning.

The Blavatnik School of Government at the University of Oxford was founded in 2010 with a £75 million donation from the Blavatnik Family Foundation, one of the largest gifts in Oxford’s nine-hundred-year history. The original donation came from “Len Blavatnik and a trust associated with him” per Oxford’s Council Regulations; the “Blavatnik Family Foundation” was formally incorporated as a 501(c)(3) later, though the Foundation’s website now claims the gift.

The university contributed an additional £26 million. The school’s purpose-built headquarters, designed by the famous Swiss architectural firm Herzog and de Meuron, was inaugurated by Prince William in 2016. It trains future government leaders through its Master of Public Policy program, hosts senior practitioners as visiting fellows, and conducts research on governance and public policy. It is, by design, a pipeline for the people who will run governments.

Oxford’s own governance regulations for the school are clear: Regulation 3 states “the academic direction and day-to-day management of the School shall be entirely and exclusively the responsibility of the University,” and Regulation 8 affirms Oxford’s “duty to preserve and protect the academic freedom of its academic staff.” But the same regulations contain a more unusual provision: the appointment of the Dean “shall be made by Council, with the approval in writing of the Blavatnik School of Government Foundation, such approval not to be unreasonably withheld.” The donor’s foundation holds a contractual say over who leads the institution. This arrangement is unusual in academic governance, where donor influence over senior appointments is typically resisted.

The Blavatnik Interdisciplinary Cyber Research Center (ICRC) at Tel Aviv University was established as a joint initiative with the Israel National Cyber Directorate under the Prime Minister’s Office. $65 million funded the entire “Blavatnik Initiative” at TAU — encompassing the ICRC in addition to a drug discovery center, computer science fund, and other programs. ICRC is led by Major General (Ret.) Isaac Ben-Israel, former Director of Defense R&D at Israel’s Ministry of Defense. The center hosts Cyber Week, one of the world’s largest cybersecurity conferences drawing over 11,000 attendees from 99 countries, and runs DefenseTech Week in collaboration with the Israeli Ministry of Defense.

Beyond these two cyber-specific institutions, the Blavatnik Foundation has donated at least $270 million to Harvard (including $200 million to Harvard Medical School, the largest gift in HMS history), roughly $75 million to Yale, and tens of millions more to Columbia, Stanford, Brown, the University of Pennsylvania, the University of Cambridge, the Royal Academy of Engineering, and the New York Academy of Sciences. The Blavatnik Family Foundation’s own website now reports contributions exceeding $1.3 billion to over 250 institutions.

The pattern is clear: Blavatnik’s money does not simply support academic research. It names buildings, names schools, names programs, and in the case of the Oxford school, grants contractual influence over leadership appointments. The institutions receiving this funding are the ones that train government officials, conduct cyber policy research, and host leaders who recently held some of the most sensitive civilian cyber defense positions in the Western alliance.

The Cyber Leadership Pipeline

The appointments at the Blavatnik School follow a pattern: government cyber leaders depart their positions and land at Oxford, where they receive academic prestige, a platform for continued policy influence, and proximity to the Blavatnik network, while simultaneously taking on private-sector roles.

Ciaran Martin stepped down as CEO of NCSC on August 31, 2020, and joined the Blavatnik School as Professor of Practice on September 1. He is the founding director of OxCTP, the cyber policy program Easterly later joined, which he now co-directs with Dr Brianna Rosen. Simultaneously, Martin serves as Managing Director at Paladin Capital Group, a venture capital firm investing in early-stage cybersecurity companies, and sits on the Global Advisory Board of CyberCX, Australia and New Zealand’s largest cybersecurity services provider. The Blavatnik academic appointment provides the credibility platform; the private-sector positions provide the commercial channel. The knowledge and relationships cultivated during four years running NCSC (and longer still in GCHQ’s cyber leadership) now flow through both.

Jen Easterly left CISA on January 20, 2025, when the Trump administration took office. Her career before CISA included service in NSA’s Tailored Access Operations, the agency’s elite offensive hacking unit; helping establish U.S. Cyber Command in 2009-2010; serving as Deputy for Counterterrorism at NSA; and over two years as Special Assistant to President Obama and Senior Director for Counterterrorism on the National Security Council. Between government stints, she spent more than four years at Morgan Stanley as global head of their cybersecurity fusion center. She is a West Point graduate and Rhodes Scholar who earned her Oxford master’s degree at Pembroke College.

In July 2025, Easterly was appointed to the Robert F. McDermott Distinguished Chair at West Point’s Department of Social Sciences. Less than 24 hours after far-right activist Laura Loomer criticized the appointment, Secretary of the Army Daniel Driscoll rescinded the offer, posted a public announcement on X, and ordered a review of hiring practices.

Easterly responded to the rescission, describing herself as a “casualty of casually manufactured outrage” and a victim of cynicism that “corrodes our institutions”.

The full statement is available on LinkedIn, but I quote from it here:

The same official who rescinded Easterly’s West Point appointment has since become one of the most consequential figures in U.S. national security.

In November 2025, President Trump tapped Driscoll (a Yale Law classmate of Vice President JD Vance with no prior diplomatic experience) to lead American negotiations to end the Russian war in Ukraine. Driscoll flew to Kyiv, then Geneva for talks alongside Rubio, Special Envoy Steve Witkoff, and Jared Kushner, then to Abu Dhabi for secret talks with a Russian delegation. The Army secretary is now the United States’ primary point of contact with the Russian government on the most consequential foreign policy question of Trump’s second term, working off a 28-point peace plan originally drafted behind closed doors by Witkoff and Kremlin envoy Kirill Dmitriev.

His own position, however, is reportedly fragile. The Washington Post reported on April 7, 2026 that Driscoll has been engaged in a months-long conflict with Defense Secretary Pete Hegseth over personnel decisions, including Hegseth’s attempts to block the promotions of four Army officers (two women, two Black) to one-star generals, and Hegseth’s forced retirement of Army Chief of Staff General Randy George in early April ahead of schedule. Driscoll told the Post he has “no plans to depart or resign as the Secretary of the Army” and remains “laser focused” on Army readiness, but sources told the paper that tensions ran high enough last fall that Driscoll asked Vance to intervene on his behalf.

The same political dynamic that ended Easterly’s West Point appointment — outrage cultivated on partisan media, personnel decisions driven by loyalty rather than credentials — is now operating at the top of the Pentagon itself against the man who executed the Easterly rescission. The difference is that Driscoll has Vance; Easterly did not.

Easterly’s Blavatnik School fellowship was announced the following month. This political exclusion from a traditional government-military academic role left the Blavatnik School as her primary institutional home, illustrating how private philanthropic institutions can become the only viable platform for elite experts who fall out of political favor in their home countries.

The convergence is now complete. The person who ran America’s civilian cyber defense and the person who ran Britain’s national cyber security center are working in the same program, at the same school, funded by the same individual, contributing to the same research and teaching on cyber policy.

The Structural Concern

The question this arrangement raises is not about the individual integrity of Easterly or Martin. Both are widely respected professionals with distinguished records of public service. There is no evidence that either has been compromised or that their work at the Blavatnik School is anything other than legitimate academic engagement.

The concern is structural, and it operates at four levels.

First, there is the question of institutional dependence. When a single donor’s foundation holds contractual approval over the Dean of a school of government, and that school becomes the preferred destination for the most senior Western cyber officials, the donor’s interests become ambient. They need not be expressed through directives or conditions. They are embedded in the architecture. The scholars and fellows at the school know who funds it. The institution’s continued prestige depends on continued funding. The donor’s political and financial interests, documented in public filings, news reporting, and his own statements, form the background against which all programming decisions are made.

Second, there is the question of knowledge concentration. Easterly and Martin collectively possess the most comprehensive understanding of U.S. and UK cyber defense capabilities, vulnerabilities, and strategic doctrines held by any two people outside of current government service. Easterly worked in Tailored Access Operations, helped build Cyber Command, ran counterterrorism at NSA, and directed CISA. Martin built and ran NCSC for four years. The classified knowledge they carry does not expire when they leave government. Housing both of them under the same institutional roof, funded by a single individual with documented connections to sanctioned Russian entities, creates a concentration of strategic knowledge in a space that is neither government nor private sector, and is subject to neither classification controls nor corporate compliance regimes.

Third, the Atlantic Council report explains why Blavatnik’s alleged personal innocence may be beside the point. Åslund and Friedlander describe a mechanism that applies to wealthy Russian-born businessmen even when they hold Western passports and live outside Russia: the richer they get, the more leverage the Kremlin has over them. Their assets sit in two places: Russia, which Putin controls directly, and the West, where Western sanctions can freeze them. The Kremlin can squeeze either end.

The Mueller Report documented exactly this dynamic playing out with one of Blavatnik’s original business partners. Petr Aven, head of Alfa-Bank and a partner in the 1997 AAR consortium that Blavatnik co-founded, told Mueller’s team that he met with Putin roughly every three months. Aven said he treated anything Putin raised in those meetings as an order, and that refusing would have consequences. The specific threat Putin made to Aven in late 2016, according to Mueller, was that the United States might sanction Alfa-Bank, and that Aven needed to do something about it. In other words: Putin was using the threat of American sanctions to pressure a Russian oligarch into doing the Kremlin’s bidding.

None of this means Blavatnik operates under the same pressure Aven does, but people with whom Blavatnik built his fortune are on the record in sworn federal investigations as people who take orders from Putin because they simply cannot afford not to. Blavatnik maintained financial relationships with some of them until as recently as 2022. Åslund and Friedlander describe this kind of Kremlin pressure on wealthy Russians as “standard procedure.” The question is not whether Blavatnik himself takes orders from Moscow. It is whether the people around him do, and what that proximity means for the institution funding Easterly and Martin’s shared academic home.

Fourth, there is the question of the three-country bridge. The Blavatnik institutional network now spans the United States, the United Kingdom, and Israel. Easterly’s career and Blavatnik’s donations to Harvard, Yale, and Columbia anchor the American node. The Oxford school and Martin’s appointment anchor the British node. The ICRC at Tel Aviv University, jointly operated with the Israeli Prime Minister’s Office, anchors the Israeli node. These three countries are among the most important intelligence-sharing partners in the Western alliance.

The structural implications of these questions extend far beyond any individual appointment.

The Precedent

In August 2017, Bo Rothstein resigned his position as Professor of Government and Public Policy at the Blavatnik School in protest over Blavatnik’s $1 million contribution to Donald Trump’s inaugural committee. “I cannot give legitimacy and credibility to a person who is supporting Donald Trump,” he wrote in his resignation letter to Oxford’s Vice Chancellor Louise Richardson.

ProMarket, a publication of the George J. Stigler Center at the University of Chicago’s Booth School of Business interviewed him at the time, noting that “Rothstein is one of the most influential political scientists in the world today, having spent decades studying corruption and quality of government.”

Cherwell, Oxford’s student newspaper, obtained Rothstein’s letter on October 31, 2017, and published a story quoting it the following day:

Rothstein told Cherwell that he had been “excommunicated” from the school and barred from his office and students after the resignation. The Blavatnik school disputed his characterization, calling his allegations “false.” NPR and The Guardian covered the resignation extensively.

Rothstein returned to Sweden.

Two years earlier, in November 2015, a group of academics, Oxford alumni, and Russian dissidents including physicist and human rights activist Pavel Litvinov had published an open letter in The Guardian urging Oxford to “stop selling its reputation and prestige to Putin’s associates,” as reported by the Oxford Student and covered in detail by Cherwell.

The letter was organized by Ilya Zaslavskiy, a specialist in due diligence, sanctions, and kleptocracy who holds an MPhil in International Relations from the University of Oxford. Zaslavskiy held positions in TNK-BP's international affairs and gas business units between 2006 and 2010 — the Blavatnik-Vekselberg-Fridman oil venture central to this piece — before being arrested by the FSB in March 2008 in what the Washington Post reported at the time was widely viewed as part of an effort to force TNK-BP's foreign partners out of the venture. The FSB initially accused Zaslavskiy and his brother of state treason; the charge was later downgraded to industrial espionage, and then to “failed attempt of industrial espionage,” before a 2009 trial that Zaslavskiy described as a show trial, which ended with a conviction and a sentence of two years of probation. More than 100 Western managers were forced out of TNK-BP during the same period, and TNK-BP's British CEO Robert Dudley was forced to leave the country.

Zaslavskiy has since served as head of research at the Free Russia Foundation, as a fellow at Chatham House, and as senior program manager at the Center for International Private Enterprise. He heads Underminers.info, a research project exposing Eurasian kleptocrats in the West, and has written research papers for the Atlantic Council, Hudson Institute, Martens Centre, and other leading think tanks. His April 2021 paper “Which Kremligarchs Should Be Sanctioned by the Biden Administration?” introduced the term Kremligarchs to describe a litany of individuals who “should be added to the US Treasury sanctions’ lists due to their close involvement in the Kremlin’s infrastructure designed to harm the US and its allies.”

In May 2022, CNN reported that a group of fifty-five American and European foreign policy experts and anti-corruption activists had written a letter in September 2019 to the board of the Council on Foreign Relations to protest CFR’s acceptance of a $12 million donation, stating that Blavatnik “uses his ‘philanthropy’ at leading western academic and cultural institutions to advance his access to political circles,” calling such giving a vehicle for “the infiltration of the US and UK political and economic establishments at the highest levels.”

CNN further contextualized the situation:

These concerns predate the cyber dimension entirely. The question of whether Blavatnik’s money buys influence at Oxford has been debated since 2010. What has changed is the nature of the people now accepting his hospitality. When the school hosted political scientists and public policy scholars, the stakes were academic.

Now that it hosts the former heads of CISA and NCSC — people who possess the most sensitive knowledge about Western cyber defense — the stakes have become both a matter of national security and perceptions of the same.

What Comes Next

The Oxford Programme for Cyber and Technology Policy is expanding. Its inaugural Oxford Cyber Forum has already taken place in June 2024. Easterly has contributed to classes, seminars, and public events, including a panel at OxCTP’s Global Tech Policy Seminar Series alongside former Executive Vice President of the European Commission Margrethe Vestager. The program aims to “help governments navigate the cyber frontier and encourage the responsible adoption of emerging technologies.”

This is, on its face, valuable work. Democratic societies need thoughtful cyber policy. Academic institutions play an important role in developing it. The question is not whether this work should be done, but whether it should be done under the name and with the money of a single private individual whose financial biography includes partnerships with sanctioned Russian oligarchs, offshore entanglements with Russian government officials, and documented participation in coordinated influence campaigns.

There are other places where these leaders could have landed. Easterly is a West Point graduate who could have returned there, and nearly did. Martin could have joined any number of British universities or think tanks. Both chose, or accepted, the institution that offered the most prestige, the most resources, and the most ambitious cyber policy program, which happens to be the one funded by Len Blavatnik.

The individual decisions are rational, but the systemic outcome warrants scrutiny.

When a single billionaire with documented Russian oligarch ties funds the academic home of both the American and British cyber chiefs, the school that trains future government leaders, and a cyber research center jointly operated with the Israeli Prime Minister’s Office, the resulting structure is not a conspiracy. It is something more durable: an institution. Institutions do not need to conspire. They shape behavior through incentives, access, and prestige, and they outlast any individual appointment.

The question for policymakers, for the intelligence community, and for the public is whether this particular institution, with this particular funding source, in this particular configuration, is something Western democracies should be comfortable with, or whether the concentration of cyber leadership under a single private benefactor represents a structural vulnerability that no one has been willing to name at the intersection where it matters most: the pipeline of departing cyber chiefs into a single donor-funded institution.

Correction, April 9, 2026: An earlier version of this piece described Ilya Zaslavskiy as “a former Russian politician.” Zaslavskiy is in fact a specialist in due diligence, sanctions, and kleptocracy who held positions in TNK-BP's international affairs and gas business units between 2006 and 2010 and was prosecuted in 2008-9 in what the Washington Post reported at the time was widely viewed as part of an effort to force TNK-BP's foreign partners out of the venture. The reference has been updated. I regret the error.

Five current officials and one former official later confirmed this to Politico. Then, he took it again. He did not pass the second time either. Within days of the first result, the employees who had arranged the examination and done nothing more than follow the security requirements of the originating intelligence agency received letters suspending their access to classified information. The acting director kept his badge, but the staffers who enforced the rules lost theirs.

That sequence of events, which received scattered coverage when it broke into public view last December, is the right place to start a story about an executive order that President Trump signed on March 26, 2026 — and about what has happened to the federal networks those staffers were paid to protect.

On April 1, 2026, the FBI notified Congress that Chinese hackers had breached one of its internal surveillance systems in what the bureau classified as a “major incident” under FISMA. The compromised system, known internally as DCS-3000, is a pen register and trap-and-trace collection network that stores metadata revealing who the FBI is watching: which phone numbers, which websites, which subjects of active counterintelligence investigations. The intrusion was traced to a third-party commercial internet service provider’s vendor infrastructure. It was, in other words, a supply-chain attack — the exact category of threat that Emergency Directive 21-01 was written to address, and that CISA retired in a bulk action on January 8, 2026, three weeks after the polygraph story broke. The CISA story, the DEI story, and the FBI breach story are the same story.

Understanding why requires going back to the beginning.

Sixty Years of Scaffolding

Lyndon Johnson signed Executive Order 11246 on September 24, 1965, in the middle of a decade that had already produced the Civil Rights Act and the Voting Rights Act. His order required federal contractors to do more than refrain from discrimination: they had to take affirmative steps to remedy it. Any company with a federal contract above $50,000 and at least 50 employees was obligated to develop a written Affirmative Action Program — an annual document specifying hiring goals, promotion timelines, pay equity analyses, and self-audits. A Labor Department bureau called the Office of Federal Contract Compliance Programs existed to enforce this, and in 2024 it was still recovering millions from contractors for alleged violations.

President Johnson’s theory was structural, rather than sentimental.

A labor market shaped by decades of exclusion from schools, professional networks, and institutions would, if left to its own devices, reproduce that exclusion through criteria that looked neutral but weren’t. The correction factor had to be built in. For sixty years, through administrations of both parties, through the Reagan era’s attempts to weaken it, the Clinton era’s “mend it, don’t end it” compromise, and Bush and Obama tenures where it remained effectively untouched, EO 11246 held.

On January 21, 2025, it was revoked.

The First Demolition

Trump’s second inaugural week produced two executive orders relevant here.

The first, EO 14151 (“Ending Radical and Wasteful Government DEI Programs”), was largely an internal matter: federal agencies were told to shutter their DEI offices, eliminate equity grants and contracts, and remove diversity requirements from employee performance reviews. Federal DEI staff were placed on administrative leave within days. The second order on the following day, EO 14173 (“Ending Illegal Discrimination and Restoring Merit-Based Opportunity”), did the structural work.

It abolished Johnson’s EO 11246 outright, dismantled OFCCP’s enforcement authority, and replaced sixty years of affirmative action mandate with a certification requirement: every new federal contract would have to include a contractor’s attestation that it was not running DEI programs in violation of anti-discrimination law. The certification clause carried a second provision that drew less attention at the time.

It stated that compliance was “material to the Government’s payment decisions” under the False Claims Act — the Civil War-era statute that authorizes the government to recover treble damages from contractors who defraud it. The FCA also allows private citizens to file suit on the government’s behalf and keep a share of what’s recovered. Those suits, called qui tam actions, are the mechanism through which the administration intends to make an example of holdouts. The White House’s FY2026 budget proposal sought to eliminate OFCCP, removing its EO 11246 enforcement authority, but Congress ultimately funded the agency at roughly $101 million in the Consolidated Appropriations Act of 2026, leaving it smaller, narrowed, and focused on a much thinner slice of contractor compliance.

Courts moved immediately. A Maryland district judge issued a nationwide preliminary injunction in February 2025, concluding that key provisions were likely unconstitutional, and the administration appealed. The Fourth Circuit stayed the injunction, then vacated a second one. On February 6, 2026, the court ruled in NADOHE v. Trump that the orders could not be struck down wholesale. Challengers would have to contest specific enforcement actions as they arose.

The orders have been fully operative ever since.

The Enforcement Machinery

In May 2025, Deputy Attorney General Todd Blanche announced what DOJ called the Civil Rights Fraud Initiative, pairing the Civil Fraud Section and the Civil Rights Division to pursue FCA actions against contractors whose DEI programs could be characterized as race-conscious. The legal theory was not complicated: a company that submits a payment request to the government certifies, implicitly, that it is complying with applicable law. If prohibited programs are maintained while collecting federal payments, every invoice is a false claim. By December 2025, DOJ had issued civil investigative demands (subpoenas for documents and testimony) to companies across finance, defense, technology, and healthcare.

The FCA set a record in FY2025 by “recovering” $6.8 billion. This was the largest annual total in the statute’s 160-year history, more than doubling the prior year’s $2.9 billion. DOJ’s press release announcing the figure specifically cited EO 14173 as an enforcement priority for FY2026.

One thousand two hundred ninety-seven (1,297!) qui tam suits were filed in FY2025 alone.

The Newest Order

The executive order signed a little more than a week ago is the campaign’s third instrument, and it addresses something the administration has evidently concluded the prior framework failed to prevent.

The White House fact sheet states this candidly: “some entities, including government contractors, have attempted to conceal ongoing DEI activities even as the Administration has worked to end them.”

Where EO 14173 asked contractors to certify their own compliance, the order requires that every covered contract contain a verbatim clause prohibiting “racially discriminatory DEI activities”, defined as disparate treatment in hiring, promotion, contracting, or program participation based on race or ethnicity as a condition of performance. FCA materiality language, previously embedded in guidance, is now written into the contract clause itself. Contractors must also report any subcontractor’s known or “reasonably knowable” violations up the chain of command. This is a reporting duty that runs opposite to the usual flow of federal oversight, from contractor employee to contracting agency, and bypasses the subcontractor’s own management.

The order covers only race and ethnicity, conspicuously omitting sex, sexual preference, religion, and national origin that appeared in EO 14173.

Gender-based DEI programs such as women’s leadership tracks and pay equity reviews are left to the broader regulatory environment. The Office of Management and Budget is directed to identify specific sectors at particular risk of violations based on past conduct and issue sector-specific guidance. Finance, defense, technology, and healthcare have already been named in prior DOJ statements.

Cybersecurity contractors, defense-adjacent and technology-forward, are obvious candidates for early targeting.

What Has Already Changed

Since Trump’s re-election in November 2024, roughly one in five U.S. companies has eliminated DEI programs.

Among those, fifty-seven percent reported hiring fewer workers from underrepresented groups, and a third reported promoting fewer. Representation of people of color in leadership fell at thirty percent of the companies that cut programs; women’s leadership representation fell at twenty-four percent. The Conference Board found that fifty-three percent of S&P 100 companies changed how they described DEI efforts in their 2025 regulatory filings. Mentions of the acronym “DEI” in Fortune 100 documents fell ninety-eight percent year over year; broader references to diversity dropped seventy-two percent. Much of what corporate America has done is not eliminate programs but rename them. This looks more like a retreat from transparency in an attempt to appear compliant with Trump’s rulings rather than a genuine retreat from actual practice.

More than twenty-six hundred jobs carrying “diversity” or “DEI” in the title have been eliminated since early 2023. The Pentagon cut or restructured a hundred and eighty-eight related positions.

The financial consequences have been real, yet unevenly distributed.

Target announced its DEI rollbacks in January 2025 and experienced more than two hundred days of declining performance: ten consecutive weeks of declining foot traffic, a missed first quarter, and an estimated twenty billion dollars in market capitalization erased by the time the full impact registered. Investors sued, alleging the company had misled shareholders about the financial risks of the decision itself, which was the first time a rollback decision generated securities litigation, inverting the conventional risk calculation entirely. Costco, which defended its commitments publicly during the same period of shareholder pressure, saw between 4.6% and 5.8% year-over-year foot traffic growth.

The CISA Catastrophe

CISA entered fiscal year 2025 with approximately 3,732 employees. The FY2026 budget proposal sought to reduce CISA’s staffing to 2,324 positions. What actually happened through layoffs, buyouts, and people who left without prompting because the environment had become untenable, brought headcount even lower to around 2,200 by mid-2025 — a loss of roughly a third.

About seventy staff were reassigned to other DHS components, including ICE, through management-directed transfers. The Cybersecurity Division, which monitors federal networks for intrusions, fell from around 1,100 people to around 800-850. CISA’s nationwide team of Cybersecurity Advisers — the field staff who connect companies with federal resources — went from 164 to about 97. The Stakeholder Engagement Division faced a sixty-two percent funding reduction; the National Risk Management Center, which provided cross-sector risk analysis, faced seventy-three percent.

In April, CISA announced it is planning to hire more than three hundred people. A familiar mechanism runs through both the CISA story and the DEI orders: remove the structure that enforced rules, wait to see what falls away, then propose to rebuild from a narrower base, under worse conditions, without restoring the safeguards that kept the enterprise functioning in the first place.

How Gottumukkala Got There

Madhu Gottumukkala arrived as acting director in May 2025, installed by Secretary Kristi Noem. His career had moved from Motorola and Verizon consulting to Samsung engineering to a CTO post at CallHealth in Hyderabad, then to Sanford Health, then to South Dakota state government as CIO. None of those roles required navigating the culture or methods of the intelligence community. Dakota State University — where Gottumukkala completed his PhD and later joined the advisory board — holds all three NSA Center of Academic Excellence designations and hosts an on-campus SCIF. To whoever placed him, that combination may have read as a credential. The substantive career remained in civilian IT and healthcare.

Within weeks of his arrival, Politico reported that in his first major intelligence briefing, he asked what threats the U.S. faced from the Southern border and India — a country that has never been considered a significant cyber adversary, while Russia and China were actively targeting American networks.

“Typically, India would be the last place we’d be talking about,” said one official who was in the room.

He also, within weeks of arrival, began pressing for access to a Controlled Access Program — among the most restricted intelligence compartments in existence, established only when ordinary Special Access Programs are insufficient, governed by the Director of National Intelligence, with entry conditions set by the originating agency. A senior career official denied the first request: there was no operational need, and his predecessor had never sought the same access. That official was subsequently placed on administrative leave. A second request, signed personally by Gottumukkala, went forward. His signature acknowledged the counterintelligence polygraph requirement mandated by the originating agency. Career staff arranged the examination.

In late July 2025, he took the polygraph.

He did not pass.

He took it again.

He did not pass again.

According to the March 13, 2026 congressional letter led by Rep. James Walkinshaw (VA-11) and signed by four colleagues — citing information provided to House Homeland Security Committee staff by one of the suspended employees — Gottumukkala failed two counter-intelligence scope polygraphs required for access to the program. The letter was addressed to the inspectors general of DHS and the Intelligence Community.

Two failures. The same program. At an agency whose statutory mission is protecting federal networks from adversaries.

Congress Asked. He Denied It.

At a House Homeland Security Committee hearing on January 21, 2026, ranking member Bennie Thompson (D-MS) asked Gottumukkala directly whether he had failed a counterintelligence polygraph. Gottumukkala told Congress he “did not accept the premise of that question.”

The Walkinshaw letter, filed six weeks later, states that he “falsely accused career CISA staff of providing incorrect information” and asks whether his actions to “obstruct or retaliate against DHS employees for disclosing his two counter-intelligence polygraph failures to the Director of National Intelligence constitute a Prohibited Personnel Practice under 50 U.S. Code § 3234.”

The lawmakers also ask whether CISA’s Chief Security Officer ever alerted ODNI, as federal statute requires following a polygraph failure, and whether ODNI engaged a review of Gottumukkala’s clearance.

The answers remain publicly unknown.

The Staff Who Enforced the Rules Were Punished

On August 1, 2025, acting DHS Chief Security Officer Michael Boyajian sent letters to six CISA employees suspending their classified access. Their stated offense: providing false information to the acting director about the necessity of a polygraph. They had not created the requirement. They had followed the conditions the originating agency laid down. The practical offense was arranging a procedure that produced an embarrassing result for a political appointee.

By December, twelve officials — among them several Trump appointees — had described the episode to Politico on background despite the risk to their own careers.

“Instead of taking ownership and saying, ‘Hey, I screwed up,’ he gets other people blamed and potentially ruins their careers,” one current official said. “We’re a sinking ship.

We’re like the Titanic,” said another.

As of February 2026, those employees’ clearances remained revoked and they remained on administrative leave — more than six months after the original letters.

DHS’s public response came from Assistant Secretary Tricia McLaughlin, who stated that Gottumukkala “did not fail a sanctioned polygraph test” (the emphasis is mine.) The statement does not assert he passed a test. It does not dispute that counterintelligence examinations took place. It does not deny that the SAP (Special Access Program) owner required one as a condition of access, or explain why his own signature on the access request would not have alerted him to that condition. Under DHS’s reading, the polygraph was unauthorized because political leadership had never formally approved the access request in the first place — which would mean Gottumukkala pursued restricted intelligence access after being denied, after the official who denied him had been conveniently removed.

Neither interpretation is flattering.

The ChatGPT Incident

The polygraph failures were not the only security lapse. Between mid-July and early August 2025 — the same period as the first polygraph — Gottumukkala uploaded at least four documents marked “for official use only” to the public version of OpenAI’s ChatGPT. The uploads triggered automated cybersecurity alerts designed to detect theft or unintentional disclosure of government materials from federal networks, generating several alerts in the first week of August alone. He had personally requested special authorization from CISA’s Chief Information Officer to use OpenAI’s ChatGPT shortly after joining the agency, despite the fact that the tool is blocked for most DHS employees over concerns that sensitive information could be retained outside federal systems. Data entered into the public version of ChatGPT can be incorporated into OpenAI’s training data and exposed to hundreds of millions of users.

After the alerts surfaced, Gottumukkala met with CISA’s CIO Robert Costello, its chief counsel, and DHS’s acting general counsel to assess potential harm. CISA spokesperson Marci McCarthy described the usage as “short-term and limited” and said he had operated under an authorized temporary exception. Costello, the CIO who sat across from him in those meetings, subsequently tried to be dismissed by Gottumukkala in January 2026 — an effort blocked by other senior political appointees, but one that accelerated his departure from CISA and federal service.

Chair of the Senate Judiciary Committee Senator Chuck Grassley (R-IA) sent CISA a letter pressing the agency about the ChatGPT incident. As of this writing in early April 2026, CISA has not responded.

In his first weeks on the job, the man running the agency responsible for federal cybersecurity hygiene had uploaded government documents to a commercial AI platform, failed a counterintelligence polygraph, then failed a second one.

Why the Polygraph Failures Are Unsurprising in Context

Read more

I’ve been following Annie Altman’s allegations against her brother since before most people had heard her name.

In November 2023, when Sam Altman’s abrupt firing from OpenAI sent the tech world into a frenzy of speculation, I published an analysis exploring what might have rattled the board. In a section of that piece titled ‘Scenario 3,’ I discussed the abuse allegations Annie had recently shared on social media. She subsequently published a statement on her Medium blog, which she then republished in full as a guest post on this site under her own byline.

At the time I wrote my analysis, I was careful to note the allegations were unproven. I still am.

But I am not a lawyer, and I’m not a childhood sexual abuse expert. What I am is someone who has had direct interactions with Annie Altman and, based on those interactions, formed a professional and personal assessment: her allegations were credible. Having reviewed every key document in the federal court record, including the amended complaint she filed on April 1, 2026, I believe her even more.

This is the story of what that record actually says, what a federal judge has already decided, and what happens next. It is also, necessarily, the story of what happened to Annie when she tried to tell it the first time.

The Lawsuit

On January 6, 2025 — just two days before the statute of limitations expired — Ann “Annie” Altman filed a civil lawsuit against her brother Samuel “Sam” Altman in federal court in St. Louis. The case, Ann Altman v. Samuel Altman, Case No. 4:25-cv-00017-ZMB, is assigned to U.S. District Judge Zachary M. Bluestone in the Eastern District of Missouri.

The complaint is not ambiguous. Annie alleges that Sam sexually abused her continuously from approximately 1997 to 2006, beginning when she was three years old and he was twelve, at the family home in Clayton, Missouri. The abuse, she alleges, progressed from forced oral contact to digital penetration to rape and sodomy, occurring multiple times per week during the early years and continuing until she was approximately eleven or twelve.

The last acts, she alleges, were committed by Sam as an adult against a minor.

Read more

I spent the last eight hours confirming and re-confirming what I found. I needed to be sure before writing that a foreign head of government is implicated in a consequential decision made today by Treasury — and that the public record establishing that connection has been sitting there, openly, for sixteen years.

The delisting went through without a word. The responses to journalists have been unremarkable boilerplate. What follows is what I found, how I found it, and why it matters.

On the last day of March, the Treasury Department’s Office of Foreign Assets Control (OFAC) published a routine-looking administrative action: a batch of name removals from the Specially Designated Nationals (SDN) list. Buried among counter-narcotics delistings were three Russian-flagged vessels — FESCO Moneron, FESCO Magadan, and SV Nikolay.

Three lines of text on a government webpage made these three ships no longer subject to U.S. sanctions.

I had been watching all three.

For the past couple of weeks, I have been building and improving PHANTOM WAKE (phantom-wake.com), a maritime hybrid warfare intelligence platform I created primarily to track Russia’s shadow fleet.

It draws from various sources such as public sanctions data, real-time AIS vessel tracking feeds, Ukrainian military intelligence databases, and Global Fishing Watch’s historical behavioral records, running every vessel through a multi-factor behavioral scoring engine I developed. The tool was directly inspired by Andrei Soldatov and Irina Borogan’s November 2025 investigation in Foreign Affairs, “Moscow’s Offshore Menace,” which documents how Russia’s sanctioned fleet has evolved from a financial evasion mechanism into an active platform for hybrid warfare. When OFAC published today’s action, all three of the newly delisted ships were already live in my system, flagged with active anomalies.

What the data shows about these vessels does not square with a routine administrative cleanup.

“Ordinary Course of Business”

Asked about the deletions, a U.S. Treasury spokesperson told the Kyiv Independent that the actions are “not indicative of a broader shift in the U.S. Russia policy,” adding that “the removals implemented today were done in the ordinary course of business as part of OFAC’s investigations and based on a thorough review.” The spokesperson noted that such reviews may be triggered by requests from sanctioned individuals, internal OFAC considerations, or “in response to other national security and foreign policy priorities consistent with the law.”

“The ultimate goal of sanctions is not to punish but to change behavior and to promote accountability,” the spokesperson said.

That explanation deserves to be tested against the full record of what Treasury has been doing in relation to Russian sanctions for the past 33 days because today’s vessel delistings did not arrive in a vacuum. A review of OFAC’s own published actions since late February reveals a systematic, rolling dismantlement of Russia-related sanctions pressure across multiple sectors simultaneously:

• February 27: Three PMC Wagner Group-linked individuals removed from the SDN list under Russia-EO14024

• March 5: General License 133 issued, authorizing Russian oil deliveries specifically to India. This oil license was issued within days of the Hormuz closure beginning around February 28

• March 12: General License 134 issued, authorizing Russian oil sales globally, citing market disruption from the closure of the Strait of Hormuz

• March 18: Evgeniya Tyurikova, a senior Sberbank executive sanctioned for her role in Russia’s financial system was quietly removed from the SDN list, along with a Turkish sanctions evasion network and a UAE-based entity

• March 19: GL-134 amended and extended as GL-134A

• March 20: A UAE freight company and several individuals sanctioned for Russian sanctions evasion removed from the SDN list

• March 27: Vladimir Dmitriev, former head of Vnesheconombank (VEB) — Russia’s state development bank was removed under Russia-EO14024; Andriy Portnov, a Yanukovych-era Ukrainian official with longstanding Russian political ties, removed under Global Magnitsky along with his charitable foundation, ANDRIY PORTNOV FUND

• March 30: General License 131D amended to facilitate the negotiated sale of Lukoil International GmbH — the day before today’s vessel delistings

• March 31: FESCO Moneron, FESCO Magadan, and SV Nikolay removed from the SDN list

Treasury’s “ordinary course of business” explanation might have held for each action read in isolation. Against the full 33-day sequence — PMC Wagner personnel, a Sberbank executive, VEB’s former head, a Yanukovych political ally, oil license upon oil license, a Lukoil transaction pathway cleared, and now defense-bank vessels — it becomes considerably harder to sustain.

Russia’s Informal Military Flotilla

To understand why these three vessels matter specifically, you have to understand who owns them.

FESCO Moneron and FESCO Magadan are currently owned and operated by Investconsulting LLC, a Russian company whose corporate lineage runs directly through the FESCO Group. Transgarant LLC, which founded Investconsulting, is 91.2% owned by PJSC DSMP, the FESCO Group’s parent company. But their previous owner tells the more significant story: both vessels were held by PSB Leasing LLC, a subsidiary of Promsvyazbank (known in Russia by its initials PSB), before being transferred into the FESCO corporate structure after sanctions were imposed, a transfer that is itself a textbook sanctions evasion technique.

The U.S. sanctioned both vessels in February 2022 as part of a package targeting five PSB Leasing-owned ships. Today’s action removes two of the five. The three that remain on the SDN list are Baltic Leader, Linda (now Inda), and Pegas (now Gallileo). Notably, both Linda and Pegas have already been renamed using similar identity-cycling behavior flagged in FESCO Magadan — and Linda has also cycled through multiple flags including Liberia, Netherlands, and Russia.

PSB is not a typical commercial bank. PSB itself was seized from its founders, brothers Dmitry and Alexei Ananyev, by Russia’s Central Bank in late 2017 — and then repurposed by the Kremlin as its defense-sector bank. The Ananyevs fled Russia, and the vessel assets remained. Since 2018, PSB has operated as Russia’s designated defense-industry financial institution, processing state defense contracts for the Ministry of Defense, providing mortgage and banking services exclusively for military personnel, and extending its operations into Russian-occupied territories of Ukraine. Sanctioning these vessels was, in effect, sanctioning assets of Russia’s military bank.

The SV Nikolay carries a different ownership chain but a grimmer operational history. Sanctioned in connection with Russia’s Alfa-Bank, the financial empire co-built by Mikhail Fridman and Peter Aven, both of whom were sanctioned by the EU and UK — and both of whom successfully challenged their EU designations in court in 2024, with an Advocate General opinion suggesting a further appeals ruling may go their way. According to Ukrainian authorities, the vessel has been involved in transporting stolen grain from Russian-occupied Ukrainian territories to Turkey.

Reuters used satellite imagery and ship-tracking data to reconstruct a June 2022 voyage in which SV Nikolay appeared at Crimea’s main grain terminal before docking in Izmir, Turkey — while its own documents claimed the cargo had been loaded at a Russian port 160 miles away. The 10,000-metric-ton corn shipment was purchased by Turkish food company Yayla Agro, which said it had been given falsified documents. Ukrainian military intelligence lists the vessel as actively involved in stolen grain transport to Turkey to this day.

This is not a ship that was swept up in broad financial measures and later found to be commercially innocent. SV Nikolay has had a documented role in the physical looting of Ukrainian agricultural output.

The Trump administration’s official framing for its Russia sanctions relief program has centered on energy markets: U.S.-Iran tensions sent oil prices surging, the Strait of Hormuz effectively closed, and on March 12 Treasury issued a general license permitting the purchase of certain sanctioned Russian oil at sea. The March 5 India-specific oil license suggests that framing was already in motion before the Hormuz closure, complicating the implied causation.

And regardless, FESCO Moneron, FESCO Magadan, and SV Nikolay are container ships and a general cargo vessel. They do not carry oil. The energy market rationale does not apply here.

What “Going Dark” Means

Every large commercial vessel is required by international law to operate an Automatic Identification System (AIS) transponder which broadcasts the ship’s identity, position, speed, heading, and declared destination. Port authorities, coast guards, insurers, and compliance teams all rely on this data. “Going dark” means switching the transponder off, or transmitting false data. When a vessel disappears from AIS tracking, it may be in a geographic dead zone beyond terrestrial receiver range, experiencing equipment failure, or deliberately suppressing its signal to conceal where it is and what it is doing.

In the context of Russia’s shadow fleet, deliberate darkness is the rule, not the exception. Extended AIS gaps correlate reliably with ship-to-ship oil transfers at sea, undeclared Russian port calls, and, according to Soldatov and Borogan’s reporting, potentially the positioning of personnel and equipment for hybrid warfare operations.

The tanker Boracay, previously sanctioned by the UK and EU, was tracked near the Danish coast during drone incursions that forced the closure of Copenhagen Airport in September 2025 — one of three shadow fleet vessels Danish authorities placed under investigation as a possible drone launch point. French commandos boarded the ship in international waters off Ushant Island on September 27, finding approximately $100 million in Russian oil bound for India, two Russian private security agents who, according to French investigators, were controlling the crew and “representing Russian interests and gathering intelligence”, and a false flag of Benin flying where a proper registration should have been. French President Emmanuel Macron said the vessel was suspected of “serious offences” but declined to address the drone speculation directly.

Putin called the French boarding “piracy.”

Just yesterday, the day before OFAC quietly removed these three Russian vessels in question from the SDN list, a criminal court in Brest, France sentenced the Boracay's captain, Chinese national Chen Zhangjie, to one year in prison and a €150,000 fine — in absentia, because he was already back at sea.

The ship itself has since been renamed Feniks (“The Phoenix”) and was last reported flying the Russian flag in the Strait of Malacca. Its ultimate beneficial owner has not been publicly identified.

The shadow fleet’s dual life as economic instrument and military-intelligence platform reflects a Soviet-era operational playbook Russia has maintained for nearly a century.

What I Found Using PHANTOM WAKE

PHANTOM WAKE maintains a watchlist of 2,000+ vessels drawn from OpenSanctions, which aggregates designations from OFAC, the EU, UK, Australia, Canada, and Ukraine, and from GUR Ukraine’s independently compiled shadow fleet database. Every vessel with a known position is scored continuously against a multi-tier risk formula: static identity factors including flag state, ownership opacity, and the history of name changes; behavioral signals derived from AIS data; infrastructure proximity checks against more than 700 submarine cable routes; and fleet-clustering detection that flags when multiple tracked vessels converge in the same area.

The platform draws entirely on publicly available data sources. Every feed it taps are accessible to anyone. What the scoring engine does is fuse those signals into a continuous, ranked assessment of which vessels warrant added attention, and why. Beyond sanctions evasion, PHANTOM WAKE monitors a second threat class that has received far less public attention: shadow fleet vessels being used to destroy the undersea cables and power lines that keep Europe’s lights on and internet running.

The incidents are no longer hypothetical.

In November 2024, a Chinese-flagged bulk carrier called the Yi Peng 3 crossed the Baltic Sea and left two severed cables in its wake. One of them, the C-Lion1, was the only direct telecommunications cable connecting Finland to Central Europe — 144 terabits per second of internet traffic, gone. The other, the BCS East-West link, carries a significant share of Lithuania’s internet capacity. Both were cut within hours of each other. On Christmas morning 2024, the Eagle S dragged its anchor across the Estlink-2 cable on the floor of the Gulf of Finland. Estlink-2 is not a data cable — it is the power line that carries electricity from Finland into Estonia. Cross-border power transmission dropped by two-thirds, from 1,016 megawatts to 358. Estonia’s government convened an emergency session. Repairs were expected to take up to seven months. Finland seized the Eagle S at sea.

Estonia’s Prime Minister said publicly that shadow tankers “assist Russia in generating revenue that supports its hybrid attacks.” In January 2025, the MV Arne was caught dragging its anchor through 90 meters of water — nearly three times the depth at which commercial vessels normally anchor — directly over the AEC-1 cable off Ireland’s County Mayo coast. German police who boarded the vessel later found it was missing its anchor entirely.

The AEC-1 is Ireland’s only dedicated transatlantic cable, carrying internet and cloud traffic between New York and Europe, including a dedicated connection used by the U.S. Department of Energy to move scientific data between American national laboratories and CERN’s particle accelerator in Switzerland. If the cable had been cut, there is no backup route. Ireland has no redundant transatlantic cable. None of these three incidents was detected before the damage occurred. Each required a patrol aircraft or seized vessel to piece together what had happened after the fact.

The method is almost always the same: anchor drag. A ship drops or drags its anchor across a cable route, the anchor snaps fibers or power lines that have lain undisturbed on the ocean floor for decades, and the vessel sails away. It looks like an accident. It usually isn’t. PHANTOM WAKE checks every vessel’s position against 708 submarine cable routes in real time, flagging ships that anchor in suspiciously deep water, loiter over cable corridors at near-zero speed, or go dark in an area where their projected path crosses critical infrastructure. The three vessels delisted today did not trigger cable proximity alerts during the monitoring window. But the behavior that makes a vessel dangerous to cables, such as extended radio silence, deep-water loitering, and/or weeks of static position data, is exactly the behavior all three have displayed. The tool was built to find vessels like these before the next cable goes dark, not after.

Here is what the system was showing for the three vessels as of this afternoon.

SV Nikolay carries the highest risk score of the three: 52 out of 100, in the HIGH tier. Its AIS transponder has been effectively silent for 197 days. The last confirmed transmission was September 15, 2025. Its last reported position places it near 41.3 degrees north, 29.5 degrees east — the northern Bosphorus approaches, one of the most strategically significant chokepoints in the world for Russian commercial and naval traffic, and a well-documented hub for ship-to-ship grain and oil transfers. PHANTOM WAKE flagged it with the STS_ZONE_DARK signal: the vessel went dark while inside a known ship-to-ship transfer zone.

Something else stood out when I reviewed the PHANTOM WAKE data for all three vessels. Their draught readings (the measure of how deep a hull sits in the water, a direct proxy for cargo and fuel load) were completely static across 18 consecutive daily readings spanning nearly three weeks.

In commercial shipping, draught varies constantly. Fuel burns, ballast is adjusted, cargo is loaded and offloaded. A flat line across days or weeks suggests one of several possibilities: the vessel is moored and not operating commercially; the position data being broadcast is replayed or fabricated; or the vessel is being held in a deliberate staging posture. Any of these would be consistent with the broader evasion pattern these ships have displayed.

The SV Nikolay’s draught reading has not moved by so much as a tenth of a meter across 18 consecutive daily readings spanning March 14 through March 31. It has no declared destination. This is the same vessel used to move stolen Ukrainian grain to Turkey — more on that below.

FESCO Moneron (Cyrillic: ФЕСКО МОНЕРОН) last transmitted a confirmed AIS signal on December 21, 2025 — ninety-nine days ago. Its reported position puts it in the Sea of Okhotsk, off Russia’s Pacific coast, moving at 13.1 knots. Global Fishing Watch recorded four loitering events for this vessel in the past twelve months: three consecutive days in late February 2026 near 50.9 degrees north, 150.5 degrees east, roughly 88 kilometers offshore and well clear of any declared port, drifting at between 0.34 and 1.13 knots. Its draught, 6.2 meters, has not changed across 18 consecutive readings since March 14.

These signals appear abnormal in every way.

FESCO Magadan (Cyrillic: ФЕСКО МАГАДАН) presents the most analytically complex picture. Its behavioral score at the time of capture is low. On the surface, it looks relatively clean. It is not.

The Ship That Called Itself a French Carrier

FESCO Magadan has cycled through five flag states (Germany, the UK, Malta, Portugal, and Russia) and carries four known aliases: CMA CGM Tatiana, India, Velazquez, and its Cyrillic name variant, Феско Магадан.

PHANTOM WAKE gives it an Identity Cycling score of 80 out of 100, the highest of the three vessels.

The alias “CMA CGM Tatiana” is worth sitting with. CMA CGM is one of the world’s largest and most recognized container shipping companies, a French firm whose vessels move through virtually every major port on earth. Using that name looks nothing like coincidence or administrative carelessness. It is a deliberate technique to create name confusion with a legitimate, widely recognized Western carrier with the intention of reducing scrutiny at port, in insurance documentation, and in compliance database queries.

PHANTOM WAKE now specifically scores for this class of behavior, flagging vessels whose aliases match major Western carriers including CMA CGM, Maersk, MSC, and Hapag-Lloyd.

FESCO Magadan’s low behavioral score reflects only what the system could observe during a narrow capture window, not what Global Fishing Watch’s historical archive shows. On February 18, 2026, the vessel had a three-day, eight-hour AIS gap in the Sea of Okhotsk, at approximately 52 degrees north, 158.7 degrees east. On the same day, in the same general zone, FESCO Moneron was in the middle of its own three-day loitering cluster.

These ships are both listed at exactly 7,519 gross registered tonnage or GRT, indicating they are sister ships built to the same specification.

Two vessels built together, sharing ownership connections to Russia’s sanctioned defense bank, co-sanctioned and now co-delisted together, operated in dark posture in the same remote Pacific waters on the same dates. The behavioral signature is consistent with a coordinated ship-to-ship transfer operation, but it is not definitive confirmation. That would require cross-referencing with closed satellite imagery sources, which my system cannot provide at present.

But this does not seem like a coincidence.

Speaking of Coincidences

It is worth noting that the FESCO Moneron carries one additional entry in its public sanctions record that the ownership chain alone does not capture.

Back then, it was named Francop — the vessel at the center of the Francop Affair, in which Israeli Navy commandos from Shayetet 13 boarded the ship in the eastern Mediterranean on November 4, 2009 during Operation Four Species and seized, according to CNN, 40 containers of missiles, rockets, lights arms and mortars. We’re talking 320 tons of weapons, including 9,000 mortar shells, Katyusha rockets, hand grenades, and over half a million rounds of ammunition in what Israel described as the largest arms seizure in its history.

The Katyusha rockets stand out. According to a September 2023 analysis by The Economist, these particular rockets have a relatively recent history of North Korean arms sales to Russia:

“North Korea has been delivering 152mm shells and Katyusha-type rockets to Russia for the best part of a year. Russia is shopping in Pyongyang and Tehran because both regimes are already so heavily targeted by international sanctions that they have nothing to lose and much to gain by doing business with Mr. Putin’s government.”

The cargo was Iranian-origin, bound for Hezbollah via Syria.

Israeli President Shimon Peres issued a strong condemnation following the seizure, asserting that the operation exposed the “large gap between Syria and Iran's statements and their actual activities.” Israeli PM Netanyahu said,

“This is a war crime. This is a war crime that the UN General Assembly, which is meeting today, should investigate, discuss and condemn. This is a war crime that should prompt the UN Security Council to convene in special session, especially since it was in gross violation of UN Security Council resolutions.

This is a war crime which we know the Iranian regime intends to repeat, further arming Hizbullah, which has already fired thousands of missiles at our communities.”

Hezbollah denied any connection to the weapons and, as with Putin in the case of the Boracay, condemned the maritime interception as an act of piracy. The ship was released. It was renamed. It became FESCO Moneron.

And today, the United States removed it from the sanctions list.

The U.S. government manages the sanctions list. The review that produced yesterday’s delisting was, in Treasury’s own words, “thorough.” The Francop Affair was not a footnote buried in a classified annex. This was a public diplomatic incident involving ambassadors from 44 countries, an IDF press conference, and a statement from Israel’s Prime Minister.

Netanyahu was that Prime Minister. He is back in office.

Given the multifaceted, high-level intelligence sharing and security coordination that characterizes the U.S.–Israel alliance, especially during the current conflict, it is highly improbable that an action involving vessels tied to a major Israeli security incident would occur without some level of bilateral coordination.

The conclusion is not comfortable, but it is the only one the record supports: whoever approved this delisting knew exactly what the Francop was. They removed it anyway. The question is not at all whether that decision was informed. The questions are: what was it made in exchange for, what does it suggest about the future of this war, and what are its implications for the American people?

Ukraine Is Watching

These delistings do not only register in Washington. While the Trump administration was quietly removing three Russian vessels from the SDN list, the rest of the Western alliance was moving in the opposite direction.

On March 25, Prime Minister Keir Starmer authorized British military and law enforcement to board, interdict, and detain sanctioned shadow fleet vessels transiting UK waters. The announcement was made at the Joint Expeditionary Force Summit in Helsinki, where allied nations agreed to coordinate shadow fleet interdiction across European and Mediterranean waters.

“Putin is delighted with the conflict in the Middle East,” Starmer said, “as he believes rising oil prices will enrich him. That’s why we are intensifying our efforts against his shadow fleet.”

The day after that authorization, a Cameroon-flagged tanker named VAYU 1 — sanctioned by the UK in May 2025 for transporting Russian oil, having departed Murmansk on March 10 — sailed to within six nautical miles of Dover, close to the narrowest part of the English Channel, and passed through undetained. BBC Verify tracked it spending at least five and a half hours inside UK territorial waters and twenty-nine hours in the UK’s Exclusive Economic Zone. The Ministry of Defence told the BBC that “any action is on a case-by-case basis.”

By today, at least 25 sanctioned Russian vessels have transited UK waters since the boarding authorization was announced (out of a total of 544 vessels Britain has sanctioned as shadow fleet participants) with no reported detentions, according to ship tracking data analyzed by Reuters. Pole Star Global counted 301 Russian shadow fleet vessel events in UK waters in the first three months of 2026 alone: 95 in January, 100 in February, 106 in March — increasing each month, with incidents recorded not just in the Channel but inside UK internal waters and at ports including Belfast, Immingham, and Grangemouth.

Yesterday, France sentenced a shadow fleet captain to prison. The UK authorized boarding last week and has not yet used it. The EU’s 20th sanctions package remains blocked by Hungary and Slovakia. On the same day OFAC freed three Russian vessels, the Russian oil tanker Anatoly Kolodkin docked in Cuba with Washington’s blessing. Ukraine is urging allies to tighten the noose while the United States actively loosens it.

In a joint statement with Senators Warren and Schumer on March 13, Senator Jeanne Shaheen (D-NH) said the administration had helped “facilitate a windfall of $150 million each day for [Russia’s] war machine,” and raised the possibility that Treasury was “flouting” the congressional notification requirements of the Countering America’s Adversaries Through Sanctions Act. Thirteen days later, Shaheen and Republican Senator Thom Tillis co-introduced the BLOCK PUTIN Act — legislation explicitly designed to prevent the kind of sanctions rollback now unfolding.

Treasury’s assurance that today’s actions are “not indicative of a broader shift” is difficult to square with a calendar that speaks for itself.

What PHANTOM WAKE Does and Does Not Do

The platform works entirely on publicly available data sources. It cannot access classified intelligence. It uses reported AIS positions at face value, which introduces a meaningful limitation: AIS is trivially spoofable, and Russia’s shadow fleet operators know it. Vessels can broadcast false coordinates while operating elsewhere entirely. Pole Star Global calls this “long-term anchor spoofing,” a state in which a ship appears stationary or on a plausible route while physically conducting illicit operations somewhere else.

More sophisticated variants involve dual transmitters broadcasting different IMO identification numbers simultaneously, pre-programmed routes that mimic legitimate voyages, and other forms of Vessel Identity Laundering or Identity Theft. For example, a high-risk ship in proximity of a clean vessel will briefly assume its identity, conduct its transfer, and swap back to avoid detection. The static draught and speed readings I flagged for all three delisted vessels are themselves consistent with long-term anchor spoofing.

This is the operational baseline for this class of vessel. Confirming or ruling out spoofing as well as other anomalies I described would require cross-referencing against Synthetic Aperture Radar satellite imagery cross-referenced against the AIS record (the standard methodology used by commercial maritime intelligence platforms), RF signal geolocation, and in some cases human intelligence, none of which PHANTOM WAKE can provide from public sources alone.

What the system can do is identify the behavioral footprint that spoofing reliably leaves behind: impossible speed transitions, coordinate jumps, repeated positional values across weeks of readings, and AIS gaps timed to known transfer zones. The anomalies flagged here are real. Where exactly these ships are right now is a question that requires satellite data to answer.

PHANTOM WAKE continues to track all three vessels under a DELISTED category. Removal from the OFAC SDN list does not remove a vessel from Ukrainian military intelligence’s shadow fleet database, from the EU’s watchlist, or from other lists — and it raises an immediate question about what else on the watchlist may be OFAC’s next target.

Another One To Watch

There is a fourth vessel worth watching: FESCO Sofia, a container ship bearing the FESCO name but operated by Steam Line Middle East Shipping L.L.C., a UAE-based company — and currently not designated by any Western sanctions authority.

It appears in OpenSanctions not as a sanctioned vessel but as an “entity of interest,” flagged through the Tokyo Memorandum of Understanding’s port state control detention database. It has been detained by Asian port authorities five times in fourteen months — February, July, August, September 2024, and April 2025 — with each detention indicating serious safety or compliance deficiencies. It is classified by the Russian Maritime Register of Shipping, itself a sanctioned entity.

FESCO Sofia’s AIS transponder has been dark for 193 days. Global Fishing Watch recorded 14 loitering events in the past year, nearly all at the same cluster of coordinates in the East China Sea, 40 kilometers offshore, drifting at fractions of a knot. Its draught has not moved by a single millimeter across 18 consecutive daily readings. Both FESCO vessels delisted today share every one of those behavioral signatures — and SV Nikolay’s 197-day AIS silence makes the parallel hard to ignore, regardless of ownership chain.

Whether FESCO Sofia is a vessel the West should be watching more closely, or simply one that hasn’t attracted sufficient attention yet, is a question PHANTOM WAKE will keep asking.

The Cuffs Are Off

As of this morning, the vessels are no longer sanctioned by the U.S. They can enjoy calling at Western ports and will avoid triggering secondary sanctions risk. Their insurers can cover them through markets that previously dropped them. The practical effects of today’s decision are immediate.

More significantly, all three previously carried a secondary sanctions designation under Section 11 of Executive Order 14024, meaning foreign companies worldwide, not just American ones, faced potential U.S. designation for conducting significant transactions with them. That extraterritorial deterrent is now gone.

“Ordinary course of business” is one explanation — one which the data strongly suggests shouldn’t be the only one considered. The sanctions regime is only as credible as the decisions made in its name. When a vessel with this history is removed without explanation and without scrutiny, the question is no longer whether the list reflects U.S. national security interests.

The question is whose interests it reflects instead.

Get more from Jackie Singh in the Substack app

Available for iOS and Android

Get the app

Reporting from ACLED’s March 2026 special issue shows the opening wave killed Supreme Leader Ali Khamenei and other senior figures, hit government compounds in Tehran, and targeted key elements of Iran’s air defenses, missile forces, and internal security apparatus.

Within days, ACLED was tracking hundreds of strikes across at least 26 of Iran’s 31 provinces, with Tehran the most heavily bombed, alongside central, western, and southern regions. Targets have included media facilities and detention centers, with resulting jailbreaks and large-scale displacement, as MERIP’s regional analysis documents.

In public appearances, Donald Trump has worked to shrink the war in the American imagination. Speaking to House Republicans at his Florida golf resort, he described it as a “little excursion” to “get rid of some evil,” promised it would be “short-term,” and claimed the United States had already “won in many ways,” per Military Times. In remarks captured by Al Jazeera English, he floated a timeline of a “couple weeks, few weeks,” even while threatening, as NBC News reported, to inflict damage that would make it “nearly impossible for Iran to ever rebuild as a nation again.”

A campaign that aims to shatter a state’s ability to function is, by definition, neither narrow nor brief.

Domestic fairy tale vs. operational reality

Trump’s language does more than express confidence; it manages risk perception.

Calling a war an “excursion” suggests a discrete trip, something you return from without lasting disruption. It signals to markets and voters that this conflict will not become another Iraq or Afghanistan.

Trump's language does more than express confidence; it manages two audiences at once, and it does so by design. For people who follow foreign policy closely, "excursion" reads as a malapropism for "incursion," the more precise military term. That slippage does not feel accidental. It invites educated observers to conclude that the president simply doesn't know the word he was looking for, which is a psychologically powerful move: if you believe the man ordering the war is too confused to name it correctly, you are more likely to roll your eyes than to organize. Contempt is a remarkably effective substitute for complacency.

For everyone else, the word does its other job. An excursion is a day trip. It’s what you do on a cruise ship when you dock somewhere new. It carries no weight, no dread, no implication of open-ended commitment. Both readings serve the same purpose: keep the public from treating this as the generational policy choice it actually is. One group is anesthetized by condescension, the other by reassurance. The word works precisely because it fails in two different directions at once.

The conduct of the war points in a different direction. ACLED’s conflict tracking indicates:

• 1,879 U.S. and Israeli strikes recorded in the first two weeks alone, with at least 73 intercepted.

• Hundreds of those attacks falling across most of Iran’s provinces, including repeated hits in and around Tehran.

• A campaign explicitly structured to degrade Iran’s ballistic missile forces, air defenses, and nuclear-related infrastructure, which Iranian planners treat as core regime survival assets.

Tehran’s response has also shifted. A CSIS analysis concludes that Iran has abandoned its earlier pattern of calibrated retaliation in favor of rapid escalation, with strikes and proxy attacks across the Gulf and explicit threats to “irreversibly destroy” regional infrastructure and energy facilities. The Institute for the Study of War describes Iranian operations in multiple theaters, including Lebanon, Iraq, Syria, and the Gulf, alongside cyber and maritime actions.

Human Rights Watch’s March 26 assessment frames the conflict as a stress test for the laws of war, documenting serious violations by all parties and citing inflammatory statements by officials that include open threats to destroy civilian infrastructure and dismiss the binding force of international law. Defense Secretary Pete Hegseth publicly vowed that U.S. forces would give “no quarter” to enemies in Iran, a statement that itself constitutes a war crime under international humanitarian law.

The public isn’t buying the “excursion”

American public opinion has turned against the war early. A CNN-SSRS poll conducted just after the strikes began found that nearly 60 percent of respondents disapproved of the decision to take military action in Iran, while 56 percent believed a long-term military conflict between the two countries was at least somewhat likely. More than half expected Iran to become more of a threat to the United States as a result of the strikes.

Support for regime change and ground operations is weaker still. According to the same polling, 56 percent opposed an effort to overthrow the Iranian government, and only 12 percent supported deploying U.S. ground forces into Iran. A separate analysis from the Institute for Global Affairs draws on these numbers to describe the war as “politically unsustainable” and warns it is already drifting toward the kind of open-ended, ill-defined commitment that marked earlier U.S. wars in the region.

Intentional risk, not accidental quagmire

The administration’s own stated objectives point toward a strategy that assumes, and to function requires, a willingness to risk wider war. Public statements by Trump and allied analysts describe goals that include:

• Destroying large portions of Iran’s missile and naval capabilities.

• Crippling or dismantling its regional proxy networks, often described as the “Axis of Resistance.”

• Preventing Iran from ever obtaining a nuclear weapon, including by force.

• Weakening or toppling the regime in Tehran, framed as necessary for a “decisive victory.”

As the Atlantic Council puts it, completing that mission requires sustained coercive pressure well beyond a brief air campaign. ACLED goes further, concluding that “the only clear path to a decisive victory, especially for Israel, would be regime change, a far longer, costlier, and more destabilizing undertaking than a limited air campaign is likely to achieve.” A policy that sets regime change as the real victory condition cannot honestly be described as a short, controlled operation.

Escalation specialists have warned for years, as CSIS documents, that attempting to coerce Iran on core regime interests, especially its deterrent capabilities and regional networks, produces broad retaliation rather than capitulation. When policymakers choose maximal goals in full view of that history, they are accepting the likely shape of the conflict, not stumbling into it.

Early operational choices match that reading. The decision to open with leadership decapitation and attacks on national-level infrastructure signaled an intent to shock the Iranian system. Trump’s subsequent threat to destroy Iranian power plants if the Strait of Hormuz was not reopened within 48 hours, documented by Human Rights Watch, put civilian infrastructure explicitly on the table from the outset. They note that Trump later “postponed but did not revoke his threat.”

Eschatology, power, and the “excursion” story

Religious and ideological commitments inside the administration add another layer to this picture. PBS NewsHour has documented how Hegseth built a public identity around Christian nationalism, defended the medieval Crusades, and used explicitly religious rhetoric to frame conflicts with Iran and other Muslim-majority states. His book American Crusade celebrates a narrative of civilizational struggle, and reporting has captured his use of crusader iconography, including “Deus vult” tattoos, as a sitting defense secretary. (I wrote a story about Hegseth’s body ink in July 2025.) CNN’s analysis frames all of this not as personal quirk but as ideological commitment that now shapes policy.

The administration’s closest evangelical allies bring their own theological frameworks to bear. Work from the Misgav Institute, the Washington Institute, and the Arab Center DC describes how certain strands of Christian Zionism and apocalyptic belief treat Israel’s territorial control and confrontation with Iran as steps in a prophetic timeline. Baptist News traces this end-times theology directly into the policy debate around intervention in Iran. Those same networks shaped Trump’s first-term decisions on Israel-Palestine and are again present around his second-term team.

Alongside more familiar aims like reaffirming U.S. regional primacy and tightening the Israel-Gulf alignment, these beliefs help explain why a destabilizing war can be framed inside the administration as both strategically necessary and spiritually resonant, as Hoover Institution analysis of the broader Trump doctrine makes clear. At home, describing the campaign as a “short-term excursion” reduces the friction between that vision and the domestic political need to minimize costs.

This mix of religious certainty and strategic ambition shows up in the way senior officials talk about legal constraints. In the HRW report and related coverage, statements by Trump and Hegseth treat the laws of war less as binding rules than as political annoyances. Critics who warn about escalation or civilian harm get cast as weak, defeatist, or disloyal rather than as people reading the risk landscape correctly.

Information management and ready-made excuses

The “excursion” framing does more than sell optimism; it bakes in deniability. If the conflict drags on or spreads further, the White House can claim that no one could have anticipated the depth of Iranian resistance, or that domestic and foreign saboteurs undermined an otherwise sound plan.

Trump has already declared that the U.S. has “won in many ways” and suggested, per NBC News, that only a bit more pressure is needed to finish the job. As Zeteo and ABC News have both analyzed, the “excursion” language is deployed precisely to keep public attention narrow, so that when mounting costs arrive, they can be framed as unfortunate surprises rather than predictable consequences.

The pattern is familiar. The Iraq invasion, to which I was deployed as a baby-faced soldier in 2003, was sold with promises of quick victory, low cost, and self-funding reconstruction. When that fantasy collapsed, officials blamed flawed intelligence and unforeseeable enemy resilience. Two decades later, the marketing has been updated with AI-guided munitions and space-based targeting, but the core structure remains unchanged. Project expansive objectives onto a minimized public footprint, insist that escalation is something done to the United States rather than chosen by it, and deny that initial decisions made a grinding conflict the likely outcome from the start.

This time, as MERIP’s regional correspondents make clear, the stakes include not just one country’s fate but the stability of a region already under compounding pressure from Gaza, Lebanon, and long-running crises in Iraq and Syria.

On the record we have now, the through-line is already quite visible. The war in Iran did not grow out of some misjudged “incursion” that somehow got out of hand; it emerged from a policy that treated a wider regional conflict as an acceptable, and perhaps necessary, risk, and then wrapped that choice in a story designed to make the eventual quagmire look like an accident rather than the predictable outcome of the original design.

On a Saturday in November 2021, he asked his 62.5 million Twitter followers whether he should sell 10% of his stake. They said yes. The following Monday, $60 billion vanished. Over the next five days, $200 billion more followed.

In December of that same year, he debuted a haircut that social media immediately likened to a style associated with 1930s European fascist movements. Tesla fell 11.3% in three days while the Nasdaq recovered.

In July 2024, on an earnings call, he told shareholders who doubted his vision to sell their stock. They obliged: Tesla dropped 12.3% in a single session, 3.4 times the decline of the broader tech sector.

Last March, he tweeted that he was “going back to this haircut,” attaching a photo of the 2021 look. Tesla fell 4.8% the next trading day while the broader market was up.

I used two separate AI models to assist me in analyzing each of these events against market benchmarks while isolating Tesla’s stock performance from broader index movements to suss out what portion of each decline was attributable to Musk’s behavior, not macroeconomic conditions. My methodology here is simple: compare Tesla’s returns against the Nasdaq-100 (QQQ) and S&P 500 (SPY) over one-day and five-day windows following each signal. Any gap between Tesla’s performance and the benchmark highlights an idiosyncratic move where the market was punishing Tesla specifically, not tech stocks or equities in general.

The cumulative toll across five qualifying events: roughly 35 percentage points of excess loss against the Nasdaq. I make the case that this is not attributable to earnings misses, interest rate hikes, or competitive pressure from BYD, but to the public conduct of one key man.

On March 20, 2026, a nine-member federal jury in San Francisco found that Musk had made materially misleading statements to investors during his Twitter acquisition, in violation of Section 10(b) of the Securities Exchange Act and SEC Rule 10b-5. The jury awarded approximately $2.1 billion in stock damages, with potentially $500 million more in options losses still to be resolved. In closing arguments, plaintiffs’ attorney Mark Molumphy told the jury that Musk’s tweets were not innocent mistakes but were “carefully calculated to drive down” Twitter’s stock price. The jury found him liable for misrepresentation on two of three challenged statements and rejected the broader claim that he had engaged in a deliberate scheme to defraud.

That verdict, partial as it is, reframes everything that came before it.

The Anatomy of a Clean Signal

Not every Musk provocation qualifies. Tesla is a volatile stock, and much of its movement on any given day tracks broader tech sector dynamics or responds to legitimate business catalysts: delivery numbers, margin compression, Federal Reserve policy. The question is not whether Tesla’s stock goes down after Musk says something inflammatory but whether it goes down more than the rest of the market in a way that only Musk’s conduct can explain.

I set the bar conservatively. To qualify for this analysis, an event needed to produce an excess return of at least negative 5% against QQQ within one trading day. Events where Tesla declined roughly in lockstep with tech stocks were discarded, regardless of how dramatic the drop looked in isolation. The filter eliminated a number of candidates, including Musk’s April Fools “Tesla Goes Bankrupt” tweet in 2018 and his Hertz deal skepticism in November 2021. It also eliminated the current March 2026 selloff, which, severe as it has been, is substantially explained by macro weakness: the Nasdaq fell 5.2% over the same window, leaving Tesla with only 2.3% of excess decline, and the jury verdict on March 20 introduced a second concurrent catalyst that makes the signal impossible to isolate cleanly.

Five events survived the cut. Together, they tell a story about how the world’s richest man communicates with markets.

“Tesla stock price is too high imo”

May 1, 2020.

The tweet arrived mid-session, part of a barrage that included “Selling almost all physical possessions” and lines from the national anthem. Tesla had been trading at roughly $760. Within minutes of the 11:11 AM post, it fell below $700. It closed down 10.3%.

The Nasdaq dropped 2.8% that day on COVID-related uncertainty. The S&P fell 2.6%. Tesla’s excess loss against QQQ was 7.5 percentage points, meaning the broader market explained less than a third of the decline.

The rest belonged entirely to Musk.

What makes that episode instructive is the recovery. Within five trading days, the stock had recouped all the losses, and then some. The market absorbed the tweet as a one-off disruption, limited to a CEO mouthing off — nothing structural. But the 7.5% excess loss on the day itself is unambiguous. A CEO publicly called his own stock overvalued, and the market repriced accordingly, in minutes.

Musk later testified under oath, during the “funding secured” trial in January 2023, that his tweets do not move Tesla’s stock price. He pointed to this exact episode as evidence, noting that the shares recovered. Three years later, in a different courtroom and a different case, a jury in Pampena v. Musk found that two of his tweets about the Twitter acquisition constituted material misrepresentations under federal securities law.

His defense that these posts were harmless and ephemeral, without predictable market consequences, has now been tested before a jury and found wanting.

The Twitter Poll

November 6-7, 2021.

The cleanest signal in the dataset, and one that deserves a close read.

On a Saturday afternoon, Musk posted a poll to Twitter: “Much is made lately of unrealized gains being a means of tax avoidance, so I propose selling 10% of my Tesla stock. Do you support this?” Over 3.5 million accounts voted. 57.9% said yes. Musk pledged to abide by the result.

On Monday, Tesla fell 4.8%. By Friday, it was down 15.4%.

The S&P 500 was up 0.1% on that Monday. The Nasdaq was essentially flat, down one-tenth of a percent. The 14.5% excess five-day loss against QQQ is the largest in the dataset. Every point of it belongs to Musk, and Musk alone.

Beneath the performance art lay a drier reality. SEC filings show that Musk had established a 10b5-1 pre-arranged trading plan in September 2021, two months before the poll, to sell shares tied to stock options expiring in August 2022. He was going to sell these shares regardless of any poll. He told the Code Conference in September that “a huge block of options will sell in Q4.”

The poll created the appearance of a democratic, crowd-sourced decision for a course of action already set in motion.

One more thing. Kimbal Musk, Elon’s brother and a Tesla board member, sold 88,500 Tesla shares on November 5 across 14 separate tranches at prices averaging roughly $1,229 per share, for a total of approximately $108.8 million. The Form 4 was filed with the SEC that same evening at 9:22 PM Eastern.

The poll went up the next afternoon.

The filing contains no notation indicating the sales were made under a pre-arranged Rule 10b5-1 trading plan. Kimbal’s later Tesla stock filings, in April 2023 and November 2024, prominently state that transactions were effected pursuant to a 10b5-1 plan. The November 5, 2021 filing carries no such language, and the SEC noticed. The Wall Street Journal reported in February 2022 that the agency had opened a formal investigation into whether Kimbal’s sale constituted insider trading. Elon’s public response was that his brother “wasn’t aware” of the poll, but that Tesla’s lawyers did know about it.

That distinction made between familial awareness and corporate-counsel awareness is the kind of parsing that securities attorneys are likely to remember.

The Haircut

December 1-3, 2021.

Accepting that a CEO’s hairstyle can function as a market-moving event requires a certain flexibility of mind. The data, at any rate, is uncooperative with skeptics.

Musk appeared at The Wall Street Journal’s CEO Council event in early December 2021 sporting a look that broke sharply from his usual style: closely shaved sides, a longer swept-over top. Social media responses ranged from Gary Oldman’s villain in The Fifth Element to less charitable historical comparisons. Musk responded to the attention with a laughing emoji and the claim that he had cut it himself.

By Friday, December 3, the haircut had gone viral. Tesla fell 11.3% from its November 30 close. Volume on that Friday spiked 58% above normal levels.

The immediate objection is that the Federal Reserve was turning hawkish at the same time. Jerome Powell had testified before the Senate on November 30 and retired the word “transitory” from his description of inflation. True enough. The Nasdaq fell 2.7% over the same November 30 to December 3 window. Then, over the five-day window through December 10, the Nasdaq recovered and finished up 1.1%. The S&P finished up 3.3%. Tesla kept falling, posting a negative 12.2% excess return against QQQ over that span. The Fed’s actual policy announcement, the accelerated taper and three projected rate hikes for 2022, did not come until the FOMC meeting on December 15, two full weeks after the selloff began.

The market was punishing Tesla for something it was not doing to tech stocks broadly. And that haircut was no isolated gesture. It was the visible edge of a political alignment that was about to become explicit.

On Thursday, December 16, Musk casually replied to an email from The Babylon Bee, a right-wing satire site whose content has been documented by Ohio State researchers as among the most shared factually inaccurate material on social media, inviting their team to Austin “this weekend.” On Sunday, December 19, Babylon Bee CEO Seth Dillon, Editor-in-Chief Kyle Mann, and Creative Director Ethan Nicolle flew to Austin and sat down with Musk for a rambling, hundred-minute interview covering “wokeness,” Elizabeth Warren, and the Metaverse. The next day, Monday, December 20, Tesla hit its monthly low: $299.98 — a 17.8% drawdown from the haircut’s debut.

The interview was published on YouTube and as a podcast on December 21 and 22. In it, Musk told the hosts he had sold “roughly 10%” of his Tesla holdings and was “almost done.” The stock, which had closed at $312.84 on December 21, surged to $355.67 by December 23. The Bee Weekly recap, released December 24, confirmed the Sunday recording date, with Nicolle noting it had worked out around a Disneyland trip because “we interviewed him on Sunday.”

The selling did not actually stop. SEC filings show Musk sold approximately 934,000 shares on December 21, another 934,000 on December 22, and a final 934,090 on December 28, when the Form 4 explicitly stated: “THIS RULE 10b5-1 TRADING PLAN WAS COMPLETED ON DECEMBER 28, 2021.” Nearly 2.8 million shares were sold after the interview was recorded and after the stock hit its bottom. The 10b5-1 plan ran on its pre-arranged schedule regardless.

The stock recovered anyway, surging 13.7% in two days on the strength of the “almost done” statement alone. The market did not wait for the selling to actually finish; it heard the signal and repriced. What moved the stock was not the cessation of sales but the communication that cessation was imminent, a forward-looking announcement delivered through a media channel that would reach Tesla’s most devoted retail holders. The selling continued for another week. The market did not care as it had heard what it needed to hear.

Tesla closed the year at $352.26, roughly where it started the month. Tesla closed at $365.00 on December 1, 2021, the day the haircut debuted. On March 27, 2026, it closed at $361.83. Within three dollars.

After four years and three months, the stock has gone nowhere.

“They should sell their Tesla stock.”

July 23, 2024.

During Tesla’s second-quarter earnings call, Musk did something that, to my knowledge, no other sitting CEO of a publicly traded company has ever done on a recorded investor call: he told shareholders to sell.

The next day, Tesla dropped 12.3%. The Nasdaq fell 3.6%. The S&P lost 2.3%. Tesla’s excess loss against QQQ: 8.7 percentage points. Volume spiked 50%.

The quarter itself was weak, with declining automotive margins that were widely expected. Weak quarters alone do not produce 8.7 points of excess decline. The broader tech selloff explains about 30% of the move, with the remaining 70% as the market pricing in the spectacle of a CEO issuing an explicit sell recommendation for his own company.

Musk operates under a 2018 SEC consent decree, amended in April 2019, that requires him to have an experienced securities lawyer pre-approve public communications on an enumerated list of topics before he posts them. That list includes Tesla’s financial condition, production numbers, projections about the business, and “events regarding the company’s securities.” An explicit recommendation to sell Tesla stock, tied to a forward-looking projection about autonomous driving capability, falls squarely within at least two of those categories. The decree remains in force: Musk moved to terminate it in 2021, was denied by Judge Liman in SDNY in 2022, lost the appeal at the Second Circuit in 2023, and petitioned the Supreme Court in Musk v. SEC (No. 23-626) without obtaining relief.

No enforcement action followed the earnings call statement, just as none had followed the “stock price is too high” tweet in May 2020, which Musk told the Wall Street Journal was not vetted in advance by Tesla counsel. The SEC declined to comment to WSJ on the May 2020 tweet. No contempt motion was filed, nor was any sanction issued. Compliance Week ran a piece at the time headlined “Elon Musk again tests SEC with ‘stock price is too high’ tweet,” framing the episode as a test of the agency’s willingness to enforce. Reuters, summarizing the pattern in 2022, was more blunt: in its faceoff with Musk, the SEC had “blinked.” Columbia law professor John Coffee told CNN he did not expect repercussions, viewing the tweet as opinion rather than factual misstatement. The SDNY docket confirms there is no entry in 2020 referencing the May 1 tweet, no show-cause order, and no contempt proceeding.

A consent decree that is never enforced obviously functions less as a constraint and more as a decoration.

“Going back to this haircut”

March 16, 2025.

Thirteen months after the earnings call, with Tesla shares having already lost 48% of their value from a January 2025 high of $428.22, Musk posted the photograph of himself and his son from the December 2021 period with the caption: “Going back to this haircut.” The tweet went up at 5:32 AM Eastern on a Sunday morning. X reported it received 113.9 million views.

Monday, Tesla fell 4.8%. The Nasdaq rose 0.6%. The S&P rose 0.8%. The excess loss against QQQ was 5.4 percentage points, clearing the threshold. Unlike every previous signal, though, the five-day excess was negligible. The stock was already so beaten down from the DOGE backlash and the collapse of European sales that the marginal damage was absorbed within days.

Two features of this signal set it apart from its predecessors.

First, Musk owns X. He controls its algorithms, its trending mechanics, its content distribution pipeline, and the view-count metrics that the platform reports to the public. No independent body audits how X calculates or displays view counts, and Musk has a documented history of altering platform mechanics to amplify his own content. When X reports that a market-moving tweet from its owner reached 113.9 million accounts, that figure should be understood as a claim made by the interested party, not a verified measurement. The count may well reflect engineered amplification with distribution tuned to ensure saturation of financial media and institutional investor feeds.

Then there is the timing. The 2020 “stock price is too high” tweet went out at 11:11 AM on a Friday, causing a real-time intraday crash that at least gave traders the chance to react in the moment. The haircut callback went out before dawn on a Sunday. By Monday’s open, every financial outlet had covered it. Institutional risk desks had run their models, options market makers had adjusted their quotes, and algorithmic trading systems had processed the signal through Sunday evening futures. Monday’s open was a fait accompli.

Retail investors, who cannot trade pre-market and rely on liquidity available during market-hours to exit positions, bore the full brunt of a gap-down that institutional participants had a full overnight window to position themselves around.

The Pattern

Five signals over five years. Each is structured differently, but all share a set of features that, taken together, do not appear purely impulsive.

Insider positioning precedes the signal. In the Twitter poll case, Kimbal Musk liquidated $108.8 million in Tesla shares across 14 tranches on November 5, filed the Form 4 at 9:22 PM that evening, and the poll went up the next afternoon. His filing carried no 10b5-1 safe-harbor language, unlike his later Tesla sales in 2023 and 2024 which did. The SEC opened a formal investigation into whether the trade constituted insider trading. During the December 2021 haircut period, multiple insiders were executing sales. By early 2025, Tesla board members and executives had offloaded over $100 million in shares across a matter of weeks, with board chair Robyn Denholm alone moving $558 million worth of stock since 2020. After insiders sell, the signal drops.

Every qualifying signal produced a volume spike. The smallest was 12%, the largest 58%. These are not retail panic-sell volumes. Spikes of that magnitude indicate institutional participation: pension funds, index rebalancers, risk-parity models, hedge fund desks, all responding to the same trigger simultaneously. The signal is not aimed at day traders on Reddit; it is aimed at the algorithmic layer of the market that treats CEO behavior as a quantifiable risk input.

The signals hit hardest near highs. The Twitter poll and the haircut debut, both issued when Tesla hovered near its all-time highs around $400 (split-adjusted), produced 14.5% and 12.2% excess five-day losses respectively. The March 2025 tweet that was issued when the stock sat at $250 barely left a mark beyond the first day. A signal aimed at triggering corrections from elevated levels, where the most value can be extracted by anyone positioned short or holding puts ahead of the event, would behave exactly this way.

Each signal is deniable. “Stock price is too high” is just an opinion. The Twitter poll was about his taxes. The haircut is just a haircut. The earnings call was actually about strategic conviction. “Going back to this haircut” is a simple joke about grooming. The signals he drops come wrapped in a layer of plausible deniability thick enough to keep regulators at bay but thin enough for anyone paying attention to read the message. Deniability is not a flaw in the signal; it is the actual mechanism by which the signal operates. And consider: Musk’s 2018 consent decree with the SEC requires pre-approval of communications about Tesla’s financial condition, securities, or projections. A tweet about a haircut does not appear on that list. The two signals in this dataset that produced the largest excess losses against the Nasdaq, the haircut debut at 12.2% and the haircut callback at 5.4%, are the two that most cleanly evade the decree’s enumerated categories. Draw your own conclusions.

The distribution channel is now captive. When Musk tweeted “stock price is too high” in May 2020, Twitter was an independent platform with its own algorithms and editorial decisions. He was broadcasting through someone else’s infrastructure. After the October 2022 acquisition, every subsequent signal has been distributed through a platform he owns outright. Algorithmic amplification, trending curation, view-count reporting, etcetera — Musk controls all of it. No independent check exists on whether his posts receive preferential distribution, and there is no third-party verification of reported engagement metrics.

The man who moves markets with his posts also owns the printing press.

What the Jury Said

On March 20, 2026, nine days after Musk’s latest haircut-related post began circulating, a nine-member federal jury in San Francisco returned its verdict in Pampena v. Musk, the class action shareholder lawsuit over his 2022 Twitter acquisition. After nearly four days of deliberation, they delivered a split decision.

The jury found Musk liable under Section 10(b) of the Securities Exchange Act and SEC Rule 10b-5(b) for two specific tweets: his May 13, 2022 statement that the Twitter deal was “temporarily on hold,” and a May 17 tweet claiming the deal could not proceed without bot data. Both were found to be materially misleading. A third challenged statement, made on a podcast, was deemed opinion and not actionable. The jury rejected the plaintiffs’ broader theory under Rule 10b-5(a) that Musk had engaged in an intentional “scheme to defraud” investors.

Damages rose to approximately $2.1 billion in stock losses, with plaintiffs’ attorneys estimating an additional $500 million in options losses for a potential total near $2.6 billion. Shareholders are set to receive between $3 and $8 per share per day for the class period. Musk’s attorneys at Quinn Emanuel announced an appeal immediately, called the verdict “a bump in the road,” and noted the jury had “found both for and against the plaintiffs and found no fraud scheme.”

The plaintiffs’ attorney Joseph Cotchett told reporters afterward that the verdict “sends a strong message that just because you’re a rich and powerful person, you still have to obey the law, and no man is above the law.”

The significance reaches well beyond the acquisition of Twitter and well beyond the two counts on which Musk prevailed. For the first time, a federal jury had examined specific tweets by Elon Musk under the framework of securities fraud and concluded that two of those constituted material misrepresentations made with the requisite mental state. They did not find a coordinated scheme, but they did find that individual tweets, standing alone, were false enough and consequential enough to warrant billions in damages.

None of that proves the five Tesla sell signals documented above were intentional misrepresentations.

A verdict about Twitter shares does not establish liability for Tesla share movements. It does, however, resolve a predicate question that Musk has contested in courtrooms for nearly a decade: does he understand that his public statements move stock prices, and does he make them with awareness of their consequences? Nine jurors heard his defense and rejected it on two out of three counts.

The proposition that Elon Musk posts without understanding what his posts do to stock prices is, as of March 20, 2026, something a jury weighed and declined to believe.

The Cumulative Cost

Across five qualifying events, measured conservatively against the Nasdaq-100, Musk’s public actions have produced approximately 35 percentage points of idiosyncratic loss in Tesla’s stock. These are not losses caused by the Federal Reserve, Chinese competition, declining EV demand, or any of the dozens of legitimate headwinds that every automotive company faces. They are losses caused specifically and measurably by the CEO’s tweets, statements, and personal aesthetic choices in periods where the broader market was flat or rising.

At Tesla’s current market capitalization of roughly $1.4 trillion, a single percentage point of movement represents approximately $14 billion in shareholder value. The math is approximate, because the market cap has fluctuated over the five-year period in question, but the order of magnitude speaks for itself.

This accounting captures only the five cleanest events. It leaves out the slow bleed of the DOGE period, when Tesla’s association with Musk’s political activities cost the stock roughly half its value from December 2024 to April 2025. It leaves out the dozens of smaller provocations that fell below my methodology’s 5% excess threshold, as well as the opportunity cost of investors who exited Tesla entirely because they could no longer stomach Musk’s governance style.

What it does capture, rigorously and defensibly, are five moments when the wealthiest individual used his public platform to communicate something to the market, the market responded with overwhelming and precisely timed selling pressure, and the rest of the market did not.

What Comes Next

Tesla’s next earnings call is scheduled for April 28, 2026.

Musk has signaled that capital expenditures will exceed $20 billion this year, more than double the 2025 figure. Automotive revenue fell 10% last year. The company is discontinuing the Model S and Model X. The robotaxi fleet operates only about a dozen vehicles in Austin with human safety chaperones riding side-saddle. The Cybercab, which has no steering wheel, is supposed to begin production in April and expected to reach volume production by year’s end.

The Pampena v. Musk verdict will be appealed, and Quinn Emanuel will argue that a mixed decision vindicates their client. Despite this framing, the factual core of the jury’s finding stands until it is overturned: two tweets by Elon Musk constituted material misrepresentations under federal securities law, and they cost shareholders billions. For anyone holding TSLA, the question is no longer whether the CEO’s public behavior affects the stock — The data settles that. The question is whether the next signal has already been sent.

Tesla closed at $361.83 on March 27. That is just $3.17 away from where it stood on December 1, 2021, the day Elon Musk debuted a Hitler Youth-style haircut and the market started selling.

Some patterns repeat because the underlying conditions recur. Others, because someone wants them to.

Jackie Singh is an information security professional and investigative journalist.

This analysis is based on publicly available market data, SEC filings, court records, and contemporaneous media reporting. It does not constitute investment advice. All price data has been split-adjusted.

Share

If you work in a newsroom, a law firm, or a research lab, your gut feeling no longer counts as a forensic tool. I’m so excited to share that my new app Kinexis.AI goes live today to help bridge the gap between human perception and manipulated reality.

Instead of a simple “fake or not” detector, my company has built a multi-modal telemetry engine. Running a video through Kinexis generates a clinical, forensic report across multiple layers of analysis:

• Synthetic Artifacts: Hunting for the microscopic glitches GenAI leaves in its wake.

• Narrative Framing: Identifying hidden persuasion techniques like authority positioning or “feigned earnestness.”

• Body Language: Mapping movements and expressions that often occur too fast for the human eye to register.

Jeffrey Epstein’s deposition footage serves as a quick case study.

When we processed clips of those archival tapes, the engine didn’t just confirm they were authentic; it flagged specific moments of contempt and high cognitive load that might change your understanding of the testimony.

Kinexis turns a passive viewing experience into a data-driven investigation.

Building Kinexis has been a deeply personal mission over the past weeks because I believe technology should act as a shield for truth rather than as a weapon against it.

This platform is a first-of-its-kind attempt to complement every citizen and professional’s valuable human judgment with a high-fidelity AI sensor that offers a nuanced, forensic understanding of how media can be constructed to influence us.

By merging deepfake detection with behavioral intelligence, my hope is that we can use AI for good—empowering people to cut through the noise of synthetic manipulation and restore a shared, factual foundation for how we understand the world.

I built this for those who hate black-box verdicts, but haven’t had useful tools to dig deeper. You’ll get raw data, timestamped findings, and probabilistic confidence scores.

Stop guessing. Start measuring!

You can run your first analysis right now, or browse public reports. Guest checkout is enabled, and we support direct links from sites like YouTube, Facebook, X/Twitter, and TikTok so you don’t have to waste your time downloading videos.

Analyze Your First Video

Stay skeptical.

In February 2025, I wrote about something that almost happened. A provision in the House-passed FY2025 NDAA would have transformed the Selective Service System from voluntary self-registration into automatic, database-driven enrollment of every draft-age male in the country. It was stripped from the final bill before President Biden signed it in December 2024. I argued at the time that its removal didn’t mean the idea was dead. The 57-1 vote in the House Armed Services Committee, the bipartisan enthusiasm, the obvious political utility of keeping a draft on a hair trigger—all of it pointed toward a second attempt.

That second attempt succeeded, and in a context far worse than I anticipated.

On December 18, 2025, President Trump signed the FY2026 National Defense Authorization Act into law. Section 535 mandates that the Selective Service System automatically register all male U.S. residents aged 18 to 26 using existing federal databases. The provision takes effect in one year. It passed 312-112 in the House and 77-20 in the Senate. Nobody held a press conference about it.

Between my original article and this one, the United States bombed Iran’s nuclear facilities, intervened militarily in Venezuela, deployed the National Guard to American cities, and authorized the largest defense budget in history. A new National Defense Strategy explicitly prepares for “prolonged, multi-domain conflicts.”

Quiet draft plans are now law, being implemented against a backdrop of active warfare.

What Section 535 Actually Does

Under the new law, the SSS must “identify, locate, and register” every male person residing in the United States between 18 and 26 by aggregating data from other federal agencies—Social Security, IRS, immigration records, whatever else the SSS Director “determines necessary.”

This replaces a self-registration system in place since 1980. Under that framework, young men were supposed to sign up voluntarily; most didn’t. Compliance has been abysmal for decades. Bernard Rostker, who ran the SSS from 1979 to 1981, testified in 2019 that the existing database would be “less than useless” for an actual draft.

Congress had an obvious alternative: abolish a system that hasn’t worked in 45 years. Instead, it chose to expand the system’s reach and its access to Americans’ personal data.

Edward Hasbrouck, the most knowledgeable independent expert on draft registration in the country, put the change in stark terms when the conference bill emerged in December 2025: this:

“will move the USA closer to activation of a draft, or at least to being able to claim to be ready to activate a draft ‘on demand,’ than at any time in the half century since draft registration was suspended and draft boards were deactivated in 1975.”

A revealing detail is buried in the legislation itself. Despite the word “automatic,” the law still requires potential draftees to provide personal information on demand of the SSS. If the system could truly identify and locate everyone on its own, that provision wouldn’t be necessary. It exists because the premise of constructing a comprehensive, accurate list of every draft-eligible person by merging federal databases doesn’t hold up. Federal databases don’t agree with each other. They don’t track current addresses. They don’t reliably record sex as assigned at birth. None of them were designed for this purpose.

So what the law actually creates is not an automated registration system but a sweeping new authority for the SSS to demand data from every other federal agency and to demand personal information from individuals.

Automation is the sales pitch; the surveillance architecture it enables is the product.

How It Got Through

The legislative path reveals how Congress handles provisions with major civil liberties implications when nobody is paying attention.

Automatic registration language originated within the SSS itself during the Biden administration, championed in Congress by Rep. Chrissy Houlahan (D-PA). Her bill sailed through the House Armed Services Committee in May 2024 on a voice vote without audible opposition, endorsed “wholeheartedly“ by Chairman Mike Rogers (R-AL). Democrats got to look tough on national service. Republicans got expanded government data collection that could be weaponized for other purposes. Everyone won except the people who’d eventually be registered.

When the provision was stripped from the FY2025 NDAA in conference, I flagged it as a temporary setback, and ten months later it resurfaced in the FY2026 bill.

In September 2025, Rep. Warren Davidson (R-OH), a West Point graduate and Army veteran, tried to bring a floor amendment that would have replaced automatic registration with outright repeal of the Military Selective Service Act. The House Rules Committee blocked it, foreclosing any debate on whether the Selective Service should exist at all. Only the question of how aggressively it should operate was permitted.

By December 2025, the House-Senate conference committee had folded the provision into the final FY2026 NDAA. Public discussion around its passage focused on the $901 billion topline, the 3.8% military pay raise, Golden Dome missile defense authorization, and $400 million for Ukraine. Automatic draft registration was a footnote.

The Friends Committee on National Legislation had flagged the provision before it passed, calling it “dangerous draft automation.”

Their warning went largely unheard.

DOGE Walks Into the Selective Service

In April 2025, before the automatic registration provision was even enacted, the Department of Government Efficiency showed up at SSS headquarters.

The SSS confirmed to Edward Hasbrouck that “a DOGE representative visited our Agency this week. We’ve established a great working relationship. They asked us about our data and requested access, which we gave in compliance with the President’s Executive Order on Establishing and Implementing the Department of Government Efficiency.”

The registration database contains records on all male U.S. citizens or residents born on or after January 1, 1960, who have registered or been registered by state driver’s license agencies. Enormous and inaccurate, as of that April visit it was open to an organization with no statutory authority and no obligation to explain what it intended to do with the data.

When Hasbrouck asked whether new computer matching programs had been carried out by DOGE, the SSS said no, but acknowledged it wasn’t clear whether the agency would “even know what DOGE has done with SSS data, once DOGE has gotten access to it and possibly exfiltrated it.”

Once data leaves an agency and enters DOGE’s orbit, no mechanism exists to track it, constrain it, or recall it. DOGE’s entire operational model is built on aggregating and cross-referencing federal databases.

That model now includes the draft registration list.

From Database to Weapon

If DOGE’s access was the opening move, the SSS’s subsequent rulemaking was the follow-through.

After Section 535 was enacted, the SSS’s first official regulatory action was a proposal to expand “routine uses” of registration data. Under the new proposed rules, SSS records could be disclosed to federal, state, and local agencies and to private entities for purposes including immigration enforcement.

The Heritage Foundation had signaled earlier in 2025 that it wanted SSS registration data turned against immigrants, leveraging threats of prosecution for “knowing and willful” non-registration to pressure undocumented individuals to self-deport. The legal basis for such threats is thin because you can’t prosecute someone for “knowingly” failing to do something they didn’t know they were required to do. But the coercive potential is real, especially for populations already living under threat of deportation.

In January 2026, a coalition of civil liberties and peace organizations pushed back. The Military Law Task Force, the Electronic Privacy Information Center (EPIC), Restore the Fourth, the Committee Opposed to Militarism and the Draft, Project YANO, the Episcopal Peace Fellowship, the Jewish C.O. Project, and the Center on Conscience & War submitted joint comments opposing the proposed data-sharing expansion. Their filing warned that DOGE had already been given access to the SSS database “for undisclosed purposes and with no apparent legal basis” and that the proposed rules were a precursor to the far broader data-sharing regime that automatic registration would require.

The coalition also flagged the populations most vulnerable: transgender and non-binary youth, who risk being misgendered or misregistered by databases that don’t track sex assigned at birth, and immigrant youth, whose data would flow directly into infrastructure already being repurposed for enforcement operations.

As someone who has spent years studying how government data systems get repurposed, I’ve seen this cycle before. A database gets built for a narrow purpose. Access creeps outward, new “routine uses” get proposed, and by the time the public notices, the architecture is already operational. The SSS registration database is mid-cycle right now.

A System That Can’t Draft Anyone

Here’s the paradox. The Selective Service System is simultaneously being granted unprecedented data collection powers and remains institutionally incapable of executing an actual draft.

Between March 2021 and March 2025, draft board membership declined from 9,596 to 5,802. When the SSS conducted outreach to its own board members, it discovered that “many” had died without the agency’s knowledge. The SSS had so little contact with the people responsible for processing draft claims that it didn’t know they were dead.

Many local boards now lack the three members required by law to constitute a quorum. Without a quorum, a board cannot legally hear deferment or exemption claims. If a draft were activated tomorrow, residents in those jurisdictions would have no functioning board to appeal to. The National Appeal Board, which hears appeals of deferment and exemption decisions, had a single member as of March 2025. Three are needed for a quorum, so no functioning national appeals process exists.

The SSS was considering asking Congress to let it consolidate boards across entire Congressional districts rather than counties, which would reduce the number of boards needed but overload survivors with cases they’d be unprepared to handle, staffed by rushed appointees with minimal training.

Congress just entrusted this agency with building a comprehensive national database of every draft-eligible person in the country.

Meanwhile, the Wars

While Congress debated subcommittee markup language, the United States was fighting.

On June 22, 2025, the U.S. launched Operation Midnight Hammer, striking three Iranian nuclear facilities at Natanz, Fordow, and Isfahan with B-2 stealth bombers and over 100 aircraft. Trump declared Iran’s enrichment capabilities “obliterated.”

In late February 2026, the U.S. and Israel launched a second, larger campaign against Iran, Operation Epic Fury, engaging over 1,700 targets including command centers, ballistic missile sites, naval vessels, and military infrastructure. Trump declared a “major combat operation.” As of this writing, Iran has retaliated with missile strikes on U.S. bases across the Gulf, and fighting continues.

In the Caribbean, the largest U.S. naval concentration since the Cuban Missile Crisis took shape over summer 2025. Since September, the U.S. has carried out dozens of strikes on suspected drug-smuggling vessels, killing scores of people. Defense Secretary Pete Hegseth announced many of these personally on social media, declaring that targets would be treated “EXACTLY how we treated Al-Qaeda.”

A congressional crisis erupted in November after it was reported that Hegseth had allegedly ordered a second strike to eliminate survivors of a September 2 attack, raising serious questions under the Geneva Conventions that congressional investigators are still pursuing. The FY2026 NDAA itself contains a provision withholding 25% of Hegseth’s travel budget until the Pentagon provides Congress with unedited video of the Caribbean strikes.

By January 2026, Venezuela escalated from naval buildup to full intervention with Operation Absolute Resolve, in which U.S. forces bombed infrastructure across northern Venezuela and Delta Force operators captured President Maduro.

On the domestic front, National Guard troops deployed to Washington D.C. in August 2025, then to Los Angeles, Memphis, Charlotte, New Orleans, and Portland. In August 2025, Trump signed an executive order directing the Pentagon to create standing National Guard units in every state for “rapid nationwide deployment.” In a meeting with over 800 generals, he described America as waging “a war from within.” (The Supreme Court ruled against the Chicago deployment in December, and Trump withdrew troops from three cities before signaling they could return.)

The 2026 National Defense Strategy: Saying the Quiet Part

Released in January 2026, the new National Defense Strategy is the most telling document in this sequence. Previous defense strategies talked about “preventing war” or “integrated deterrence.” This one organizes around preparation for “prolonged, dispersed, and multi-domain conflicts.”

Homeland and hemispheric defense became Priority #1, with “homeland” now encompassing the entire Western Hemisphere under what the Pentagon calls a “Trump Corollary to the Monroe Doctrine.” China remains the “pacing threat,” but operational focus has shifted to the Caribbean, the Arctic, and the Gulf of America. Officials describe the defense industrial base as being placed on “a wartime footing,” with calls for a “once-in-a-century revival of American industry.”

CSIS analyst Mark Cancian, a retired Marine colonel, noted the strategy warns of “an increased risk of America itself being drawn into simultaneous major wars across theaters — a third World War.” The answer offered is a “one plus” conflict model: the U.S. fights one major war while allies handle the second. Those allies, described in the document as “freeloading dependents,” are expected to shoulder frontline roles, logistics, and risk.

One conspicuous absence: the NDS does not mention the all-volunteer force. Every previous QDR and NDS had a section on sustaining the AVF. Its disappearance from a document that otherwise touches every major defense topic is hard to read as an oversight.

You don’t build automatic draft registration, expand the surveillance apparatus around it, rename the Department of Defense to the “Department of War,” and stop talking about the all-volunteer force (all while fighting on two continents) unless conscription is being kept very close to the surface.

What Comes Next

The SSS has until December 18, 2026, to stand up the automatic registration system. That means publishing regulations, completing Privacy Act and Computer Matching Act notices, obtaining OMB approval for new data collection instruments, and building the technical infrastructure to pull and reconcile data across multiple federal agencies. All of this by an agency that can’t keep track of whether its own draft board members are alive.

States could complicate the process. The automatic registration law grants the SSS authority to compel data from federal agencies, but imposes no such obligation on state governments. Eleven states currently have no Selective Service registration tie-in with driver’s licenses. Any state that doesn’t want its residents’ data funneled into a DOGE-accessible draft database could end its data-sharing agreement with the SSS entirely.

The coalition that submitted comments in January is planning continued opposition and calling for repeal of the Military Selective Service Act before automatic registration takes effect. They have nine months.

Congress could still repeal the MSSA with a one-sentence bill. But 389 House members and 77 senators just voted to expand the system, so repeal is not a near-term prospect.

What is a near-term prospect: by December 2026, the federal government will possess a continuously updated database of every draft-eligible male in the country, constructed from cross-referenced federal records, accessible to agencies with no clear data protection obligations, and maintained by an institution that has already shown it cannot be trusted with the data it has.

That database will exist in a country actively bombing Iran, intervening in Venezuela, operating under a defense strategy premised on prolonged warfare, and no longer mentioning the all-volunteer force in its strategic planning.

I wrote a year ago that the GOP’s draft plans were quiet. They aren’t quiet anymore. They are law, and the nine months between now and implementation are the last window to stop them.

And lately, watching the cybersecurity community go quiet while the Trump administration dismantles the country’s defenses, I keep asking myself the same question I’m about to try to answer.

Answering that honestly requires pulling apart several threads at once: money, clearances, the peculiar political inheritance of hacker culture, the structural position of technical professionals under capitalism, and a community that has quietly confused professional discretion with moral neutrality.

The SentinelOne Test

If you want to understand why the cybersecurity industry is silent, start with what happened to Chris Krebs. Krebs was the founding director of CISA, the government’s civilian cybersecurity agency.

Our community has generally had a positive view of CISA—in no small part due to the years-long visible efforts of their senior leadership, including Krebs, to create lines of integration with information security communities of practice and create a sense of democratic participation in the defense of the nation.

Many sectors which are critical to national defense are under the control of private enterprises, so it is similarly important to build these relationships—as well as relationships with foreign organizations tasked with the defense of their own respective nations—and they had, partly through forging relationships with noted influencers and increasing their visibility at industry events.

Trump fired Chris Krebs unceremoniously via tweet in November 2020 for working to counter disinformation that the presidential election was not secure. At the 2021 Cyberwarcon conference, organizers presented him with a flight jacket reading “FIRED BY TWEET,” and everybody clapped.

In April 2025, the joke stopped being funny: Trump issued a Presidential Memorandum naming Krebs in its title.

For lawyers and process nerds: that one is technically a Presidential Memorandum rather than an Executive Order, but in practice it functions the same way: it directs the executive branch, carries binding instructions for agencies, and can be enforced unless it conflicts with statute or the Constitution. The differences are mostly procedural: Memoranda don’t have to be printed in the Federal Register, they don’t have to spell out the president’s specific legal authority the way orders do under 1 C.F.R. § 19.1, and the budget office doesn’t need to issue a formal “Budgetary Impact Statement” for them.

The effect of the Memorandum was the revocation of Krebs’ security clearance, the start of a Justice Department investigation into his government service, and the suspension of the clearances of every employee at SentinelOne, where Krebs worked as chief intelligence and public policy officer. No evidence supported the White House memo’s accusation that he had been “suppressing conservative viewpoints,” and no explanation was offered for why SentinelOne’s entire workforce should be punished. Within a week, Krebs resigned, saying the fight was one he needed to take on outside the company.

Reuters contacted 33 of the largest U.S. cybersecurity companies for comment.

Thirty-two either declined or did not respond. A single voice of opposition came from the Cyber Threat Alliance, a nonprofit, whose president Michael Daniel said: “Targeting a company because the president does not like someone in the company is an example of the very weaponization of the federal government the memo claims to be combating.”

Katie Moussouris, founder of Luta Security, was blunt: “I don’t think it’s feasible for cybersecurity companies to have a broader response on this. The risk is just too high.”

An anonymous executive put it more plainly to Reuters: “If they are willing to crush Mr. Krebs, what do you think they’ll do to me?”

The Dismantling

The act against Krebs was not an isolated act of retribution. He was a demonstration project—and the demonstration worked!—because it ran in parallel with a systematic campaign to hollow out America’s cybersecurity infrastructure.

CISA entered fiscal year 2025 with roughly 3,400 employees. By December 2025, that number had fallen to approximately 2,400. Trump’s FY2026 budget proposes cutting the agency’s funding by $495 million, a 17% reduction, eliminating over a thousand authorized positions. Election Security has been entirely zeroed out. Forty-five million dollars stripped from Cyber Defense Education and Training. Seventy million from the National Risk Management Center.

In April 2025, the CVE program nearly collapsed. CVE is the global system for identifying and tracking software vulnerabilities, and it underpins virtually every security operation on Earth. MITRE’s government contract was allowed to approach expiration before CISA threw together a last-minute extension. The system survived. But nobody who watched it happen could avoid the obvious implication: even the most fundamental shared infrastructure of cybersecurity is expendable when it falls within the budget-cutting blast radius.

General Timothy Haugh, who led both the NSA and U.S. Cyber Command, was fired along with his deputy, Wendy Noble. No official rationale was offered. DHS Secretary Kristi Noem took the stage at the RSA Conference and called CISA a “Ministry of Truth,” accusing it of deciding “what was truth and what was not.” She was referring to the agency’s role in debunking election misinformation that Trump still insists was censorship.

By January 2026, the escalation had reached a kind of absurdist peak. CISA, the FBI, and the NSA all pulled out of the RSAC Conference after the event’s organizer hired former CISA director Jen Easterly as CEO. Easterly is a 25-year Army veteran and political independent whose offense was criticizing the administration’s loyalty mandate at the previous year’s conference. West Point had already rescinded a job offer to her after a far-right activist objected. The federal government withdrew from the world’s largest cybersecurity gathering because it didn’t like the new boss—one who was, until quite recently, their own well-respected boss.

All of this while Chinese state-sponsored hackers remain positioned inside American critical infrastructure. As Easterly wrote on LinkedIn before Trump’s allies forced her further from public life: “As experienced leaders exit and key roles remain vacant, our nation’s cyber defenses are at risk of being dangerously degraded.”

The Government as Threat Actor

This is the part that should unsettle everyone in my field.

We train to defend against Advanced Persistent Threats, use acronyms like APT28 and APT41 and Volt Typhoon, write detection rules, build threat models, share indicators of compromise. Our entire conceptual apparatus assumes the threat actor is foreign and that the U.S. government is, broadly speaking, on our side.

Then came DOGE. Elon Musk’s operatives gained access to Treasury payment systems, OPM personnel databases, and IRS records with minimal security vetting. Alan Butler, executive director of the Electronic Privacy Information Center, told Politico that their access to federal data was “an absolute nightmare.”

Bruce Schneier at Harvard said government systems are now less secure because of DOGE’s actions. Axios reported on the insider threat implications of granting rapid access to individuals with unclear backgrounds and undisclosed conflicts of interest. A former DHS Chief Privacy Officer described what happened as “a data breach of exponential proportions.”

In any other context, we would call this an insider threat. We would write an incident report, recommend access revocation, conduct forensic analysis. But the people who did it answer to the president, and the people who would normally investigate are being fired or silenced. Nobody has written a TTP report for DOGE. Nobody has published a MITRE ATT&CK mapping for an executive branch that treats its own government’s data as a personal resource.

Our frameworks were not built for this.

Who We Are, and Why That Matters

You can’t understand how this community responds without understanding where it came from. Information security descends from hacker culture, and hacker culture’s founding ethic was libertarian in the older, pre-partisan sense: distrust of authority, commitment to open information, and an unwavering belief that technology could route around institutional power. Cypherpunks who built the encryption tools we still depend on saw cryptography as a liberating force against government surveillance.

The politics are not neatly left or right. They are anti-authoritarian, which maps onto anarchism for some, market libertarianism for others, progressive activism for still others. Walk around DEF CON and you will find people who think open source is a grand anarchist experiment sitting next to people who think the Second Amendment is a cybersecurity posture. Collective political action can be difficult when the only shared conviction is some vague skepticism of centralized power.

Demographics complicate this further. Women make up 22% of the cybersecurity workforce. LGBTQ people, including a visible contingent of trans women hackers and security researchers, have carved out real cultural space in this industry—from long‑running events like Queercon at DEF CON, which I have personally attended and found to be great fun, to highly public practitioners like Alissa Knight who’ve made it easier for others to imagine themselves here. Plenty of people in this industry have skin in the game when it comes to the policies this administration is pursuing.

Yet the workforce remains overwhelmingly white and male. People with the greatest personal stakes in resisting are also the most vulnerable in the workplace, and the least able to speak out safely. Meanwhile, the white, male, credentialed, senior professionals who hold the most structural power face the least direct personal threat.

Conferences celebrate minority members with panels and mentorship programs, but none of that has translated into collective defense when those same members face real-world policy harm.

Does the Culture Support MAGA?

No. Not broadly. But the picture has nuance that a flat denial would miss.

At RSA 2025, Chris Krebs drew thunderous applause for saying “we should be outraged. Absolutely outraged.” Moussouris told reporters, “Everybody feels the same way I do. Nobody is authorized to say anything officially.” An open letter from the Electronic Frontier Foundation gathered more than 40 prominent signatories condemning the Krebs executive order. A State Department employee at the conference, speaking on condition of anonymity, called Secretary Noem “just a puppet.”

Overwhelmingly, sentiment in this community runs against what the administration is doing. It finds expression in private Slack channels, anonymous quotes to reporters, standing ovations at conferences. What it does not produce is organized, public, sustained resistance.

I should be transparent about where I sit in all of this. I was never fully anonymous in the communities I came up through, and I haven’t stopped using my voice. If anything, I’ve become far more strident since 2020, when I watched the security community fail to mount any serious response to the disinformation campaigns and election targeting that defined that cycle. Some of that targeting was directed at me personally. Those events fully clarified something I might have already known: silence in this industry is a choice, and it benefits whoever is running the operation.

Which brings me to the one moment when a real part of the community did speak up. In late April 2025, the EFF organized an open letter to the White House demanding that the Krebs investigation be dropped and SentinelOne’s clearances reinstated. I signed it.

The initial version carried names like Ron Rivest, Matt Blaze, Bruce Schneier, Jeff Moss, Alex Stamos, and Gabriella Coleman—people whose careers are established and reputations large enough to absorb the hit. Within days, the signature count blew past 400. The version I have in front of me now carries over 730 names.

Look at who signed, and a pattern emerges. About 80% included a professional title or affiliation, which in this context is itself an act of exposure. Roughly a quarter hold senior positions: C-suite executives, CISOs, directors, distinguished engineers, endowed professors at MIT, Princeton, Stanford, Georgetown, Columbia. CSO Online called it “a who’s who of the cybersecurity intelligentsia.”

But the bulk of signatories, close to half, are mid-career practitioners: security engineers, analysts, architects. People with titles like “Cybersecurity Professional” or “Security Analyst at Black Hills Information Security.” These are people who don’t have endowed chairs to fall back on.

One name stands out for a different reason: Jonathan Kamens, who listed his title as “Former (fired by DOGE) Information Security Lead and Advisor to the CTO, U.S. Department of Veterans Affairs.” He signed as an original signatory, not an open one. He had already lost his job, and chose to make that visible.

The letter mattered. But 730 names out of a global cybersecurity workforce of over 5 million is vanishingly small. And as Krebs himself told Politico six months later, the executive order remained in force, his clearance was still revoked, and SentinelOne was still dealing with the fallout. Solidarity was expressed and nothing changed.

A real but minority pro-MAGA tendency does exist within the community, concentrated in military and intelligence-adjacent subcultures and in parts of the crypto and prepper worlds that overlap with hacker culture. Some of this traces back to the libertarian strand of hacker politics that has always been comfortable with right-wing anti-government rhetoric. But saying the culture “inherently supports MAGA” gets it wrong.

What the culture inherently supports is self-preservation. At this time, self-preservation and silence feel indistinguishable.

The Professional Managerial Trap

A body of left-wing theory explains what is happening here. In 1977, Barbara and John Ehrenreich coined the term “professional-managerial class” (PMC) to describe salaried mental workers whose function is “the reproduction of capitalist culture and capitalist class relations.” They don’t own capital. They manage it, protect it, optimize it, and discipline the people who produce it.

Infosec professionals fit that description almost too well. We design access controls, write acceptable-use policies, implement data-loss prevention, monitor employee behavior on corporate networks, and enforce compliance regimes. Our professional purpose, at its structural core, is to keep the systems through which capital flows running without disruption. The trains must run on time. When the Ehrenreichs described the PMC’s relationship to the working class as “objectively antagonistic,” they could have been describing the person who configures your company’s endpoint detection and decides what you’re allowed to plug into your laptop.

A recent analysis in Jacobin puts a fine point on it: the PMC are “servants of capital, but also have a disdain for capitalism.” I recognize that tension in myself and in most of my peers. Many of us believe, sincerely, that we are protecting people: hospitals from ransomware, election infrastructure from foreign interference, critical infrastructure from catastrophic failure… Structurally, most of us work for corporations or government agencies whose primary interest is protecting capital, intellectual property, and state power. The sincerity is real but the paycheck comes from somewhere else.

And the paycheck is definitely generous. The average U.S. cybersecurity salary: $147,000. Directors and middle managers average $175,000. CISOs regularly clear $200-400K, and top earners exceed $1 million annually. That kind of money buys houses, private school tuitions, stacked retirement accounts, and a way of life that becomes very difficult to risk for the sake of a LinkedIn post.

Security clearances make the trap even tighter. A large portion of the infosec workforce holds or aspires to government clearances which can sometimes unlock lucrative contracts and often the most interesting work. As the Krebs case demonstrated, those clearances are revocable by presidential fiat. When your clearance is your career, and the president has shown he will use clearance revocation as punishment, speaking out goes beyond professional risk.

The Retreat from the Narrative Battlefield

One of the most consequential decisions the infosec community has made in recent years is leaving X/Twitter.

I understand the impulse. Musk’s platform became hostile to the values many in this community hold. Harassment spiked. Trans users were targeted relentlessly. Moderation collapsed. Leaving felt like self-preservation—in many cases, it was.

But Mastodon and Bluesky are not what Twitter was. They are smaller, more fragmented, built for conversation among the like-minded, where security pros talk to other pros about security. Pleasant, sometimes useful, but rarely political engagement in any meaningful sense. Leaving X was a moral exit, not a strategic one. It ceded the largest public forum where technical expertise could have shaped political discourse to bad actors who have been more than happy to fill the vacuum with nonsense.

The progressivist web chose comfort over influence. A community that prides itself on understanding adversarial thinking failed to think adversarially about information warfare.

The Professional Culture of Discretion

One more factor deserves attention because it’s one that is highly specific to this field.

Information security professionals are generally discreet. Operational security is not just a practice, but an identity marker. We often don’t disclose vulnerabilities before they are patched, share intelligence outside trusted channels, or draw attention to ourselves. These habits serve real purposes in their proper context, but they have metastasized into a professional culture where any public political statement feels like a violation of norms.

“We protect systems, not take sides” has become the industry’s equivalent of “just following orders,” which provides cover for inaction that handily serves the interests of whoever currently controls the systems we protect or can successfully apply pressure to its owners.

When Politico described a “typically nonpartisan community beginning to vocalize its dissent” at RSA, it was describing something real. But “beginning to vocalize” in the spring of 2025, months into the dismantling of the American experiment, was already far too late. And vocalization in the form of anonymous quotes and conference applause will never be the same as action.

What Would Action Look Like?

I don’t have a clean answer, but I know how it doesn’t look: migrating to Mastodon to post for an audience that already agrees with you, signing an open letter and going back to work on your government contract, or applauding Chris Krebs at a conference and then telling Reuters “no comment” when asked about SentinelOne.

The cybersecurity community has an asymmetric capability that almost no other professional class possesses. We are people who understand, at a technical level, how the systems of power actually work, who know where the data lives, how it moves, and what is exposed.

The anti-capitalist analysis would say this power will never be wielded against the system because the people who hold it are too deeply embedded in the system’s rewards. The PMC critique holds that professionals whose livelihood and identity depend on capitalist institutions will, in the final analysis, choose those institutions over solidarity with the people those institutions harm.

So far, the evidence supports that reading.

But the Ehrenreichs themselves acknowledged that as working conditions and pay of the PMC deteriorate, alignment with the broader working class becomes possible, even if never guaranteed and always fraught.

Clearances are being revoked. Budgets are being slashed. The CVE program nearly died. Agencies are being gutted. The government pulled out of the industry’s own conference over a hiring decision. Conditions that once made silence feel like prudence are rapidly becoming conditions where silence feels like complicity.

I cannot tell you whether this community will recognize that shift in time. But the window in which inaction can be mistaken for neutrality is closing fast.

A War That Never Quite Starts or Ends

On March 12, 2014, as unmarked Russian soldiers tightened their grip on Crimea, Vladislav Surkov published a short story in the glossy Russian magazine Russky Pioneer. Writing under his pseudonym Natan Dubovitsky, the longtime Kremlin political operator imagined a future conflict he called “the first non-linear war,” where “four coalitions collided” and “it wasn’t two against two, or three against one. It was all against all.” Entire towns and generations changed sides mid-battle; alliances were fluid, motives opaque.

The story appeared on March 12, two weeks after Russian forces seized Crimean airports and surrounded Ukrainian bases, and as soldiers without insignia were replacing local television channels with Russian programming across the peninsula. No war was ever declared. Surkov’s narrator calls the fighting “part of a process,” but not necessarily its most important part.

Moscow thinks about conflict in much the same way.

Since then, journalists and filmmakers (myself included) have treated “non-linear war” as a skeleton key to contemporary Russian strategy. Peter Pomerantsev read Surkov’s fiction alongside his real-world media work, describing a system in which “nothing is true and everything is possible.” Adam Curtis went further in his 2016 BBC film HyperNormalisation, arguing that Surkov’s approach focuses less on battlefield victory than on producing “a constant state of destabilized perception” in which people can be managed because they can no longer tell what is real.

Not every Russia specialist accepts the story as a literal doctrinal blueprint; Surkov was also playing with avant-garde literary and artistic traditions. As a description of how power can operate, though, the story is brutally clear.

Non-linear war breaks things and redraws borders; it does something else, too. It reshapes what entire societies come to regard as ordinary. Shock follows shock. Information floods every channel. People adapt because they have no choice, and their adaptation becomes raw material for the next round of operations. That cycle functions like a ratchet. Each turn makes the next one easier.

Once the ratchet clicks forward, it becomes difficult to push back.

Phase One: Blurred Thresholds

Well before Surkov put the phrase “non-linear war” into print, Russian officers were questioning the old boundary between war and peace. In a 2013 article in the journal Military-Industrial Courier, General Valery Gerasimov, Russia’s chief of the general staff, wrote that “the very ‘rules of war’ have changed” and that non-military means of achieving political and strategic goals had in many cases “exceeded the power of force of weapons” in their impact. He pointed to social media, information campaigns, covert support to opposition forces, and economic pressure as tools that could soften a target state long before tanks crossed any border. An English translation of the article was later published in Military Review.

Western commentators soon labeled this apparent synthesis the “Gerasimov Doctrine.” Mark Galeotti, the analyst who coined that phrase in 2014, has since written in Foreign Policy for what he says he launched “incautiously and unintentionally,” arguing there is no single doctrine so much as a set of evolving practices and improvisations. The name stuck anyway because it partly captured a change that extended beyond Russia: the rise of conflict fought through a dense mix of military, informational, economic, and legal tools that rarely triggers formal declarations of war.

No clean line separates war from peace in this environment.

Disinformation campaigns muddy public debate. Cyber operations shut down services. Economic pressure spikes prices or wipes out savings. Sporadic kinetic attacks kill and injure far from any defined front. Christopher Paul and Miriam Matthews, in a 2016 RAND Corporation report, called the Russian approach a “firehose of falsehood.” The output is high-volume, multichannel, repetitive, and unconcerned with internal consistency. The goal isn’t to get anyone to believe a particular story. Flood the zone with enough contradictory versions and people stop trying to sort them out.

NATO’s Allied Command Transformation has formalized part of this shift under the label “cognitive warfare.” In its working definition, cognitive warfare consists of activities coordinated with other “instruments of power” in order to influence, protect, or disrupt cognition at the level of individuals, groups, or entire populations. The focus lies less on particular opinions than on the processes people use to form them. A 2024 analysis of the NATO concept published in Frontiers in Political Science notes that cognitive attacks are conceptualized to “hinder decision-making processes, erode national or institutional unity, sow societal division, exploit identities and narratives, and undermine the resolve to engage in conflict.”

When those cognitive processes are overloaded, manipulated, or numbed, the rest of the playbook becomes easier to run.

Phase Two: Layered Shock and Cognitive Overload

Once that blurred threshold is in place, the next move is to subject the population to a mixture of physical and psychological shocks, often far from any traditional front. Those shocks travel through media, markets, and digital infrastructure as readily as artillery barrages.

Ukraine, now entering its fourth year under full-scale Russian attack, offers an unusually well-documented example. A WHO-supported health needs assessment conducted in October 2024 estimated that 68 percent of Ukrainians report a decline in overall health compared to the pre-war period. Mental health concerns are the most prevalent issue, affecting 46 percent of the population, followed by mental health disorders at 41 percent and neurological conditions at 39 percent. Among combat-exposed soldiers in clinical settings, one recent study reported PTSD in 45.9 percent of patients and Complex PTSD in 21.5 percent.

The war’s physical toll runs alongside this psychological damage. CARE International has documented how civilian casualties rose sharply again in 2025 after a brief plateau, with 2,514 people killed and 12,142 injured in that year alone, a 31 percent increase in deaths compared to 2024. Many of those harmed were struck far from any trench or fortified line, as cruise missiles and drones hit apartment blocks, electricity infrastructure, and medical facilities.

At the same time, Russian and pro-Russian information operations batter domestic and international publics with competing narratives about who is responsible for particular atrocities, whether Ukraine is a “Nazi” state, and whether Western support is prolonging the fighting. Research on the firehose model notes that audiences exposed to such campaigns are more likely to remember the messages and less likely to engage in fact-checking, even when warned about disinformation in advance.

A 2025 report by the British Institute for Security Innovation on AI-driven information warfare describes the end state of this process as “epistemic learned helplessness”: a condition in which people stop trying to evaluate claims because the cognitive cost of constant vigilance has become intolerable. Missile strikes, blackouts, deepfake videos, currency shocks: each of those on its own is destabilizing.

Taken together, and repeated over time, they create a background of crisis.

Phase Three: Defensive Normalization

As an Iraq veteran, I am intimately aware with the messy fact that human beings cannot live indefinitely at full alert. When faced with chronic emergency, they will find ways to normalize it as a type of coping mechanism.

War speeds this up and makes it uglier.

Alexei Yurchak called this “hypernormalization.” In his 2005 book Everything Was Forever, Until It Was No More, he described how late-Soviet citizens knew the official story was a lie, but collectively maintained it because nothing else seemed workable. Daily life carried on inside a shared fiction that nobody believed and nobody could replace. Curtis took Yurchak’s framework and ran with it in his 2016 documentary. His argument was that Western publics had arrived at their own version of the same problem. People could see that politics and media were stage-managed. They kept participating anyway, because no alternative script was on offer.

Ukrainians near the front describe sleeping in their clothes so they can grab their children and run to shelters at any hour. Workers plan commutes around likely missile timings. People say they have gotten used to the sound of drones overhead and streets without lights. CARE found that over 70 percent of adults in frontline regions experience depression or severe anxiety, but many frame their condition as just “being tired” or “living normally in war.”

The research on media consumption and collective trauma tells a related story. A three-year longitudinal study published in Science Advances by Thompson, Jones, Holman, and Silver found that people who consumed heavy media coverage of the Boston Marathon bombings experienced more distress and consumed more media after the Pulse nightclub massacre, feeding a cycle that compounded with each new event. Susan Moeller documented the same pattern at a broader scale in her 1999 book Compassion Fatigue: once a conflict becomes a permanent fixture of the news cycle, audiences stop absorbing its daily horrors, even as the killing continues. Over time, the outrage fades into background noise.

From a non-linear operator’s perspective, that shift from alarm to numbness isn’t a side effect or collateral damage, it’s usable ground.

A win, if you will.

Phase Four: Memory, Narrative, and the New Normal

Normalization isn’t a phenomenon limited to individual minds. It is structured by institutions, stories, and the law.

Dr. Edna Lomsky-Feder interviewed Israeli soldiers from different wars about how they remembered combat. What she found was that societies actively rework traumatic memories through official ceremonies, films, school curricula, and family stories, gradually redefining what counts as “normal” in wartime. She calls this the “normalization of war.” Heroic, critical, and resilience narratives compete with one another, but the net effect is domestication: intense war experiences get folded into personal biography as expected, even routine.

A similar logic runs through Russian political life. A study of collective trauma and populism in Russia and Georgia, presented by Jana Javakhishvili and published by the Vilnius Institute for Policy Analysis, argues that unprocessed historical trauma, from Stalinist terror to the collapse of the Soviet Union, has been repurposed by elites into a sense of permanent grievance and siege. The Putin system, in this account, built its legitimacy on a “substitutive trauma”: the loss of empire. That loss is continually rehearsed in media and politics, producing a public encouraged to experience present events as proof that enemies are everywhere and that only a strong leader can keep chaos at bay.

On the receiving end of non-linear campaigns, something different but related unfolds. Therapists and researchers who have written about the “weaponization of collective trauma” described patients who experienced political news as a form of re-traumatization. Constant exposure to outrages and scandals, amplified by algorithmic feeds, keeps the amygdala on high alert. Those affected report difficulty distinguishing real from perceived threats, a collapse of nuance into black-and-white thinking, and “trauma-bonding” within political tribes that makes cross-cutting conversation nearly impossible.

Pomerantsev’s account of Russia in Nothing Is True and Everything Is Possible feels like an extreme version of this condition: a country where reality TV, state propaganda, and organized crime blur into one spectacle, and “surreal” events are the daily rule and not exceptions. Under non-linear pressure, target societies can drift toward a similar terrain without consciously copying that model because the mechanisms producing it— namely, constant crisis, unresolved trauma, and saturated media— are highly familiar.

Phase Five: Institutions Adapt, Then Entrench

Once crisis becomes routine, institutions change shape to cope with it. Those changes can easily harden into a new status quo.

On the humanitarian and medical side, Ukraine now has a rapidly expanding mental health and rehabilitation sector. The World Health Organization and national partners warn that demand for trauma care, psychosocial support, and physical rehabilitation is rising faster than services can be built out, and that those needs will persist for decades after the fighting stops. Physicians for Human Rights and its partners have documented at least 2,591 attacks on Ukraine’s health care system since the start of the full-scale invasion, with 359 health workers killed and 379 injured.

In parallel, Ukraine’s Ministry of Veterans Affairs and civil society organizations are racing to design long-term programs for reintegration, employment, and family support for hundreds of thousands of current and former combatants.

Security institutions have their own transformation under way.

States targeted by non-linear campaigns are now pouring resources into counter-disinformation units, cyber defense agencies, and strategic communications teams. NATO’s cognitive warfare concept papers read partly as a warning and partly as a bureaucratic blueprint: they call for education programs to build “cognitive resilience,” technical systems to detect and flag manipulative content, and coordination mechanisms that treat the information space as a theater of operations in its own right. A senior NATO official confirmed in October 2025 that “hybrid warfare has begun” and that the alliance was investing heavily in preparing for it.

These adaptations are essential for survival in the short and medium term. They also risk baking the emergency into law and policy. Exceptional powers become permanent fixtures. Surveillance measures introduced to counter one wave of disinformation or terror attacks stay in place for the next. Budget lines and career paths depend on the persistence of threat. Once a state apparatus has reorganized itself around managing non-linear conflict, officials have strong incentives to see that conflict everywhere.

Russian doctrine of reflexive control sits upstream of this institutional picture. The basic idea, developed by Soviet mathematician Vladimir Lefebvre in the 1960s and refined since, is to influence an adversary’s choices by shaping its perception of reality so that it “voluntarily” selects the option most favorable to Moscow. Rather than telling an enemy what to do, the operator feeds it information that leads its own decision-making processes to the desired conclusion. Finnish analyst Antti Vasara describes multi-channel campaigns that aim at the public as well as the command-and-control systems of target states in a bid to force them to misread situations and misallocate resources.

A population and a bureaucracy already conditioned to see permanent crisis are easier to steer with these techniques. When everything looks like an attack, officials can be nudged toward overreaction or paralysis with relatively small pushes.

Phase Six: The Ratchet Turns

Once blurred thresholds, layered shocks, defensive normalization, social reconstruction, and institutional adaptation are in place, the environment itself becomes a weapon. Each new operation lands on a society that has already been pushed closer to the edge.

The Thompson et al. study in Science Advances found that people who consumed more media coverage of one collective trauma experienced more stress and fear about the next, creating a feedback loop of anxiety and information-seeking that compounded with each event. King’s College London’s multi-country Impact of Trauma Survey, part of the XCEPT research programme, is probing a related dynamic in Iraq, Lebanon, and South Sudan: in some settings, those who experience severe conflict trauma are more likely to engage in violence themselves, contributing to a “cycle of violence” that spans generations.

In non-linear conflict, each new missile barrage, cyber intrusion, or disinformation wave is calibrated against the current baseline. It doesn’t need to exceed the last one in magnitude. It simply has to differ enough to break through whatever people have managed to normalize. A strike on pediatric wards after months of nighttime attacks on power stations; a deepfake of a leader “surrendering” after months of more conventional propaganda; a banking panic after a year of physical bombardment.

Each re-teaches the lesson that nothing is stable.

Gerasimov’s 2013 article is often quoted for a line about how a “perfectly thriving state” can, in a matter of days or months, be turned into “an arena of fierce armed conflict” and “sink into a web of chaos, humanitarian catastrophe, and civil war.” Read narrowly, that sentence describes rapid regime change. Read in light of a decade of Russian practice, it reads more like a statement of long-term intent to keep adversary societies hovering on the edge of breakdown.

Never quite collapsing, and never quite recovering.

In Ukraine, that edge is visible in both statistics and daily life. Civilian casualties rose by roughly a third in 2025 despite improved air defenses. According to the WHO, attacks on healthcare facilities increased by nearly 20 percent that year, further straining an already overloaded system. Among respondents in frontline areas, 59 percent reported their health as poor or very poor in a December 2025 assessment. Clinicians warn that untreated PTSD and depression will shape politics, crime, and social cohesion for years after any ceasefire.

This is what it looks like when trauma functions as infrastructure.

Strategic Implications

Policy responses tend to focus on the most visible elements of non-linear war: sanctions, arms deliveries, cyber defense, high-profile fact-checking of viral lies. Those are necessary, but they address only pieces of the cycle.

The deeper problem is, as I’ve alluded, both epistemic and psychological.

Once a population has been pushed toward learned helplessness and people feel it no longer matters what is true, traditional tools of democratic politics lose much of their force. A press conference correcting a false claim lands differently on an audience that has essentially given up on verification. A human rights report documenting atrocities carries far less impact if readers have spent years cycling between outrage and numbness.

That RAND study on the firehose of falsehood concludes that after-the-fact debunking is rarely effective. It recommends preemptive inoculation through warning audiences about manipulative techniques before they encounter them, saturating the same channels with accurate information, and, where possible, working to curb the reach of the most aggressive propagandists— defensive maneuvers they work hard to convince populations are a threat to everyone’s free speech. NATO concept papers on cognitive warfare argue for building “cognitive resilience” through education, media literacy, and institutional reforms that improve transparency and trust.

Those moves are sound as far as they go, but still tend to treat trauma and normalization as side effects rather than engineered outcomes. A strategy that takes the ratchet seriously needs to work on several fronts at once:

• Shorten exposure by hardening infrastructure and improving defenses so populations spend less time under active attack.

• Expand care by treating mental health and social repair as central elements of security policy (not afterthoughts!)

• Constrain emergency powers with clear sunsets and oversight to prevent a crisis mindset from hardening into permanent law.

• Support alternative narratives that acknowledge trauma without turning it into a tool of mobilization or denial.

This isn’t about “winning the information war” in some narrow sense; it’s more a question of whether democracies can sustain the conditions (e.g. trust, shared reality, a sense of future) that make politics something other than an exercise in managing a frightened and exhausted public.

In Surkov’s story “Without Sky,” the narrator suffers a brain injury that leaves him unable to perceive depth. He can see only two dimensions, only “yes” and “no,” only black and white. The loss of dimensionality is his private tragedy which doubles as metaphor for something larger. Non-linear warfare aims at flattening a society’s perception in just this way, until people lose the ability to imagine that life could be structured on any terms other than permanent crisis.

Once that perception takes hold, the ratchet doesn’t unwind itself.

Just over a week ago on a February afternoon, I found myself browsing yet another set of odd-looking DMCA notices when I decided to ask Lumen Database for an API key to access their database.

An API key is essentially a researcher login for software; a credential that lets you automatically query large volumes of data instead of clicking through individual records by hand. In my email, I described a straightforward project: examine how one prolific sender of DMCA and related takedown notices might be using copyright law to target lawful reporting and public‑interest speech.

The outputs, I wrote, would be “public, written journalism and analysis,” and I signed it with my name and publication.

Lumen replied the following morning that my “plans and outputs do not align with Lumen’s current goals and mission” and declined access, then ignored a follow‑up request to explain that contradiction.

Lumen’s official account follows me on Twitter, which makes it hard to argue this was an anonymous or context‑free request from a stranger they knew nothing about.

Because Lumen says it exists to document the censorship machinery that operates through legal threats, walling off deeper access to that machinery isn’t a neutral administrative act.

It’s a choice with real consequences for accountability.

The transparency project that gets to say no

Lumen is a project of Harvard’s Berkman Klein Center, which describes it as collecting and studying online content‑removal requests “providing transparency and supporting analysis of the Web’s takedown ‘ecology.’”

UNESCO’s profile summarizes Lumen’s purpose as promoting transparency about “who sends and receives these notices, why, and what online content they refer to,” and facilitating research on “both legitimate and questionable” complaints. The database is populated by voluntary contributions from companies such as Google, Twitter, and YouTube.

On its Researchers page and in its API terms, Lumen tells the world that it generally issues researcher credentials to people or non‑profits planning “journalistic, academic, or legislative & regulatory policy‑focused public written research outputs,” explicitly naming news articles, journal pieces, and white papers as acceptable outputs.

Independent researchers are explicitly eligible; the terms define a “Researcher” as anyone using the API for such a purpose, whether institutionally affiliated or not.

The same API terms contain a sweeping escape hatch: “Lumen reserves the right to deny or refuse to grant API access for any reason.” There is no described public appeal process in those terms, no obligation to provide a reason, and no published statistics on who is refused.

Lumen did not respond to my follow‑up email explaining I was writing a story about their organization and asking for comment on how my “described plans and outputs do not align with Lumen’s current goals and mission.”

A textbook fit (on paper)

Put Lumen’s public description next to the project it declined and the alignment appears perfect. Lumen says it wants to document the “ecology” of online removal requests: who sends them, why, and to what effect.

I proposed to:

• Map the takedown activity of one frequent submitter over time and across platforms and targets

• Evaluate how often that entity’s notices appear overbroad, retaliatory, or aimed at lawful reporting and commentary

• Examine which topics, individuals, or organizations are most frequently targeted, and whether notices cluster around particular events or critical coverage

The outputs would be public journalism and analysis, with clear methodological notes about how Lumen data were used and my expressed willingness to follow any preferred citation or data‑handling practices.

Those are precisely the kinds of “journalistic” outputs Lumen cites when defining acceptable research purposes in its API terms. I was able to find various external descriptions of Lumen reinforcing that same expectation.

Bellingcat’s online investigations toolkit describes Lumen as a Harvard‑affiliated research database of “legal complaints and content‑removal requests (e.g., DMCA, defamation, court orders)” and explains how researchers can use it as part of large‑scale investigations. Based on Bellingcat’s understanding and Lumen’s own docs, their API access is meant for just the sort of systematic pattern analysis that my proposed work needed.

Lumen’s refusal, then, was not simply a matter of limited resources or some ill‑fitting use case. On the public record, my project’s aims sit squarely inside the organization’s announced remit.

The gap lies in how Lumen currently defines its “goals and mission” in practice, and who exactly is allowed to test the limits of abusive notice‑sending.

When a transparency archive narrows the aperture

This is not the first time observers have questioned whether Lumen’s operational choices match its transparency rhetoric.

In 2020, TorrentFreak reported that Lumen had removed precise URLs from public copies of DMCA notices, replacing them with domain‑level information and requiring users to enter an email address to receive a single‑use link to view full details. The outlet, which called Lumen “an essential tool for researchers and reporters interested in the cease‑and‑desist landscape,” warned that “reduced access will probably be disappointing for some,” and noted that the new hoops “place obstacles in the way of legitimate research and accountability.”

Lumen project manager Adam Holland told TorrentFreak the changes were meant to keep Lumen a “vibrant and valuable feature…for research, journalism, and public awareness around takedown requests” while addressing concerns about people using the database as a directory of infringing links and reducing staff workload. In his account, the research community’s experience would remain “in no way” compromised.

Even some copyright‑enforcement professionals were uneasy. A representative from an anti‑piracy company told TorrentFreak that while his clients welcomed less visibility for infringing URLs, he shared “the concerns of those who may feel that this places obstacles in the way of legitimate research and accountability.”

A pattern appears:

• Lumen and its institutional home present the project as a neutral infrastructure for transparency and research on legal threats to speech.

• To manage internal workload and external sensitivities, they narrow public access and route serious work through privileged channels such as researcher logins and API keys.

• Those privileged channels are themselves controlled by opaque, discretionary access decisions with no external oversight.

An unexplained denial of API access to a journalist scrutinizing one particularly prolific takedown sender is a sharper expression of the same dynamic.

Additional denials may have occurred of which the public is not yet aware.

The quiet power to shape which abuses are visible

The stakes are concrete. Fraudulent and retaliatory takedown campaigns have become a quiet but effective tool for reputation management and suppression of critical reporting under the banner of the DMCA.

A 2024 analysis by Tax Policy Associates titled “The epidemic of fraudulent DMCA takedowns” described an “invisible campaign to censor the internet” through bogus copyright notices, especially those sent to Google, aimed at burying investigative or critical articles in search results. Drawing on Lumen data, the author detailed networks of shell companies and fake media entities submitting near‑identical DMCA complaints to remove unflattering coverage of tax disputes, political figures, and alleged misconduct.

Journalist Mike Masnick, writing at Techdirt, has likewise documented “fake entities…still abusing the DMCA takedown process” to scrub factual reporting, using Lumen entries to trace clusters of notices tied to a reputation‑laundering operation built around a string of invented “Media Corporation” brands. Another analysis at Walled Culture showed how backdated copies of articles are used to generate fraudulent notices that convince platforms to remove the original investigative pieces.

These investigations make one thing clear: Lumen’s archive is not just a passive record. It is often the only way to spot repetition and coordination across platforms that individual transparency reports, or scattered notices, will never reveal.

Other observers treat Lumen as central infrastructure. The Canadian think tank CIGI, in its report “Weaponizing Privacy and Copyright Law for Censorship”, points to the role of databases like Lumen in tracking censorship‑adjacent use of copyright and privacy law.

Google itself, in its About Lumen documentation, explains that it contributes certain legal removal requests to the project, and describes Lumen as a Harvard‑based initiative that “collects and analyzes legal complaints and requests for removal of online materials.” Google explicitly links that sharing to goals of transparency and public oversight of content removal.

That privileged position comes with quiet, unreviewable power. By controlling scalable access to the underlying data, Lumen can determine which journalists and researchers can efficiently test powerful actors’ use of copyright, defamation, or court orders to scrub the public record.

Lumen’s own notice‑information page explains that some information is restricted to researchers and that fields, including URLs, may appear as redacted for the general public. After the 2020 changes, full notice details are often available only through email‑gated single‑use links. The web interface allows viewing one complete notice at a time and running basic keyword searches, but trying to map a prolific sender’s behavior that way is effectively research via pipette.

From the public record, the structure looks like this:

[ Notice Senders ]
      │
      │  (DMCA, defamation, court orders, other takedown requests)
      ▼
[ Platforms / Intermediaries ]
      │
      │  (Some or all notices forwarded for "transparency" [CYA])
      ▼
[ Lumen Database ]
      │
      │  Public web interface
      │     (Single-notice, email-gated access for full details)
      │
      └───► [ API Access ]
              │
              │  (Sranted or denied at Lumen's discretion)
              ▼
     [ Researchers / Journalists ]

When those gatekeepers quietly decline, without explanation, the chill is subtle but real. The path of least resistance is to focus on aggregated trends or generic “DMCA abuse,” not on how a particular company, law firm, or political actor is exploiting the system.

Lumen’s silence on my request for clarification leaves open uncomfortable questions that belong in the public record.

Why this should matter to policymakers and platforms

For policymakers and platforms that tout transparency as a partial answer to overbroad content removal, Lumen’s access posture raises several uncomfortable implications.

First, if governments and companies point to Lumen as proof of accountability while Lumen quietly controls who can conduct serious analysis, transparency becomes a talking point rather than a practice. UNESCO’s treatment of Lumen in its World Trends in Freedom of Expression materials underscores its perceived role as a public good in the media freedom ecosystem. That status is undermined if its most powerful analytical tools are selectively withheld from independent scrutiny.

Second, platforms like Google that highlight their participation in Lumen in transparency materials should be pressed on whether they are comfortable with an arrangement in which the primary public archive of their legal notices is not meaningfully accountable to the wider research and journalism community. If Lumen’s access decisions systematically or even sporadically shield high‑volume senders from investigation, platforms are implicated in that outcome.

Third, legislators considering reforms to notice‑and‑takedown regimes should recognize that “transparency” is not binary. A database can exist, be technically public, and be cited in policy debates while still being organized in ways that frustrate the very investigations it is meant to enable. Access design is policy.

Finally, there is a deeper structural question: should a single, privately governed institution occupy such a central position in documenting legal threats to online speech? Work on open data and research access has highlighted how opaque refusals can undercut the public interest even when framed as responsible stewardship. Lumen’s trajectory and practices deserve the same level of critical scrutiny that it has so usefully allowed researchers to apply to everyone else.

What is already clear is this: a project widely treated as the public’s telescope into the world of legal takedown threats is also the gatekeeper to that telescope’s highest‑powered lens. When that gatekeeper quietly tells a researcher her plans no longer fit its mission, and declines to explain why, the story isn’t about a single denied API key, or that researcher’s annoyance at the denial.

It’s about who gets to study censorship, and on whose terms.

Get 25% off for 1 year

That’s because for the last few weeks, I’ve been tracking a story that was too sensitive, and frankly too dangerous, to publish without the backing of a major institutional partner.

I needed an outlet that wouldn’t blink when the names “Trump,” “Putin,” and “FBI” appeared in the same paragraph. I needed a publisher that regards being sanctioned by the Russian Federation as a badge of honor, not a legal liability.

That is why my new investigation, “Trump Pardon Buries FBI’s Secret Work for Putin’s Oligarchs,” is the lead exclusive story today in Byline Times.

The Investigation

We discovered that President Trump’s recent pardon of former FBI agent Mark Rossini wasn’t just a favor—it was a burial.

• The Money: I tracked $3.5 million in donations to a Trump-aligned Super PACsfrom the family of Rossini’s co-defendant.

• The Cover-up: We explain how the defense may have used “graymail”—threatening to expose national security secrets in open court—to force the DOJ to crumble.

• The Result: The pardon didn’t just free a man; it permanently sealed the records of what US intelligence officials were secretly doing for sanctioned Russian networks.

Writing for Byline Times allowed me to document this complex “graymail” legal maneuver with the rigor it demands. Their editors and legal team are fearless, and they are one of the few outlets left willing to print the uncomfortable truth about the intersection of oligarch money and American justice.

Please read the full investigation here: https://bylinetimes.com/2026/02/11/trump-pardon-buries-fbis-secret-work-for-putins-oligarchs

Thank you for supporting Hacking, but Legal. It was your support that funded this investigation, and Byline Times that fearlessly gave it a home. If you want to support more reporting on what the papers don't say, please consider subscribing.

Best,
Jackie Singh

Get 25% off for 1 year

DSS has done this work at every Games since Montreal. It is, by any reasonable measure, an important part of what the agency does—making a newly-announced arrangement at Milan-Cortina 2026 highly peculiar.

The Guardian’s sources at the US Embassy in Rome have confirmed the following statement from ICE:

“At the Olympics, ICE’s Homeland Security Investigations (HSI) is supporting the US Department of State’s Diplomatic Security Service and host nation to vet and mitigate risks from transnational criminal organisations.”

“All security operations remain under Italian authority.”

The official ICE statement describes Homeland Security Investigations as “assisting” DSS “to assess and mitigate threats posed by transnational criminal organizations.” Embassy sources confirmed that HSI would back up State Department security. The Department of Homeland Security said its agents would help with “vetting and mitigating risks.” This is not how federal agencies typically describe anti-trafficking operations, which is what HSI actually does at major sporting events. At the 2017 Super Bowl, HSI’s Operation Guardian Angel arrested 94 perpetrators. The agency runs similar programs at every Super Bowl, working hotels and monitoring patterns.

It does not provide protective security.

The distinction matters. HSI is the investigative arm of Immigration and Customs Enforcement, with over 6,700 agents focused on cross-border crime: narcotics, weapons, money laundering, trafficking. The agency has provided hundreds of thousands of hours of support to the Secret Service at National Special Security Events like inaugurations and Super Bowls. But those are domestic events under DHS coordination. Overseas, the State Department holds authority. DSS operates under Foreign Service protocols. No statutory or operational framework exists for HSI to augment DSS abroad.

Embassy officials told Reuters that several federal agencies have supported Olympic security before, including HSI. This is technically true and substantially misleading. At Paris, HSI ran the Open Doors Initiative, a trafficking prevention program partnering with French hotels and nonprofits. That is specialized law enforcement work, not threat assessment for DSS.

French reporting from RFI noted uncertainty about whether HSI had ever participated in Olympic security at all.

I was unable to locate any public record documents showing HSI providing operational support to DSS at any previous Games. NBC News went further, claiming, “It is not unusual for the division, which takes the lead in international human trafficking situations, to work on marquee events abroad,” and placing that claim in the subheader.

The network offered no evidence for this and appears to be the sole source for this claim among the dozens of international news organizations covering this story. RFI was more careful, reporting it is “not known whether the HSI has in the past been involved in the Olympics, or whether this is a first.”

Perhaps NBC has uncritically repeated an anonymous embassy source’s claim, or possibly conflated HSI's anti-trafficking work at Paris 2024 with the operational security role described for Milan-Cortina. The Open Doors Initiative partnered with hotels and NGOs to identify trafficking victims, which has nothing to do with threat assessment for DSS. One mission is routine. The other, if it has ever happened, left no trace in the public record. NBC’s framing risks normalizing a historically unprecedented arrangement by claiming it is routine.

So what explains Milan-Cortina?

The Department of Homeland Security’s own planning documents offer no answer. The agency’s FY2025 Financial Report, published this month, mentions the Olympics exactly once: TSA preparing for the 2028 Los Angeles Summer Games alongside the 2026 FIFA World Cup and America’s 250th anniversary. Surge staffing. Coordinated planning. Screening upgrades.

The report says nothing about HSI providing security support at Milan-Cortina, nothing about augmenting DSS operations abroad, nothing about threat assessment at international sporting events. If this deployment reflects institutional planning rather than political improvisation, DHS’s budget justifications do not show it.

The State Department announcement offers a clue: the arrangement demonstrates “the Trump administration’s bold leadership and steadfast commitment to law enforcement and security.” Vice President Vance is leading the U.S. delegation. The framing is political, not operational.

DSS does face staffing pressure. A 2022 study found the agency operating at 73 percent of authorized strength. But DSS managed Paris without HSI integration, despite an unprecedented open-air ceremony on the Seine that French security officials called the most complex Olympic event ever attempted. If DSS cannot staff Milan-Cortina, a smaller Games in a less challenging security environment, something has gone badly wrong at Foggy Bottom. If DSS can staff it, the HSI deployment is theater.

The Italian reaction suggests the latter interpretation.

Former Prime Minister Giuseppe Conte called on the Italian government to “set our own limits” regarding the United States and demanded an end to “capitulation” to Trump.

Interior Minister Piantedosi initially denied ICE involvement before clarifying that Italian authorities would maintain control and American agents would not operate on the streets. Foreign Minister Tajani told reporters HSI would work “in the operations rooms,” not in public.

The prominent LGBT activist and member of the European parliament for the centre-left Democratic party Alessandro Zan said:

“Trump’s private police agents will arrive in Italy for the Milan-Cortina Olympics. Their task? “To verify and mitigate risks arising from transnational criminal organizations.” If that’s the goal, it’s paradoxical to entrust it to those who are the first to commit crimes, operating with violence and killing innocents in cold blood.

In Italy, we don’t want those who trample human rights and act outside any democratic control. It’s unacceptable to think that an agency of this kind could have a role, whatever it may be, in our country.

Giorgia Meloni should stop taking orders from Trump and, for once, act as a patriot of Italy and not of the United States.”

Milan’s mayor called ICE “a militia that kills” and declared HSI agents unwelcome. He cited recent DHS enforcement operations in Minneapolis that left two U.S. citizens dead (one shot by Border Patrol, one by ICE), telling RTL 102.5 radio that,

“This is a militia that kills,” he said. “It’s clear that they are not welcome in Milan, there’s no doubt about it. Can’t we just say no to Trump for once? We can take care of their security ourselves. We don’t need ICE.”

“ICE agents should not come to Italy because they are not aligned with our democratic way of providing security.”

After the Minneapolis shootings, ICE officials threatened to break the car window of Italian Rai TV journalists who were filming the aftermath.

The video aired on Rai 3 and dominated Italian news for the past two days. Journalist Laura Cappon had shown both her press credentials and passport while identifying herself as Italian media. Foreign Minister Tajani, from Meloni’s own coalition, said the images “speak of abuse.” Even Tommaso Foti, a minister from Meloni’s Fratelli d’Italia party, called ICE’s approach “very harsh and censurable, not at all in line with what is adopted by our law enforcement agencies.” The opposition was less diplomatic: Angelo Bonelli of the Green-Left alliance called it

“mafia-like intimidation of the press in the heart of the United States.”

The backlash reflects ICE’s toxic brand, which has little to do with HSI’s actual mission. HSI is the investigative division of ICE, separate from the Enforcement and Removal Operations (ERO) unit that conducts deportations. Italian media has quite reasonably conflated the two, and American officials have struggled to explain the distinction while simultaneously refusing to explain why HSI will be sent.

I have a few unanswered questions: What capabilities does HSI possess that DSS lacks after five decades of Olympic security? Under what legal framework will HSI agents operate in Italy? Will they carry weapons or hold diplomatic credentials? Who commands them? And why divert HSI personnel from investigating transnational criminal organizations to provide event security, while investigating TCOs is the stated justification for their presence?

The public record offers no answers. What it offers instead is an arrangement without documented precedent, announced with political fanfare, defended with misleading claims about prior practice, and seemingly planned for implementation over the objections of the host city’s mayor. If DSS genuinely needs help, that is an institutional failure requiring congressional attention.

If it does not, the Milan-Cortina deployment is something else: an expansion of DHS’s international footprint dressed up as interagency cooperation, which establishes precedent for ad hoc federal deployments beyond statutory missions.

Either way, we Americans should probably ask why.

NPR reports:

Pittman’s father contacted the FBI hours after the fire and said his son had admitted to starting it, the complaint alleges. It states that Life360 map data from Pittman’s cell phone and text messages to his father further corroborated his confession.

According to the FBI, Pittman traveled from his home early Saturday and stopped at a gas station, before heading to Beth Israel. He then texted his father a picture of the back of the synagogue and a series of messages, which read, “There’s a furnace in the back,” “BTW my plate is off,” “Hoodie is on,” and, “they have the best cameras.”

Pittman's father pleaded for his son to return home. Pittman replied that he was "due for a homerun," according to the affidavit. The criminal complaint states that Pittman went on to text his father that he had done his "research." The FBI says Pittman's father noticed burns on his son's ankles, hands, and face and confronted him:

The government’s complaint alleges that when he confessed to his father, with obvious burn injuries visible on his hands and body, he laughed and said he “finally got them.”

Ten days later, standing in federal court with bandaged extremities, Pittman pleaded not guilty. FBI Special Agent Ariel Williams’s testimony revealed something as disturbing as the attack itself: escalating psychiatric deterioration that everyone around him witnessed but no one knew how to stop.

His mother told investigators the family pets were afraid of him. She’d considered locking her bedroom door at night. After he returned on winter break, his behavior changed so dramatically that when his father tried to correct him for saying something offensive, Pittman “bowed up” in his father’s face.

Members of his gym even heard him say he wanted to burn a synagogue.

That laugh of his should haunt us. Not because it confirms Pittman as a monster, but because it suggests a young man whose break from reality coincided with immersion in online antisemitism, creating a perfect storm that existing frameworks for hate crimes and terrorism fail to capture.

The Clinical Picture

Pittman’s trajectory tells an unusual story. I was able to locate quite a few mentions on social media praising his sports prowess amid photographs of a typical all-American youth. He was an honor roll student at St. Joseph Catholic School, a National College Athletic All-Academic Team member, and spent a few semesters at Coahoma Community College before the attack. High achievers don’t typically abandon their tracks without reason.

Mississippi Today reported that, until recently, Pittman had “mainly used his numerous social media accounts to post about baseball, Christianity and his exercise routines.” My review of his X (Twitter) account confirmed this. Notably, he showed little interest in engaging with anyone online—no back-and-forth with peers, no community building, just broadcast. His social media was a limited monologue.

Friends said he “changed a lot” in recent years. He began bragging about money, promoting questionable health trends he called a “Christian diet.” There were videos of himself cracking raw eggs into his mouth on Snapchat. Videos of himself frantically pumping iron at the gym. Discussions of “testosterone optimization.” Linkages to online subcultures where “maxxing” masculinity, finances, and fitness bleed into nationalist religious fervor. His Instagram bio read “Entrepreneur” and “Lawyer of God.”

On December 5th, thirty-six days before the attack, Pittman purchased the domain for “One Purpose,” a website offering “Scripture-backed fitness, brotherhood accountability [and] life-expectancy maxxing” for ninety-nine dollars monthly. The site featured God’s ineffable name in Hebrew, references to Jewish fast days, and the seven biblical species of Israel.

Then he came home from Coahoma Community College in northwest Mississippi for winter break. His parents saw their son transform into someone they feared. Their household pets, being animals that are sensitive to behavioral cues often missed by humans, became afraid. The mother who’d raised him for nineteen years considered locking her bedroom door. He started day trading, and physically confronted his father. Others heard him utter racist threats in their presence.

The cognitive disintegration was visible to everyone in real time, but was stopped by no one. At nineteen, Pittman sits at peak age for first-episode psychosis in males. Schizophrenia incidence shows a steep increase culminating at age 15 to 25 years in males. Up to 75 percent of patients with schizophrenia experience a prodromal phase: subtle changes in perception, thinking, and functioning extending from weeks to years before full symptoms emerge.

The checklist reads like Pittman’s life: Academic dysfunction. Personality changes. Bizarre social behavior. Inappropriate affect. Grandiose thinking. Unusual preoccupations. Paranoid ideation. Behavioral disorganization. Changes so severe that family members become afraid.

When parents are considering locking bedroom doors, that isn’t radicalization. It’s psychiatric emergency.

Pittman’s phrase sits at the intersection of white nationalist propaganda and religious delusion. Religious delusions occur in between one-fifth and two-thirds of patients with delusions, and prevalence rates vary dramatically by country—from 63% in Lithuania to 24% in England to 7% in Japan. In societies where religion plays an important role in everyday life, people with psychiatric disorders tend to show religious delusions more often than in non-religious societies. The content of delusions is determined by cultural context. In Christian-majority societies, common themes include apocalyptic imagery, supernatural persecution, and religious outgroups as existential threats.

Pittman’s inappropriate affect, laughing while confessing to a violent felony, is textbook psychotic disorder. So is the operational chaos: incriminating content posted hours before the attack, texting his father from the scene, his burned cell phone left behind, and severe self-injury to his face, hands, and ankles. This isn’t a picture of methodical ideological terrorism. It’s someone whose relationship with reality has catastrophically failed.

Persecutory delusions correlate strongly with violence risk, particularly when combined with anger. Re-analysis of the MacArthur Violence Risk Assessment Study found that threat delusions of being spied upon, persecutory delusions, and delusions of conspiracy were mediated by anger due to delusional content on the pathway to serious violence. The closeness in time, or temporal proximity, between the delusion and the act, is an important factor. When someone acts violently during or immediately after experiencing a delusion, there’s stronger evidence the delusion caused the violence, versus someone who holds delusional beliefs for months but acts for unrelated reasons.

Pittman’s timeline appears compressed: on Saturday, January 10 at 12:52 a.m, he posted an antisemitic video on Instagram.

“A Jew in my backyard, I can’t believe my Jew crow didn’t work,” an animated Disney princess-style character said to a short yellow figure with a long nose. “You’re getting baptized right now.”

Roughly two hours later, he drove a few miles to commit the arson, catching himself on fire in the process. He drove himself to the hospital for treatment, and was arrested later that evening after his father, who had seen his burns and heard his laughing confession, contacted law enforcement. Two days after that, he replied "Jesus Christ is Lord" when the judge read his rights. The delusion wasn’t incidental background noise. It was actively driving events.

The Radicalization Machine

Pittman wasn’t reading Revelation in isolation. Before October 7th, 2023, antisemitic content lived in dark corners. After Hamas attacked, UK authorities documented dramatic increases in antisemitic incidents.

The ADL documented 8,873 antisemitic incidents in the United States in 2023, more than doubling the 3,698 reported in 2022. Similarly, the British Community Security Trust recorded 4,103 incidents in the UK, up from 1,662 in 2022. The British Community Security Trust recorded 2,019 antisemitic incidents in the first half of 2024 alone (the highest six-month total ever) before declining to 1,521 in the first half of 2025.

This remains historically elevated: the 2025 figure is still 84% higher than the 823 incidents recorded in the first half of 2022. After October 7th, content that once only lived in dark corners began to flood mainstream feeds—algorithmically amplified, packaged as edgy humor or political commentary, and normalized through sheer repetition. For someone like Pittman who was already showing signs of cognitive deterioration, this was the water he swam in.

Hours before the attack, Pittman shared content from “jew_inbackyard_daily,” an Instagram account posting antisemitic material: caricatured figures with exaggerated features stealing bags of money, getting pushed into pools, “baptized.” The account name itself signals industrialized hate production.

Research shows a 413% rise since 2020 in the internet playing the primary role in the radicalization process for those under the age of 30 compared to the previous decade, according to the PIRUS database. Bad actors on platforms like 4chan, 8chan, Parler, Reddit, Gab, TikTok, Truth Social, X, and Instagram employ memes, dark humor, and pseudo-intellectual discourse to normalize racist and antisemitic beliefs, particularly targeting young men.

The Christchurch killer explicitly encouraged followers to “make memes” about his attack, understanding that internet culture perpetuates ideology more effectively than traditional propaganda—a strategy sometimes called “memetic warfare.”

What happens when someone immersed in this ecosystem begins experiencing prodromal psychotic symptoms? Emerging paranoia, difficulty distinguishing reality from digital content, religious preoccupations. These don’t develop in cultural vacuum. They incorporate available material.

The Diagnostic Trap

Was Pittman experiencing genuine psychotic delusions, or what researchers call “extreme overvalued beliefs”: rigidly held convictions that motivate terrorism but aren’t delusional? The distinction matters legally and clinically, but the boundaries blur. Extreme overvalued beliefs are shared by subculture members, maintain internal logic, and develop through social learning rather than psychotic processes.

The difference isn't whether the belief is abhorrent, it's whether it's culturally transmitted or idiosyncratically generated. A neo-Nazi who believes in an international Jewish conspiracy holds an extreme overvalued belief: false and hateful, but shared by a subculture and spread through social learning. Someone who believes his specific neighbor is a Jewish agent implanting thoughts through the television holds a delusion. Conspiracy theories are taught. Delusions emerge from a breaking mind.

But what about someone who builds a fitness website steeped in Hebrew religious content, then burns a synagogue and laughs about “finally getting them”?

Such an incongruous trajectory suggests neither pure ideology nor pure psychosis, but a pathological intersection of both: emergent psychosis shaped by online radicalization with psychotic symptoms providing the disinhibition necessary to act on violence suggested by extremist ideology. Psychosis breaks reality. Ideology fills the void. Algorithms reinforce it constantly.

Arson and the Mind

Swedish registry data reveals dramatically elevated odds ratios for arson convictions among individuals with schizophrenia: 22.6 for males, 38.7 for females. These risk estimates are higher than those reported for other violent crimes and place arson in the same category as homicide as crimes most strongly associated with psychotic disorders.

The symbolic dimension matters. Fire destroys, purifies, attracts attention. In religious delusions, it represents divine judgment. For someone experiencing psychotic-level religious persecution beliefs, burning a “synagogue of Satan” may feel like spiritual warfare.

This is the same synagogue that was bombed by the Ku Klux Klan in 1967 during the civil rights era. The attack allegedly struck the same wing of the octagonal building that burned in that earlier attack.

What We’re Missing

Could this have been prevented? At what point does “concerning behavior” become “imminent risk requiring intervention”? We have no system for this.

Research shows social media activity captures objective markers of psychotic relapse. One study achieved 71% specificity predicting psychiatric hospitalizations from Facebook posts, identifying linguistic shifts in the month before relapse: increased swearing, anger, and death-related language; more first-person pronouns; fewer references to work, friends, and health.

Could similar patterns identify individuals in prodromal phases, before a first psychotic break? Research demonstrates machine learning can predict conversion to psychosis with 93% accuracy by analyzing speech for two markers: low semantic density (vagueness) and increased talk about voices and sounds.

The challenge isn't technical, per se. It's ethical and legal. With that said, who might already be doing it?

The State Actor Question

A colleague with decades in information operations raised a hypothesis: what if hostile state actors are identifying vulnerable individuals and accelerating their radicalization?

Russian intelligence has demonstrated sophisticated social media manipulation. But the true infrastructure is GRU Military Unit 54777, Russia’s formal psychological operations command.

Established in 1994 as successor to the Soviet Special Propaganda Directorate, Unit 54777 operates in peace and wartime with documented involvement in the Crimea annexation, Syria, Ukraine, European elections, and COVID-19 disinformation. Unlike Soviet-era units activating only during military operations, 54777 conducts continuous psychological warfare. Its operations integrate cyberspace with traditional PSYOPS: “information confrontation,” a fusion of cyber-technical and cyber-psychological attacks with the goal of eroding the adversary’s will.

They operate through social media and front organizations (InfoRos, Institute of the Russian Diaspora), with subordinate PSYOPS units in every Russian military district. The “Aquarium Leaks” (declassified GRU documents) reveal a consistent strategy: identify contentious social issues, flood platforms with divisive content through bot networks and troll armies, and amplify societal tensions. Not to win debates, but to paralyze societies through internal conflict.

Industrial-scale psychological operations require precision targeting. Enter surveillance capitalism. Research establishes comprehensive personality profiles can be inferred from as few as 300 Facebook “likes” with spouse-level accuracy. Cambridge Analytica exposed this at scale: combining psychological tests from 270,000 users with machine-learning models, the firm built personality profiles for over one hundred million U.S. voters, then used algorithmic microtargeting to tailor messages to individual psychological vulnerabilities.

Digital footprints predict political orientation, sexual orientation, ethnicity, intelligence, and crucially, psychological states: depression, anxiety, emotional vulnerability. Facebook offered advertisers ability to target users “in moments of psychological vulnerability,” identifying when young people feel insecure and stressed.

This is psy-ops at scale. Personality-tailored messaging increases persuasiveness by approximately 40% compared to untargeted content. Studies show even warnings about microtargeting fail to reduce message persuasiveness for personality-matched content. The manipulated cannot perceive the manipulation.

Social media platforms collect massive behavioral data: linguistic patterns, posting frequency, content shifts, engagement metrics, temporal behaviors. The capability architecture exists to identify individuals showing early signs of psychiatric vulnerability, apply personality profiling to understand specific psychological architecture, and deliver personality-optimized radicalization content through algorithmic amplification.

This remains theoretical vulnerability, not documented practice. While Intelligence Community assessments on foreign malign influence focus on election interference, disinformation campaigns, and diaspora targeting, they haven’t discussed the exploitation of psychiatric vulnerabilities (nor cognitive warfare, more broadly.)

However, the operational capability unquestionably exists, and some of the recent clusters of “random” or “unexplained” attacks by mentally ill individuals in the United States and elsewhere could fit this hypothesis within the framework of non-linear warfare.

Technical components (psychological profiling, microtargeting, radicalization content delivery, vulnerability identification) have all been demonstrated in commercial and intelligence contexts. The intersection of online radicalization and mental illness sits between terrorism research and psychiatry and remains understudied, creating blind spots where such operations are able to develop undetected and flourish.

Whether through deliberate state actor targeting or emergent properties of algorithmic amplification, vulnerable individuals experiencing early psychotic symptoms are being exposed to extreme content precisely when least equipped to evaluate it critically.

The Forensic Dilemma

Pittman faces federal arson charges and state charges with hate crime enhancements. At his January 20th bond hearing, Magistrate Judge LaKeysha Greer Isaac denied bond: “No conditions would ensure community safety.” Trial is set for late February. He faces five to twenty years federal, five to thirty state—up to sixty with hate crime enhancements.

Given suspected psychotic symptoms, substantial basis exists for competency evaluation. When the judge read rights during his initial appearance via video from his hospital bed, Pittman responded: “Jesus Christ is Lord”—possibly indicating tangential thinking or inability to focus on legal proceedings. He appeared with bandaged hands and ankles, carrying a Bible, and said little to his attorney through two hours of proceedings.

The insanity defense proves more complex. Federal law requires proving the defendant “was unable to appreciate the nature and quality or wrongfulness of his acts.” Premeditation and scant signs of operational security such as removing license plates and wearing a hoodie suggest preserved appreciation of consequences. But the text messages, self-immolation, laughing confession, and social media posts before and after the arson indicate profoundly impaired judgment.

Public defender Mike Scott argued Pittman suffered third-degree burns, incarceration could risk his health, posed no community danger. Prosecutor Matthew Wade Allen countered Pittman posed “serious risk he will obstruct justice or threaten, injure or intimidate witness or juror.”

Judge Isaac agreed.

Treatment and Prevention

Early treatment for first-episode psychosis dramatically improves outcomes. But for someone like Pittman, treatment must also address the ideological content of his beliefs—and traditional psychosis programs have no framework for this.

Standard treatment for delusions involves medication and therapy to help patients reality-test their beliefs. Deradicalization programs help people exit extremist ideologies. But what happens when the two overlap? How do clinicians distinguish a psychotic delusion requiring psychiatric treatment from a sincerely held extremist belief requiring deradicalization? Where does illness end and ideology begin? This intersection remains uncharted clinical territory.

The integrated approach Pittman needs essentially doesn’t exist.

Unfortunately, his case isn’t isolated. As a recent example, Australia’s security service ASIO reported in its 2025 Annual Threat Assessment finding a twelve-year-old self-professed neo-Nazi discussing on social media how to livestream a school shooting before moving to religious targets. ASIO’s intelligence enabled U.S. authorities to intervene.

The director-general noted a disturbing pattern: many radicalized minors “did not have a clear or coherent ideology beyond an attraction to violence itself.”

What needs to happen?

• Intervention pathways for families witnessing psychiatric deterioration. NAMI’s crisis intervention resources provide guidance, but we need systematic protocols that empower families to act before crisis becomes catastrophe.

• More interdisciplinary research at the intersection of mental health and radicalization. Current studies remain siloed. The EU Radicalisation Awareness Network’s practitioner handbook presents a start, but NIJ-funded research confirms the need for integrated approaches.

• Early intervention services for psychosis must develop capacity to assess ideological radicalization. NIMH’s EPINET initiative delivers a framework, but clinicians need training to recognize when delusional content intersects with extremist recruitment.

• Platforms must acknowledge their role in algorithmic amplification of extreme content. The Center for Countering Digital Hate’s STAR Framework outlines principles for Safety by Design, Transparency, Accountability, and Responsibility. The ADL’s research on algorithmic amplification documents the problem; proposed legislation offers a regulatory path forward.

• Frameworks for identifying vulnerable individuals without creating new surveillance states. Emerging research on AI that can infer mental states from behavioral patterns (Affective Computing) highlights core tensions between ethical care and patient privacy and autonomy.

• Funded treatment capacity instead of prisons as de facto psychiatric hospitals. The Treatment Advocacy Center documents how 383,000 individuals with severe mental illness are incarcerated versus 38,000 in state psychiatric hospitals. NAMI’s policy position and the Prison Policy Initiative’s research outline evidence-based alternatives to this.

The Uncomfortable Conclusion

Antisemitism isn’t a symptom of mental illness. The vast majority of antisemitic violence is perpetrated by individuals without mental illness, motivated by ideology, hatred, political extremism. Attributing hate to mental illness risks excusing ideologically-motivated violence while reinforcing unfair stigma.

But some percentage of cases (we don’t know how many, because I’m not sure anyone is looking systematically yet) represent this dangerous intersection: vulnerable individuals experiencing psychotic symptoms, immersed in online radicalization, and lacking insight to seek help or support systems to intervene.

These cases don’t fit existing categories: Not pure mental illness. Not pure terrorism. They are hybrid threats at the intersection of psychiatry, counterterrorism, technology policy, and public health. Everyone around Pittman saw what was happening, but no one could stop it.

His laugh wasn’t evil triumphant. Those behavioral changes weren’t simple signs of ideological radicalization. That incongruous website wasn’t some act of strategic deception. His mother’s fear wasn’t an overreaction. These acts were the signatures of a mind fragmenting in real time, with unregulated algorithms and hateful ideology filling the cracks.

The question isn't simply whether hostile state actors are deliberately exploiting psychiatric vulnerability for radicalization; capability and motive exist.

The more crucial question is whether we're willing to acknowledge that the digital environment Big Tech has created has effectively automated the same process: algorithmic amplification of extreme content, precision targeting of vulnerable individuals, and radicalization at scale. Either way, we’re unprepared.

Pittman’s trial begins February 23rd. Perhaps it will answer legal questions about guilt and responsibility. But it won’t answer what matters most: How many others are fragmenting right now? How many families are watching the same deterioration with no idea where to turn? How many more Pittmans are fragmenting right now, and what are we doing about it?

This publication runs on reader subscriptions. If this analysis demonstrated value, please consider becoming a paid subscriber to help my research reach more people.

Subscribe now

Get 25% off for 1 year

Yesterday, I received what appeared to be an internal HR announcement about updated company policies for 2026.

At first glance, the email appeared somewhat legitimate. It passed every authentication check Google runs, appeared in an existing business conversation thread, and used professional formatting that mimicked Microsoft Teams notifications.

I wasn’t tricked into clicking a bad link. Instead, I spent the next couple of hours reverse engineering the attack infrastructure. What I found was a professionally operated phishing campaign:

• A throwaway email account on a conservative-branded email service ($33/year, no verification required)

• A compromised router in Cape Town, South Africa routing the attack traffic

• The same infrastructure targeting at least three other organizations across multiple countries

• A Phishing-as-a-Service platform called Tycoon 2FA with tens of thousands of documented incidents

• Multi-national infrastructure spanning Russia, South Africa, the United States, and Croatia

Here are a few things we can learn from taking apart a single phishing email.

How I Spotted It

The email appeared to be from Human |Resourcesgeneral <humanresources@reagan.com>.

The subject line read: “New policy documents have been posted. Please review the updated Employee Agreement and Workbook for 2026.REF#09098”.

Because I did not click the Gmail button to “Show images” above the email body, the content is not visually formatted in the manner the attacker intended.

💡 Generally speaking, you should avoid clicking “Show images” in spam or phishing emails, because image loading in emails is a common phishing technique that can leak your email address to attacker-controlled servers.

This helps provide a glimpse of your Internet activity and confirms to the cybercriminal that your email is active and monitored by a real person. This is a process called “email validation” that increases the likelihood your address will be targeted in future campaigns.

Depending on your email client, you may also inadvertently reveal your IP address in the process, giving attackers additional data for targeting and geolocation. However, that particular technique doesn’t work in Gmail or Google Workspace because Google’s infrastructure loads all images through their own proxy servers, stripping away your real IP address and preventing attackers from confirming email validity or collecting device information via tracking pixels).

Importance Marker Applied

Google automatically marked the email as “Important” without my intervention based on its interpretation of the contents.

I unmarked the email to help ensure Gmail will learn not to do that again in the future, but there is also a way to change your importance marker settings to prevent Gmail from using your “past actions to predict which messages are important”.

What Looked Wrong?

I have manually analyzed many phishing emails over the course of my career. Because of this, three things immediately felt wrong:

• First, the timing was convenient. The date was January 20, 2026. Annual policy updates are expected this time of year. The social engineering was textbook: invoke authority (HR department), create urgency (new policies require review), add legitimacy (“reference number REF#09098”).

• Second, the sender was suspicious. The email appeared to come from one account, but when I examined it more closely, the actual sending account was a different address entirely, belonging to a person I don't know and who doesn't work with me.

• Third, the call-to-action was wrong. The email showed a file icon (📄 Employee Policy 2026.docx) but included no actual attachment. Instead, there was a button: “Open to Read Policy.” That button contained a URL to mail.notifyvisitors.com (an email marketing platform) with a 576-character Base64-encoded parameter obscuring the final destination.

First Bypass Technique: Email Authentication

My Google account has Advanced Protection Program enabled.

This is Google’s strongest security tier designed for high-risk users like journalists, campaign staffers, and business executives. It’s supposed to catch sophisticated phishing, and anecdotally does a fantastic job 95%+ of the time.

This particular email sailed right through.

I pulled the full email headers (technical information inside) to understand why. Here’s what Google’s authentication system saw:

SPF: PASS (173.203.187.109 designated as permitted sender for reagan.com)
DKIM: PASS (cryptographic signature valid for @reagan.com)
DMARC: PASS (sender alignment verified)

Every single check passed. Gmail didn’t seem to think this was a spoofed (faked) email. Was it?

What is Reagan.com?

Reagan.com markets itself as a “private email” service emphasizing conservative American values and privacy.

For $40 to $99 per year, anyone can register an email address like financedepartment@reagan.com with no identity verification required.

The “Ronald Reagan” Attack

When the email arrived in my Gmail inbox, it displayed as coming from humanresources@reagan.com. The subject line, timing, and sender all appeared vaguely legitimate.

Only when I examined the email headers did the attack become clear.

The attacker logged into a legitimate berrelli@reagan.com account and manually forged the From: header field to impersonate humanresources@reagan.com.

The email’s To: field listed Human@resourcesmailonlinesespr.com. This is a domain name that, upon investigation, does not exist in any registrar, DNS system, or search engine. This is not an oversight or typo; it’s a deliberate design choice by the attacker.

The To: field address serves a purely social engineering function here.

When victims receive this email, seeing it addressed to a plausible-sounding HR domain reinforces the illusion of legitimacy. But the address was never meant to receive email. Instead, stolen credentials are collected through a different mechanism: the Adversary-in-the-Middle proxy infrastructure hidden behind the NotifyVisitors redirect chain.

Received: by webmail.reagan.com
(Authenticated sender: berrelli@reagan.com, from: humanresources@reagan.com)

X-Auth-ID: berrelli@reagan.com
From: “Human Resources general” humanresources@reagan.com

The authenticated sender is the person who actually owns and logged into the account. The From: is what users see. These should match, but Reagan.com allows their senders to set the From: field to any address they choose.

Google’s SPF check validated that berrelli@reagan.com is authorized to send email from reagan.com, which is true. The DKIM signature cryptographically proves the email came from Reagan.com’s servers; also true. DMARC confirmed sender alignment; also correct, because the domain legitimately sent it. Every authentication protocol did exactly what it was designed to do. But none of them verify that the From: field matches the authenticated sender.

In Check Point’s original write-up, Gmail relied on an X-Sender-Id field. In this case, Reagan.com instead exposes X-Auth-ID to record the authenticated account, but the effect is identical: the authenticated sender differs from the forged From: address.

This is a gap in email protocol design that has existed for decades.

The attack pattern was documented by researcher Yoav Nathaniel at Check Point Research in 2018, who named it the “Ronald Reagan Attack” specifically because Reagan.com’s permissive webmail settings made it ideal infrastructure for this type of impersonation. Attackers would register inexpensive accounts, forge email headers to appear as HR departments or executives, and send thousands of phishing emails that passed every standard authentication check.

Most email providers implement controls to prevent this, either by limiting which addresses users can send from or by appending disclaimers when the From: doesn’t match the authenticated account. Reagan.com has apparently chosen not to implement such controls, making their infrastructure attractive to attackers and problematic for users who receive emails that appear to come from addresses they don’t recognize but still pass all technical validation checks.

My instinct was to check if berrelli@reagan.com was a compromised account from a public breach. I searched HaveIBeenPwned, the definitive database of breached credentials founded by Troy Hunt, and found nothing there or on Google either, which is somewhat unusual for a typical email account used over a period of time.

This suggested one of three possibilities: the account was created recently (within days) specifically for this campaign, it was compromised via targeted phishing rather than a public data breach, or it’s a throwaway account used for a limited campaign and then abandoned.

Bottom Line: The attacker controlled a real email account with valid authentication, so the email got through.

Second Bypass Technique: Thread Hijacking

The email didn’t arrive standalone. It appeared as a reply in what appeared to be an existing conversation about Kinetic GPO membership, Saskatchewan Health Authority procurement policies, and Los Angeles Department of Building and Safety regulations.

This technique is called “thread hijacking,” and it’s becoming the gold standard for bypassing email security.

In our case, an attacker has possibly compromised a third-party email account that had access to a business conversation thread, and has added that content to make their message appear as a eal reply to an existing thread.

By injecting their phishing payload at the top of a long, legitimate business discussion, the attacker attempts to exploit three psychological vulnerabilities:

1. Trust in context: There were other legitimate-looking participants in the thread (real organizations)

2. Cognitive overload: Scrolling through various legitimate messages could make the single malicious one at the top seem plausible

3. Authority reinforcement: The thread discussed HR policies and organizational procedures, making the fake HR announcement seem contextually appropriate

The British security firm Darktrace published research on thread hijacking on January 14, just six days before I received the email. They documented how attackers create mailbox rules that forward responses to hidden archive folders, allowing them to monitor conversations without the compromised account owner noticing.

The technique has proven effective because it defeats one of the primary ways people identify phishing: checking to see if the email “fits” the conversation.

Third Bypass Technique: Teams Interface Mimicry

The email’s visual design appears crafted to resemble a Microsoft Teams channel notification:

• The button color (#6264a7) is the exact purple used in Microsoft Teams

• The text “Human Resources posted a message in General Feeds” mimics Teams channel syntax

• The grey message box matches Teams’ visual design language

• The file icon emoji (📄) adds visual authenticity

This wasn’t accidental. Abnormal Security documented near-identical HR policy phishing campaigns in November 2025, showing that attackers are systematically studying collaboration platform interfaces and replicating them in email.

The psychology is straightforward: people see the familiar Teams purple button and their brain pattern-matches to “legitimate company announcement.” The fact that it arrived via email instead of the Teams app itself gets lost in the visual noise.

Fourth Bypass Technique: The Tracking Link

The “Open to Read Policy” button linked to “mail.notifyvisitors.com”:

https://mail.notifyvisitors.com/tracker/email_tracker/handler/click/59300/1423?cd=aktPMUFtRXRLeXhOT3pUYzZJeEw1Y2ptMzBDSDJkYm1IWEdmNk5GVEFvVitXcUIyNzk4NkEwWE4zaFJWMWNNRjRIdFM2RTJaV2YvaHNxOVVTcVRETTdQdE9jazJFeG1LT2dYMDR4aThCeDlDTlZoc3VhSEw5Ymw4U1lhRE[...]

This link *appears* to be a legitimate email tracking link, but in reality, the attacker has embedded a hidden phishing destination inside.

When you click a link in an email, you assume the domain you see is where you're going. But attackers exploit a loophole in how legitimate websites work: they use trusted companies' redirect functions to secretly send you somewhere dangerous.

NotifyVisitors is a legitimate email marketing platform used by thousands of businesses for campaign tracking and analytics. Email providers and network protection suites “whitelist” established services like NotifyVisitors, Mailchimp, and HubSpot because they send millions of legitimate emails daily, meaning phishing emails inherit that institutional trust.

Because of this, email authentication systems have a harder time distinguishing between legitimate emails from NotifyVisitors and phishing emails using NotifyVisitors infrastructure. Both come from the same real servers and may be able to pass all security checks. Users will see a professional domain and assume legitimacy without realizing it's a redirect to a phishing page.

For attackers, this is ideal: they pay for a cheap monthly subscription, send thousands of phishing emails through legitimate infrastructure, extract profit before the account is suspended, all without needing to build their own email servers or compromise major email providers. This pattern repeats across dozens of legitimate services: Mailchimp, Amazon SES, SendGrid, Google Forms, Bit.ly, and others have all been abused for phishing by actors violating their Terms of Service because they are designed to be trusted, useful, and legitimate.

NotifyVisitors isn't just abused for its high reputation. Bad guys use it because it can generate tracking links with redirects.

To identify the final phishing destination hidden behind the Base64-encoded redirect chain, I used Unfurl, a free OSINT tool that automatically follows URL redirects and extracts metadata at each hop, easily revealing the complete attack infrastructure without requiring me to click the malicious link myself.

The URL structure breaks down like this:

• Domain: mail.notifyvisitors.com (legitimate ESP subdomain)

• Path: /tracker/email_tracker/handler/click/

• Campaign ID: 59300

• Tracking ID: 1423

• Parameter: cd=[576 characters of Base64-encoded data]

That last cd parameter is the key. It contains a Base64-encoded redirect chain. This is a technique that helps obscure the final destination from email security scanners that had the opportunity to intercept the message before it arrived in my inbox.

Another way we can tell something is off is that legitimate NotifyVisitors tracking typically appends a nv_uid parameter for conversion tracking, but compromised campaigns replace legitimate redirects with multi-stage phishing chains.

When decoded, these types of parameters typically reveal multiple redirect hops:

1. First hop: Disposable domain (.icu, .xyz, .sbs, or similar low-reputation top level domain)

2. Second hop: Cloudflare Workers instance acting as a traffic filter

3. CAPTCHA challenge: Blocks automated security scanners while appearing legitimate to humans

4. Final destination: Reverse proxy server mimicking Google Workspace or Microsoft 365 login

This architecture is characteristic of Phishing-as-a-Service (PhaaS) platforms which are professionally operated services that rent attack infrastructure to cybercriminals.

What is Phishing-as-a-Service?

PhaaS works exactly like Netflix, Spotify, or any other subscription service, but instead of streaming movies, you're renting complete phishing attack infrastructure. You don't need coding skills, hacking knowledge, or technical infrastructure.

The PhaaS provider handles everything. You just pay, point it at your targets, and collect stolen credentials.

Tycoon 2FA: The PhaaS Behind the Attack

The email wasn’t an isolated attack. Multiple security researchers have detonated highly similar NotifyVisitors tracking URLs in public malware sandboxes.

An ANY.RUN analysis from February 17, 2025 explicitly tagged the infrastructure as Tycoon 2FA, a PhaaS platform designed to bypass multi-factor authentication on Microsoft 365 and Gmail accounts. Additional targets documented on ANY.RUN include Habi (Colombian real estate unicorn, March 26, 2025), Conde Nast (January 7, 2026), and Keyline Ltd (UK construction supplier, January 7, 2026). The titles of the above-named targets include Vice President of Finance, Finance Director, and Branch Manager. Their domains (habi.co, condenast.com, and keyline.co.uk) all use Google Workspace services.

The reports match on the NotifyVisitors infrastructure with the same HR policy lure and Base64-encoded redirect parameters.

This suggests attackers may be running large-scale operations targeting:

• Western countries

• Multiple industries

• Teams with procurement/financial authority over large financial transactions

Cybereason documented Tycoon 2FA in December 2024, noting over 64,000 incidents. In January 2025, Barracuda reported the platform had been updated with enhanced evasion capabilities.

Microsoft Threat Intelligence tracks Tycoon 2FA as “Storm-1747” and reported in November 2025 that it was “the most prolific phishing-as-a-service platform observed by Microsoft” throughout 2025, with Microsoft Defender for Office 365 blocking more than 13 million malicious emails linked to the platform in October 2025 alone.

How AiTM works for credential theft

Traditional phishing sends you to a fake login page, captures your password, and that’s pretty much it, but modern PhaaS platforms use Adversary-in-the-Middle (AitM) techniques:

1. You enter credentials on the fake Microsoft login page

2. The attacker’s server relays those credentials to the real Microsoft server

3. Microsoft sends back an MFA challenge (SMS code, authenticator app prompt)

4. The fake page shows you the same MFA prompt

5. You complete MFA authentication

6. Microsoft issues a session cookie proving you authenticated successfully

7. The attacker captures that session cookie

The session cookie is the prize.

It remains valid for days or weeks, allowing the attacker to access your account even after you change your password. This is why standard MFA (SMS codes, authenticator apps, push notifications) provides zero protection against these attacks.

Only phishing-resistant authentication (hardware security keys using FIDO2/WebAuthn cryptographic verification) can prevent AitM credential theft. The authentication is cryptographically bound to the origin domain, so even if you try to authenticate on the phishing site, your security key detects the domain mismatch and refuses.

The Intelligence Agency Angle

PhaaS platforms like Tycoon 2FA don’t just enable cybercriminals. They also provide plausible deniability for nation-state actors.

Intelligence agencies and Advanced Persistent Threat (APT) groups increasingly use commodity tools and commercial phishing infrastructure alongside custom malware, a trend documented extensively with tools like Cobalt Strike (which saw 161% increased use by cybercrime actors between 2019-2020.

By routing operations through the same PhaaS platforms, compromised routers, and email marketing services used by common cybercriminals, state-sponsored groups can “blend in with the crowd,” making attribution nearly impossible.

When a phishing email originates from a South African compromised router, routes through a US marketing platform (NotifyVisitors), and uses Russian hosting infrastructure, investigators face the attribution problem; determining whether the attack came from organized crime, a lone hacker, or a nation-state intelligence service.

North Korea’s Lazarus Group exemplifies this convergence: the same APT group conducts both state-sponsored espionage and financially motivated cybercrime (with a focus on cryptocurrency theft to fund weapons programs under international sanctions), while using commercial tools and infrastructure that are often indistinguishable from typical cybercrime.

For intelligence agencies, PhaaS platforms reduce operational costs, provide ready-made infrastructure, and most importantly, create ambiguity. Every phishing attack could be criminal fraud, or it could be espionage.

The operational security benefit is immense: if caught, the attacker appears to be just another cybercriminal using rented infrastructure rather than a state intelligence operative.

Fifth Bypass Technique: The Compromised Router

When I examined the email headers more closely, I found something unexpected.

x-client-ip: 165.0.0.143

This is the IP address where the email was actually composed and sent from (not the mail server, but the device the attacker used to access the Reagan.com webmail interface).

I ran the IP through Shodan, a search engine that indexes internet-connected devices, and widened my search to match similar systems. The results were both alarming and devastatingly common, revealing thousands of vulnerable systems.

These appear to be home or business routers with TR-069 exposed to the public internet, which is a protocol (CPE WAN Management Protocol, or CWMP) that Internet Service Providers use to remotely manage customer routers and perform necessary functions such as updating firmware, changing settings, and troubleshooting issues.

A correctly configured server will demand authentication *before* processing any HTTP request, and will respond with an HTTP 401 Unauthorized and a challenge for credentials. If an unauthenticated scanner like Shodan receives HTTP 404 Not Found instead, it means the server processed the request without authentication, routed it through its application logic, and determined the requested path didn't exist, proving authentication was bypassed entirely.

This service should never be accessible from the public internet.

Why? Well, once an attacker confirms the router responds to unauthenticated HTTP requests, they can probe for known vulnerabilities and exploit Remote Code Execution flaws to take complete control of the device.

📌 The Mirai botnet famously used TR-069 exploits to compromise hundreds of thousands of routers in 2016, knocking Deutsche Telekom offline.

More recently, Chinese APT groups have used the Quad7 botnet (200,000+ compromised routers) for Microsoft 365 password spraying campaigns.

The threat actor didn’t send this phishing email from their own computer or a VPN. They routed it through a compromised router in South Africa which is possibly owned by some innocent RSAWEB customer who has no idea their internet connection is being used for international cybercrime.

This adds three layers of operational security for the attacker:

1. IP diversity: Thousands of residential IPs instead of a few datacenter IPs that trigger spam filters

2. Geographic misdirection: The attack appears to originate from South Africa when the attacker could be anywhere

3. Legal deniability: If traced, investigators initially find an innocent router owner in Cape Town, not the actual culprit

Sixth Bypass Technique: Scale of the Infrastructure

The most concerning finding came when I investigated whether the South African router compromise was an isolated incident.

I ran a Shodan query for all RSAWEB customer IP addresses with port 7547 exposed:

Results: 7,676 vulnerable RSAWEB devices in South Africa are completely unauthenticated and accessible to anyone who connects.

For context, when Virgin Media had a similar TR-069 exposure in October 2020, Shodan indexed 800,000 vulnerable routers out of their 5.6 million UK customers (about 14% of their customer base).

RSAWEB is a mid-sized South African ISP with an estimated 50,000 to 200,000 customers. If 7,676 routers are exposed, that represents 3% to 15% of their entire customer base. This is a systemic security failure, not isolated compromises.

Each of these routers can be exploited for:

• Botnet recruitment: DDoS attacks, spam campaigns, cryptocurrency mining

• Phishing infrastructure: Email send proxies (like the one used to target me)

• Traffic interception: All unencrypted data passing through the router is visible to the attacker

• Lateral movement: Compromising devices on the home/business network behind the router

A Shodan search for the open port and vulnerable status shows 123,315 vulnerable devices exposed to the Internet, with the vast majority of devices located in Russia, Brazil, Ukraine, Belarus, and Taiwan.

port:7547 http.status:404 “cwmp”

Widening the Shodan search to remove the “cwmp” server string and searching on port and http status alone widens the results to 8.2 million records, with the majority of potentially-vulnerable systems located in the United States, Russia, and Australia.

port:7547 http.status:404

How Google APP Missed This One

Google’s Advanced Protection Program is supposed to represent the state of the art in email security. It’s designed for high-risk users who face targeted attacks: journalists, campaign staffers, activists, business executives.

This email bypassed it completely. The reason why might be lost somewhere within the following layers of “swiss cheese”:

1. Perfect Authentication (By Design)

Advanced Protection can’t distinguish between a legitimate Reagan.com user and an attacker who registered a throwaway Reagan.com account. Both pass SPF, DKIM, and DMARC because both are using the same legitimate infrastructure.

The authentication protocols verify identity (this email came from reagan.com), but they cannot verify intent (this email was sent for malicious purposes).

2. Content Legitimacy (Machine Learning Poisoning)

The email contained 95% legitimate business correspondence: real quotes from Kinetic GPO, Saskatchewan Health Authority, and Los Angeles Department of Building and Safety.

Only 5% was the malicious payload at the top. Therefore, Google’s machine learning models might have calculated something like this:

Risk Score = malicious_indicators / total_content_signals
           = 1 suspicious link / 50+ legitimate content elements
           = LOW RISK → DELIVER

The massive HTML padding (hundreds of blank and unnecessary tags, white space, useless content, and email signatures) was specifically designed to dilute the suspicious indicators and fool ML-based detection.

3. No Domain Spoofing (Expected External Email)

Advanced Protection aggressively flags emails that spoof internal domains or impersonate specific individuals. But this email came from Reagan.com (an external domain) and didn’t claim to be from anyone in my organization.

It appeared in an existing thread with external participants, so Google’s systems correctly categorized it as “expected external correspondence” rather than “suspicious impersonation attempt.”

However, as I flagged earlier in this report, Gmail also independently decided to upgrade the email’s visibility in my inbox by tagging it with an “Important” importance marker.

4. High-Reputation Link Dilution

The email thread contained legitimate links to:

• eventbrite.com and eventbrite.ca (calendar scheduling)

• kineticgpo.ca (procurement organization)

• ladbs.org (LA Department of Building and Safety)

• dbs.lacity.gov (Los Angeles city government)

These high-reputation domains helped to drown out the single suspicious NotifyVisitors link in the risk calculation.

5. No Attachment-Based Malware

Advanced Protection includes aggressive attachment scanning (sandboxing suspicious files, blocking macros, flagging executables). But this attack had no attachments. Just a link, and not even a link to an obviously malicious domain: a link to NotifyVisitors, a legitimate email marketing platform used by thousands of businesses.

5. Display name and Header Forgery

Gmail correctly validated that a legitimate Reagan.com account sent the email, but it displayed the forged From: header to the user, mirroring the “Ronald Reagan Attack” pattern documented by Check Point Research in which authentication passes while the visible sender is silently impersonated.​

How To Protect Yourself

Report It Immediately

Folks who aren’t cybersecurity analysts can use the three-dot menu once a Gmail message is open to “Report phishing”. This will move the email to your Spam folder, limit your ability to load images, and alert Google Threat Intelligence to help protect other Internet users.

Besides Google, other email providers like Microsoft, Apple Mail, Yahoo Mail, ProtonMail, etc. have equivalent reporting capabilities built into their platforms.

Search “report phishing [service name]” to find the specific steps for your provider.

Spotting Thread Hijacking

1. Verify strange content via secondary channel: If an email appears in an existing thread but seems odd or off-topic, call the sender or message them on Signal/Teams/Slack to verify

2. Check for topic drift: Legitimate conversations evolve naturally, but phishing payloads sometimes introduce abrupt topic changes

3. Hover over all links before clicking: In today’s email, the display text says “Employee Policy 2026.docx” but the URL is mail.notifyvisitors.com

4. Watch for missing attachments: If an email references a file but provides only a link to “view” it, that’s a red flag!

Get a Hardware Security Key

If you use Gmail, Google Workspace, or any service supporting FIDO2/WebAuthn authentication, the single most effective defense against phishing is a hardware security key. These devices are small USB or USB-C authenticators that cryptographically verify you’re logging into the legitimate service, not a phishing replica.

The YubiKey 5C is one of the most popular options: it’s durable, widely compatible with major platforms (Google, Microsoft, GitHub, Apple, social media platforms, etc.), and costs less than $50. When you attempt to authenticate on a phishing site, your YubiKey detects the domain mismatch and refuses to complete the authentication, providing absolute protection against AitM attacks.

This is why Google Advanced Protection Program requires hardware security keys for enrollment. They represent the only authentication method that cannot be compromised by credential theft or session hijacking. You can also consider purchasing Google’s own hardware key, the Titan Security Key.

The Big Picture

This probably wasn’t a targeted attack against me specifically. I happened to end up on a list that was possibly scraped from LinkedIn, a data broker, or a prior breach. The attack landed in my inbox, not because of sophisticated zero-day exploits or advanced persistent threat techniques, but because it exploited the gap between what email authentication can verify (sender identity) and what users need to know (sender intent).

PhaaS has industrialized cybercrime. What I experienced wasn't built by a lone hacker. It was rented from Tycoon 2FA for probably less than $500/month.

The attacker didn't need to know how TR-069 exploits work, how to bypass Google Advanced Protection Program, or how to build AitM infrastructure. They just logged into a dashboard, selected “HR Policy Campaign,” uploaded a target list, and clicked “Launch.”

The person in Cape Town whose router was used to send the email and the US- and Canada-based office workers shown in the stolen email exchanges used as decoys have no clue they’ve been made unwitting parts of a cybercrime operation. If just one wire transfer fraud succeeds, those who deployed the campaign stand to profit handsomely.

This is modern phishing: anonymized, industrialized, globally distributed, and profitable enough to sustain professional criminal organizations.

This publication runs on reader subscriptions. If this analysis demonstrated value, please consider becoming a paid subscriber to help my research reach more people.

Get 25% off for 1 year

• The UN Secretary-General has implicitly challenged President Trump’s authority to withhold assessed contributions, asserting they are “a legal obligation under the UN Charter” that cannot be unilaterally abrogated by executive action.

• The United States owes approximately $4 billion in unpaid UN dues, representing 80% of all regular budget arrears globally. America has already crossed the threshold where voting rights suspension becomes legally mandated.

• This withdrawal follows the UN’s criticism of the January 3 Venezuela military operation, mirroring the administration’s sanctions campaign against the ICC after it issued arrest warrants for Israeli officials.

• New investigative reporting reveals that Russia proposed the Venezuela-Greenland strategy to Trump as early as 2017: America gets the Western Hemisphere, Russia gets Ukraine. Fiona Hill testified to Congress that her NSC team received these offers directly from Russian counterparts. John Bolton blocked them. Bolton was indicted in October 2025.

• The UN headquarters occupies 17 acres of extraterritorial land in Manhattan under the 1947 Headquarters Agreement. The U.S. cannot unilaterally abrogate this treaty or expel the UN.

• NYC Mayor Zohran Mamdani controls the NYPD and city services surrounding UN headquarters. He has already demonstrated willingness to oppose Trump’s foreign policy on legal grounds.

• Silicon Valley ideologues are proposing “Freedom Cities” to replace institutions destroyed by regime change. Two days after the Venezuela operation, Charter Cities Institute director Mark Lutter called for corporate-governed enclaves there. Russia provides the geopolitical logic; the Thiel network provides the economic model for what comes after.

• The UN has announced it will continue operations regardless of U.S. participation. China will fill the vacuum America creates.

• Historical precedent is ominous: The League of Nations collapsed after major powers withdrew, paving the way for World War II.

The statement reads like diplomatic boilerplate: four sentences, no named officials beyond the spokesperson, a formulaic expression of “regret.” To the casual observer, it might appear that the United Nations simply acknowledged another policy dispute and moved on.

Those who understand the context know better. The $4 billion in unpaid American dues. The systematic defunding campaign. The looming voting rights suspension. The military strike on Caracas five days earlier that the Secretary-General condemned as potentially violating international law. These words constitute something far more consequential than diplomatic pleasantries. They are the opening salvo in what could become the most significant constitutional crisis in United Nations history.

Less than 24 hours after President Donald Trump signed the presidential memorandum withdrawing the United States from 66 international organizations, UN Secretary-General António Guterres issued a response through his spokesperson Stéphane Dujarric that amounts to a reminder of Charter law and of the Trump administration’s treaty obligations:

“Assessed contributions to the United Nations regular budget and peacekeeping budget, as approved by the General Assembly, are a legal obligation under the UN Charter for all Member States, including the United States... All United Nations entities will go on with the implementation of their mandates as given by Member States. The United Nations has a responsibility to deliver for those who depend on us. We will continue to carry out our mandates with determination.”

The diplomatic language barely conceals the message: The UN will not allow American financial pressure to halt operations. The United States remains legally bound to pay its assessed contributions regardless of what President Trump orders.

The statement does not function as a negotiation, but as a legal confrontation.

This essay is the third part of an ongoing analysis of President Trump’s withdrawal from international organizations.

Part One, “America Exits 66 International Organizations,” examines the institutional and geopolitical consequences abroad. Part Two, “The Psychological Costs of America’s Exit,” traces the domestic psychological, media, and coercive dynamics that make this retreat possible.

Why the UN Matters to Americans

The United Nations is not, as its critics caricature, a world government or a forum for anti-American rhetoric. It is the infrastructure through which the United States has exercised global leadership for 80 years.

The UN system encompasses far more than General Assembly debates. The World Health Organization coordinates pandemic response that protects Americans from outbreaks originating abroad. The International Atomic Energy Agency monitors nuclear programs in Iran and North Korea. The World Food Programme feeds 150 million people annually and prevents the famines that destabilize regions and create refugee crises. Peacekeeping operations keep conflicts from escalating into wars requiring American military intervention.

The UN also provides forums where the United States sets international standards on telecommunications, aviation, shipping, and intellectual property. American businesses benefit from rules America helped write. When the U.S. withdraws from these standard-setting bodies, it does not eliminate the standards. It simply transfers control to China.

For Americans specifically, reduced UN engagement means:

• Diminished early warning on disease outbreaks that could become pandemics affecting U.S. public health

• Reduced intelligence sharing on terrorism, trafficking, and transnational crime through UN coordination mechanisms

• Lost influence over trade standards that affect billions of dollars in American exports

• Increased likelihood of regional conflicts escalating into crises requiring expensive U.S. military intervention

• Accelerated climate impacts as coordinated global response collapses, affecting American agriculture, coastal cities, and disaster costs

• Brain drain as American scientists excluded from international bodies lose professional standing and career opportunities

American withdrawal creates vacuums that authoritarian powers are eager to fill. The rules-based international order that has prevented great power war for 80 years depends on its architect remaining committed to its maintenance.

The Legal Foundation

The Secretary-General’s position rests on solid legal ground. Article 17(2) of the UN Charter states unequivocally: “The expenses of the Organization shall be borne by the Members as apportioned by the General Assembly.”

This language is not discretionary. It does not say “may be borne” or “should be borne if Members agree.” It says “shall be borne,” which in treaty law constitutes a binding obligation.

The definitive interpretation came in 1962, when the International Court of Justice ruled that peacekeeping expenses constitute “expenses of the Organization” and that the General Assembly’s apportionment creates binding legal obligations on all member states.

Under the U.S. Constitution’s Article VI, treaties ratified by the Senate are “the supreme Law of the Land.” The UN Charter was ratified in 1945. President Trump cannot unilaterally abrogate treaty obligations through executive action any more than he could unilaterally repeal a federal statute.

The Trump memorandum itself tacitly acknowledges these constraints, specifying that “withdrawal means ceasing participation in or funding to those entities to the extent permitted by law.” That caveat matters enormously.

The $4 Billion Question

The Secretary-General’s statement gains urgency from a financial reality that has reached crisis proportions. As of January 2026, the United States owes the United Nations approximately $4 billion in unpaid assessed contributions.

According to the Congressional Research Service, U.S. unpaid assessments stand at $1.5 billion for the regular budget and $2.4 billion for peacekeeping. The United States alone accounts for 80% of all regular budget arrears globally. China, the second-largest debtor, owes less than a quarter of U.S. arrears.

The Secretary-General warned in December 2025 that the organization faces “a race to bankruptcy” unless member states pay their dues. The financial strangulation has been ongoing. According to testimony before the UN Fifth Committee, the organization started 2024 with only $67 million in liquidity reserves. To make payroll, it borrowed from the Working Capital Fund, Special Account, and closed tribunals. A senior official told the committee that “the Secretariat almost ran out of cash in December.”

The Trump administration’s FY2026 budget request proposed ending UN peacekeeping payments entirely. This represents an 83% reduction from pre-rescission funding levels. Call it what it is: effective organizational destruction.

The Voting Rights Threshold

Embedded in the Secretary-General’s statement is an implicit warning. Article 19 of the UN Charter provides that a member in arrears “shall have no vote in the General Assembly if the amount of its arrears equals or exceeds the amount of the contributions due from it for the preceding two full years.”

The United States is already at this threshold. Current arrears of $1.5 billion essentially equal the two-year assessment of roughly $1.52 billion.

If the United States continues non-payment through 2026, the General Assembly would be legally entitled to suspend U.S. voting rights. America would become the first permanent Security Council member ever sanctioned for non-payment.

The Trump administration likely views this as acceptable, perhaps even desirable. Article 19 applies only to General Assembly voting; U.S. veto power in the Security Council remains unaffected. Being sanctioned might reinforce Trump’s narrative that the UN is biased against American interests.

The precedent could run deeper. In theory, crossing the Article 19 threshold creates legal grounds, as some scholars argue, for other members to invoke Article 60 of the Vienna Convention on the Law of Treaties, which permits states to suspend obligations toward a party in “material breach.” U.S. refusal to pay could release other nations from their Charter obligations toward America.

What the Statement Does Not Say

The Secretary-General’s statement is notable for what it omits. It does not mention Article 19 voting rights suspension, despite the U.S. being at the threshold. It does not threaten expulsion under Article 6 (persistent Charter violations) or invoke Article 60 of the Vienna Convention permitting other states to suspend treaty obligations toward a state in material breach.

This restraint reflects political reality. The UN cannot effectively sanction its most powerful member and largest financial contributor without triggering the cascade of consequences described above.

The Secretary-General also refrains from directly criticizing the withdrawal decision itself. He expresses “regret” but does not characterize the action as wrong, harmful, or counterproductive. This diplomatic caution contrasts with stronger statements from others.

The Executive Secretary of the UN Framework Convention on Climate Change (UNFCCC) called the climate withdrawal a “strategic blunder that gives away American advantage.” Former Secretary of State John Kerry characterized it as “a gift to China and Russia and a get-out-of-jail-free card to polluters who want to avoid responsibility.” The Natural Resources Defense Council warned it is “not only self-defeating to let other countries write global rules of the road but also to skip out on trillions of dollars in investment.”

By remaining diplomatically neutral, the Secretary-General preserves space for future U.S. re-engagement while avoiding giving Trump ammunition to claim the UN is “attacking” America. But this restraint also reveals the organization’s fundamental weakness. The UN cannot compel U.S. compliance. It can only assert legal obligations and hope that domestic political constraints, allied pressure, or future administrations restore American participation.

An Attempted Humiliation

Part and parcel of political reality is Trump’s September 2025 address to the UN General Assembly. This attempt to publicly humiliate the institution from its own podium largely backfired, drawing international condemnation and reinforcing perceptions of American chaos and unreliability.

Trump asked “What is the purpose of the United Nations?” while standing at its lectern. He complained about broken escalators and a malfunctioning teleprompter, mobilizing the Secret Service to investigate alleged UN “sabotage” of his equipment. He dismissed climate science as “the greatest con job ever perpetrated” and predictions as “made by stupid people.” He accused the organization of “funding an assault on Western countries” through migration support.

He told assembled world leaders their countries were “going to hell” and warned that “if you don’t get away from this green scam, your country is going to fail.” The rambling, nearly hour-long speech veered repeatedly off-script.

The global response was swift and negative. French President Emmanuel Macron responded that same day by declaring France “proud to be among the people of the United Nations” and asserting the organization “cannot be replaced.” South African President Cyril Ramaphosa criticized the use of trade as “a weapon against a number of countries in the world.”

A foreign diplomat texted the Washington Post’s Ishaan Tharoor: “This man is stark, raving mad. Do Americans not see how embarrassing this is?”

The Chicago Council on Global Affairs noted that Trump’s views diverged sharply from American public opinion: 79% of Americans consider climate change at least an important threat, and majorities support multilateral engagement. Former U.S. diplomat Hugh Dugan observed that despite hammering the UN, Trump “left a vacuum instead of a narrative” on reform. “Next: let’s see if China is editing its speech now to swoop down to fill the missing narrative vacuum,” he predicted.

The speech was not diplomacy. It was performance; one that damaged American credibility far more than the institution it targeted.

Why U.S. Withdrawal Could Destroy the UN

The Secretary-General’s restraint in not threatening punitive measures reflects a brutal reality: the UN cannot effectively sanction its most powerful member without triggering consequences that could destroy the organization itself.

The United States provides approximately 22% of the UN regular budget and 26% of peacekeeping funding. No obvious combination of other contributors can easily replace this. If the U.S. withdraws entirely:

• Immediate operational collapse: Many UN agencies would face 20-30% budget cuts overnight. The World Food Programme, UNHCR refugee operations, and peacekeeping missions would require immediate downsizing. Peacekeeping missions already reduced by 25% due to cash shortages would face further troop repatriations, potentially allowing conflicts in Mali, South Sudan, and the Democratic Republic of Congo to reignite.

• Headquarters relocation pressure: The UN headquarters in New York operates on U.S. soil under a 1947 headquarters agreement. A hostile administration could make operations increasingly difficult through visa restrictions on diplomats, security complications, and infrastructure neglect. Pressure to relocate to Geneva, Vienna, or elsewhere would intensify—an enormously expensive and disruptive proposition.

• Legitimacy crisis: The UN’s authority rests partly on the participation of all major powers. An organization that excludes the world’s largest economy and most powerful military loses credibility as a universal forum. Other nations might question why they should remain bound by UN decisions the United States ignores.

• Security Council paralysis: While the U.S. would presumably maintain its Security Council seat even if General Assembly voting rights are suspended, relations would deteriorate to the point where productive Council action becomes nearly impossible. The U.S. might begin vetoing resolutions out of spite, grinding the Council to a halt.

• Cascade of withdrawals: If the United States demonstrates that withdrawal carries no meaningful consequences, other dissatisfied members (Ex. Russia, which has its own UN grievances, or developing nations frustrated by Western dominance) might follow. The organization could fragment into irrelevance.

This is why the Secretary-General treads carefully. Any punitive action risks provoking the very outcome it seeks to prevent.

The Venezuela Connection

The timing of this withdrawal raises an unavoidable question: Is this punitive?

On January 3-4, 2026, U.S. forces struck targets around Caracas and captured Venezuelan President Nicolás Maduro. The Secretary-General responded: “These developments constitute a dangerous precedent... The rules of international law have not been respected.”

Less than a week later, the Trump administration announced withdrawal from 66 international organizations.

The pattern mirrors the administration’s approach to the International Criminal Court. After the ICC issued arrest warrants for Israeli Prime Minister Benjamin Netanyahu in November 2024, the administration launched sanctions against the court itself. Secretary of State Marco Rubio has sanctioned 11 ICC judges and prosecutors, freezing assets, revoking visas, and devastating their ability to function. Canadian ICC judge Kimberly Prost told reporters she lost access to all credit cards and bank accounts: “How do you order an Uber? How do you get a hotel?”

The administration has even demanded that the ICC amend its Rome Statute to guarantee that Donald Trump himself can never be prosecuted for war crimes.

The message is consistent: International institutions that criticize or constrain U.S. actions will face retaliation.

Calling Trump’s Bluff

The Secretary-General’s commitment to continue mandate implementation despite U.S. withdrawal represents operational defiance, not rhetoric. It signals specific survival strategies the UN is already implementing.

The organization has proposed unprecedented measures to continue operations without full U.S. funding. These include suspending the return of $298.9 million in unspent funds to member states (keeping it as cash reserve instead), authorizing supplementary assessments on member states not in arrears to cover amounts owed by delinquent states, and exploring voluntary contributions from non-traditional donors.

The supplementary assessment option is particularly significant. The General Assembly could effectively make compliant countries subsidize U.S. non-payment by increasing their assessment rates to compensate for American arrears. This would shift the financial burden to European nations, Japan, Canada, and other reliable contributors.

The alternative funding strategy carries its own risks. Increased reliance on voluntary contributions from China, Gulf states, and private foundations risks what some experts call “donor capture,” where funders gain disproportionate influence over UN priorities and operations.

But the core message is unmistakable: the UN will not allow U.S. financial pressure to force organizational collapse. This demonstrates resilience, but it also normalizes a UN system functioning without American participation; a situation that China has been positioning itself to exploit.

The China Opportunity

While the Secretary-General’s statement carefully avoids mentioning alternative funders, the geopolitical reality is impossible to ignore. China has systematically positioned itself to fill the upcoming vacuum.

Beijing now pays approximately 20% of the UN regular budget, second only to the United States. Chinese nationals lead four of 17 specialized UN agencies. China has expanded its civil servant presence across the UN system. The Belt and Road Initiative provides alternative development financing for more than 150 countries. China is championing the “Global Development Initiative” and “Global Security Initiative” as alternatives to Western frameworks.

Chinese Foreign Ministry statements characterize U.S. withdrawals as America “placing self-interest first” and drawing “growing, intense criticism from the international community.” This narrative positions China as the responsible stakeholder committed to multilateral cooperation while America retreats into isolationism.

If the UN successfully continues mandate implementation with reduced U.S. involvement but increased Chinese financial and diplomatic support, it permanently shifts the organization’s center of gravity eastward. American influence contracts to Security Council veto power while China gains operational control over developmental, humanitarian, and environmental programs.

This is already underway. China leads the International Telecommunication Union, the Food and Agriculture Organization, the International Civil Aviation Organization, and the UN Industrial Development Organization. Chinese officials occupy senior positions throughout the UN system, embedding Beijing’s priorities in institutional DNA.

The Secretary-General’s statement attempts to maintain the fiction that the UN can continue current operations with existing resources, even as internal documents reveal desperate cash shortages. The reality is that continued operations will require someone to fill the funding gap. Europe lacks the fiscal capacity. That leaves China, Gulf states, or a combination thereof.

Each option transforms the UN’s character. European dominance would preserve Western influence but at reduced capacity. Gulf state funding comes with conservative social policy strings attached. Chinese funding comes with geopolitical expectations. None preserves the U.S.-led order of the past 80 years.

The “My Way or the Highway” Doctrine

Daniel Forti of the International Crisis Group characterizes U.S. policy: “What we’re witnessing is the crystallization of the U.S. stance on multilateralism, which can be summarized as ‘my way or the highway.’”

This approach fundamentally misunderstands power in the 21st century. Unlike the post-Cold War era when the U.S. could dictate terms, today’s world requires coalition-building and sustained engagement. By demanding compliance rather than seeking partnership, the U.S. accelerates the formation of blocs designed to counter American influence.

Secretary of State Marco Rubio framed the withdrawals in ideological terms, characterizing the targeted organizations as part of “a sprawling architecture of global governance, often dominated by progressive ideology and detached from national interests. From DEI mandates to ‘gender equity’ campaigns to climate orthodoxy, many international organizations now serve a globalist project rooted in the discredited fantasy of the ‘End of History.’”

This rhetoric positions multilateralism itself as an enemy. But the institutions being abandoned are not ideological constructs; these are the mechanisms through which the United States has exercised global leadership for 80 years.

Their abandonment does not eliminate the functions they serve. It simply transfers control to others.

Movement Towards Full UN Withdrawal

The escalating pattern suggests the Trump administration may be deliberately building toward complete UN withdrawal, pursuing a strategy similar to its apparent goal of weakening NATO until American withdrawal becomes politically feasible.

The progression is unmistakable. During Trump’s first term (2017-2021), the U.S. withdrew from UNESCO, the UN Human Rights Council, WHO, and stopped funding UNRWA. Biden reversed these decisions (2021-2025), rejoining WHO, restoring UNESCO funding, and re-engaging with UN agencies. Now in his second term, Trump has re-withdrawn from WHO, the Paris Agreement, and the Human Rights Council (January 2025), ordered a comprehensive review of all international organizations (February 2025), and withdrawn from 66 organizations including 31 UN entities (January 2026).

This trajectory suggests not selective pruning but systematic dismantling.

Congressional legislation reveals growing Republican consensus on full withdrawal. Senator Mike Lee and Senator Marsha Blackburn introduced the “DEFUND Act” on February 20, 2025. The bill would repeal the 1945 UN Participation Act, terminate U.S. membership, close the U.S. Mission to the United Nations, expel UN headquarters from U.S. territory, withdraw diplomatic immunity for UN employees, end all payments, and prohibit participation in peacekeeping.

While this bill has not passed, its existence signals that full withdrawal has moved from fringe position to mainstream Republican policy option. The Trump administration’s systematic defunding and withdrawal creates conditions where the DEFUND Act becomes not radical departure but logical conclusion.

The parallels to NATO are instructive. Trump has repeatedly questioned NATO’s value, threatened withdrawal, and demanded that allies pay more. His administration’s actions, including reducing troop commitments, questioning Article 5 obligations, and publicly berating allies, have weakened the alliance without formally leaving it. The pattern suggests a strategy of gradual disengagement that makes formal withdrawal appear inevitable rather than revolutionary.

The same pattern is visible with the UN: systematic non-payment, hostile rhetoric, withdrawal from component organizations, and public humiliation of the institution all working synergistically to create conditions where complete withdrawal seems like merely the final step in an already-accomplished transition.

17 Acres of Extraterritorial Land

One dimension of this confrontation has received insufficient attention: the physical territory of the United Nations itself.

The UN Headquarters occupies 17 acres along the East River that is, under the 1947 Headquarters Agreement, “under the control and authority of the United Nations.” This is not a metaphor. The Agreement, signed by Secretary of State George Marshall and ratified by Congress, creates essentially extraterritorial space within U.S. borders.

Section 9(a) states: “The headquarters district shall be inviolable. Federal, state or local officers or officials of the United States... shall not enter the headquarters district to perform any official duties therein except with the consent of and under conditions agreed to by the Secretary-General.”

The FBI, federal marshals, and ICE cannot enter UN territory without explicit permission. Section 23 provides: “The seat of the United Nations shall not be removed from the headquarters district unless the United Nations should so decide.” The U.S. cannot unilaterally expel the UN.

The 1988 ICJ precedent reinforces these protections. When Congress prohibited the PLO from maintaining UN offices, the Secretary-General invoked arbitration. The ICJ ruled that the United States is legally obligated to arbitrate such disputes. The U.S. backed down rather than face international condemnation.

The DEFUND Act explicitly calls for expelling UN headquarters and withdrawing diplomatic immunity. If enacted, it would trigger the most significant property dispute between the U.S. and an international organization in history.

But there is a complicating factor.

The Mamdani Variable

On January 1, 2026, one week before Trump announced the 66-organization withdrawal, Zohran Mamdani was inaugurated as New York City’s 112th mayor.

Mamdani is a 34-year-old democratic socialist, DSA member, immigrant from Uganda, the city’s first Muslim mayor, and youngest to hold the office in over a century. He was sworn in by Senator Bernie Sanders and declared he would “govern as a democratic socialist” and not “abandon my principles for fear of being deemed radical.”

His relevance became immediately apparent. Two days after his inauguration, when Trump launched the operation that captured Maduro, Mamdani called Trump directly to register opposition. In a public statement:

“Unilaterally attacking a sovereign nation is an act of war and a violation of federal and international law.”

This matters because the Mayor controls the NYPD, city services, permits, and infrastructure surrounding the UN campus. The 1947 Agreement establishes UN territory as inviolable by federal authorities, but depends on a cooperative relationship with the host city for external security, utilities, and the thousands of diplomatic missions generating $3.69 billion in annual economic output.

Mamdani’s political profile suggests he views the UN as a bulwark against Trump’s unilateralism. He has pledged to arrest Netanyahu if he visits New York under ICC warrants. His immigrant background as a refugee from Idi Amin’s Uganda means he understands personally what happens when international protections fail.

If the administration attempts to make UN headquarters “uncomfortable” through harassment tactics, Mamdani could become an active obstacle. The NYPD provides external security. City agencies control permits and infrastructure. A mayor determined to protect UN operations could use these levers to counteract federal pressure.

This creates a potential three-way standoff: Trump pushing to expel the UN, the Secretary-General asserting legal protections, and New York City’s mayor actively defending operations through municipal authority.

The first week of Mamdani’s term already involved coordinating with the NYPD on security for Maduro’s federal prosecution. His statement condemning the Venezuela operation as illegal under international law signals ideological alignment with the UN’s position.

International law lacks effective enforcement mechanisms against powerful states. The United States can violate the Headquarters Agreement with impunity. ICJ advisory opinions and General Assembly resolutions carry no material consequences.

A 34-year-old democratic socialist mayor of New York City might provide more effective resistance than the entire UN system. If federal agents attempt to enter UN headquarters without Secretary-General consent, Mamdani could order NYPD to maintain a protective perimeter. If federal authorities attempt to seize UN property, the city could challenge it in court.

The irony: the international legal order’s survival depending not on international law itself, but on domestic political resistance within the host country.

What remains unclear is whether Mamdani will actually fight. His first week has shown willingness to criticize Trump publicly and coordinate on security matters professionally. But there is a difference between rhetorical opposition and the kind of sustained institutional resistance that would genuinely protect UN operations against determined federal pressure.

The next 90-180 days will reveal whether Mamdani is a true obstacle to Trump’s UN agenda or merely a symbolic critic. If the former, the UN headquarters question becomes far more complicated than the administration anticipated. If the latter, the path to eventual expulsion clears considerably.

The Freedom City Scenario

One dimension of this crisis connects the Venezuela operation, recent threats towards Greenland, UN withdrawal, and Silicon Valley ideologues in ways that have received insufficient attention.

Two days after U.S. forces captured Maduro, Mark Lutter, executive director of the Charter Cities Institute (funded by Peter Thiel’s venture network), issued a public call:

“Venezuela doesn’t need to become another Iraq. It needs a Freedom City... A Freedom City = new land, new rules, real property rights, real rule of law—jointly built with the U.S.”

“Freedom City” is Trump’s term for what the tech-right calls a “Network State”: sovereign territory governed by corporations rather than democratic governments. The concept has developed in Silicon Valley for over a decade, backed by Thiel, Marc Andreessen, and other tech billionaires through Pronomos Capital.

The operational prototype exists. Próspera, a charter city on Honduras’s Roatán island, operates under its own legal framework: 1% business taxes, Bitcoin as legal tender, governance by corporate board rather than elected officials. When Honduras attempted to repeal enabling legislation, Próspera’s backers filed an $11 billion lawsuit. That’s 31% of Honduras’s GDP.

The connection to the Trump administration is direct. JD Vance is a former Thiel employee. Roger Stone argued that pardoning Honduras’s drug-trafficking ex-president could “crush socialism and save a freedom city.” Trump’s 2024 platform included plans for “Freedom Cities” on federal land.

These projects emerge from what researchers Timnit Gebru and Émile Torres call “TESCREAL” ideology: overlapping beliefs (Transhumanism, Extropianism, Singularitarianism, Cosmism, Rationalism, Effective Altruism, Longtermism) that justify authoritarian means through appeals to civilizational advancement. As Dave Troy writes, TESCREAL proponents have an “ends justify the means” mindset antithetical to democratic governance. The charter city movement operationalizes this: if democratic governments obstruct progress, create territories where democracy and its bothersome regulations don’t apply.

The Pattern: Venezuela, Cuba, Greenland, Manhattan

Now apply this framework across four targets, each facing different forms of U.S. pressure, each with charter city interests waiting.

Venezuela: Military Capture. Trump stated January 6: “I’ve spoken with several U.S. oil companies about commitments to rebuilding Venezuela’s infrastructure. They wanna go in so bad.” Within 48 hours of Maduro’s capture, Lutter proposed his Freedom City.

Cuba: Economic Strangulation. Trump and Rubio have explicitly stated their goal of collapsing Cuba’s government by cutting off Venezuelan oil. “Cuba is ready to fall,” Trump said. Rubio warned: “If I lived in Havana and I was in the government, I’d be concerned.” Lutter has published proposals for converting Guantanamo Bay into a charter city.

Greenland: Threats Against a NATO Ally. The same week, the administration escalated threats to seize Greenland from Denmark, declaring “utilizing the U.S. military is always an option.” Danish Prime Minister Mette Frederiksen warned this would end NATO.

Praxis, a $525 million “network state” startup backed by Thiel through Pronomos Capital, has pursued Greenland since 2019. That’s the same year Trump first proposed buying the island. Founder Dryden Brown traveled to Nuuk in 2024, tweeting: “I went to Greenland to try to buy it.” When Trump renewed acquisition threats in January 2026, Praxis’s account responded: “According to plan.”

Trump’s nominated ambassador to Denmark is Ken Howery, Thiel’s former business partner and Founders Fund co-founder. If confirmed, Howery would lead Greenland negotiations while maintaining financial ties to the network state movement.

The 1951 U.S.-Denmark Defense Agreement already gives America extensive military access to Greenland. Danish officials are baffled by Trump’s threats because the U.S. can achieve virtually any legitimate security objective under existing agreements. The threats make sense only if the goal is sovereignty transfer for projects requiring territorial control beyond what treaties permit.

UN Headquarters: Financial Strangulation. Now apply the same logic to 17 acres of prime Manhattan waterfront.

If the UN relocates to Geneva, Vienna, or Nairobi, the property becomes available. Under Section 22 of the Headquarters Agreement, the UN must offer it first to the U.S. government. The federal government could claim $4 billion in arrears as offset against fair market value.

The site could be designated a “Special Economic Zone” under expanded Opportunity Zone legislation. Private governance by Thiel network figures, crypto billionaires, and Trump associates could replace democratic accountability. Corporate tenants would replace diplomatic missions.

The marketing writes itself: “Freedom City Manhattan: Former site of failed international bureaucracy, now global innovation hub.”

The Russian Angle

The Greenland dimension becomes more troubling when examined through recent investigative reporting by Dave Troy, which reveals that the Venezuela-Greenland strategy did not originate in Silicon Valley boardrooms. It appears to have originated in the Kremlin.

According to Troy’s investigation, Vladimir Putin has been attempting to influence Trump to seize both Venezuela and Greenland since at least 2017. The reasoning is simple: if Trump would disengage in Ukraine, Putin would give Trump free rein in Venezuela. Each country is in the other’s “backyard.”

A swap.

The Greenland idea came not from security officials but from Ron Lauder, the Estée Lauder cosmetics heir and confidant to both Trump and Putin. As reported in The Divider by Peter Baker and Susan Glasser, Lauder approached Trump in 2017 saying he could help acquire Greenland. Lauder volunteered to serve as “back channel” to the Danish government. Kremlin records confirm that Lauder met with Putin on March 19, 2019, right when the administration’s still-private Greenland talks were at their peak. Lauder subsequently made direct investments in Greenland’s infrastructure, energy, and mining sectors.

The explicit quid pro quo came in spring 2019. Fiona Hill, then serving on the National Security Council under John Bolton, testified to Congress that her team received informal proposals from Russian counterparts signaling willingness to back off Venezuela if the United States would disengage in Ukraine:

“You have your Monroe Doctrine. You want us out of your backyard. Well, you know, we have our own version of this. You’re in our backyard in Ukraine.”

Bolton blocked the overtures, dismissing them as absurd. Hill was instructed to “go out to Russia to basically tell the Russians to knock this off.” The deal went nowhere during Trump’s first term.

On Russian state television in November 2020, days after Trump’s election loss, nationalist commentator Vladimir Zhirinovsky articulated the offer explicitly: “He will take Venezuela, we will take Ukraine. And he will say to everyone: Look—Venezuela. Tomorrow I will take Cuba. I would help him... If we need Trump, then let’s help him.”

Bolton resigned in September 2019 after repeated clashes with Trump over Russia policy. In August 2025, FBI agents raided Bolton’s home. He was indicted in October 2025 on 18 counts related to classified information in his memoir that documented these incidents. The man who blocked Russia’s Monroe Doctrine offers is now facing prosecution. The man who made those offers is executing them.

This reframes the Thiel network’s charter city interests not as the origin of the strategy but as opportunistic alignment with it. Putin provides the geopolitical logic. Silicon Valley provides the economic model for what comes after. The destination is the same: American withdrawal from the international order, territorial expansion in the Western Hemisphere, and corporate governance in the vacuum.

As Troy concludes: “NATO, the United Nations, and the European Union will all be challenged if the US continues on this hemispheric romp.”

The Through-Line

This is the thread connecting Venezuela, Cuba, Greenland, and potentially UN headquarters: weaponization of U.S. power to create “inflection points” where desperate governments or displaced institutions cede territory to corporate governance projects.

The pattern is consistent: create crisis, force institutional collapse, establish private governance in the vacuum. The actors overlap. The funding sources overlap. The ideology is explicit.

This is not speculative fiction. The legal infrastructure exists. The ideological framework exists. The operational prototype exists. The political access exists. The Venezuela precedent demonstrates willingness to convert regime change into corporate territorial control.

A Historical Warning

The current crisis invites comparison to the most consequential failure of international organization in modern history: the League of Nations.

The League was Woodrow Wilson’s brainchild, the centerpiece of his Fourteen Points for peace after World War I. But the United States never joined. Despite Wilson’s advocacy, including a speaking tour that contributed to his incapacitating stroke, the Senate refused ratification. Republican Senator Henry Cabot Lodge led opposition, arguing League membership would entangle America in foreign conflicts.

Without its most powerful potential member, the League was set to fail from its inception. Its failures accumulated: Japan invaded Manchuria in 1931, the League condemned it, Japan withdrew and kept Manchuria. Italy invaded Ethiopia in 1935; limited sanctions proved ineffective. Hitler remilitarized the Rhineland, annexed Austria, dismembered Czechoslovakia. The League proved impotent.

By 1939, the League was irrelevant. World War II killed an estimated 70-85 million people.

The United Nations was explicitly designed to avoid these failures. It gave major powers permanent Security Council seats with veto authority, ensuring continued participation. It established assessed contributions as legal obligations. Most importantly, the United States joined, and for 80 years remained committed.

The parallels are uncomfortable. Then as now, American critics argued international organization constrained national sovereignty. Then as now, isolationists promised withdrawal would free America from costly obligations. Then as now, absence of American leadership created vacuums aggressive powers exploited.

The lesson is not that international organizations always succeed. It is that their failure carries catastrophic consequences.

The Trust Deficit

Even if a future administration attempts to reverse withdrawals and resume funding, the credibility collapse may prove irreversible. Developing countries have now experienced two full cycles of U.S. withdrawal-reengagement-rewithdrawal: Trump 1.0 withdrew from Paris, WHO, and UNESCO. Biden rejoined. Trump 2.0 withdrew again, far more comprehensively.

No rational actor will structure long-term planning around American commitments after this pattern. Countries will not build energy transitions around U.S. climate commitments. Allies question NATO reliability if the U.S. won’t honor UN Charter obligations. Aid recipients diversify toward Chinese, European, and Gulf alternatives. Trading partners negotiate frameworks designed to function without U.S. participation.

The League of Nations’ inability to function after major power withdrawal led to World War II. The difference this time: China stands ready to lead a post-American international order. Not to destroy the UN, but to remake it in Beijing’s image.

Probability Assessment

How likely is any of this? Unlikely, but no longer absurd.

The chain of events faces obstacles at each stage. Most probable outcome: the UN stays put, operates under financial strain, and the headquarters question remains theoretical.

But “most probable” isn’t “certain.” A year ago, U.S. forces capturing a sitting head of state and flying him to Brooklyn for arraignment would have seemed like fiction. Now Maduro sits in the Metropolitan Detention Center. The Overton window for what this administration will attempt has shifted dramatically.

What to watch: Thiel network figures meeting with State Department or NSC officials. Legislation expanding Opportunity Zone authority. Trump riffing about “wasted space” at the UN. Ken Howery’s confirmation hearing. Quiet property acquisitions near Turtle Bay. Any of these would suggest the scenario is moving from ideological fantasy toward operational planning.

Conclusion

The UN Secretary-General’s statement today, while measured in tone, constitutes a sophisticated legal and political counteroffensive. Its goal: establish a firewall around UN operations allowing continued functioning as the U.S. withdraws. Whether this succeeds depends on factors beyond the Secretary-General’s control: European willingness to increase contributions, Chinese restraint, developing country loyalty to multilateral institutions, and the posture of New York City’s government.

The headquarters dimension adds complexity the Trump administration may not have anticipated. The 1947 Agreement creates legal obligations that cannot be abrogated by executive fiat. The mayor who controls the surrounding city has already challenged Trump’s foreign policy on legal grounds. And waiting in the wings are Silicon Valley ideologues with blueprints for converting institutional collapse into corporate territorial control.

International law lacks effective enforcement mechanisms against powerful states. The United States can violate treaty obligations with impunity. But domestic political resistance from courts, Congress, states, or cities can provide constraints international institutions cannot. The strange truth emerging from this crisis: the international legal order’s survival may depend less on international law itself than on subnational actors within powerful states who refuse to comply with federal abandonment of treaty obligations. A 34-year-old democratic socialist immigrant from Uganda may matter more to the UN’s physical survival than the Security Council.

The liberal international order constructed after 1945 provided frameworks that prevented major power war for eight decades, lifted billions from poverty, and facilitated unprecedented prosperity. That order is now in its death throes.

The question is what replaces it: a Chinese-centric order with the UN as instrument, a fractured world of competing blocs unable to cooperate on existential challenges, or a network of corporate enclaves where the billionaires who helped destroy multilateralism profit from its ruins.

The League of Nations collapsed because its most powerful potential member refused to join. The United Nations may collapse because its most powerful founding member decided to leave. America, having learned from the League’s failure that international institutions require great power commitment, is now teaching the world that American commitments cannot be trusted.

The contest is joined. On one side: the Secretary-General, developing countries clinging to multilateral frameworks, European allies torn between Atlantic partnership and institutional preservation, and a democratic socialist mayor who may or may not choose to fight. On the other: a president determined to destroy what he sees as constraints on sovereignty, a Congress aligned with withdrawal, and an ideological movement viewing democratic governance itself as obsolete.

The stakes could not be higher. The battle will be fought not only in diplomatic forums but on 17 acres of Manhattan real estate representing either the enduring promise of international law or its final grave.

This publication operates on reader subscriptions. If this analysis demonstrated value, please consider becoming a paid subscriber to help my research reach more readers.

Get 25% off for 1 year

Trump’s January 7 withdrawals didn’t just suddenly redraw lines on global organizational charts; they also began to redraw the mental map inside the United States. The same moves that weaken international institutions and empower rival powers abroad are being sold to the American public through a steady diet of fear, militarized spectacle, and controlled information, reshaping what citizens understand “security,” “patriotism,” and “normal politics” to mean.

This second part follows that domestic arc: from the machinery of fear that casts multilateralism itself as a conspiracy, through the hyper‑militarization of everyday governance and the hollowing‑out of independent media, to a self‑reinforcing feedback loop in which anxious citizens, emboldened executives, and sidelined institutions steadily normalize more coercive, less democratic foreign and domestic policy.

This essay is the second part of a two‑part analysis of President Trump’s January 7, 2026 withdrawal from 66 international organizations.

Part One, “America Exits 66 International Organizations,” examines the institutional and geopolitical consequences abroad; this installment traces the domestic psychological, media, and coercive dynamics that help make that retreat possible and sustainable.

The Psychological Toll on the American People

The withdrawals are not just about institutions abroad, but also about reshaping how Americans think and feel at home, using fear of “globalist” enemies to justify isolation and control. Months of rhetoric casting multilateral bodies as conspiratorial threats have worked to heighten anxiety, normalize permanent emergency, and make citizens more willing to trade civil liberties and openness for the promise of protection by subtly rewiring expectations of what “security” and “patriotism” mean.

These trends are not uncontested. State and local governments, independent journalists, civil society groups, and some courts continue to resist authoritarian drift and defend pluralistic norms, creating pockets of resilience that complicate any simple story of linear democratic collapse.

I. The Machinery of Fear

The January 7th withdrawals do not occur in isolation. They are the latest culmination of a months-long rhetorical campaign designed to reframe international cooperation as threat and foreign institutions as enemies. Since the third quarter of 2025, administration officials have increasingly deployed language characterizing multilateral organizations as a “sprawling architecture of global governance” dominated by “progressive ideology,” advancing a “globalist project” that “actively seeks to constrain American sovereignty.” The State Department’s description of a “multilateral NGO-plex” employs the linguistic architecture of conspiracy: shadowy networks, elite capture, ideological infiltration.

This rhetoric serves a psychological function beyond policy justification. Research in political psychology demonstrates that fear-based messaging activates authoritarian predispositions, increasing citizens’ willingness to trade civil liberties for perceived protection. When authorities frame issues through a lens of national security and existential threat, populations become more accepting of extraordinary measures. The administration’s framing of routine international cooperation as an attack on American sovereignty exploits this dynamic, manufacturing threat where none exists.

The past 90 days have witnessed an acceleration of this fear-based governance. The Venezuela operation on January 3rd in which the Trump administration bombed a sovereign nation’s capital, capturing its president, and declared the United States would “run” the country, demonstrated an active interest in translating rhetorical aggression into highly visible kinetic action.

Defense Secretary Hegseth’s framing of the invasion as accessing “additional wealth and resources” without “American blood” came amid rapidly escalating casualty estimates: a senior Venezuelan official told the New York Times that at least 40 people, including civilians and soldiers, had been killed, with subsequent reports raising the toll to around 80 dead. That framing normalizes imperial extraction as foreign policy. When the President threatens Mexico as “run by drug cartels” requiring that “something is gonna have to be done,” Americans internalize that their government views military action against neighbors as routine and even desirable.

Fear‑based politics is not entirely new in the United States. From McCarthyism’s anti‑communist purges to the “War on Terror” era’s color‑coded threat alerts and PATRIOT Act surveillance, elites have repeatedly used security rhetoric to expand executive power and constrict dissent. What distinguishes the current moment is the fusion of that repertoire with an explicit retreat from multilateralism and an open attack on the very institutions that once constrained such overreach, both at home and abroad.

II. Domestic Militarization and the Normalization of Violence

The psychological impact extends beyond foreign policy. Throughout 2025, Americans witnessed the militarization of immigration enforcement at unprecedented scale. The $170.1 billion allocated to enforcement under the “One Big Beautiful Bill Act” made ICE the highest-funded federal law enforcement agency in history, funded at levels exceeding some foreign militaries. Military-style raids on apartment complexes, National Guard deployments to Democratic-led cities, drone surveillance in urban areas, and the designation of border regions as military zones have habituated Americans to armed federal presence in civilian life.

The Lemkin Institute, which monitors genocide risk globally, documented “hyper-militarized mass deportation operations” involving Black Hawk helicopters, armored vehicles, and agents from multiple federal agencies conducting pre-dawn raids. Videos of agents smashing car windows, tackling mothers, and deploying tear gas against peaceful protesters circulated on social media, images the White House amplified through its own channels by posting photographs of shackled deportees and “perp walk” footage. This publicity campaign, described by commentators as coming close to “glorifying violence and rough justice,” was run by political appointees in their twenties and received criticism for promoting imagery associated with white nationalism and “remigration” ideology, a term with documented ties to ethnic cleansing movements in Europe.

The psychological literature on authoritarianism identifies this pattern precisely. When governments deliberately display state violence against designated out-groups, they achieve multiple objectives: demonstrating power, defining who belongs and who does not, and habituating the majority population to accept escalating coercion as normal. Each raid that proceeds without consequence expands the boundaries of acceptable state action.

III. Information Control and Epistemic Isolation

Simultaneously, the administration has systematically dismantled independent information sources. Two days ago, the Corporation for Public Broadcasting formally dissolved after 58 years, its board voting to shut down rather than allow the organization to “remain defunded and vulnerable to additional attacks.” Congress rescinded over $1 billion in funding last summer, and the FY 2026 appropriations bill excluded CPB funding for the first time since 1967.

The consequences have cascaded through local journalism: New Jersey PBS will cease operations in 2026, GBH in Boston paused production of American Experience, WQED in Pittsburgh laid off 35% of its staff, and stations from Indiana to Wisconsin have eliminated reporting teams and emergency broadcast capabilities. The infrastructure that delivered trusted local news, educational programming, and emergency alerts to rural and underserved communities is collapsing.

The assault on broadcast journalism extends to commercial media. In October 2025, Paramount Skydance installed Bari Weiss as editor-in-chief of CBS News after acquiring her website The Free Press for $150 million. Weiss, who built her career attacking “woke” culture and has no broadcast television experience, immediately began reshaping coverage at the network of Walter Cronkite and 60 Minutes. In December, she spiked a 60 Minutes segment about Venezuelan men deported to El Salvador’s notorious CECOT prison hours before airtime, overruling correspondents and standards departments that had cleared the story. Correspondent Sharyn Alfonsi’s internal memo warned that “the public will correctly identify this as corporate censorship.” Staff have threatened to quit. The pattern is clear: critical coverage of administration actions faces interference at the editorial level.

Meanwhile, the administration has attempted to destroy Voice of America, purged government databases of climate and health information, fired scientists producing congressionally mandated assessments, and launched the taxpayer-funded “White House Wire” as what critics call a “propaganda outlet.” When the FCC investigates news organizations for coverage the President dislikes, when reporters are barred from the Oval Office for refusing to adopt state-mandated terminology, when the administration sues journalists and revokes security clearances of former officials who speak publicly, these actions create chilling effects that extend far beyond their immediate targets.

The withdrawal from 66 international organizations compounds this epistemic isolation. Americans will no longer benefit from IPCC climate assessments that have long informed domestic policy, from UNFPA data on global health trends, from UNCTAD analysis of trade dynamics affecting American workers, or from the democracy monitoring that International IDEA provides to help citizens evaluate their governments. The organizations being abandoned are not merely diplomatic conveniences; they are sources of independent information that enable citizens to evaluate their government's claims. Their elimination leaves Americans more dependent on official narratives they have fewer tools to verify.

IV. Fear, Militarization, and the Foreign Policy Feedback Loop

The withdrawals and accompanying rhetoric do not just reflect foreign‑policy choices; they actively reshape the domestic psychology that will govern future choices. Fear‑based messaging about “globalist” enemies, migrant “invasions,” and neighboring states “run by cartels” constructs a sense of permanent siege, blurring the line between routine politics and existential emergency. This is consistent with political‑psychology work showing that threat framing increases willingness to trade civil liberties for security; for instance, research published in the American Journal of Political Science demonstrates that perceived national threats significantly bolster support for punitive surveillance and restricted dissent. Experimental and comparative studies of fear appeals and authoritarian predispositions find that when people perceive threats as real and proximate, especially when elites frame them as national‑security challenges, they become more supportive of strong leaders and restrictive policies, a phenomenon detailed in Psychology Today’s analysis of authoritarian appeal.

Militarized spectacle then embeds this mindset in daily life. Hyper‑militarized immigration and policing operations—raids using helicopters, drones, armored vehicles, and tactical teams—create the lived impression that society is under siege and that military‑style force is the normal instrument for managing social problems. The ACLU’s landmark report, War Comes Home: The Excessive Militarization of American Policing, documents how these paramilitary tactics shift the public’s perception of their own neighborhoods into “war zones.” Public opinion research on support for the use of force shows that when interventions are framed as responses to “national security” threats, backing for coercive tools is significantly higher than when motivations are purely humanitarian or economic. Each unpunished display of state violence against designated out‑groups tends to widen the boundary of acceptable coercion, making more aggressive external action easier to justify and even politically rewarding as a demonstration of “toughness.”

Inside the state, this psychological and political environment shifts incentives and narrows the menu of live options. Agencies and officials who deliver visible kinetic “wins” gain resources and prestige, while those arguing for multilateral cooperation or restraint are more easily sidelined as naïve or disloyal. As noted by the Carnegie Endowment for International Peace, this produces a selection bias in favor of unilateral, hard‑power solutions—from airstrikes and punitive raids to expansive enforcement and sanctions. This “militarization of foreign policy,” further explored by former Ambassador Karl Eikenberry, suggests that over-reliance on the military organ of the state erodes diplomatic capacity. Each new operation then generates images of chaos and backlash abroad that can be fed back into domestic narratives as proof that enemies are everywhere and only further force will suffice. In this way, fear‑based messaging, domestic militarization, and aggressive foreign policy form a self‑reinforcing feedback loop that, over time, can steadily marginalize cooperative, law‑bound approaches to international order.

V. The Psychology of Siege

Research on authoritarian governance identifies a characteristic psychological syndrome: citizens experiencing persistent threat develop chronic anxiety, hypervigilance, and self-censorship. They narrow their “circle of compassion” to immediate in-groups while becoming suspicious of outsiders. They convert fear into anger, an emotion that restores a sense of agency, and direct that anger toward targets designated by authorities. Over time, this fear can become internalized for many people, affecting decision‑making, dampening civic engagement, and weakening social cohesion, even as others respond with mobilization and resistance.

The administration's rhetorical pattern exploits these dynamics systematically.

International organizations become threats serving a “globalist project” rooted in “progressive ideology” that “actively seek to constrain American sovereignty.” Immigrants perpetrate an “invasion”—language deliberately chosen because, as budget director Russell Vought has explained, it “unlocked” extraordinary presidential powers under the Constitution. Journalists become “the enemy of the people” and purveyors of “fake news,” now tracked on an official White House “Media Bias Portal.” Climate scientists are dismissed as promoters of “climate orthodoxy” and “climate alarmism,” their assessments characterized as “junk science.”

Each designated enemy justifies expanded state power; each expansion normalizes the next. The psychological research is unambiguous: populations subjected to sustained threat-based messaging become more accepting of authoritarian measures, more hostile to out-groups, and less capable of collective action to protect democratic institutions.

VI. Human Rights Erosion and Its Witnesses

The human rights infrastructure being dismantled served functions beyond its overseas beneficiaries. When the United States participated in UN Women, the Freedom Online Coalition, and the various mechanisms protecting children in armed conflict, these commitments established normative boundaries that constrained domestic policy as well. Withdrawal signals that these norms no longer bind American conduct, a message received by both foreign and domestic audiences.

Americans watching their government abandon organizations protecting women from violence, children from armed conflict, and refugees from persecution absorb lessons about whose suffering matters. The defunding of the UN Voluntary Fund for Victims of Torture, which the United States funded at 85% of its annual budget since 1998, communicates that torture survivors’ recovery is no longer an American priority. The termination of gender-based violence programming communicates that women’s safety is expendable. These messages shape what Americans come to expect from their government and what they believe their government owes to anyone.

The psychological toll compounds across these domains. Citizens experience their country conducting military strikes that kill civilians abroad—independent and official estimates suggest that between 40 and roughly 80 people, including civilians and military personnel, were killed in the January 3 Venezuela operation alone, with prior strikes on alleged drug vessels killing what governments and families say were primarily fishers and civilians. They witness military forces deployed to their own communities, with 20,000 National Guard troops requested for deportation operations including “night operations and rural interdiction” and “riot control” in cities across the country—operations that have resulted in documented human rights violations against both citizens and noncitizens, including today’s homicide of an unarmed civilian in Minneapolis by Immigration and Customs Enforcement which has already been viewed by millions of Americans as of the time of this writing.

They see their government eliminate independent information sources and abandon human rights commitments by withdrawing from the UN Human Rights Council and boycotting the Universal Periodic Review, all while being told this represents “restoring American sovereignty” and putting “America First.” The cognitive dissonance between democratic self-image and authoritarian reality produces either denial, rationalization, or despair. None of these responses support healthy civic engagement.

VII. The Long Shadow

Psychological research on post-authoritarian societies documents that fear persists long after the conditions that created it change. Even after regime collapse, populations exhibit chronic anxiety, avoidance behaviors, reduced civic participation, and weakened social trust. The trauma becomes collective, shaping not just individuals but the society’s capacity for democratic self-governance.

The United States has not experienced full‑scale authoritarian governance in living memory, and most Americans lack lived experience of overt autocracy, even though communities of color and political dissidents have long confronted state overreach and repression. That uneven history leaves large parts of the population with little preparation for the psychological dynamics now being activated: the fear-based mobilization, the designated enemies, the spectacular displays of state violence, the information control, the abandonment of normative constraints. The 66 withdrawals announced today via one single executive order accelerate a process already well underway, the psychological reconditioning of the American public to accept as normal what, for many Americans outside directly targeted communities, would have seemed unthinkable a year ago.

The damage extends beyond policy reversibility. Even if future administrations rejoin these organizations, the psychological impact on Americans who lived through this period, who watched their government bomb foreign capitals, deploy military force against their neighbors, celebrate the detention of families, and systematically dismantle the architecture of international cooperation, will persist. A generation is learning that American power serves extraction rather than cooperation, that international institutions are enemies rather than partners, and that human rights are obstacles rather than principles.

This is the cost that no policy analysis fully captures: the reshaping of American civic psychology to accept isolation, aggression, and indifference to suffering as the natural condition of a great power. The international organizations being abandoned today were imperfect institutions, but they embodied a vision of America as a nation that builds rather than destroys, that cooperates rather than dominates, that protects rather than exploits. Their abandonment teaches Americans a different lesson about who they are and who they are becoming.

Conclusion

Taken together, these two parts trace a single, integrated transformation: outwardly, a United States that walks away from the architecture of multilateral cooperation and cedes rule‑making space to others; inwardly, a polity conditioned by fear, militarization, and epistemic isolation to accept that retreat as both necessary and virtuous. The withdrawals accelerate the shift from a system in which U.S. influence flowed through institutions, norms, and development to one where power is pursued through naked leverage and episodic displays of force—precisely as the domestic audience is primed to distrust compromise and regard international law as a threat. This is not an overnight collapse but a path‑dependent choice: each treaty abandoned, each institution defunded, each raid or strike applauded as “toughness” makes it harder for future leaders to rebuild credibility, re‑enter cooperative regimes, or persuade citizens that shared rules are a source of strength rather than shackles. Whether this trajectory becomes locked in or can still be reversed will depend less on the next communiqué from an international body than on how quickly Americans recognize that the real cost of “America Alone” is not just diminished influence abroad, but a steadily shrinking horizon of freedom and possibility at home.

This publication operates on reader subscriptions. If your felt this analysis was valuable, please consider becoming a paid subscriber to help my research reach more people.

Get 25% off for 1 year

This unprecedented action represents the most comprehensive retreat from multilateral cooperation in American history, surpassing even the isolationist period preceding World War II. The State Department justified these withdrawals by characterizing the organizations as “redundant, mismanaged, unnecessary, wasteful, poorly run, captured by interests advancing agendas contrary to our own, or a threat to our nation’s sovereignty, freedoms, and general prosperity.”

The scale and scope of this withdrawal fundamentally reshapes America’s role in global governance, with profound implications across climate policy, democratic institutions, development assistance, and international security.

This analysis examines the likely short-term (0-2 years), medium-term (2-5 years), and long-term (5+ years) impacts of these withdrawals across their major categories. The scope is limited to today's executive action alone and does not account for the cumulative effects of the administration's broader policy agenda.

The volume of policy changes enacted in a single day necessitated significant AI assistance in this research.

Contents

I. Climate & Environment

II. Democracy, Rule of Law & Human Rights

III. Peace, Security & Counterterrorism

IV. Development & Economic Security

V. Governance & Administrative Bodies of the UN

VI. Cross-Cutting Strategic Impacts

China’s Ascendancy to Global Leadership

The “My Way or the Highway” Doctrine

Financial and Economic Consequences

Credibility Collapse and Alliance Erosion

The Paradox of Isolationism

Conclusion: The Reshaping of Global Order

I. Climate & Environment

Climate and environment withdrawals broadcast that climate cooperation is now framed as a sovereignty threat and economic burden, not a security or competitiveness imperative, even though some allies and private actors will still try to keep the U.S. loosely plugged into climate markets and tech flows.

By walking away from UNFCCC, IPCC, and major clean‑energy and conservation platforms, the administration signals it is comfortable trading away a significant share of scientific leadership and standard‑setting power in the green economy for short‑term fossil and extraction gains, accepting that others will partially fill gaps.

Affected Organizations

• UN Framework Convention on Climate Change (UNFCCC)

• Intergovernmental Panel on Climate Change (IPCC)

• International Renewable Energy Agency (IRENA)

• International Solar Alliance

• International Union for Conservation of Nature (IUCN)

• 24/7 Carbon-Free Energy Compact

• Renewable Energy Policy Network for the 21st Century

• Commission for Environmental Cooperation

• Inter-American Institute for Global Change Research

• International Tropical Timber Organization

• Secretariat of the Pacific Regional Environment Programme

Short-Term Impact (0-2 years)

The withdrawal from UNFCCC, the 1992 foundational treaty ratified by the U.S. Senate, isolates America as the only nation outside this framework governing climate negotiations among 198 countries. This creates immediate diplomatic fallout and eliminates U.S. influence over trillions of dollars in global climate investments and policies. The exit from IPCC silences American climate scientists from the world’s authoritative climate assessment body, with federal researchers at NOAA, NASA, and the U.S. Global Change Research Program barred from participating in the 2029 assessment report.

Financial disruptions cascade immediately. The U.S. previously contributed substantial voluntary funding to climate mechanisms, and its sudden withdrawal leaves funding gaps for climate adaptation projects in vulnerable developing nations. Research collaborations halt abruptly: IUCN’s Red List assessments tracking over 45,000 threatened species lose American biodiversity data and expertise. The 24/7 Carbon-Free Energy Compact and renewable energy networks lose their largest technological and financial contributor.

Diplomatic credibility is suffering acutely. Former Biden climate adviser Gina McCarthy characterized these moves as “shortsighted, embarrassing, and foolish,” warning that the U.S. surrenders its ability to shape “trillions of dollars in investments and policies” while remaining exposed to worsening climate disasters. International allies express dismay, with Johan Rockström of Germany’s influential Potsdam Institute calling it “irresponsible self-destructive US behaviour that will damage US science and society.”

Medium-Term Impact (2-5 years)

China consolidates climate leadership during this vacuum. Already the dominant supplier of solar panels, wind turbines, and batteries (with solar power costs down 90% since 2010) China leverages U.S. absence to set global clean energy standards and secure critical mineral supply chains. The Belt and Road Initiative expands aggressively into climate infrastructure, binding developing nations to Chinese technical standards and financing models.

American clean energy industries face competitive disadvantages. Without participation in international renewable energy agencies and standards bodies, U.S. companies lose influence over emerging technology protocols and miss intelligence on global market trends. The $13 billion cancellation of U.S. clean energy funding compounds domestic technological stagnation.

Scientific capacity degrades. The exclusion of U.S. federal scientists from IPCC work diminishes America’s climate research reputation globally. As Northern Arizona University researcher Kevin Gurney warns, “I worry about what this says to young scientists who may feel underappreciated, or worse, that they are almost viewed as unwanted, that science is no longer a wanted endeavor.” Brain drain accelerates as leading climate scientists seek opportunities abroad or leave the field entirely.

The U.S. experiences increasing climate vulnerability without international coordination mechanisms. As extreme weather intensifies (droughts, wildfires, hurricanes, floods, etc.) America lacks access to international early warning systems, climate adaptation best practices, and coordinated disaster response that these organizations facilitate.

Long-Term Impact (5+ years)

The U.S. permanently cedes climate leadership to China, which by 2040 will have comprehensively reshaped the global clean energy economy in its image. Chinese technical standards, financing mechanisms, and diplomatic frameworks govern the multi-trillion-dollar energy transition, locking in advantages for decades. American influence in climate negotiations (critical for protecting U.S. economic and security interests!) becomes marginal.

Economic costs multiply. U.S. firms face discriminatory treatment in international clean energy markets, excluded from projects financed through mechanisms the U.S. no longer influences. Tariffs and non-tariff barriers target American clean tech exports as retaliation for climate isolationism. The International Energy Agency estimates the global clean energy market will exceed $2 trillion annually by 2035—American companies’ market share contracts sharply.

Climate change impacts intensify domestically while international cooperation mechanisms remain inaccessible. Without participation in global climate adaptation networks, American communities replicate expensive solutions already solved elsewhere. Agricultural disruptions, water scarcity, and climate-driven migration from Central America strain U.S. resources without the buffering capacity international cooperation provides.

Geopolitical realignment becomes permanent. The European Union, despite limited capacity, attempts to fill gaps alongside China, but lacks resources to prevent fragmentation of the global climate regime. A two-track system emerges: a China-led developing world bloc and a weakened Western coalition, with the U.S. as an outlier threatening the viability of both.

II. Democracy, Rule of Law & Human Rights

Democracy, rule of law, and human rights withdrawals announce that liberal norms have been visibly demoted from identity to convenience, even if some U.S. rhetoric and bilateral programs persist.

Exiting IDEA, the Venice Commission, UN Women, and related bodies tells the world that election integrity, independent courts, and gender equality are now negotiable chips rather than consistent red lines, raising the odds that authoritarian models and digital repression spread in borderline cases where external support once made a difference.

Affected Organizations

• Venice Commission (Council of Europe)

• International Institute for Democracy and Electoral Assistance (International IDEA)

• Freedom Online Coalition

• International Institute for Justice and the Rule of Law

• International Development Law Organization

• UN Alliance of Civilizations

• UN Democracy Fund

• UN Entity for Gender Equality and Empowerment of Women (UN Women)

• Office of Special Representatives (Children in Armed Conflict, Sexual Violence in Conflict, Violence Against Children)

• Permanent Forum on People of African Descent

Short-Term Impact (0-2 years)

U.S. withdrawal devastates democracy assistance infrastructure globally. International IDEA, an intergovernmental organization with 35 member states supporting electoral processes and democratic institutions worldwide, loses its largest financial backer and most influential member. The organization’s capacity to monitor elections, provide technical assistance to emerging democracies, and develop democratic norms contracts immediately. The 2026 electoral calendar, which marks critical elections in multiple fragile democracies, proceeds with diminished international observation and support.

The Venice Commission, the Council of Europe’s constitutional advisory body that has guided democratic transitions across Eastern Europe and beyond, loses American expertise and resources. Countries seeking constitutional reform and rule of law strengthening, particularly in the Western Balkans, Eastern Europe, and former Soviet states, face weakened international support structures precisely when Russian and Chinese authoritarian influence expands.

The Freedom Online Coalition, comprising 40 democracies coordinating responses to internet censorship, surveillance, and digital authoritarianism, fractures without U.S. leadership. This coalition has issued joint statements condemning internet shutdowns, coordinated diplomatic responses to digital rights violations, and supported digital activists through the Digital Defenders Partnership. American withdrawal creates immediate operational confusion and signals to authoritarian regimes that the costs of internet repression have diminished.

UN Women loses substantial U.S. funding as part of the broader $400 million termination of gender-based violence programming. The immediate impact affects programs supporting women in conflict zones such as Ukraine, Sudan, Syria, Democratic Republic of Congo, Haiti, and Afghanistan, where gender-based violence surges amid humanitarian crises. Service delivery for survivors collapses in multiple countries as organizations lose 28% of all humanitarian gender equality funding from the single largest donor.

Medium-Term Impact (2-5 years)

Democratic backsliding accelerates in vulnerable states without robust international support mechanisms. The “third wave of autocratization” identified by International IDEA intensifies as countries experience democratic erosion without the technical assistance, electoral monitoring, and rule of law strengthening these organizations provided. Disputed elections lacking credible international observation trigger instability—coups, civil conflict, refugee flows affecting U.S. security interests.

China and Russia aggressively promote authoritarian governance models to fill the democracy assistance void. China’s “whole-process people’s democracy” narrative gains traction in developing countries disillusioned by Western withdrawal. Russia’s influence operations in former Soviet states operate unchecked by the rule of law programs the U.S. previously supported. The ideological contest between democracy and authoritarianism tilts decisively toward autocracy.

Digital authoritarianism expands. Without the Freedom Online Coalition’s coordinated responses, autocratic governments implement invasive surveillance, internet shutdowns, and censorship with impunity. The coalition previously deterred such actions through diplomatic pressure and public statements; its weakening emboldens China’s cyber sovereignty model and Russia’s internet control framework to spread to dozens of additional countries.

Gender inequality worsens dramatically. The Women’s Refugee Commission projects that U.S. funding cuts reverse decades of progress, with women-led organizations bearing the brunt of impact. Gender expertise within the humanitarian sector erodes. Evidence, tools, and guidance for gender-transformative humanitarian action risk being lost entirely. By 2030, maternal mortality rates rise significantly, gender-based violence increases in conflict zones, and women’s political participation declines in countries that previously received U.S. support.

Long-Term Impact (5+ years)

A generation of democratic reversals becomes entrenched. Countries that democratized in the 1990s and 2000s with substantial American support from Eastern Europe to Latin America to Southeast Asia experience authoritarian consolidation. Constitutional courts weaken, independent media disappears, civil society faces repression, and electoral manipulation becomes normalized, all in environments where international democracy assistance has evaporated.

American moral authority collapses irreversibly. For seventy years, the U.S. positioned itself as democracy’s champion. Withdrawal from organizations supporting democratic governance, rule of law, and human rights reveals this commitment as transactional and unreliable. Even when future administrations attempt to re-engage, skepticism about American credibility prevents meaningful cooperation.

The authoritarian-democratic divide hardens into opposing blocs. China’s model of state-directed development without political liberalization, enabled by sophisticated digital surveillance, becomes the default for developing countries. Russia’s illiberal nationalism spreads across Eurasia. The post-Cold War assumption that democracy represents the inevitable future collapses, replaced by competing governance systems—and the U.S. lacks influence in this new landscape.

Gender equality setbacks prove difficult to reverse. An entire generation of girls and women in conflict-affected regions experiences violence, denial of education, and exclusion from economic opportunity that could have been prevented by the programs the U.S. abandoned. The compounding effects of reduced education, increased child marriage, and higher maternal mortality create structural disadvantages lasting decades.

III. Peace, Security & Counterterrorism

Peace, security, and counterterrorism withdrawals declare a tilt from shared security toward more go‑it‑alone hard power, while still leaving intact some legacy alliances and intelligence channels.

Leaving GCTF, the Science and Technology Center in Ukraine, ReCAAP, and UN peacebuilding tools signals that preventing terrorism, piracy, proliferation, and conflict relapse through broad‑based cooperation is being downgraded relative to preserving unilateral freedom of action, accepting higher long‑term risk even if not everywhere and not all at once.

Affected Organizations

• Global Counterterrorism Forum (GCTF)

• European Centre of Excellence for Countering Hybrid Threats

• Global Community Engagement and Resilience Fund

• Global Forum on Cyber Expertise

• International Institute for Justice and the Rule of Law

• Science and Technology Center in Ukraine (STCU)

• Regional Cooperation Agreement on Combating Piracy and Armed Robbery (ReCAAP)

• UN Peacebuilding Commission

• UN Peacebuilding Fund

• International Residual Mechanism for Criminal Tribunals

• Regional Cooperation Council

• Partnership for Atlantic Cooperation

Short-Term Impact (0-2 years)

The Global Counterterrorism Forum, founded in 2011 with the U.S. as a founding member, loses its primary driver and largest financial contributor. This informal network of 30 countries plus the EU provides a venue for counterterrorism officials to share best practices on countering violent extremism, rule of law approaches, detention and reintegration, and foreign terrorist fighters. American withdrawal immediately diminishes the forum’s effectiveness and signals reduced U.S. commitment to multilateral counterterrorism cooperation.

The Science and Technology Center in Ukraine, established in 1993 to redirect former Soviet WMD scientists toward civilian research and prevent proliferation, faces funding collapse amid the Ukraine war. The U.S., Canada, and the EU fund STCU to employ Ukrainian scientists on peaceful projects, preventing brain drain to hostile actors. With $109 million invested since inception and recent projects on small modular reactor licensing, the U.S. withdrawal during Ukraine’s existential conflict represents both a strategic and humanitarian abandonment.

ReCAAP, the first regional government-to-government agreement against piracy in Asia with 21 contracting parties, loses American participation in information-sharing on maritime security threats. The ReCAAP Information Sharing Centre in Singapore coordinates responses to piracy incidents in critical shipping lanes (Straits of Malacca, South China Sea) where over $3 trillion in annual trade transits. U.S. withdrawal reduces intelligence quality and response coordination.

The UN Peacebuilding Commission and Fund, which has invested $1.9 billion in over 60 conflict-affected countries since 2006, loses substantial U.S. financial and diplomatic support. These mechanisms provide rapid-response funding for post-conflict stabilization such as support for peace agreements, local governance, economic recovery, and reconciliation. Ongoing peacebuilding efforts in Burkina Faso, Colombia, Somalia, Papua New Guinea, and the Great Lakes region face funding shortfalls at critical junctures.

Medium-Term Impact (2-5 years)

Counterterrorism coordination fragments. Without U.S. participation, the Global Counterterrorism Forum’s capacity to develop and promulgate international good practices erodes. Regional counterterrorism efforts in the Sahel, Horn of Africa, and Southeast Asia (areas under acute terrorist threat) lose the convening power and technical expertise the U.S. provided. Information sharing on foreign terrorist fighters, terrorist financing, and cross-border operations deteriorates, creating gaps that terrorist networks exploit.

Ukraine loses critical nonproliferation and scientific support infrastructure at the worst possible time. The STCU has kept Ukrainian nuclear scientists employed on civilian projects throughout the war, preventing recruitment by adversaries. Without U.S. funding, scientists face unemployment or worse: potential recruitment by Russia, China, Iran, or North Korea seeking WMD expertise. The proliferation risk multiplies significantly.

Maritime security in Asia weakens. ReCAAP’s diminished capacity allows piracy and armed robbery to increase in Southeast Asian waters. China leverages this security vacuum to position itself as the maritime security provider, expanding its naval presence and influence in the South China Sea under the guise of anti-piracy operations. Regional states grow more dependent on Chinese security architecture.

Conflict recurrence increases as peacebuilding efforts collapse. The UN Peacebuilding Fund’s rapid-response capacity, which is critical for consolidating fragile peace, degrades without adequate resources. Countries like South Sudan, Central African Republic, and Somalia, where peacebuilding funding prevents conflict relapse, experience renewed violence. This triggers humanitarian crises, refugee flows, and regional instability that costs far more to address later than the peacebuilding investments would have.

Long-Term Impact (5+ years)

Global counterterrorism architecture deteriorates into competing national efforts, lacking coordination and shared intelligence. Terrorist organizations adapt to fragmented responses, exploiting gaps between national approaches. The international consensus on counterterrorism norms, especially around human rights protections, rule of law, and preventing violent extremism, fractures as countries pursue unilateral strategies.

WMD proliferation risks materialize. The collapse of programs like STCU that redirect weapons scientists toward peaceful research increases the likelihood that expertise reaches hostile state and non-state actors. By 2030, the international nonproliferation regime faces unprecedented stress as more actors possess advanced weapons knowledge without the safety net of programs that once mitigated these risks.

China dominates Asian maritime security. With the U.S. withdrawn from regional cooperation mechanisms like ReCAAP, Beijing constructs a China-centric maritime security order across Southeast Asia. Regional states, dependent on Chinese anti-piracy and maritime domain awareness capabilities, acquiesce to Chinese interpretations of maritime law and territorial claims. The U.S. loses naval access and basing rights as its security partnerships atrophy.

Chronic instability in post-conflict regions becomes normalized. Without effective peacebuilding mechanisms, countries cycle between periods of fragile peace and renewed violence. The Sahel, Central Africa, and parts of Asia become permanent conflict zones, generating continuous humanitarian emergencies, mass displacement, and terrorist safe havens. The costs of military intervention and humanitarian response which the U.S. inevitably bears in a disproportionate manner far exceed the peacebuilding investments that could have prevented these outcomes.

IV. Development & Economic Security

Development and economic security withdrawals recast development from core strategic investment into something closer to disposable charity, though a patchwork of EU, Gulf, Chinese, and private funding will blunt some immediate shocks.

Abandoning UNCTAD, the International Trade Centre, UNFPA, regional economic commissions, and education and humanitarian funds signals that stabilizing poor countries, reducing migration pressure, and advancing the SDGs have slipped behind tariffs, leverage, and short‑term fiscal optics, making comprehensive goal achievement far less likely even if pockets of progress remain.

Affected Organizations

• UN Conference on Trade and Development (UNCTAD)

• International Trade Centre (ITC)

• UN Department of Economic and Social Affairs

• UN ECOSOC Regional Commissions (Economic Commission for Africa, Economic Commission for Latin America and the Caribbean, Economic and Social Commission for Asia and the Pacific, Economic and Social Commission for Western Asia)

• UN Population Fund (UNFPA)

• UN Human Settlements Programme

• International Development Law Organization

• International Cotton Advisory Committee

• International Lead and Zinc Study Group

• Intergovernmental Forum on Mining, Minerals, Metals, and Sustainable Development

• Global Forum on Migration and Development

• Education Cannot Wait

Short-Term Impact (0-2 years)

UNCTAD, the UN’s principal development economics body supporting 195 member states, loses its largest contributor. The organization provides crucial trade analysis, technical assistance on tariff negotiations, and economic policy guidance to developing countries navigating global markets. The U.S. withdrawal coincides with America’s own “reciprocal tariff” policy imposing 25%+ tariffs on dozens of developing countries, including 28 countries that each represent less than 0.1% of the U.S. trade deficit, among them several least developed countries. This double blow of withdrawal of development support plus punitive trade barriers devastates vulnerable economies.

The International Trade Centre, the joint UN/WTO agency exclusively dedicated to micro, small, and medium-sized enterprises in developing countries, faces funding collapse. ITC provides the practical trade capacity that allows developing country SMEs to access global markets—from quality standards to market intelligence to export financing. ITC’s programs on women’s entrepreneurship, youth employment, and critical mineral value chains halt abruptly.

The UN Population Fund loses $377 million in U.S. funding, with 48 grants terminated immediately. This affects life-saving maternal healthcare, rape treatment, and protection from violence in humanitarian crises—Gaza, Sudan, Ukraine, Syria, Afghanistan, Haiti, DRC, Chad, Mali, Yemen. In Yemen alone, 1.5 million women lose reproductive health services and 300,000 lose gender-based violence prevention programs. In Bangladesh, obstetric care facilities for Rohingya refugees face closure.

Regional UN Economic Commissions covering Africa, Latin America/Caribbean, Asia/Pacific, and Western Asia lose critical U.S. technical support and funding. These commissions coordinate regional economic development, infrastructure planning, and SDG implementation. Their capacity to assist member countries with economic recovery from COVID-19, climate adaptation, and digital transformation degrades significantly.

Medium-Term Impact (2-5 years)

Developing countries face a catastrophic combination of reduced development assistance, increased trade barriers, and lost technical support. Countries that each represent less than 0.1% of the U.S. trade deficit now face reciprocal tariffs that generate negligible U.S. revenue but devastate their export sectors. Simultaneously, they lose the UNCTAD and ITC technical assistance that helped them navigate trade negotiations and build export capacity. The compound effect pushes vulnerable economies toward financial crises.

China’s development finance model fills the void, but with fundamentally different approaches. Where USAID and UN development agencies emphasized health, education, governance, and emergency response through grants, China’s Belt and Road Initiative focuses on large-scale infrastructure and natural resource extraction through loans. While Gulf states and the EU increase aid commitments, they cannot match the scale of U.S. withdrawals and operate with shorter-term, less comprehensive frameworks.

The lack of development alternatives accelerates migration pressures toward the U.S. and Europe. Economic desperation in Central America, sub-Saharan Africa, and Asia exacerbated by loss of U.S. development support and punitive tariffs drives increased irregular migration. This creates the very border security challenges the Trump administration claims to prioritize.

Maternal and child health crises intensify. The UNFPA funding cuts result in millions of additional unwanted pregnancies and preventable maternal deaths annually, according to the Guttmacher Institute. Maternal mortality rates reverse decades of progress. In conflict zones where UNFPA provided the only reproductive healthcare, preventable deaths from childbirth complications surge.

Long-Term Impact (5+ years)

A development architecture centered on China replaces the Western-led post-World War II system. Developing countries, lacking alternatives, accept Chinese financing terms, technical standards, and governance expectations. This debt-dependency creates long-term political leverage for Beijing across Africa, Latin America, and Asia. American influence in these regions built over decades evaporates.

Economic divergence between developed and developing worlds accelerates. Without institutions like UNCTAD and ITC facilitating developing country integration into global value chains, poor countries remain trapped in commodity exports and low-value manufacturing. The gap between rich and poor nations widens dramatically, creating geopolitical instability, mass migration, and humanitarian crises that ultimately cost the U.S. far more than the development assistance would have.

The Sustainable Development Goals (SDGs) for 2030 fail comprehensively. The SDG framework: ending poverty, achieving gender equality, ensuring quality education, promoting decent work, etc. depended substantially on U.S. support through UN agencies and multilateral development banks. American withdrawal guarantees that most SDGs remain unmet, with cascading consequences for global stability.

Public health crises recur without the reproductive health infrastructure UNFPA built. Higher maternal mortality, inadequate family planning, and poor reproductive health outcomes create demographic pressures (read: population growth exceeding economic capacity) that drive instability and migration for generations.

V. Governance & Administrative Bodies of the UN

UN governance and administrative withdrawals telegraph an intent to weaken the UN’s role as the world’s coordination backbone, while recognizing that certain humanitarian and security functions will continue by inertia and with other sponsors.

Stepping away from DESA, system‑wide coordination forums, training institutes, UN Energy/Water/Oceans, the UN University, and legal and arms registers signals that shared rules, data, and expertise are treated as expendable at the margins, inviting other powers, especially China, to gain outsized influence over how global governance evolves even if they may not succeed in fully dominating it.

Affected Organizations

• UN Department of Economic and Social Affairs

• UN System Chief Executives Board for Coordination

• UN System Staff College

• UN Institute for Training and Research

• Office of the Special Adviser on Africa

• International Law Commission

• UN Register of Conventional Arms

• UN Energy

• UN Water

• UN Oceans

• UN University

• UN Collaborative Programme on Reducing Emissions from Deforestation and Forest Degradation

Short-Term Impact (0-2 years)

The U.S. withdrawal from core UN administrative and coordination bodies creates immediate operational chaos within the UN system. The UN Department of Economic and Social Affairs, which coordinates the UN’s work on the SDGs and provides analytical support to ECOSOC and the General Assembly, loses critical resources and expertise. The UN System Chief Executives Board, which coordinates policies and management across 31 UN entities, fractures as its largest contributor withdraws.

Knowledge generation and training capacity collapses. The UN Institute for Training and Research, which builds capacity of diplomats and officials globally, and the UN Staff College, which trains UN personnel, face funding crises. This degradation of institutional knowledge and professional development creates long-term competency gaps across the UN system.

Critical environmental coordination mechanisms (UN Energy, UN Water, UN Oceans) lose their integrative capacity. These inter-agency platforms coordinate UN activities on shared challenges requiring multiple expertise areas. Their weakening means duplicative, uncoordinated UN responses to environmental crises, reducing effectiveness and wasting resources.

The UN University, a global network of research institutes providing evidence-based policy solutions to the UN, faces existential funding challenges. Its loss diminishes the UN’s capacity for independent, rigorous research on emerging global challenges from AI governance to sustainable development.

Medium-Term Impact (2-5 years)

UN system coordination deteriorates significantly. Without U.S. participation in coordination bodies, the UN’s already-fragmented agencies and programs operate in greater isolation. Duplication of efforts increases, resources are wasted, and comprehensive responses to complex challenges become impossible.

The quality of UN analysis and policy recommendations declines markedly. The Department of Economic and Social Affairs produces less rigorous research without U.S. data contributions and analytical expertise. The International Law Commission’s work on developing international legal frameworks proceeds without American legal scholarship and diplomatic engagement.

China and other powers exploit coordination gaps to advance parochial interests. Without the U.S. as a counterweight in coordination bodies, China shapes UN priorities, staffing, and operations to align with its strategic goals. The UN gradually transforms from a Western-led to a China-influenced organization, with profound implications for global governance norms.

Environmental coordination failures lead to ineffective responses to cascading crises. Climate-driven water scarcity, ocean acidification, and energy transitions require coordinated UN action across multiple agencies. Without functioning coordination platforms, the UN’s response becomes fragmented and inadequate, allowing crises to worsen.

Long-Term Impact (5+ years)

The UN as an effective multilateral institution declines into irrelevance. Coordination failures, funding shortfalls, and great power manipulation render the organization incapable of addressing major global challenges. Its legitimacy and effectiveness diminish to levels approaching the League of Nations before its collapse.

A bifurcated international system emerges: a Western bloc around NATO and the EU pursuing one set of policies, and a China-led bloc including the BRICS and developing countries pursuing alternative frameworks. The UN, unable to bridge these blocs effectively, ceases to function as a unifying global body.

Knowledge and training capacity losses create permanent institutional weakness across international organizations. A generation of diplomats, officials, and experts lacks proper training in multilateral cooperation, international law, and global governance. This human capital deficit makes eventual reconstruction of effective international institutions far more difficult.

The absence of coordinated environmental governance leads to unmanaged ecological crises (water wars, fisheries collapse, ecosystem destruction) that destabilize entire regions and create humanitarian disasters the international community cannot address coherently.

VI. Cross-Cutting Strategic Impacts

The cross‑cutting strategic impacts of these policy changes underscore that these withdrawals amount less to isolated bureaucratic tweaks and more to a coordinated reordering of global power that measurably accelerates China’s rise, reduces the restraint of hostile states, erodes U.S. credibility, and carries substantial economic downside, even if American structural strengths and some alliances endure.

Taken together, they signal an “allergic reaction” to multilateral constraint that fractures the existing order, encourages alternative blocs to harden against Washington, and trades modest budget savings for a higher probability of future losses in market access, security, and long‑term influence.

China’s Ascendancy to Global Leadership

The single most consequential long-term impact of U.S. withdrawals is China’s emergence as the dominant shaper of international governance. As one analysis notes, “When America retreats, China leads.” Beijing has systematically increased its presence in international organizations: leading four of 15 specialized UN agencies, expanding its civil servant ranks, and boosting financial contributions. U.S. withdrawal eliminates the primary counterweight to Chinese influence.

China leverages this vacuum through its concept of “discourse power”: the use of narrative to gain global influence. Chinese Foreign Ministry statements characterize U.S. actions as putting “its own interests over the public good of the international community: and brushing “aside international law and international order in pursuit of its selfish interests,” actions “widely opposed by the international community.” This narrative positions China as the responsible stakeholder and the U.S. as an unreliable partner, winning support particularly from developing countries seeking solutions to global challenges.

In concrete terms:

• Climate: China sets global clean energy standards and controls critical mineral supply chains

• Technology: China establishes norms for AI governance, cyber sovereignty, and internet governance

• Development: The BRI becomes the primary development financing mechanism for 150+ countries

• Governance: Chinese nationals occupy senior positions across UN agencies, embedding Chinese priorities in institutional DNA

By 2040, China comprehensively replaces the U.S. as the architect of international order, not through military conquest but through patient institution-building while America withdraws. As Professor Michael McFaul warns, “Trump’s United States could easily emerge as a greater threat to liberal internationalism than Putin’s Russia or Xi’s China.”

The “My Way or the Highway” Doctrine

Daniel Forti of the International Crisis Group characterizes U.S. policy as: “What we’re witnessing is the solidification of the U.S. stance on multilateralism, which can be summarized as ‘my way or the highway.’ It reflects a clear desire for international cooperation strictly on Washington’s terms.”

This approach fundamentally misunderstands power in the 21st century. Unlike the unipolar post-Cold War era when the U.S. could dictate terms, today’s multipolar world requires coalition-building and sustained engagement. By demanding compliance rather than seeking partnership, the U.S. accelerates the formation of alternative blocs explicitly designed to counter American influence.

The paradox: Trump administration officials claim these withdrawals protect U.S. sovereignty and advance American interests. In practice, they achieve the opposite, reducing American influence over outcomes that directly affect U.S. security and prosperity while empowering rivals.

Financial and Economic Consequences

The immediate fiscal “savings” from these withdrawals are minuscule compared to potential economic losses. In FY2022, total U.S. contributions to international organizations were $21 billion, roughly 0.06% of U.S. GDP. Of this, the majority was voluntary funding directed toward specific programs the U.S. deemed beneficial.

The costs of withdrawal compound rapidly:

• Lost market access: U.S. companies lose influence over international standards, regulations, and procurement worth trillions of dollars. Clean energy markets alone exceed $2 trillion annually by 2035. American firms’ market share contracts as they’re excluded from standard-setting bodies.

• Increased security costs: Without peacebuilding and development assistance, conflict zones proliferate. Military interventions and humanitarian responses cost orders of magnitude more than preventive assistance. The Syria crisis alone has cost over €38 billion in EU humanitarian aid—far exceeding what conflict prevention would have cost.

• Trade disruption: Developing countries losing U.S. development support while facing punitive tariffs default on debts, experience currency crises, and reduce imports of American goods. The compounding effect on global supply chains disrupts U.S. businesses dependent on international trade.

• Migration surges: Economic collapse and instability in regions losing U.S. support drive massive migration toward U.S. borders. The costs of border enforcement, detention, and asylum processing exceed development assistance that could stabilize source countries.

Credibility Collapse and Alliance Erosion

America’s reliability as a partner has become the central question in global affairs. As one European leader stated, the rules-based international order is challenged “not by the usual suspects, but by its main architect and guarantor, the U.S.”

This credibility crisis manifests across domains:

NATO allies question U.S. commitment when America withdraws from European security coordination bodies like the European Centre of Excellence for Countering Hybrid Threats and the Regional Cooperation Council. If the U.S. won’t participate in threat assessment and information sharing, will it honor Article 5 collective defense obligations?

Asian partners face similar doubts as the U.S. withdraws from ReCAAP and other regional security mechanisms. Japan, South Korea, Philippines, and Australia, facing Chinese assertiveness, question whether U.S. security guarantees remain credible if America won’t participate in basic security coordination.

Developing country partners conclude U.S. commitments are worthless. After decades of American promises on development assistance, climate finance, and institution-building, wholesale withdrawal demonstrates that U.S. support is contingent on the views of a single leader and can be reversed instantly.

Future U.S. administrations will find it nearly impossible to rebuild trust.

The Paradox of Isolationism

The Trump administration frames these withdrawals as “America First” policy focused on U.S. interests. The historical record shows this approach consistently produces the opposite outcome:

• Interwar isolationism (1920s-1930s): U.S. rejection of the League of Nations and withdrawal from international cooperation allowed Nazi Germany and Imperial Japan to expand unchecked, ultimately forcing American intervention in World War II at catastrophic cost.

• Vietnam withdrawal without transition planning (1970s): Abrupt U.S. disengagement from Southeast Asia created power vacuums that China and the Soviet Union exploited, leading to regional instability and proxy conflicts that drew the U.S. back in.

• Afghanistan withdrawal (2021): Hasty American exit without coordination with allies resulted in unnecessary casualties, emboldened Russia to invade Ukraine, encouraged China to accelerate pressure on Taiwan, and signaled to adversaries that U.S. commitments are ephemeral.

The current wave of withdrawals follows this pattern. Rather than “America Alone” as intended, the result is “America Isolated” and lacking influence over outcomes that directly affect U.S. interests while rivals readily fill the voids.

Conclusion: The Reshaping of Global Order

The withdrawal from 66 international organizations doesn’t represent a national policy adjustment. This is a civilizational retreat.

The liberal international order constructed after 1945 (admittedly imperfect and quite often serving narrow U.S. interests) nevertheless provided frameworks for cooperation that prevented major power war for eight decades, lifted billions from poverty, and facilitated unprecedented prosperity.

• In the short term (0-2 years), these withdrawals create operational chaos, funding gaps, and diplomatic acrimony. Organizations struggle to maintain core functions. Beneficiaries of programs, from women in conflict zones to scientists working on climate solutions to officials building democratic institutions, lose critical support. Rival powers begin positioning themselves to exploit the emerging vacuum.

• In the medium term (2-5 years), alternative power structures crystallize. China constructs a parallel international order through the BRI, expanded UN engagement, and new institutions like the Asian Infrastructure Investment Bank. Authoritarian governance models spread as democracy assistance evaporates. Regional conflicts intensify without effective peacebuilding mechanisms. Climate change accelerates unchecked by international cooperation. Migration, public health crises, and economic instability multiply.

• In the long term (5+ years), the consequences become irreversible. American influence over global outcomes, from trade rules to security architecture to technological standards, diminishes to marginal status. China establishes itself as the architect of 21st-century international order, embedding its interests, values, and governance models in institutions that will shape global affairs for decades. The democratic-authoritarian divide hardens into separate, competing systems with the U.S. relegated to leadership of a declining Western bloc.

Future U.S. administrations will find reconstruction nearly impossible.

The trust deficit, China’s entrenched institutional advantages, and developing countries’ shift toward alternative partners create structural barriers to American re-engagement. Even if the U.S. attempts to rejoin these organizations, it will do so as a supplicant lacking the influence it once commanded.

The Trump administration justifies these withdrawals by claiming the organizations “advance globalist agendas over U.S. priorities.” The fundamental error in this flawed worldview is the assumption that U.S. interests can be secured through unilateral action. The challenges of the 21st century, including climate change, pandemics, terrorism, technological disruption, economic instability, and mass migration, are inherently transnational, and require coordinated responses. By withdrawing from the crucial mechanisms that enable coordination, the Trump administration guarantees our inability to shape outcomes on issues that directly affect American security and prosperity.

The world is not choosing between the United States and China. The world is moving on without the United States. This analysis has examined each withdrawal category systematically, and the verdict is unambiguous. Across every domain—climate, democracy, security, development, governance—these withdrawals damage U.S. interests in the short term, substantially degrade American influence in the medium term, and produce irreversible strategic disadvantage in the long term.

The beneficiaries are America’s rivals; the losers include the American people, whose security and prosperity depend on our stable, prosperous, cooperative international system. Donald J. Trump's policy actions since Inauguration Day are placing that system in mortal peril.

My second essay examines how these same choices are reshaping Americans’ psychology, media environment, and tolerance for coercion at home.

This publication operates on reader subscriptions. If this analysis demonstrated value, please consider becoming a paid subscriber to help my research reach more people.

Get 25% off for 1 year

I spent the last quarter of 2025 building something that grew out of a straightforward observation: every mainstream password manager still depends on centralized infrastructure and recurring fees, and even the “self‑hosted” or “zero‑knowledge” options force people to manage a second, separate set of encryption keys on top of their wallet keys. That model clashes with what blockchains are supposed to offer. It fragments a user’s security posture, increases the number of ways things can go wrong, and forces people to juggle multiple critical secrets just to keep access to their own data. Not ideal.

When I considered how credential management could look given the unique advantages of a decentralized network like Solana, the existing approaches suddenly seemed inadequate. The result was Lockbox, a protocol for secure, recoverable credential management that lives entirely on-chain with zero central servers, zero subscriptions, and no mandated user interface.

This breakdown walks through what we built, why the hackathon itself demonstrates the scale of innovation happening in the Solana ecosystem, what technical approaches make Lockbox distinct, and why this kind of work matters for my own analytical practice.

Hackathon Scale & Winners

While I led Lockbox’s design and implementation, my partner, Jason Schorr, provided targeted implementation guidance, drawing on his experience as an Ecosystem Engineer at the Solana Foundation and his work with other companies in the broader Solana ecosystem.

To be honest, I was initially intimidated to compete when Jason suggested submitting my app to the hackathon (which I only learned about after building the initial prototype), but he saw the vision, and I am glad he pushed for it.

Solana is a blockchain network that processes transactions far faster and cheaper than Bitcoin or Ethereum. It's not some niche experiment anymore: Visa partnered with Solana to build payment infrastructure on the network, signaling that major financial institutions see real utility in what Solana can do. The nonprofit Solana Foundation and this hackathon’s commercial sponsors, such as Phantom, Arcium, Forward Industries, Raydium, Reflect, and Triton, organize these recurring coding competitions to identify the next wave of products that could strengthen the ecosystem.

The sheer numbers around Cypherpunk matter because they signal something very real about developer momentum in the Solana ecosystem. More than 9,000 participants from 150+ countries submitted 1,576 final projects across six tracks: Infrastructure, Consumer, DeFi, Stablecoins, Real World Assets, and Undefined Applications.

Solana Breakpoint is the main industry event where the ecosystem gathers each year to see what builders have actually shipped. The Cypherpunk Hackathon winners were announced there, which meant the top projects had a real audience watching: other developers, founders with capital, and people who actually understand what good technical work looks like.

It’s the kind of stage where a project either lands or it doesn’t, depending on whether you’ve built something that solves a real problem.

We received an honorable mention in the “Undefined” track. To contextualize this, the baseline win rate was roughly 5-6% for projects receiving either top-five placements or public recognition.

First place went to attn.markets with its revenue tokenization protocol. Second through Fifth places went to Echo, PlaiPin, Solana ATM, and Humanship ID, respectively. Honorable mentions in that track included legends.fun and Scanna.

The density of competing projects and the breadth of approaches to novel problems say this ecosystem isn’t short on builders attempting to solve tough technical challenges.

What Lockbox Actually Does

I described Lockbox to the hackathon judges as a functional proof of concept for the first Solana infrastructure layer that lets wallets and dApps treat encrypted credential storage as a native, composable, permanent system. The user experience is intentionally familiar: users can store encrypted vaults directly on-chain, associated with their wallet, without any central server ever seeing plaintext data.

The technical architecture works like this: user data is encrypted client-side, before it ever leaves the user’s device. The plaintext is cleared from memory immediately after encryption. A user’s encrypted vault is stored on-chain as a program-derived account associated with their wallet. Our dApp never touches the keys or the plaintext. Instead, wallets, dApp developers, and enterprises can build their own interfaces on top of the Lockbox protocol and SDK, or use the reference implementation we built.

Where Lockbox diverges substantially from existing blockchain-adjacent solutions is in its recovery mechanics. If a user loses access to their wallet seed phrase, they can still recover limited access to their encrypted vault using offline-generated backup codes. These codes are generated off-chain, never exposed to any server, and provide what I think of as an “offline lifeline” for recovery after seed loss.

Based on my research into blockchain password managers and credential storage solutions, this recovery mechanism appears to be unique. Other approaches I examined either abandon users who lose their keys or require centralized servers to hold recovery data.

Technical Approach & Cryptographic Design

The core security assumption is straightforward: the user’s encryption key is derived from material they control, and the plaintext is never transmitted to or stored on untrusted infrastructure. I used industry-standard encryption with authenticated encryption to prevent tampering. The vault structure allows for multiple encrypted credential entries, so a user can store passwords, API keys, or other secrets under one wallet-associated account.

The backup recovery codes are the most novel part of the approach, because they provide that “offline lifeline” without ever exposing plaintext or relying on a server.

They are generated using a cryptographic scheme that produces short, memorable codes that can be stored offline. When a user later wants to recover access after losing their wallet keys, they can use one of these codes to restore access to a subset of their vault data. The codes themselves don’t store plaintext; they’re derived from the recovery seed in a way that allows verification and re-encryption with new key material.

What makes this architecture interesting from a security engineering perspective is the constraint: the Lockbox server and dApp must never see the plaintext keys or credential data, even during recovery. This means the recovery flow has to rely entirely on material the user stores offline and cryptographic primitives that don’t require server-side decryption. I used zero-knowledge proofs in parts of the verification logic to prove ownership of recovery material without exposing it, which keeps recovery interactive without widening the trust boundary.

For enginers who want to go deeper, full architecture and cryptography documentation for Lockbox is available in the project repository’s docs directory.

Business Model & Ecosystem Integration

Existing password managers charge either a recurring subscription (roughly $36-60 per year for consumers; that’s $360-600 over a decade just to keep access to your passwords) or per-user-per-month fees for enterprise (often $5-10 per employee, which balloons for larger teams). In both cases, users face recurring costs indefinitely, and enterprises face mounting annual overhead that procurement teams actively try to escape.

Lockbox’s model is fundamentally different.

Users pay linear, one-time fees for storage upgrades as they need them. If a user decides to close their vault, the storage rent is returned immediately—there is no subscription trap and no year-after-year extraction. This is technically possible because the vault data lives on-chain, which means Solana’s rent mechanism handles the economic model. Additionally, Lockbox transactions create network activity every time a credential is added, expanded, or accessed, which supports a sustainable fee structure through transaction costs.

For wallets like Phantom or Solflare, Lockbox integration could become a significant product differentiator. A wallet that offers secure, built-in password management, integrated with the wallet SDK and delivered through a partner protocol rather than developed in-house, becomes much stickier for users. It increases daily active use cases for holding and accessing the wallet. The wallet bears no backend infrastructure cost, because the infrastructure is decentralized and on-chain. For Lockbox, integration drives daily network activity and user adoption across multiple wallet platforms simultaneously.

The actual moat here is less about the code and more about the credibility and operational burden required to maintain a security-critical application like this in production. Vulnerabilities in a password manager are catastrophic for end users. A credible founding team in this space needs demonstrable infosec expertise, rigorous code review practices, ongoing vulnerability management, and clear incident response procedures. These are not negligible requirements. That burden of proof and operational complexity is what makes it less likely that a wallet would attempt to build password management in-house rather than integrating a specialized partner solution.

The Role of AI

Claude Code sat in the middle of the Lockbox development process, not as an author of security-critical logic but as an accelerant for getting there. I used it obsessively to draft and refactor non-sensitive scaffolding, propose alternative patterns for account layout on Solana, and quickly explore different ways to structure the vault lifecycle without touching the cryptographic core or recovery semantics.

From a security standpoint, Claude’s main value was speed under constraint: it let me explore implementation options quickly while preserving a hard rule that anything touching secrets or recovery had to pass manual review and testing. I could ask for multiple candidate implementations for state transitions, error handling, or client-side flows, then stress-test those against the threat model documented in the architecture and cryptography notes. That let me refine the design for how vaults are created, updated, and closed and how recovery codes are handled while keeping the trust boundary tight and the plaintext exposure surface as tiny as possible.

This is where AI-assisted development becomes part of the new professional baseline rather than a gimmick. Used correctly, tools like Claude Code help surface implementation options quickly, but cannot replace disciplined review, adversarial thinking, or formal reasoning about how secrets move through a system. In Lockbox, AI-suggested changes touching the vault model, encryption flow, or recovery path were treated as untrusted input: reviewed manually, tested, and checked against documented assumptions in the design docs.

How This Work Fits My Practice

I publish investigative pieces on national security, geopolitical interference, and the connections between government agencies and private actors. Those investigations require tools. I need to parse large datasets, understand network relationships, trace funding flows, and sometimes assess the technical credibility of claims I encounter.

Building Lockbox and experimenting with Solana development is not a departure from that core work; it’s a necessity. I do a lot of development work that never ships, never gets published, and never appears on my public profiles. That experimental space is where I develop the technical depth I need to continue producing quality analytical output.

When I analyze surveillance systems, evaluate the credibility of cybersecurity claims, or work through the technical implications of government hacking capabilities, I’m drawing on a reservoir of practical engineering experience. I’ve implemented cryptographic primitives, designed and defended systems where failure is not acceptable, and thought through threat models where an adversary has significant resources. That hands-on work sharpens my ability to read a technical claim in a news article and understand whether it’s plausible or whether someone is making assertions that don’t hold up under scrutiny.

An honorable mention at a hackathon of this scale won’t lead to consulting contracts or convert directly into newsletter subscribers. What it does is demonstrate that the experimental work I’m doing is rigorous enough to compete at scale and sufficiently substantive to warrant recognition from peers and judges who understand the space. Readers of my analytical work should know that when I make technical claims about cryptographic systems, surveillance infrastructure, or the capabilities of state actors, I draw from hands-on experience.

Conclusion

Lockbox sits at an interesting intersection: it solves a universal user pain point that crypto has failed to address; it demonstrates a business model fundamentally different from centralized competitors; and it showcases a technical approach to credential recovery that I believe is novel in the blockchain space. The fact that it earned recognition alongside 1,575 other projects at the largest crypto hackathon to date is validation that the work was worth doing.

More importantly, it represents exactly the kind of technical experimentation that makes my primary analytical work more credible and more substantive. Understanding infrastructure that people depend on for security is not a hobby outside my main career.

It is core professional development for writing with authority about systems that matter.

This publication operates on reader subscriptions. If this analysis demonstrated value, please consider becoming a paid subscriber to support continued investigation.

Get 25% off for 1 year