Impact of Technology and Secrecy on Military Strategy

The recent inadvertent exposure of classified U.S. military plans by top defense and intelligence leaders serves as a stark reminder that even the most capable cybersecurity tools and well-defined policies can be rendered meaningless if ignored or misused. In this case, senior leaders relied on the Signal messaging app to communicate sensitive data but unintentionally exposed critical information to unauthorized parties. The leaked details—time-sensitive plans for a military operation—could have not only placed personnel in greater danger but also undermined the mission by alerting adversaries to an imminent attack. While #Signal is a widely respected, consumer-grade, end-to-end encrypted communication tool, it does not provide the same level of security as classified government systems. National security organizations typically utilize Sensitive Compartmented Information Facilities (SCIFs) to safeguard classified data from leaks and eavesdropping. However, SCIFs and other highly-secure methods are not as convenient as less secure alternatives—such as personal smartphones. In this instance, Signal's encryption was not the issue; rather, the exposure occurred when an unauthorized individual was mistakenly added to the chat. This human error resulted in sensitive information being disclosed to a reporter. Lessons Learned: This incident highlights critical cybersecurity challenges that extend beyond the military and apply to organizations everywhere: 1.     Human behavior can undermine even the most robust security technologies. 2.     Convenience often conflicts with secure communication practices. 3.     Untrained personnel—or those who disregard security protocols—pose a persistent risk. 4.     Even with clear policies and secure tools, some individuals will attempt to bypass compliance. 5.     When senior leaders ignore security policies, they set a dangerous precedent for the entire organization. Best Practices for Organizations: To mitigate these risks, organizations should adopt the following best practices: 1.     Educate leaders on security risks, policies, and consequences, empowering them to lead by example. 2.     Ensure policies align with the organization’s evolving risk tolerance. 3.     Reduce compliance friction by making secure behaviors as convenient as possible. 4.     Recognize that even the strongest tools can be compromised by user mistakes. 5.     Anticipate that adversaries will exploit behavioral, process, and technical vulnerabilities—never underestimate their persistence to exploit an opportunity. #Cybersecurity is only as strong as the people who enforce and follow it. Ignoring best practices or prioritizing convenience over security will inevitably lead to information exposures. Organizations must instill a culture of cybersecurity vigilance, starting at the top, to ensure sensitive information remains protected. #Datasecurity #SCIF #infosec

As Europe finds itself at a geopolitical crossroads, the ability to fend for itself both economically and militarily is becoming increasingly important. The topic for today's #sundAIreads is the role of #AI in #defense. The reading I chose for this is a recent report co-authored by Ludwig Biller, Danny Rienecker, Dr. Nils Förster, and Dr. Germar Schröder from Strategy& on "The global AI race and defense's new frontier." The report can be downloaded here: https://pwc.to/4hBghGo. In the report, the authors argue that AI has become "a defining pillar of modern military advancements that will revolutionize strategic decision-making, surveillance, autonomous systems, and logistics." More specifically, the authors identify the following six fields of application: 1️⃣ Autonomous systems, particularly "real-time situational awareness and rapid decision support;" 2️⃣ Weapon systems, including "AI-driven target recognition and precision;" 3️⃣ Cyber security and warfare, already in widespread use in anomaly detection; 4️⃣ Battlefield analysis and combat support, such as "AI-driven data fusion and target recognition;" 5️⃣ Infrastructure and logistics, such as "predictive maintenance, digital twins, and route optimization;" and 6️⃣ Admin and support functions, particularly in "finance, budgeting, and workforce optimization." The United States still "retain the pole position" in AI defense innovation "backed by enormous private and public investment," but rival powers such as China are catching up. Ukrainian and Israeli forces are also already actively leveraging AI-driven solutions, e.g., for intelligence gathering and precision targeting. Germany, by contrast, is still lagging behind due to "significant technological, structural, and cultural barriers," including: ❌ Strategic fragmentation, with "AI initiatives [...] scattered among different agencies and EU programs;" ❌ Infrastructure deficits, such as "insufficient data centers, underdeveloped cloud computing, and a lack of edge computing infrastructure;" ❌ Cultural resistance, particularly a historically rooted aversion to militarization and taking any conceivable kind of risk; and ❌ Regulatory barriers, including "complex procurement processes and stringent ethical guidelines." Massive increases in both defense and infrastructure spending in Germany could, however, change the game: Since the announcement of chancellor in spe Friedrich Merz to attempt to exempt military spending from the country's fiscal rules, the share prices of German defense firms have soared. Needless to say, the use of AI in defense raises numerous ethical questions the leaders of liberal-democratic countries no longer have the luxury to leave unaddressed. As a German and European, I can only share the authors' hope that Germany's "clear and longstanding commitment to ethical governance and multilateralism" could ultimately result in it becoming a "global leader in responsible AI defense innovation."

Decoys — Survival tools in an increasingly transparent battlefield One development that has not escaped the attention of the strategic community or analysts studying the Revolution in Military Affairs (RMA) is the renewed relevance of decoys, particularly inflatable decoys, in modern conflict. Their operational value became especially visible during the Russia–Ukraine War, where decoy systems reportedly drew a substantial share of precision-guided munitions. By compelling an adversary to expend high-cost weapons on low-value targets, decoys effectively create a cost-imposition dynamic—forcing the attacker into an unfavourable economic exchange. Recent developments associated with Iran have reinforced this trend even further, demonstrating how deception and signature management can complicate targeting cycles in sensor-dense battlespaces. Globally, several specialised firms have built capabilities in this niche. Companies such as INFLATECH Decoy Systems, i2k Defense, Talanov Defence , and Spearpoint Solutions & Technology have demonstrated how rapidly deployable inflatable platforms can replicate the visual, thermal, and radar signatures of high-value military assets—from air defence systems to artillery and armoured vehicles. Encouragingly, a small but growing cluster of companies within India’s defence industrial ecosystem is also beginning to explore this domain. Isolated firms such as Maan Defence are part of this emerging efforts for indigenous end to end solutions, developing indigenous decoy technologies aligned with the evolving operational requirements of the Indian armed forces. As surveillance networks expand—combining drones, satellites, electronic intelligence, and persistent ISR—the battlefield is becoming increasingly transparent. In such an environment, deception becomes a critical layer of defence. Well-designed decoy systems can disrupt the adversary’s sensor-to-shooter chain, degrade targeting confidence, and preserve high-value assets while imposing disproportionate costs on the attacker. In many ways, #decoys illustrate an enduring lesson of warfare: even in an era of advanced sensors and precision weapons, deception remains one of the most effective tools for #battlefield #survivability.

Artificial intelligence in defence is often framed as a technology challenge. But in reality, the hardest barriers are rarely technical. They are political. They sit in classification rules, data-sharing policies, sovereignty concerns, legal frameworks, procurement structures, and decades of institutional habits around secrecy and risk. Architecture matters. Integration matters. Digital backbones matter. But none of those layers exist in isolation. They operate inside political systems that decide what data can move, who can see it, and under what conditions it can be used. That is why so many defence AI initiatives struggle long before the algorithms ever become the real problem. This part of the series focuses on the political layer behind defence AI architecture: data sharing, sovereignty, classification, governance, and the institutional constraints that shape what is actually possible. It is written especially for defence leaders, policymakers, and practitioners who keep hearing about “AI transformation” but are forced to operate inside systems where the data itself cannot easily move. Before we talk about autonomous systems, AI-enabled kill chains, or decision advantage, we need to understand a much simpler question: Who controls the data, who controls the meaning built around it, and who retains freedom of action when pressure rises. #DefenceAI #DataGovernance #SecurityPolicy #MilitaryInnovation

Updated Lessons Learned from Technological Change in the War in Ukraine. In February 2024, in an article published in the Belgian magazine Knack, I argued that the war in Ukraine would become the first true data-conflict of the modern era. Nearly two years later, that prediction has clearly materialised. Data, how it is collected, processed, shared, protected, and acted upon, has become a central determinant of military effectiveness. What the war now demonstrates is not just rapid technological adaptation, but a deeper shift in how modern warfare is organised, sustained, and learned. Several early lessons turned into structural realities. 1. Warfare Has Become Iterative Modern war no longer follows fixed capability cycles. Advantage comes from continuous adjustment under combat conditions. Ukraine has connected frontline feedback directly to software updates, production changes, and redeployment. Learning speed now matters more than initial technological advantage. 2. Attrition Is the Baseline High loss rates of drones, sensors, and digital systems are now normal. Operational effectiveness depends on the ability to replace and regenerate capabilities, not on preserving individual platforms. 3. Data, Software, and Connectivity Drive Combat Power Operational advantage increasingly comes from fast sensor-to-shooter loops and resilient digital infrastructure. Ukraine’s use of cloud services has enabled battlefield data to be stored, processed, and shared across dispersed units. At the same time, Starlink has provided critical connectivity when terrestrial networks were disrupted, allowing command, targeting, and logistics functions to continue under fire. 4. Civil-Military Boundaries Are Structurally Blurred Commercial providers of cloud services, satellite communications, and software have become permanent contributors to military effectiveness. This is no longer ad hoc wartime improvisation. 5. Industrial Capacity Is a Warfighting Variable Ukraine’s ability to localise production, adjust designs, and scale output has had direct battlefield impact. Industrial agility has compensated for material and numerical disadvantages. 6. Tactical Innovation Shapes Strategy Frontline units are driving innovation faster than doctrine can absorb it. Strategic and doctrinal adaptation increasingly follows battlefield experimentation. 7. Autonomy Advances Out of Necessity Autonomy has expanded due to communications disruption, time pressure, and manpower limits. Human-machine teaming, rather than full autonomy, has emerged as the dominant model. The war in Ukraine confirms that technological change in warfare is continuous. The defining feature of this conflict is not a single system, but the central role of data. For NATO, the principal risk is no longer technological surprise, but institutional rigidity in a war defined by constant adaptation.

From Shadows to Strike Packages: What “Midnight Hammer” Tells Us About U.S. Offensive Cyber Capabilities The reported use of U.S. cyber capabilities to disrupt Iranian air defenses during Operation Midnight Hammer is not notable because cyber operations were employed. That part is no longer controversial. What is notable is that it was acknowledged. According to reporting, U.S. Cyber Command digitally disrupted Iranian surface-to-air missile systems to enable kinetic strikes on nuclear facilities. Senior military leaders publicly framed cyber operations as part of the planned, synchronized, and executed strike package alongside traditional military effects. This matters. For years, U.S. offensive cyber operations (OCOs) were treated as uniquely sensitive and too secretive to discuss. What we are seeing now is a shift away from that logic toward selective transparency. The details remain classified: – No vulnerabilities disclosed. – No access paths revealed. – No tools exposed. But the strategic message is public: Cyber is a routinized instrument of military power. This aligns with a broader trend I’ve written about for years: the evolving balance between secrecy and publicity in OCOs. Total secrecy protects access. But controlled disclosure enables deterrence, normalization, recruitment, and institutional legitimacy. Iran (and recently Venezuela) represent ideal use cases for this model: cyber as an enabler of conventional force, not a standalone strategic weapon. That distinction matters, especially as some observers rush to generalize these cases to peer competitors like China. The takeaway is that the U.S. is increasingly confident in how, when, and why it uses its offensive cyber capabilities — and is now willing to say so. Source: https://lnkd.in/dXxde8_K My papers: A sliding scale of secrecy: toward a better understanding of the role of publicity in offensive cyber operations https://lnkd.in/dNuWvMTV Public Secrets: The Dynamics of Publicity and Secrecy in Offensive Cyber Operations https://lnkd.in/dDd9D7QJ #Iran #offensivecyber

Recent reports have emerged about a significant event that may represent the first and largest cyber-to-kinetic attack. According to news sources (https://lnkd.in/gZzYc2iC), a booby-trapped communication device allegedly planted by a nation-state led to an explosion causing casualties among militant groups. This incident marks a pivotal moment in the evolution of cyber warfare, where cyber operations directly result in physical harm. Integrating cyber tactics with traditional military strategies blurs the lines between the digital and physical realms. Key Takeaways: 🔹Cyber-Kinetic Convergence: The attack demonstrates how cyber tools can have immediate and tangible effects on the physical world, expanding the battlefield beyond conventional means. 🔹Implications for Security Professionals: As the landscape evolves, cybersecurity experts must consider data protection and how cyber threats can impact physical infrastructure and safety. 🔹Ethical and Legal Considerations: This development raises questions about the rules of engagement in cyberspace and the ethical implications of using cyber means to cause physical harm. Impact on Military Cyber Warfare: This event could significantly alter the landscape of military cyber operations if confirmed. The ability to directly inflict physical damage through cyber means expands the arsenal available to nation-states and non-state actors. This shift challenges traditional defense strategies and necessitates reevaluating international laws governing acts of war. Military doctrines may need to adapt to address the blurred lines between cyber attacks and conventional warfare, emphasizing the importance of integrating cybersecurity measures into all aspects of defense planning. #CyberWarfare #CyberSecurity #CyberKinetic #KineticCyberAttack #DigitalWarfare #MilitaryCyber #CyberDefense #FutureOfWarfare #CyberThreats #CyberStrategy

According to this RAND assessment, the United States no longer enjoys a decisive technological monopoly in AI or uncrewed aircraft systems. Export controlls, designed for an earlier era, are struggling to keep pace with technologies that are dual-use, fast-moving, commercially led, and globally diffused. Some other key findings: The center of gravity has moved from multilateral consensus (Wassenaar-style regimes) to coalition-based alignment. These are flexible, political, and uneven. Controls increasingly rely on extraterritorial leverage. Access to the U.S. financial system and advanced intellectual property has become the enforcement mechanism. Compliance risk is being redistributed downstream: to manufacturers, distributors, and investors who must interpret regulatory rules under geopolitical pressure. The long-term constraint is coalition cohesion. Potential industrial policy divergence among allies is a material weakness. In this environment, supply chains are no longer optimized for efficiency. They are optimized for alignment. #EAR #ITAR #UAV #AI