Last month, CIA Director William Burns visited three Western Balkan countries—Bosnia and Herzegovina, Serbia, and Kosovo—where the potential for serious conflict remains high. This visit was intended underscore critical issues facing the region for the next months of elections in United States, Serbia, Kosovo and some EU countries. By many, this visit was viewed as the most significant visit to the region in the past fifteen years and aimed to draw “red lines” for the region’s political leadership. Burns’ first stop was Bosnia and Herzegovina, where he met with secessionist leader of Republika Srpska Milorad Dodik, a controversial leader who stands between Putin and West as a puppet of Vucic. Dodik is known for his divisive politics, including threats for the separation of Republika Srpska from BiH, maintaining close ties with Russia, promoting hate speech against muslim Bosnians, and denying the genocide in Srebrenica. After the meeting with Burns, Dodik noted that he has never been intending to separate from Bosnia and Hercegovina.
Although Burns’ visit to Serbia was notably quiet, Serbia’s role as a hub for Russian intelligence activity and its growing relationship with China likely played a part in the visit. Burns’ trip was not a nod to President Aleksandar Vucic’s diplomatic prowess but more a reflection of the broader geopolitical concerns Serbia represents. Meanwhile, Burns’ visit to Kosovo occurred during a period of tension between the U.S. and the Kosovo government. The American ambassador to Pristina, Jeffrey Hovenier, had recently expressed concern that Kosovo’s government was challenging U.S. interests in several areas. Both the U.S. and the EU have urged Kosovo’s Prime Minister, Albin Kurti, to be more responsive to international demands, specifically avoiding actions they regard as unilateral. A few days ago, during a meeting with Prime Minister Kurti, several prominent figures from Serbia expressed concerns about possible developments in the region. Sonja Biserko, chair of the Helsinki Committee for Human Rights in Serbia, along with Nenad Čanak, former leader of the centre-left League of Social Democrats of Vojvodina, and Mark Baskin, a senior adviser from the Centre for Humanitarian Dialogue, raised concerns about reports that houses and apartments are being built for Kosovo Serbs, particularly those from the northern region, in Serbia’s Sandžak region. They urged the Kosovo government to verify these reports. The indicators shows that Vucic might be orchestrating a plan involving the relocation of northern Kosovo serbs to Serbia. In his current political predicament, Vucic could fabricate an excuse to accuse Kosovo of ethnic cleansing against the Serbs, which could lead to a troubling humanitarian situation and severe consequences for Kosovo on the international stage. Any population exchanges are inherently risky and could spark larger conflicts in the future. Meanwhile, two days ago, Miroslav Lujack, the EU’s special envoy for the Western Balkans, met with Vucic. After their discussion, Vucic announced that he would address the public about the situation in Kosovo within the next 72 hours. Media in Belgrade reported that Serbia may present six demands to Kosovo, including holding municipal elections in the north, reinstating 700 Serbian police officers who had been dismissed, establishing the long-debated Association of Serbian Municipalities, and releasing Serbs detained for what Serbia alleges are politically motivated reasons. These developments come just days before the anniversary of the Serbian aggression against Kosovo, marked by the terrorist attack against the Kosovo Police in Banjska on September 24th, in which
Sergeant Afrim Bunjaku was killed. On Wednesday, Kosovo’s Special Prosecutor’s Office indicted 45 people, including Milan Radoicic, in connection with the attack. The European Union welcomed the indictment. The EU’s spokesperson, Peter Stano, emphasized that “the EU has repeatedly called on Serbia to bring all those involved in this brutal attack to justice.” He added, “The filing of the indictment means that court proceedings will now begin, and we expect a thorough resolution of this process.” As of now, Serbia has yet to take any concrete steps to bring the perpetrators of the Banjska attack to justice, despite the fact that many of them are located within Serbia’s borders.
The U.S. military has announced the sale of billions of dollars of missiles, bombs, and other weapons to Israel in the past year, as the campaign in Gaza grinds on. Now, the Department of Defense is also building aircraft facilities in Israel to accommodate American-made refueling tanker planes, according to newly issued public contracting documents reviewed by The Intercept.
The project includes new construction and upgrades of existing buildings, including one or more hangars, warehouses, and storage facilities, at an Israeli military base in the south of Israel, according to Army Corps of Engineers documents.
The construction stems from a nearly $1 billion contract, awarded to defense giant Boeing in 2022, to provide Israel with four KC-46A Pegasus tanker aircraft to be delivered by the end of 2026. The purchase of the KC-46As was seen as a signal of Israel’s determination to increase its capacity to strike Iran’s nuclear facilities.
The KC-46A is the newest tanker being produced for the U.S. Air Force to replace its two aging models. The new aircraft has been plagued with myriad problems, including issues with its Remote Vision System, which allows the boom operator to see the boom through a video feed. The plane has also become a financial burden, racking up more than $7 billion in losses.
For Israel, the new aircraft, purchased for $927 million, will replace the decades-old, repurposed Boeing 707 passenger planes that the Israeli Air Force currently uses for midair refueling of fighter aircraft.
Last month, the Biden administration approved five major arms sales to Israel, including 50 F-15 fighter aircraft, tank ammunition, tactical vehicles, air-to-air missiles, and 50,000 mortar rounds, among other equipment totaling more than $20 billion. While technically “sales,” the cost of these weapons is mostly paid by the United States since Israel uses much of the military aid Congress approves to buy U.S.-made weapons.
Since last October, Israeli attacks on the Gaza Strip have spawned a humanitarian catastrophe, killed more than 40,000 Palestinians and wounded close to 94,000, according to the Palestinian Ministry of Health. Israel has used U.S. munitions in its strikes on Gaza.
The KC-46A construction project, according to documents issued on Wednesday, includes “establishing and adapting aviation and maintenance infrastructure for the KC-46,” including construction of five new concrete and steel structures, as well as the possibility for building additional buildings and warehouses.
The Pentagon is no stranger to construction projects in Israel. Late last year, The Intercept revealed that the Defense Department had awarded a multimillion-dollar contract to build U.S. troop facilities for a secret base it maintains deep within Israel’s Negev desert, just 20 miles from Gaza. Code-named “Site 512,” the longstanding U.S. base is a radar facility that monitors the skies for missile attacks on Israel.
A recent investigation by The Intercept disclosed that Site 512 is just one of more than 60 U.S. bases, garrisons, or shared foreign facilities in the Middle East. These sites range from small combat outposts to massive air bases in 13 countries: Bahrain, Egypt, Iraq, Israel, Jordan, Kuwait, Lebanon, Oman, Qatar, Saudi Arabia, Syria, the United Arab Emirates, and Yemen.
At least 14 of these bases have been attacked in recent years. Since October 17 of last year alone, a mix of one-way attack drones, rockets, mortars, and close-range ballistic missiles have led to at least 145 U.S. casualties — troops and contractors — at regional outposts. That includes the three service members killed in a January drone attack on Tower 22, a facility in Jordan.
The Defense Department intends to award contracts for work on the KC-46A construction project in February 2025. The Pentagon failed to respond to The Intercept’s request for comment about the construction project. The State Department acknowledged The Intercept’s questions but did not offer answers prior to publication.
It’s not just government organizations that need to worry about cyber espionage campaigns — the entire business world is also a target.
Multipolarity has been a defining trend in geopolitics in recent years. Rivalries between the world’s great powers continue to test the limits of globalism, resulting in growing disruption to international supply chains and economics. Global political risk has reached its highest level in decades, and even though corporate attention to geopolitics has dropped since peaking in 2022, the impact on global economic stability remains worryingly high.
Adding to this backdrop of geopolitical tension, cyberspace has become the fifth dimension of warfare. Rival nation-states and the organizations loyal to them are increasingly turning to cyber espionage to gain a strategic advantage. However, they’re not only targeting government organizations. They’re also targeting the private sector to disrupt economies and gain unauthorized access to confidential — and highly valuable — information. That means every business is a potential target, regardless of industry.
The real threat of state-sponsored cyber operatives
What makes cyber espionage so concerning is that most campaigns are carried out by state-sponsored attackers for economic, political or even military gain. Unlike rogue individuals and crime syndicates operating off the dark web — usually for financial gain — state-sponsored operatives tend to have access to the financial and human resources needed to launch highly sophisticated attacks against specific targets. And, even if a particular company isn’t likely to be targeted deliberately, that doesn’t mean they’re safe. After all, just like any other dimension of warfare, there’s always a risk of collateral damage.
For businesses, protecting against cyber espionage starts with knowing where the threats are coming from. Long gone are the days when standalone criminals and rogue groups working towards their own agendas are the greatest threat. These days, by far, the greater threat comes from nation-states as well as large enterprises that have capitalized on the opportunities of digital espionage. While the headlines have typically focused on Russia, China and the U.S., the U.K. Government Communications Headquarters (GCHQ) intelligence agency recently estimated that there are now at least 34 nation-states with advanced cyber espionage teams.
Processing the deluge of data
Further complicating matters is rapid technological advancement, particularly in AI, and all the risks and opportunities that come with it. On one hand, AI shows great promise in supporting growth and innovation. On the other, it’s also a source of risk as governments assume the dual responsibilities of fostering innovation while regulating the technology to ensure it remains a force for good.
The combination of AI and increasingly massive amounts of data means business strategy can be decided in hours and days rather than months. And no entity has more data than the governments of the world’s largest states and the organizations aligned with them. Intelligence has taken a very different form, with millions of data points being collected every second. For any entity hoping to make use of this deluge of data, AI has become an absolute necessity. The world of cyber crime and espionage is no different.
The rise of generative AI technologies has propelled AI to the frontlines of cyber warfare. State-sponsored attackers are already using tools like large language models (LLMs) to scale, inform and enhance their attacks, making AI a force multiplier in the broader threat landscape. For example, threat actors can now use tailor-made LLMs to generate malicious code or even inform reconnaissance to gain insights into potential targets.
What makes attacks like these so worrying is their widespread implications. When the world’s largest cloud providers are targeted by state-sponsored cyber espionage campaigns, there’s also a trickle-down effect, potentially involving any business that uses their services. Because of their critical role in software supply chains, state-sponsored attackers with virtually unlimited resources tend to go after the biggest targets.
Striking the right balance of cyber risk
Despite these risks, companies can’t afford to abandon their use of the major cloud vendors. After all, their platforms provide the critical infrastructure that today’s organizations need to scale and innovate. Nonetheless, organizations must proactively protect against these threats by layering on a zero trust architecture, conducting regular security audits and ensuring that all sensitive information is encrypted regardless of where it resides. That means they need to be strategic in choosing their vendors, as well as building security initiatives that align with their specific requirements.
We also need to remember that the biggest players in global software supply chains also have the resources to keep ahead of cyber espionage threats, even if there’s no such thing as being 100% secure. AI has become an undisputable necessity in information security, but it’s also a double-edged sword. Rogue states and cyber criminals are using it to scale their attacks and launch highly convincing social engineering campaigns. However, AI also offers the only way to effectively improve threat detection and response times. Just as you can’t fight in a modern war with sticks and stones, neither can you defend against today’s threats without cutting-edge technology.
Innovation is the key to successful security
In the end, while no business will ever be immune to cyberattacks, it’s important to remember that by far the greatest risk comes with a failure to innovate. As it’s often said, “we’ve always done it this way” are the costliest words in the business world. Even in the case of sophisticated state-sponsored attackers, attempted data breaches are far likelier to be successful when they exploit vulnerabilities in outdated infrastructures and security systems.
To effectively protect against the rising tide of AI-driven cyber espionage, businesses need to continuously monitor, review and update their security systems. Layering on AI has become a necessary part of that process thanks to its ability to augment real-time threat detection and response capabilities. Regardless of one’s opinions about AI, it’s here to stay, and it’s vital for businesses to strike the right balance by strategically incorporating AI as a tool to protect against the next generation of state-sponsored cyber threats.
To learn how IBM X-Force can help you with anything regarding cybersecurity including incident response, threat intelligence, or offensive security services schedule a meeting here.
If you are experiencing cybersecurity issues or an incident, contact X-Force to help: US hotline 1-888-241-9812 | Global hotline (+001) 312-212-8034.
Signup to receive the Early Edition in your inbox here.
A curated weekday guide to major news and developments over the past 24 hours. Here’s today’s news:
ISRAEL-HAMAS WAR
An Israeli intelligence commander, who critics say played a key role in failing to prevent the Oct. 7 attacks, is resigning, Israel’s military told CNN. Yossi Sariel is the second high-profile military official to resign over Oct. 7, after the head of military intelligence resigned in April. Jennifer Hauser and Lauren Iszo report; Dov Lieber reports for the Wall Street Journal.
ISRAEL-HAMAS WAR — INTERNATIONAL RESPONSE
International condemnation grew yesterday of a deadly Israeli strike on a school that the U.N. aid agency for Palestinians said killed six of its staff members. Britain’s Foreign Secretary called the deaths of the U.N. workers “appalling,” while Qatar’s government called the strike a “horrifying massacre.” Liam Stack and Thomas Fuller report for the New York Times; Reuters reports.
ISRAEL-HEZBOLLAH CONFLICT
Details are emerging of an apparent Israeli raid on a “Hezbollah missile production facility” in Syria. Israel has not commented on the operation, which U.S media say took place earlier this week. Syrian state media reported that 18 people were killed on Monday in the raid, with several dozens injured. Thomas Mackintosh reports for BBC News; Barak Ravid reports for Axios.
An Israeli airstrike on southern Lebanon killed three people overnight, Lebanon’s Health Ministry reported. AP News reports.
RUSSIA-UKRAINE WAR
President Biden is poised to approve Ukraine’s use of long-range Western weapons in Russia, as long as it does not use U.S.-weapons, European officials say. The issue will be high on the agenda as British Prime Minister Keir Starmer makes his first official visit to Washington today. David E. Sanger, Helene Cooper, and Eric Schmitt report for the New York Times.
Russian President Vladimir Putin yesterday repeated his warnings about the West using long-range weapons to target Russia, saying Moscow would take “appropriate decisions” if NATO allowed Kyiv to strike inside Russian territory. BBC News reports.
Ukrainian President Volodymyr Zelenskyy announced yesterday that Russia had launched a counteroffensive in Ukrainian-controlled areas in Kursk. The counteroffensive had long been expected and was planned for, Zelenskyy said. Anastacia Galouchka and Lizzie Johnson report for the Washington Post.
Three Red Cross workers were killed and two wounded yesterday when artillery fire struck an aid distribution site in Donetsk, the aid organization said. Eve Sampson reports for the New York Times.
Zelenskyy said yesterday that a Russian missile struck a cargo ship in the Black Sea that was ferrying wheat to Egypt. Matthew Mpoke Bigg, Andrew E. Kramer, and Maria Varenikova report for the New York Times.
U.S. PRESIDENTIAL ELECTION
Federal authorities are preparing to file criminal charges over Iran’s alleged hack and leak attack against former President Trump’s campaign, sources say. It was not immediately clear when the charges will be announced or whom they will target. Josh Dawsey and Devlin Barrett report for the Washington Post; Eric Tucker reports for AP News.
TRUMP LEGAL MATTERS
The Judge overseeing the Georgia election interference case against Trump and others yesterday dismissed three counts in the indictment, including two counts brought against Trump, saying that they exceed the state’s jurisdiction. Judge McAfee allowed the rest of the case to move forward, including eight charges against Trump, out of the original 13. Kate Brumback reports for AP News; Max Matza reports for BBC News.
New York’s highest court yesterday rejected Trump’s appeal to lift the gag order in his hush money case. The ruling means Trump has exhausted his last option to dismiss the order, which bars him from commenting on prosecutors and court staff until his sentencing in November. Avery Lotz reports for Axios.
A federal appeals court rejected Trump’s request to halt post-conviction proceedings in his hush money case, leaving Trump’s sentencing on track for after the November election. Michael R. Sisak reports for AP News.
OTHER U.S. DOMESTIC DEVELOPMENTS
A pro-Israel rally in a Boston suburb turned violent yesterday when a passerby was shot after confronting a group of demonstrators, authorities said. AP News reports.
In a blow to the Newsmax network, a judge ruled yesterday that Smartmatic’s case over 2020 election lies will head to trial this month. Marshall Cohen reports for CNN.
The Justice Department yesterday charged two men with assaulting a New York Times photographer on Jan. 6, 2021, accusing them of assaulting her, stealing her camera, and unlawfully entering the Capitol. Michael D. Shear reports for the New York Times.
A former CIA officer who spied for China has been sentenced to ten years in federal prison, the Justice Department said. Alexander Yuk Ching Ma, 71, received bribes in exchange for providing Chinese security officers classified material, according to his plea agreement. Josh Campbell reports for CNN.
New York Police Department Commissioner Edward Caban yesterday announced his resignation, about a week after his electronics were seized in an ongoing federal investigation into alleged corruption. Shayna Jacobs reports for the Washington Post.
Federal judiciary leaders have asked Congress to weigh impeaching a federal judge in Alaska for alleged sexual misconduct. Tobi Raji and Ann E. Marimow report for the Washington Post.
U.S. FOREIGN RELATIONS
The United States will withdraw most troops from Iraq over the next two years but leave a small force in the northern Kurdistan region, U.S. and Iraqi officials say. Mustafa Salim, Missy Ryan, and Abigail Hauslohner report for the Washington Post.
The United States announced sanctions on 16 officials closely aligned with Venezuelan President Nicolás Maduro following his disputed election victory. Vanessa Buschschlüter reports for BBC News.
The U.S. and Chinese militaries are taking steps to revive diplomatic talks after a two-year freeze in relations, as they seek to dial back the risk of confrontations amid tensions over the South China Sea and Beijing’s support of Russia. Brian Spegele and Chun Han Wong report for the Wall Street Journal.
The United States has approved $165 million in weapons sales to Israel for delivery in 2027, the State Department announced yesterday. Tara Copp reports for AP News.
The United Arab Emirates would seek to revive a multi-billion dollar U.S. deal for F-35 warplanes and armed drones if Trump wins the presidential election, sources told Reuters. Alexander Cornwell reports.
GLOBAL DEVELOPMENTS
Mexico’s states yesterday approved an amendment to the Constitution that would create the most far-reaching judicial overhaul ever attempted by a large democracy. The measure, championed by Mexico’s President, would mean voters elect judges at every level, drastically restructuring the third branch of the government. Emiliano Rodríguez Mega, James Wagner and Alan Yuhas report for the New York Times.
Senior Russian security official Sergei Shoigu held talks with North Korean leader Kim Jong Un during a visit to Pyongyang today, Russian news agencies said. Reuters reports.
North Korea today revealed a weapons-grade uranium-manufacturing site for the first time. Choe Sang-Hun reports for the New York Times.
Russia revoked the accreditation of six British diplomats it has accused of espionage. The U.K. foreign office has not commented at the time of writing. Hafsa Khalil reports for BBC News.
A 27-year-old Syrian national “suspected of radical Islamist views has been arrested over a plot to kill German soldiers with machetes in the Bavarian town of Hof,” prosecutors said today. Reuters reports.
Senegal’s President yesterday dissolved the opposition-led parliament to call a snap legislative election for Nov. 17, six months after he was voted in.Monika Pronczuk and Babacar Dione report for AP News.
The protest did not go off as planned. In February 2023, government recruiters came to the student union at the University of Michigan Ann Arbor, stacking National Security Agency-branded plastic cups and splaying out pamphlets about Navy fringe benefits.
The activists had come to protest the expansion of Camp Grayling, already the largest National Guard training facility in the country. The opposition had arisen a year earlier, when the military had proposed leasing more than 150,000 acres of forest land managed by Michigan’s Department of Natural Resources, doubling the size of the training installation.
The National Guard, though, did not make an appearance at the University of Michigan career fair. The activists proceeded with their plan anyway.
“Want blood on your hands?” read the flyers activists distributed on recruiting tables. “Sign up for a government job.” When the recruiters returned from lunch, two protesters rushed in, dousing the NSA recruiting table and two Navy personnel with fake blood sprayed out of a ketchup container. (The NSA did not respond to a request for comment.) The “Stop Camp Grayling” protesters were subdued, booked, and charged.
“We’ve seen over the years that the FBI opens very aggressive investigations based on a very low criminal predicate in cases against protest groups.”
Everything about the protest had been relatively routine, right down to the arrests, but the local and federal authorities saw something more sinister. According to public records obtained through a Freedom of Information Act request, the local sheriff’s office in Oakland County, Michigan, documented the incident in a case report as a hate crime against law enforcement. (The sheriff’s office did not respond to a request for comment.)
The FBI recorded the incident as part of a terrorism investigation.
“We’ve seen over the years,” said Michael German, a former FBI agent and fellow at the Brennan Center for Justice, “that the FBI opens very aggressive investigations based on a very low criminal predicate in cases against protest groups.”
Over the following months, according to the documents obtained by The Intercept and Defending Rights & Dissent, the FBI’s counterterrorism investigation unlocked additional federal resources, deepened coordination with military intelligence, generated sustained counterterrorism attention on minor acts of vandalism, and ultimately culminated in a six-person boots-on-the-ground operation conducting physical surveillance of the Stop Camp Grayling Week of Action.
“The Department of Military and Veterans Affairs (DMVA) does not participate in civilian law enforcement investigations or surveillance of any group,” said Michigan National Guard public affairs officer David Kennedy, when asked about state police sharing intelligence with the military. “We do occasionally receive law enforcement notification of individuals or groups who are expressing intent to take action or threaten the safety of military members, training events or facilities.”
Photos of a handbag splattered with fake blood, left; bottles of fake blood used by activists, center; and a hat splattered by fake blood, right, taken as evidence of a Feb. 9, 2023, protest against Camp Grayling at a University of Michigan government job fair. Photos: Oakland County, Mich., Sheriff’s Office/University of Michigan
Green Scare
Treating the Stop Camp Grayling protesters as terrorists is the latest episode in a worldwide trend of governments smearing climate and environmental activists as terrorists — an ongoing Green Scare. Misapplication of the terrorism label frequently serves as pretext for invasive surveillance and sustained scrutiny.
The FBI has a long history of fixating on environmental protest movements as terrorism suspects. The focus escalated in the 1990s. Most of the movements are engaged in routine First Amendment-protected activity; a few use minor property damage as a protest tactic.
The FBI maintains federal domestic terrorism categories that include “anti-government violent extremism” and “animal rights/environmental violent extremism.” Under pressure to generate investigations, the FBI has launched probes against environmental groups based on thin evidence of criminal activity — or sometimes no evidence at all.
“Since the FBI created ideological categories, they’re incentivized to open cases in those categories,” German said.
“Since the FBI created ideological categories, they’re incentivized to open cases in those categories.”
Because the counterterrorism division does not collect incident data, he said, there is little accountability for the FBI investigations. “If you can’t see how the FBI divides up its domestic terrorism resources between ideological categories where there are a number of homicides and bombings, versus low-level vandalism and other regular protest activities, then you can’t determine whether the FBI is actually investigating true terrorism versus just targeting groups for investigation because they don’t like their political beliefs,” said German.
According to the FBI’s own definition, domestic terrorism comprises acts dangerous to human life or “intended to influence the policy of government by intimidation or coercion.” Yet few of the investigated environmental groups have threatened human life in any meaningful way; not a single homicide can be attributed to the environmental movement. (The FBI did not respond to a request for comment.)
Stop Camp Grayling — like most other movements organized around environmental activism — is not engaged in any type of systematic criminal activity. Movement adherents have never endangered human life. Much of their protest activity involved banner drops, teach-ins, and graffiti on billboards.
Yet the FBI saw fit to share an activist zine with military intelligence, drag in other alphabet agencies, and justify physical surveillance operations — all underpinned by the designation of the movement as worthy of a domestic terrorism investigation.
The crew chief of a Chinook helicopter on a flight in support of Operation Northern Strike at Camp Grayling Joint Maneuver Training Center in Michigan on Aug. 13, 2014. Photo: Capt. Brian Anderson/U.S. Army
PFAS Polluters
In 2022, activists convened to fight the proposed expansion of Camp Grayling, a National Guard base that sprawls across three counties in Michigan. Already the largest National Guard base in the country, Camp Grayling announced plans in 2022 to more than double its size.
As host to an annual joint exercise that draws 6,300 participants, Camp Grayling argued that expansion into protected Department of Natural Resources land would facilitate on-the-ground training while expanding airspace available for fighter jet maneuvers.
When the expansion was proposed, it drew the ire of environmental and anti-militarism activists. An alliance of local residents and activists pointed to Camp Grayling’s dismal environmental record, particularly its use of PFAS “forever chemicals” in fire suppressant foam in the ’70s and ’80s.
PFAS levels in local bodies of water had already caused health warnings, leading a state regulator dealing with PFAS to oppose the Camp Grayling expansion. The expansion would have included sensitive riparian ecosystems, leaving only a razor-thin portage as protection against contamination of two rivers leading to Lake Huron and Lake Michigan.
A vigorous protest movement sprung up in Michigan. The Stop Camp Grayling protesters took their inspiration from “Stop Cop City,” the movement to block a massive police training facility to be built on public forest land at the outskirts of Atlanta.
Stop Camp Grayling came onto the Michigan State Police’s radar during a October 23, 2022, protest at the home of the Department of Natural Resources director, followed by vandalism of several historic police vehicles at the Ypsilanti Automotive Heritage Museum.
“Our troopers are frequently called upon to ensure protestors can safely exercise their rights by blocking traffic during marches and protecting protestors participating in lawful activities,” said Shanon Banner, the director of the Michigan State Police’s Communications and Outreach Division.
It wasn’t long before the state police sought help from federal authorities. After the first protest at the DNR director’s house, a senior counterterrorism analyst sought recommendations for an FBI agent to join the case. By the end of the week, an agent from the FBI Detroit field office began gathering intelligence on Stop Camp Grayling protesters.
Some of this intelligence fell squarely within the domain of First Amendment-protected activity. At one point, the FBI agent assigned to the case forwarded a zine to military intelligence headquarters at Camp Grayling. The zine criticized American militarism and detailed the ecological impacts of the proposed expansion.
The University of Michigan recruiting fair protest marked a turning point in the ways authorities — both local and federal — viewed Stop Camp Grayling protests. Within a week of the recruiting fair incident, the national FBI Counterterrorism Division became involved in the case.
Days after the fake blood incident, an Army special agent with the National Joint Terrorism Task Force wrote to an agent at FBI headquarters, according to the public records. “We noted this incident and other related activity have been documented by FBI DE in an open 266 file,” the Army investigator said, referencing a classification reserved for domestic terrorism investigations.
“I Will Be There in Person”
In April 2023, the acting director of the DNR blocked the no-strings-attached lease of 162,000 acres to Camp Grayling, attributing the decision to an inundation of public concern and opposition from tribal governments. The DNR decided instead to allow limited-use permits on 52,000 acres of public lands.
The movement had scored a victory, but for hard-line Stop Camp Grayling activists and conservation groups, the substitute DNR decision left lingering concerns over the ecological impacts of testing electronic warfare systems in the Michigan forest. The Stop Camp Grayling protesters proceeded with a week of action that included demonstrations, community building, and strategizing about next steps.
The protests, however, were on authorities’ radar well before any demonstrators set foot in the forest. Because the end of the week of action nearly coincided with the August 4 start of Operation Northern Strike, police and military officials were on high alert. Even the U.S. Army Counterintelligence Command, tasked with addressing foreign intelligence entities, was read into FBI operations on the ground.
“I’ll in turn forward their info to military intel and federal LE partners.”
The Department of Homeland Security agent working on the case decided to travel to the area. “I will be working out of Grayling this Friday through the following Friday,” Dan Lorenz, the DHS officer, wrote to an intelligence official in the state police, “so if you need anything or if I need to respond to anything I will be there in person.” (DHS did not respond to a request for comment.)
A Michigan State Police officer instructed his colleagues to collect intelligence on Stop Camp Grayling protesters they encountered. “I’ll in turn forward their info to military intel and federal LE partners,” First Lt. Scott McManus wrote.
Banner, the Michigan State Police spokesperson, said, “The Michigan Intelligence Operations Center (MIOC)” — a so-called fusion center for information sharing — “adheres to strict guidelines that prohibit the collection of information based solely on an individual’s or group’s participation in lawful activities. If criminal activities are identified, the MIOC may play a role with relevant local and/or federal partners in an effort to keep our residents safe.”
During the Stop Camp Grayling Week of Action, all eyes were on the protesters. A lawful protest, mostly involving chanting, sparked a flurry of emails. The vandalism of two billboards sent intelligence and law enforcement agencies into conniptions. “This makes the cut,” Lorenz wrote in response to a Michigan State Police write-up of the graffiti. “I will get it into reporting first chance I get.”
Eventually, the FBI decided that watching from afar was no longer sufficient. On July 26, the FBI planned to carry out in-person surveillance against Stop Camp Grayling protesters.
“Just wanted to give you guys a heads up that we will need both of you for FISUR” — physical surveillance — “on Friday,” an FBI official with the Joint Terrorism Task Force wrote to two colleagues in the Detroit field office.
Six FBI agents, including two with Portland field office designations, were sent a 13-page operation plan, along with an attached document called “Camp Attendees.docx.” The entire operation plan, beyond confirmation that six FBI agents were involved, is redacted. The Michigan State Police indicated that it withheld a significant portion of documents responsive to The Intercept and Defending Rights & Dissent’s records request, due to claimed exemptions to freedom of information laws.
The section heading in the physical surveillance plan reveal that six officers took part in the physical surveillance, with two more case agents listed. Another line lists a Michigan State Police “Contact for Traffic Stop.”
Below the list, followed by a black redaction that covers most of the page, is another section labeled: “DEADLY FORCE POLICY.”
The United States has recently detected indications of increased Russian military activity around key undersea cables, CNN reports. The news is adding to existing concerns over the vulnerability of critical undersea communications infrastructure at a time when the Kremlin is accused of waging an escalating hybrid war against the West in parallel to its ongoing invasion of Ukraine.
Undersea cables play a key role in many aspects of modern society, accounting for the vast majority of digital communication including internet traffic and more than $10 trillion in daily worldwide financial transactions. Hundreds of undersea cables run across the world’s seas and oceans, with cables in the Atlantic Ocean and the North Sea seen as being particularly at risk from potential Russian sabotage.
The world’s critical undersea infrastructure is largely unguarded and its exact positions are available in the public domain, creating a potentially tempting target for the Kremlin. Western intelligence officials believe Russia’s efforts to monitor and build up technical capability to access this vast undersea infrastructure are expanding and are currently spread among a number of different branches of the country’s military and security services, including the Russian Navy and the Main Directorate for Deep Sea Research (GUGI).
Though Russian officials have remained largely tight-lipped over the Kremlin’s alleged interest in undersea cables, former Russian President and close Putin ally Dmitry Medvedev stated in 2023 that there were no longer any constraints left “to prevent us from destroying the ocean floor cable communications of our enemies.”
Stay updated
As the world watches the Russian invasion of Ukraine unfold, UkraineAlert delivers the best Atlantic Council expert insight and analysis on Ukraine twice a week directly to your inbox.
Since the full-scale invasion of Ukraine began just over two and a half years ago, reports of suspicious Russian activity close to undersea cables have been mounting. This threat to underwater infrastructure is viewed as one of the many tools in a far broader Kremlin toolbox of hybrid warfare methods against the West.
In September 2024, CIA and MI6 chiefs accused Russia of engaging in a “reckless campaign of sabotage” across Europe. Alleged recent Russian attacks on communications systems have included disruption to the Global Positioning System (GPS) that affected thousands of civilian passenger flights in the Baltic Sea, Black Sea, and eastern Mediterranean regions.
Attempts to disrupt vital digital infrastructure are all too familiar to Ukrainians. For example, just one month before the start of Russia’s full-scale invasion in February 2022, Moscow launched a massive cyber attack that shut down more than sixty Ukrainian government sites. Russia was also linked to a major attack on one of Ukraine’s largest telecommunications companies in late 2023 that temporarily left approximately twenty four million users without connection to phone or internet services.
Amid mounting alarm over the possibility of Russian attacks on undersea cables, security measures are currently being reviewed and beefed up. NATO has set up an undersea infrastructure coordination group that brings together a wide range of public sector, military, and business representatives to share information regarding potential threats. Late last year, the alliance also announced that it was stepping up naval patrols in the Baltic Sea in response to damage to underwater infrastructure in the region.
In spring 2024, the United Kingdom, the Netherlands, Belgium, Germany, Norway, and Denmark signed an agreement to protect critical underwater infrastructure in the North Sea from potential Russian sabotage. The move came amid recognition that the North Sea now serves as a critical hub connecting European countries through power cables, gas pipelines, and telecommunications links.
Alarm over the security of the world’s vital undersea communications arteries comes as concern mounts over a possible further escalation in Russia’s hybrid war. The Kremlin is believed to be considering a variety of options as it looks to retaliate for Western military support provided to Ukraine. While direct military action is viewed as unlikely, attacks on critical infrastructure could cause chaos and impose significant costs.
With no end in sight to the Russian invasion of Ukraine, the threat to undersea cables looks set to remain for some time to come. A range of measures are already being implemented to improve security, but much more needs to be done. As Western governments look to bolster protection for existing underwater infrastructure, it may also be wise to further expand backup capacity in order to minimize disruption and bolster Western resilience against potentially devastating attacks.
Aleksander Cwalina is assistant director for the Atlantic Council’s Eurasia Center.
Further reading
UkraineAlert Sep 1, 2024
Key Ukrainian front line city evacuates as Russian offensive gains pace
By Maria Avdeeva
Evacuation efforts are accelerating in Pokrovsk as Russian troops draw closer amid fears the city will soon become the latest in a growing list of Ukrainian urban centers reduced to rubble by Putin’s invading army, writes Maria Avdeeva.
Ukraine’s biggest wartime government shakeup prompts muted reaction in Kyiv
By Andrew D’Anieri
Ukrainian President Volodymyr Zelenskyy presided over his government’s largest wartime reshuffle in early September, with nine ministries getting new permanent leadership, writes Andrew D’Anieri.
Invasion? What invasion? Putin is downplaying Ukraine’s Kursk offensive
By Peter Dickinson
Vladimir Putin’s efforts to downplay Ukraine’s invasion of Russia have severely dented his strongman image and make a mockery of the West’s escalation fears, writes Peter Dickinson.
The views expressed in UkraineAlert are solely those of the authors and do not necessarily reflect the views of the Atlantic Council, its staff, or its supporters.
The Eurasia Center’s mission is to enhance transatlantic cooperation in promoting stability, democratic values and prosperity in Eurasia, from Eastern Europe and Turkey in the West to the Caucasus, Russia and Central Asia in the East.
A St. Louis County, Missouri, judge upheld the murder conviction of Marcellus Williams, ruling that a prosecutor who contaminated key evidence by handling it without wearing gloves before Williams’s trial had not acted in “bad faith,” but instead was merely following his normal procedure.
The ruling, issued on Thursday by Circuit Court Judge Bruce Hilton, dismantles Williams’s latest attempt to prove his innocence and paves the way for his execution on September 24. “There is no basis for a court to find that Williams is innocent,” Hilton wrote. “Williams is guilty of first-degree murder, and has been sentenced to death.”
The ruling comes three weeks after the judge had agreed to a deal between Williams and St. Louis County Prosecuting Attorney Wesley Bell’s office that would have spared Williams’s life. The agreement, which would have seen Williams sentenced to life in prison, was based on the recent discovery that prosecutors had failed to adequately preserve the murder weapon used to kill Felicia Anne Gayle Picus in 1998.
Lawyers representing Attorney General Andrew Bailey scoffed at the deal, arguing that Hilton didn’t have the right to resentence Williams. Bailey ran to the Missouri Supreme Court to stop the proceeding, which it did, ordering Hilton to hold an evidentiary hearing instead.
During that hearing, on August 28, Bell and Williams’s attorneys maintained that the contamination of the murder weapon had violated Williams’s rights. Lawyers representing the attorney general meanwhile argued that handling evidence without protection was merely what the prosecutors did in St. Louis County at the time of Williams’s trial. Hilton has now agreed with that position.
In a statement following the ruling, Tricia Rojo Bushnell, executive director of the Midwest Innocence Project and one of Williams’s attorneys, emphasized how rare and meaningful it was for Bell’s office to seek to vacate Williams’s conviction. “The decision of a prosecutor to move to vacate a murder conviction and death sentence is not done lightly,” she said, but Bell had done so because “there is overwhelming evidence that Marcellus Williams’s trial was unconstitutionally unfair, including revelations that the State contaminated the most critical evidence in the case — the murder weapon.”
Marcellus Williams has fought for years to prove his innocence. A new court ruling paves the way for his execution on September 24. Photo: Midwest Innocence Project
A Deal Undone
Keith Larner, a retired former prosecutor who handled Williams’s case, was a key witness during the evidentiary hearing. He admitted that, before Williams’s trial, he had repeatedly handled the butcher knife used to kill Picus without wearing gloves that would have preserved any biological material on it linking her killer to the murder.
Larner testified that after the local crime lab failed to find any fingerprints on the weapon and had matched blood found on it to Picus, he felt free to handle the knife without taking precautions because the testing was complete. Larner also said he had already concluded that Picus’s killer had worn gloves. There is no concrete evidence in the case record that Picus’s killer wore gloves. Nonetheless, Larner insisted that there “was nothing to link anybody to the crime on that knife.” Larner recalled touching the knife at least five times prior to the trial without wearing protective gloves.
Williams maintains his innocence in the killing. No crime scene evidence linked him to the murder inside Picus’s home, and Williams long argued that testing of the weapon used to kill Picus could prove he was innocent. The trial judge denied his attorneys’ request to test the knife for DNA before trial, and he was convicted in 2001 based on the questionable testimony of two informants. DNA testing done in 2016, however, revealed unknown genetic material on the knife’s handle.
Based in part on the unidentified DNA, Bell filed a motion in January to vacate Williams’s conviction, invoking a relatively new Missouri law that allows elected prosecutors in the state to undo convictions they believe their offices wrongly obtained. The court was scheduled to hold an evidentiary hearing on the case, where a special-appointed counsel was slated to argue that Williams should be freed. Yet additional testing on the knife revealed at the last minute that neither Larner nor his investigator could be excluded as the source of the unknown DNA. In other words, whatever crime scene DNA might have been on the knife was irrevocably lost by the prosecution team’s handling of it before Williams’s trial.
Because of those findings, Bell admitted that the road to exonerate Williams would be steep. In mid-August, Bell struck a deal with Williams and his attorneys: The prosecutor would take the death penalty off the table if Williams would enter a so-called Alford plea that would allow him to maintain his innocence while conceding the state had enough to convict him. In exchange, Williams would be resentenced to life in prison. Picus’s husband, Dan Picus, had also approved the deal; he believes Williams is guilty, but told the court he does not want to see Williams executed.
Yet that wasn’t enough for the attorney general’s office, whose appeal to the state’s high court scuttled the agreement and prompted the court to schedule the evidentiary hearing the following week.
“There Is Still Time”
In his ruling on Thursday, Hilton concluded that because Larner’s actions weren’t intentional, under U.S. Supreme Court precedent, Williams’s rights had not been violated. The handling of the knife had been part of the prosecution’s normal practices, Hilton found. Larner, the judge wrote, had a “good faith basis and reasons for handling the knife without gloves.”
Hilton also rejected Williams and Bell’s other claims, including that Williams’s previous attorneys were ineffective in representing him at trial, and that Larner had struck people from the pool of potential jurors on Williams’s case because they were Black, which is unconstitutional. During the hearing, Jonathan Potts, who is working with Williams’s attorneys at the Midwest Innocence Project, pressed Larner about his stated decision to strike one potential juror because the man “looked very similar” to Williams. Larner said that what he meant was that they looked like “brothers,” he said. “Like familial brothers, not like Black people.”
During his short tenure as attorney general, Bailey has spent a considerable amount of time fighting efforts to exonerate the wrongly convicted. Still, as of Thursday afternoon, his office had not released a statement regarding Hilton’s ruling.
Rojo Bushnell, of the Midwest Innocence Project, said Williams’s legal team would continue to seek relief via the courts and Gov. Mike Parsons, who could grant clemency. “We will continue pursuing every possible option to prevent Mr. Williams’s wrongful execution,” she said in her statement. “There is still time … to ensure that Missouri does not commit the irreparable injustice of executing an innocent person.”
From gathering and analyzing information to battlefield operations, States are integrating AI into a range of military and intelligence operations. Gaza and Ukraine are battle labs for this new technology. But many questions remain about whether, and how, such advances should be regulated.
As political and military leaders, industry, academics, and civil society confront a rapidly changing world, how should they approach the role of AI in the military? This week, more than two thousand experts from over 90 countries gathered in Seoul, South Korea, for the second global summit on Responsible AI in the Military Domain (REAIM). The Summit focused on three themes: understanding the implications of AI on international peace and security; implementing responsible application of AI in the military domain; and envisioning the future governance of AI in the military domain.
Just Security Senior Fellow Brianna Rosen and Co-Editor-in-Chief Tess Bridgeman were among the participants at the REAIM Summit, chairing and speaking on several breakout sessions. Today, Brianna joins the show to share her key takeaways from the Summit, including on how it could inform future efforts to build consensus and strengthen AI governance in the military domain.
Listen to the episode, with a transcript available, by clicking below.
Three Brooklyn residents faced an early morning nightmare Thursday after armed robbers came calling in a dramatic home invasion, authorities said.
Four men climbed through a window near the foyer of a home on the 1900 block of 80th Street in Bensonhurst, at around 4 a.m. on Sept. 12, according to police sources.
Once inside, cops said, the armed intruders used a handgun to pistol-whip a 34-year-old man across his head, causing a large laceration. Another assailant punched a 41-year-old man in the face, causing a cut to his cheek, law enforcement sources reported.
Both male victims and a 19-year-old woman were zip-tied by the suspects, who then ransacked the house looking for valuables, police said.
Moments later, the violent crooks made off watches, pocketbooks, and $20,000 in cash, according to police. The perpetrators — who, authorities said, wore all-black clothing — fled inside a dark-colored vehicle.
The incident was reported to the 62nd Precinct. The female victim was not injured.
Anyone with information regarding the incident can call Crime Stoppers at 800-577-TIPS (for Spanish, dial 888-57-PISTA). You can also submit tips online at crimestoppers.nypdonline.org, or on X (formerly Twitter) @NYPDTips.
WASHINGTON — The U.S. government on Thursday responded to Venezuela’s disputed July presidential election by imposing sanctions against 16 allies of President Nicolas Maduro, accusing them of obstructing the vote and carrying out human rights abuses.
Those targeted by the Treasury Department include the head of the country’s high court, leaders of state security forces and prosecutors. The move came days after the departure into exile of Edmundo Gonzalez Urrutia, the former diplomat who represented the main opposition parties and claimed to have won the July 28 presidential election by a wide margin.
Venezuela’s electoral authorities declared Maduro the victor hours after polls closed, but unlike previous elections, they never released detailed vote tallies to back up their claim. Global condemnation over the lack of transparency prompted Maduro to ask Venezuela’s high court, stacked with ruling party loyalists, to audit the results.
The court reaffirmed his victory.
Experts from the United Nations and the Carter Center, which at the invitation of Maduro’s government observed the election, determined the results announced by electoral authorities lacked credibility.
