diff --git a/_collections/_hkers/2024-04-04-us-japan-alliance-in-2024.md b/_collections/_hkers/2024-04-04-us-japan-alliance-in-2024.md
new file mode 100644
index 00000000..febcf0e4
--- /dev/null
+++ b/_collections/_hkers/2024-04-04-us-japan-alliance-in-2024.md
@@ -0,0 +1,96 @@
+---
+layout: post
+title : U.S.-Japan Alliance In 2024
+author: Richard L. Armitage and Joseph S. Nye
+date : 2024-04-04 12:00:00 +0800
+image : https://i.imgur.com/N0i4WiM.jpeg
+#image_caption: ""
+description: "Toward an Integrated Alliance"
+excerpt_separator:
+---
+
+_The U.S.-Japan alliance is at a moment of historic strength, even as both countries confront daunting challenges in the international system. This report calls for an alliance that is more integrated across the economic and security realms to uphold the rules-based order._
+
+
+
+### Introduction
+
+Japan and the United States today confront an international environment more fragmented and divided than at any time since the end of World War II. Hamas’s brutal attack on Israel in October 2023 has rekindled major conflict in the Middle East, including attacks on shipping in the Red Sea, with a risk of expansion as Iran and its proxies seek to capitalize on the violence. Russia’s invasion of Ukraine has shaken the international system and raised the specter of a world dividing into blocs. China has provided Russia with an economic lifeline, and North Korea has provided millions of rounds of ammunition that have sustained the war effort and helped Moscow to avoid defeat — and perhaps even to prevail, absent additional international assistance to Ukraine.
+
+For its part, China is pursuing revisionist aims across the Indo-Pacific and beyond, adopting tools of coercion — military, political, and economic — to press territorial claims and advance its interests. Russia and China have largely ceased cooperation with the West, including at the United Nations and even in areas where they previously found common cause, such as efforts to restrain North Korean behavior. Kim Jong-un has capitalized on these divisions to advance his nuclear and missile programs and has forged a close relationship with Vladimir Putin. With Moscow and Beijing effectively in his corner, Kim has abandoned any pretext of engagement with the United States. He is on the brink of a full-spectrum nuclear capability, from tactical weapons for use on the battlefield to strategic weapons that can credibly threaten the United States and its allies.
+
+At the same time, both the United States and Japan are seeking to define the strategic competition with China in terms that avoid a new Cold War. On the one hand, both the United States and Japan have pursued policies to defend commercial and technological advantages in key sectors from China’s predatory and other unfair practices. In 2022, Japan passed new laws to promote “economic security” through enhanced screening for inbound investment, subsidies and protections for critical materials, and a new classified patent system for sensitive technologies. In the United States, Washington is pursuing a “small yard, high fence” approach to protecting critical technologies — limiting Beijing’s access to advanced technologies and promoting supply chain diversification — while otherwise allowing commerce with China to continue. But the size of the “yard” of critical technologies and the height of the “fence” around it remain subject to hot political debate. While managing this competition, Washington and Tokyo must preserve room to cooperate with China on issues of common interest and to sustain economic exchange key to the world’s prosperity. Building cooperation on climate change is of particular importance.
+
+In this uncertain environment, the U.S.-Japan alliance has never been more important — but doubts about the future of American leadership have never been more profound. Under the Biden administration, the United States has focused on strengthening alliances and partnerships, including by elevating the Quad, launching AUKUS, and promoting deeper “minilateral” cooperation among allies, particularly Japan, South Korea, and Australia. This strategy has achieved noteworthy successes, but it has failed to advance an economic agenda that meets the demand for credible and durable U.S. engagement, especially in the trade arena. And the future of U.S. engagement is uncertain, given a presidential campaign that features radically different visions of the United States’ role in the world and its relationships with allies. Regardless of which candidate wins, the concerns about American isolationism and reliability will continue.
+
+The burdens of global and regional leadership will therefore fall more heavily on Tokyo in the near term. Fortunately, Japan is well positioned to take on this role. Former prime minister Abe Shinzo was the architect of the ambitious diplomatic strategy known as the Free and Open Indo-Pacific (FOIP), and his successors have fully embraced his vision. Prime Minister Kishida Fumio announced a second phase of FOIP in March 2023, and it continues to enjoy broad political support in Japan. Japan has responded to a challenging security environment with unprecedented policy change, with plans to nearly double defense spending by 2027 and to acquire new capabilities that will contribute to deterrence in East Asia, including long-range precision strike missiles. Under Kishida’s leadership, Japan has played a major role in supporting Ukraine and was an effective leader of the G7 in 2023. Unlike many Western democracies, Japan has avoided the worst impulses of populism and isolationism. Its role in supporting a free and open international order grounded in the rule of law is therefore more important than ever. But looking ahead, the urgency of the international environment will demand more from Japan, and from the U.S.-Japan alliance.
+
+
+### Toward an Integrated Alliance
+
+In the year 2000, the lead authors of this report brought together a bipartisan group to develop a vision for the U.S.-Japan alliance before the presidential election to serve as a roadmap for the relationship regardless of which party won. That report helped to shape George W. Bush’s approach to the alliance, and since then this group has built on this tradition of bipartisanship in the U.S.-Japan relationship through reports in 2007, 2012, 2018, and 2020. The broad political support for the alliance today in Washington and Tokyo did not fully exist before 2000 — and it has been crucial to the successful development of the relationship ever since.
+
+The authors behind earlier reports were not mere cheerleaders for the alliance — they were committed to honesty and candor about the challenges ahead and the need for action in Washington and Tokyo. The first report, issued in October 2000, called for “renewed attention to improving, reinvigorating, and refocusing the U.S.-Japan alliance.” In the most recent report, issued on the eve of President Biden’s inauguration, the authors called for an alliance that is more equal and expects more of Japan.
+
+The strategic environment that the United States and Japan face today, and the urgency of action needed to address it, demands an even stronger call to action. With Japan now embarked on an ambitious strategic trajectory, this report urges Washington and Tokyo to take the next step: to move toward an alliance that is more integrated, from planning and executing military operations to linking economic and security concerns, including by coordinating industrial policy and promoting secure supply chains.
+
+In security terms, Washington must recognize that Japan’s new course is fundamentally different from the past, and that a more integrated alliance, including at the command level, can make a vital contribution to deterrence by enabling rapid decisionmaking and reducing seams between the two countries’ systems. On the economic side, Washington and Tokyo should collaborate on critical technologies and advance a robust friend-shoring agenda, working closely with other partners in Asia and Europe. Furthermore, the United States and Japan should work together to build the new bilateral and multilateral mechanisms needed to support a strategy of selective de-risking with China. Japan and the United States should sustain close cooperation globally to uphold a free and open international order grounded in the rule of law.
+
+#### Advancing the Security Alliance
+
+Japan’s 2022 National Defense Strategy represents an opportunity to move toward a far more operational and credible alliance. Despite the significant strengthening of the security relationship over the last decade, much of the alliance architecture remains rooted in an era when the United States expected little of Japan as a strategic partner. In the past, the alliance could be effective without formal mechanisms of military coordination, but today it cannot. A more integrated alliance will require modernizing its command structure, deepening intelligence cooperation, and actively promoting defense industry and technology cooperation. To enable these transformative steps, Japan will need to adopt stronger cybersecurity practices and further enhance and expand its security clearance system.
+
+- __Restructure alliance command and control.__ Japan’s establishment of a new Joint Operational Command (J-JOC) by March 2025, to oversee joint operations of the Self Defense Forces (SDF), is an opportunity to modernize the alliance’s command structure. The United States should upgrade the leadership of U.S. forces in Japan by establishing a standing three- or four-star joint operational command, subordinate to U.S. Indo-Pacific Command, with a more robust staff and the authority to plan and execute bilateral exercises and operations. This command could be a revamped U.S. Forces Japan or a new joint operational element established in Japan. Critically, however, the new headquarters should be primarily focused on the bilateral alliance and serve as a one-stop shop on all alliance matters for the Japanese government. The commander should not be dual hatted with U.S. service command responsibilities. With this new structure in place, Tokyo and Washington should establish a standing, combined bilateral planning and coordination office to support closer coordination of military operations while preserving separate chains of command. To the degree possible, the J-JOC and U.S. operational command in Japan should be co-located to ensure seamless coordination during contingencies.
+
+- __Strengthen the intelligence relationship and cybersecurity.__ The intelligence relationship remains a weak link in the U.S.-Japan alliance, with Japan’s intelligence community — despite reforms in recent years — still plagued by stovepiping and the absence of a true all-source analytic capability. Japan should establish a centralized analytic organization under the Cabinet Secretariat, staffed with personnel from across the intelligence community with access to all national security information produced by the Japanese government. In addition, Japan should place a high priority on passing legislation to create an economic security clearance system and strengthen Japan’s cyber defenses, including by enhancing public-private information sharing on cyber threats. These steps are prerequisites to deeper intelligence and defense cooperation in the alliance and must not be delayed. To support this effort, the United States should set out a clear road map of steps needed to elevate the intelligence-sharing relationship to the equivalent of the Five Eyes partnership.
+
+- __Prioritize defense industry and technology cooperation.__ The war in Ukraine has underscored the importance of robust allied defense industrial capacity. Supporting an innovative Japanese defense industry is in the U.S. interest, and Japan’s loosening of restrictions on defense equipment exports — though still insufficient — is an opportunity to expand collaboration. Doing so will require adjustments to mindsets on both sides. For example, leadership in the U.S. Department of Defense should prioritize collaborative programs with Japan, from expanded licensed production of existing munitions lines to codevelopment of new technologies and systems. It should also streamline technology release policies to reflect the progress Japan has made on information security. In addition, the United States should support Japanese collaboration with other partners, including projects under Pillar Two of AUKUS. For its part, Japan should resist the instinct to pursue indigenous solutions to defense requirements, which place at risk timely delivery of the capabilities needed to sustain deterrence. To be competitive, and ultimately to provide the capabilities Japan and the United States need, Japanese industry needs to shed its nearly exclusive focus on building capabilities for the SDF and embrace the international marketplace, including partnerships with foreign defense companies.
+
+#### Expanding Partnerships and Coalitions
+
+Deeper integration of the U.S.-Japan relationship at the bilateral level should be combined with accelerated efforts to improve connectivity to other allies and like-minded partners — in particular, Australia, the Philippines, South Korea and Taiwan. When needed and interests align, the alliance should have global reach — and Japan should play a larger role in addressing the crisis in the Middle East, including by helping to protect commercial shipping in the Red Sea. The U.S.-Japan relationship is rooted in common values and a commitment to democracy; in a world in which democracy is under strain globally, Washington and Tokyo should work together to strengthen democratic resilience and the rule of law.
+
+- __Bridge the U.S.-ROK alliance.__ With Japan rapidly moving to expand defense capabilities, including long-range counterstrike, the need for connective tissue between the U.S.-Japan and the U.S.-ROK alliances is greater than ever before. Following the Camp David meetings in August 2023, structures of trilateral dialogue at the strategic level are in place. The allies should now move to establish formal connections at the operational level, including through exchanges of liaison officers at respective commands, the inclusion of observers at bilateral exercises, and the establishment of a trilateral contingency planning cell. To support these changes, Japan and South Korea should move purposefully and promptly to normalize bilateral defense relations through a first-ever joint security declaration. Such a declaration could be modeled on the 2007 Japan-Australia Joint Declaration on Security Cooperation, which set out broad areas of common interest and cooperation in a non-binding political statement. These government actions should be accompanied by efforts to deepen ties among individuals and civil society in Japan and South Korea.
+
+- __Operationalize U.S.-Japan-Australia security cooperation.__ Japan and Australia have advanced their defense cooperation with a Reciprocal Access Agreement and enhanced Japanese military exercises in northern Australia. Australia’s focus on guided weapons and stand-off strike parallels Japan’s objectives and offers opportunities for federated defense production and forward sustainment. Australia’s geography offers critical defense in depth and a connection to the Indian Ocean. As the United States modernizes its command and control in Japan and defense industrial policies, emphasis should be placed on operationalizing the trilateral security cooperation already underway.
+
+- __Advance cooperation with the Philippines.__ The Marcos government’s decisions to stand up to Chinese coercion in the South China Sea and rebuild the U.S. alliance represent a significant strategic opportunity for Washington and Tokyo, who should do everything possible to reinforce and support Manila’s actions. Including Manila in minilateral engagement should continue to be a high priority, and the United States and Japan should coordinate closely in providing security assistance, to avoid duplication and ensure interoperability. Tokyo should prioritize concluding a Reciprocal Access Agreement with Manila.
+
+- __Support Taiwan’s resilience and quietly deepen trilateral dialogue with Taipei.__ Taiwan’s free and fair elections in January 2024 were an inspiration for the world, and the incoming Lai government deserves support from Washington, Tokyo, and other democracies. Within the parameters of the United States’ and Japan’s long-standing “One China” policies, both countries should support Taiwan’s capacity to resist military and economic coercion. In particular, Tokyo should expand low-profile ties with Taiwan’s national security establishment, including through regularized participation in some of Washington’s regular security policy dialogues with Taipei. The absence of these links today is a critical weakness in preparing for the possibility of a Taiwan Strait contingency. In addition, Washington and Tokyo should explore ways to help Taiwan harden critical infrastructure, to include communications networks, energy supplies, and transportation links.
+
+- __Strengthen cooperation in the Middle East.__ Despite Japan’s heavy dependence on sea lanes from the Middle East, Tokyo has been notably absent from the international response to terrorist attacks on commercial shipping in the Red Sea. Leveraging the SDF facility in Djibouti, Japan should play a larger and more visible role in defending the commercial sea lanes. Japan depends more heavily on sea lanes from the Middle East than does the United States, and its stance in the region should reflect that reality.
+
+- __Promote democratic norms and the rule of law.__ Japan’s National Security Strategy emphasizes the importance of democratic norms and the rule of law to Japan’s national interests. Weak governance and poor transparency and accountability have allowed China to engage in elite capture, build dual-use infrastructure for the military, and turn cash-poor media against the United States and its allies in strategically important parts of the Indo-Pacific. These same conditions limit opportunities for investment by U.S. and Japanese firms that would reinforce anti-corruption measures and the rule of law. The most important work is countering corruption, foreign interference, and disinformation in countries that are strategically important. The United States and Japan should work closely through the Quad and G7 and with South Korea to develop a strategy and coordination mechanism to reinforce democratic resilience, combat disinformation, and strengthen the rule of law in the Indo-Pacific to counter Beijing’s strategies of co-option.
+
+#### Strengthening Economic and Technology Cooperation
+
+While economic cooperation is enshrined in Article II of the U.S.-Japan bilateral security treaty, it has historically been difficult to implement, largely due to trade friction. However, both countries have come a long way in transforming their economic relationship from one of adversity to one of genuine cooperation. Indeed, issues at the nexus of economic and national security — such as protecting critical technologies, strengthening supply chain resilience, and promoting friend-shoring in key strategic sectors — have become among the most important on the policy agenda today and should be a central focus for the United States and Japan in the years ahead, particularly as both countries continue to work to advance their preferred economic rules, values, and norms in the Indo-Pacific region and beyond.
+
+- __Drive the G7 process on economic security.__ Japan deserves strong credit for its leadership at the 2023 G7 meeting in Hiroshima, and in particular its success in shepherding the “G7 Leaders’ Statement on Economic Resilience and Economic Security.” Implementation of this vision is essential and will require continued leadership by the United States and Japan to press the other G7 members to take concrete measures to enhance supply chain resilience, counter economic coercion, and build resilient critical infrastructure.
+
+- __Cooperate in combating China’s excess capacity and dumping.__ Excess capacity prompted by massive subsidies and other types of financial assistance, as well as insufficient domestic demand in China, is precipitating a flood of Chinese exports to the rest of the world and putting industries in the United States, Japan, and Europe at risk. Working with like-minded partners, including in the G7, the United States and Japan should coordinate approaches and, where possible, develop collective policy responses. These could include relying on traditional trade tools, such as anti-dumping and anti-subsidy measures, but should also involve employing new and creative approaches to address this growing concern. As a first step, the United States, Japan, Europe, and South Korea should initiate a dialogue on coordinated responses to excess capacity in the critical sector of electric vehicles, where the Chinese industry has rapidly become a global leader.
+
+- __Explore new models for free trade arrangements.__ The consensus in the United States in support of an affirmative and market-opening trade policy has frayed in both parties, with few signs of it being rebuilt any time soon. Although the authors of this report strongly support the return of the United States to the Comprehensive and Progressive Agreement for Trans-Pacific Partnership (CPTPP), such a step is unlikely for the foreseeable future. As an interim measure, the United States and Japan should explore the possibility of developing a new and forward-looking template for free trade agreements that includes some traditional elements but goes further to address emerging issues, such as supply chain resilience, economic coercion, climate and trade, and advanced technology standards. The two governments could also consider pursuing and building on existing agreements in specific sectors, such as electric vehicles, batteries, semiconductors, and critical minerals. Such agreements, aimed to promote secure supply chains, could be deepened to include market access, harmonized or mutually recognized standards, and trade facilitation provisions to make them genuine supply chain agreements.
+
+- __Develop common and updated rules governing two-way investment.__ A new free trade agreement template could provide more certainty on related investment matters, given the anticipated continued increase in investment flows between both countries. The positions of both presidential candidates on the proposed acquisition of U.S. Steel by Nippon Steel do not reflect a careful assessment of the U.S. national interest. The proposed deal would likely support U.S. economic growth, jobs, and innovation without in any way jeopardizing national security. Although it would not have exempted this transaction from review, Japan should be granted “excepted foreign state” (“whitelist”) status from the Committee on Foreign Investment in the United States.
+
+- __Allow new exports of U.S. liquefied natural gas (LNG) to Japan.__ In light of the importance of LNG imports to Japan as a transitional source of energy, even as it continues to invest heavily in renewables and rebuild its nuclear energy capacity, the U.S. government should consider exempting Japan from the temporary pause on new LNG export approvals announced by President Biden in January 2024.
+
+- __Deepen cooperation on development globally.__ Opportunities to deepen U.S.-Japan development cooperation in the coming years should build on the strong foundation already established between the partners and assess strategic opportunities to leverage Japan’s private sector to advance key development cooperation priorities. Japan and the United States could further align efforts to advance global health security and outcomes; advance their partnership on energy cooperation and youth leadership in sub-Saharan Africa; invest in sustainable economic development and livelihood opportunities in Latin America; and expand access to mobile telecommunication technology in the Indo-Pacific that is open, safe, secure, and accessible to all. The two countries should also enhance their work through the Indo-Pacific Economic Framework for Prosperity (IPEF) and the Partnership for Global Infrastructure and Investment (PGII) to mobilize public and private capital to invest in sustainable infrastructure. These efforts are vital to providing countries in the developing world with high-quality alternatives to China’s Belt and Road Initiative.
+
+- __Support the expansion of the G7 to include Australia and South Korea.__ Since the Russian invasion of Ukraine, the G7 has emerged as the primary international forum for upholding the international rules-based order, from support to Ukraine to combating Chinese economic coercion. But as an increasingly important global governance institution, and perhaps the only effective one, its membership needs expansion to include other like-minded partners with the values and resources to buttress the rules-based international order. The United States and Japan should consider G7 expansion to include Australia and South Korea, the world’s next two largest advanced democracies and partners that are increasingly critical to global political and economic responses. This is not charity. Given the challenges facing today’s international environment, it is time to bring additional voices with meaningful capacity and aligned views to the table.
+
+- __Strengthen coordination of economic security policy through a new Economic Security Dialogue led by the U.S. National Security Council and Japan’s National Security Secretariat.__ The Economic 2+2, launched in 2022, has proven to be a useful forum for coordinating geoeconomic strategy, but alone it is insufficient to drive aligned decisionmaking in both countries. Given the political sensitivity and coordination challenges on economic security issues and industrial policy, Washington and Tokyo should establish a new dialogue mechanism, led by the White House and the Cabinet Secretariat, to facilitate coordination of industrial policy, technology promotion, export controls, and other economic security policies.
+
+
+### Conclusion
+
+This report closes with an admonition. As strong as the U.S.-Japan alliance is today, the authors share a concern about its future. The dramatic decline in recent years in Japanese students studying in the United States, and U.S. students studying in Japan, risks eroding the foundation of U.S.-Japan relations over the long term. Both governments should focus on rebuilding these ties, which represent the lifeblood of the relationship across government, industry, and civil society. Programs in both countries should focus on student exchanges and promoting the role of women in the relationship. The U.S.-Japan Conference on Cultural and Educational Interchange (CULCON) continues to be a vital forum in this regard.
+
+The U.S.-Japan relationship is at a moment of historic strength, even as both countries confront daunting challenges in the international system. The partnership today was almost unimaginable at the time of the authors’ first report in the year 2000. This evolution was not inevitable. It has been built by people from all walks of life in both countries who are deeply committed to the relationship. The authors of this report have had the good fortune to be part of this effort over many years — and in some cases decades. It is the enduring task of both countries to cultivate new generations of leaders who recognize the value of the two countries’ partnership and who share a commitment to sustaining it.
+
+---
+
+__Richard L. Armitage__ became president of Armitage International in March 2005. Previously, he served as deputy secretary of state, having been confirmed by the U.S. Senate on March 23, 2001.
+
+__Joseph S. Nye__ is University Distinguished Service Professor, Emeritus, and former dean of the Harvard Kennedy School of Government. He has served as assistant secretary of defense for international security affairs, chair of the National Intelligence Council, and deputy under secretary of state for security assistance, science and technology.
diff --git a/_collections/_hkers/2024-04-08-eroding-trust-in-government.md b/_collections/_hkers/2024-04-08-eroding-trust-in-government.md
new file mode 100644
index 00000000..0566da73
--- /dev/null
+++ b/_collections/_hkers/2024-04-08-eroding-trust-in-government.md
@@ -0,0 +1,319 @@
+---
+layout: post
+title : Eroding Trust In Government
+author: Yasir Atalan, et al.
+date : 2024-04-08 12:00:00 +0800
+image : https://i.imgur.com/cX9HxN1.png
+#image_caption: ""
+description: "What Games, Surveys, and Scenarios Reveal about Alternative Cyber Futures"
+excerpt_separator:
+---
+
+_In the future, malign actors will seek to undermine trust in government through disrupting basic needs and services such as food aid and medical assistance, in place of costly offensive cyber campaigns._
+
+
+
+- Societies will be held hostage through cyberspace by states and non-state actors seeking to target the most vulnerable as part of larger political warfare campaigns waged online. In place of costly offensive cyber campaigns, malign actors will seek to undermine trust and confidence in government through disrupting basic needs and services such as food aid and medical assistance, creating an insidious new form of countervalue targeting.
+
+- Gender dynamics will increasingly play a significant role in shaping perceptions of cyber threats, especially in the context of misinformation campaigns. The manipulation of gender-based differences through deepfakes and computational propaganda will exacerbate fault lines adversaries can use to further polarize society and undermine trust and confidence in governing institutions.
+
+- Distrust in government will be further compounded as citizens struggle to understand cybersecurity strategy and the funding levels required to protect critical infrastructure. Governments will continue to face challenges in educating the public about evolving cyber threats and balancing the ways and means required to protect the ability to provide public goods online.
+
+
+### Introduction
+
+What is the future of cyber war? Over the last 20 years, most accounts stress large-scale operations waged by states targeting rival military networks and power grids through a mix of espionage and offensive information campaigns. In these scenarios, planes fall out of the sky and entire cities go dark. Yet this vision discounts the prospects of a more indirect and insidious approach: holding a society hostage through targeting its ability to credibly share information and deliver public goods and services online.
+
+___`This edition of the On Future War series combines tabletop exercises, a public survey, and scenarios created with generative artificial intelligence to analyze how cyber threats are evolving. The best prediction of an uncertain future is based on combining expert opinion and public attitudes to visualize and describe cyber operations almost certain to change the character of war.`___
+
+This installment of On Future War uses a novel mix of expert forecasts, public surveys, and future threat scenarios generated by artificial intelligence (AI) to analyze the changing character of cyber campaigns targeting the U.S. federal government. Based on data gathered from six tabletop exercises (TTXs) with over 50 leading cyber experts and foreign policy practitioners, as well as a public survey of over 1,000 participants from across the United States, experts and the public see a cyber future marked by attacks on government services, critical infrastructure, and trust in society itself. The findings highlight a preference among potential adversaries for undermining the United States through cyberattacks that cause widespread disruption in essential services and small businesses coupled with espionage campaigns designed to steal patents and support long-term technological competition. Furthermore, the findings indicate a trend toward using cyber operations to destabilize social order and undermine public trust, particularly in the context of significant political events such as elections and foreign policy crises. This finding points to a future where cyber warfare is not only a tool for direct socioeconomic disruption but also a means to sow discord and manipulate public opinion.
+
+The public survey, modeled on the project’s TTX framework, revealed a general lack of clarity and awareness about the U.S. government’s cybersecurity funding. It also unveiled a striking gender gap in perceptions: men were considerably more inclined to deem the current cybersecurity funding as sufficient compared to women. Similarly, women exhibited greater concern over the consequences of deepfake technologies compared to men. Furthermore, integrating U.S. Census Bureau and Massachusetts Institute of Technology (MIT) Election Data and Science Lab data with survey results revealed that the political preferences of participants’ congressional districts had minimal influence on individual player perceptions and strategies. The research team also controlled and tested environmental socioeconomic variables at the district level — including majority–minority districts by population, household median income, educational achievement, healthcare coverage, and social net benefits — but did not find them significantly impactful on individual player perceptions. In other words, the U.S. public shares a common concern about the future of cyber war that transcends political and regional differences assumed to divide the nation. These ideas echo in Future Lab’s recent study on defending the .gov ecosystem.
+
+To address the evolving cyber threat landscape, a multifaceted approach is recommended. First, a comprehensive cybersecurity strategy is essential to protect social services such as the Supplemental Nutrition Assistance Program (SNAP) and Medicaid, particularly during critical events such as elections. The United States cannot risk malign actors holding the most vulnerable U.S. citizens hostage during a major crisis or political transition. Second, enhancing public awareness and transparency in cybersecurity funding is vital, necessitating extensive educational campaigns and the establishment of an organization for collecting and analyzing cyber statistics. The U.S. government must engage the public with data about threats and trends. An informed polis is more resilient, but currently the U.S. government lacks a coherent, data-driven collection of cyber statistics to inform the private sector and general public.
+
+The U.S. government is unlikely to mobilize sufficient attention and resources if it does not invest in public-facing data, a lesson learned long ago with respect to economic statistics. Additionally, fostering real-time information sharing among federal agencies and the private sector is key to a cohesive cyber defense strategy and maintaining public trust. With a pool of data, the government can make forecasts about future threats and better align federal resources, including money, labor, and technology.
+
+
+### The Changing Character of Cyber Warfare
+
+While scholars and practitioners once perceived cyber operations as decisive battlefield instruments that heralded a new way of war, the reality has proved to be different. States are increasingly crafting multifaceted cyber strategies that incorporate coercion and a blend of mis-, dis-, and malinformation campaigns. In place of traditional military operations, more espionage and information operations are taking place. As cyber strategies evolve beyond conventional military tactics and traditional espionage, there appears to be a marked shift in focus toward critical civilian infrastructure, reflecting a strategy aimed at exploiting the interconnectedness and vulnerabilities of modern societies.
+
+#### Critical Infrastructure
+
+The traditional focus on military and intelligence targets in cyber operations has expanded to encompass a broader spectrum of targets, including civilian critical infrastructure. This shift represents a strategic move toward countervalue targeting, where the aim is to undermine governments by digitally taking citizens hostage, thereby changing the character of the threat environment. For instance, the Volt Typhoon espionage campaign by the Chinese Communist Party in 2023 targeted critical infrastructure networks through a service provider, demonstrating the strategic value placed on these targets. Similarly, on December 23, 2015, Ukrainian energy firms suffered unexpected blackouts affecting vast customer areas, alongside reports of malicious software in various essential service sectors. Technical investigations revealed the presence of BlackEnergy malware on their systems, though its exact contribution to the incidents remains under scrutiny.
+
+Countervalue targeting inverts decades of military strategy and introduces a new form of cyber warfare that threatens the very foundations of civilian life. The focal point is the critical infrastructure of modern states, which is integral to the welfare of its citizens. These sectors have emerged as key battlefields in cyberspace. In fact, according to the Dyadic Cyber Incident and Campaign Dataset, states are 4.5 times more likely to see a rival target the non-security agencies of their government and the private sector than their military and intelligence agencies. This type of cyber operation is especially alarming because it threatens to severely disrupt everyday civilian services.
+
+The increasing frequency of indiscriminate ransomware attacks across critical infrastructure sectors underscores countervalue targeting and vulnerabilities to civilian services. For example, the 2017 WannaCry ransomware attack, which rapidly disseminated across the United Kingdom’s National Health Service, had a highly specific and targeted nature and impacted multiple municipal emergency service providers. The convergence of digital and critical infrastructure networks opens new vulnerabilities, transforming these sectors into attractive targets for adversaries aiming to inflict economic and societal damage.
+
+
+_▲ __Figure 1: Cyber Critical Infastructure Targeting.__ Source: CSIS Futures Lab. Originally published in [Jensen et al., CISA’s Evolving .gov Mission: Defending the United States’ Federal Executive Agency Networks (Washington, DC: CSIS, October 2023)](https://www.csis.org/analysis/cisas-evolving-gov-mission-defending-united-states-federal-executive-agency-networks)._
+
+
+### Political Warfare
+
+Political and cognitive warfare have emerged as recent themes in the literature on modern conflict, reflecting the strategic evolution of cyber operations. Research has examined how the manipulation of digital information ecosystems, particularly through “fake news,” disinformation, and online manipulation, poses significant threats to trust in democratic institutions and processes. This manipulation is not merely an act of disinformation, but a strategic component of political warfare designed to influence and control public perception.
+
+Political warfare has evolved with the digital age, becoming a tool for states to achieve objectives without open conflict. Cyber operations against critical infrastructure are now part of this strategy. These actions undermine trust in democratic processes and can sway public opinion through “fake news,” disinformation, and online manipulation. Cyberattacks on infrastructure serve a dual purpose: they cause immediate disruption and exert long-term psychological impact, aligning with political warfare aims. Cognitive warfare specifically targets the way people think, influencing their actions during sensitive times such as elections. This form of warfare uses the global reach of digital technology to manipulate collective intelligence. By changing perceptions, adversaries can weaken the credibility of governments and destabilize societies from within.
+
+Cyber operations have thus become a critical component of political and cognitive warfare. By disrupting essential services, attackers can magnify societal divisions and erode trust in public institutions, potentially manipulating the political landscape to their advantage. This is exemplified by Russia’s cyber activities, where such operations are viewed not only as a breach of digital security but as an active measure in a broader campaign of political warfare. The targeting of critical infrastructure through cyber operations becomes a tool to exacerbate existing societal divisions, weaken trust in public institutions, and ultimately alter the political landscape to favor the attacking state’s objectives.
+
+
+### From Trends to Games, Scenarios, and Surveys
+
+Understanding how these trends shape the future of cyber operations and deterrence requires pivoting from policy analysis by case study to more diverse, multi-method assessments of twenty-first-century strategic competition. Methods such as games and public surveys provide a way to compare expert assessments and attitudes among the general population. These approaches provide valuable insights into the strategic logic behind various types of cyberattacks, their impact on government services, and the necessary measures required to strengthen cybersecurity. Furthermore, public surveys can help shed light on the general awareness and perceptions of cybersecurity threats, highlighting gaps in public education and government communication.
+
+Using generative AI to build scenarios offers a novel mechanism for synthesizing findings and supporting policy analysis. AI-generated scenarios — especially when fine-tuned and calibrated — offer a method for turning preliminary research findings into narrative, slice-of-time scenarios. This combination of human insight and machine synthesis is a key component of the ongoing research relationship between the CSIS Futures Lab and ScaleAI. The ongoing research explores the human-machine interaction and its effect on scenario building.
+
+#### Would You Like to Play a Game?
+
+To analyze how experts in cybersecurity assess emerging threats and approach cyber strategy, the researchers in the CSIS Futures Lab designed a TTX entitled Shadow Table. Shadow Table had these experts assess the optimal targets for holding the United States hostage during the upcoming 2024 U.S. presidential election, including recommendations for hypothetical state and non-state actors. Unbeknownst to the participants, they were randomly assigned to different groups based on how the U.S. government would seek to counter their selected strategy. As a result, the design captured adversary feedback loops while increasing the ability of the researchers to collect data on the underlying strategic logic, target preferences, and resource allocations of would-be attackers (i.e., the ends, ways, and means of cyber strategy).
+
+The CSIS Futures Lab ran Shadow Table virtually with six separate groups totaling 55 participants. In each session, participants included experts in cybersecurity and cyber strategy, ranging from public and private sector chief information security officers (CISOs) to academics and national security experts. During each session, the participants played two scenarios covering major threat vectors: (1) advise a major nation-state and (2) advise a non-state actor network. In each scenario, participants could select the malign actor they wanted to advise, with states including China, Russia, Iran, and North Korea and non-state actors including right-wing extremists, left-wing extremists, and criminal groups. As a result, researchers in the CSIS Futures Lab could compare and contrast different state and non-state approaches while controlling for actor type and assess motivations through a mix of data capture and moderated discussions. Put simply, the games were built to capture strategic preferences and examine how experts anticipate malign cyber actors might target the United States during the upcoming 2024 U.S. presidential election.
+
+During the state and non-state scenarios, players gave recommendations on how best to undermine U.S. elections by targeting public services administered by the federal government. These services span a broad range, encompassing essential basic needs such as food and medical assistance to economic programs such as farm loans and critical research conducted by universities and national research institutes. Specifically, players first selected how much time and effort they recommended allocating toward building malware targeting federal programs and services in three areas: (1) the provision of basic needs, (2) small and medium-sized businesses, and (3) science and technology. Second, players recommended their preferred attack method for each, recommending how to allocate a finite set of resources among four methods: (1) low-cost deepfakes, (2) low-cost disruption, (3) espionage, or (4) higher-cost, more complex degradation. Of note, these attack methods are linked to commonly accepted categories used in academic studies on cyber strategy. By forcing players to allocate scarce resources against different attack targets and methods, the game captured how experts approach cyber strategies designed to disrupt core government services during a key political transition.
+
+Based on this design, Shadow Table served as a forum to both discuss strategy and capture statistical data on preferences. The use of TTXs as a quantitative approach to inform decisionmaking processes is an established line of practice dating back to the nineteenth century. The game design used in Shadow Table reflects emerging trends in analytical wargaming that adapt simulations to capture data in a manner that supports evidence-based policy recommendations. It expands the application of these methods from international to domestic crises, blending traditional elements such as comparing expert-vs.-public outcomes and statistical analysis with new dimensions such as electoral periods and socioeconomic factors. The methodology allows for creative self-selection by participants, focusing on their perception of roles and objectives as a mechanism for identifying different strategic approaches. This approach facilitates a quantitative analysis of political and cognitive warfare by these actors, drawing on political psychology in international relations.
+
+___`Cyberattack Methods`___
+
+_`Deepfakes: The creation of fake images, text, and videos designed to skew public perception.`_
+
+_`Disruption: Low-cost, temporary operations that deface websites or lead to temporary denial of service.`_
+
+_`Espionage: Stealing sensitive information and creating access for future cyberattacks.`_
+
+_`Degradation: More complex attacks that shut down core functions, destroy data, or take networks offline for a longer period of time.`_
+
+#### Shadow Table Findings
+
+Overall, experts selected the option to disrupt basic needs more than other targets, and the preference was statistically significant in both the state and non-state threat scenarios. Figures 2.1 and 2.2 illustrate expert targeting preferences most likely to disrupt trust and confidence in the U.S. federal government during a key political transition such as an election or during a foreign policy crisis. The majority of experts prioritized attacks on the provision of basic needs, reflecting a strategy to disrupt the lives of civilians and potentially cause unrest during elections. This preference for targeting basic needs was consistent regardless of whether participants were playing as state or non-state actors, underscoring the perceived effectiveness of such attacks in destabilizing the U.S. federal government and its executive agencies. Furthermore, the choice of target indicates that attackers prefer to sow chaos or tap into the deep personal fears of civilians that rely on such basic needs. For example, SNAP food assistance alone serves as a lifeline for over 40 million socioeconomically disadvantaged U.S. citizens. Disrupting food access during an election could catalyze further polarization and even unrest.
+
+During discussions, participants detailed their strategic logic and the utility of targeting basic needs. Experts saw this attack vector as the best placed to create chaos and increase public mistrust in institutions. Furthermore, groups discussed how these attacks — if effective — could lead to protests, unrest, and a loss of trust in the U.S. government’s ability to protect basic needs. In addition, experts saw the resulting economic distress and fear amplify public discontent and raise questions about the competence and reliability of government institutions. Expert discussions revealed a prevailing assessment that compromising people’s basic needs could also make the population at large more susceptible to dis- and misinformation campaigns, thereby opening up additional vectors for foreign manipulation and radicalization.
+
+In other words, experts saw targeting vulnerable groups as the best way to undermine the U.S. government.
+
+
+_▲ __Figure 2.1: Non-state Actor Targeting Preferences.__ Source: CSIS Futures Lab. Originally published in Jensen et al., CISA’s Evolving .gov Mission: Defending the United States’ Federal Executive Agency Networks._
+
+
+_▲ __Figure 2.2: State Actor Targeting Preferences.__ Source: CSIS Futures Lab._
+
+In addition, experts noted opportunities for sowing chaos by targeting federal agencies supporting small and medium-sized businesses. For example, targeting federal grants administrated through agencies such as the Small Business Administration could produce a cascading economic effect. In 2023, the agency delivered over $50 billion in assistance, with much of it focused on underserved communities that experts perceived as likely to amplify political discord. Even more disturbing, cyberattacks that manipulated economic data produced by the U.S. Departments of Labor and Commerce could easily cause disruption to financial markets that rely on credible government statistics. Experts saw federal agencies that support economic activity as being most susceptible to cascading effects, with even small intrusions creating fear and panic likely to undermine trust and confidence in the federal government. The participants shared a perception that such attacks would not only cause direct harm but also create a domino effect, impacting the economy and increasing public discontent.
+
+In addition to target preferences, researchers in the CSIS Futures Lab analyzed how experts allocated resources to different attack types across the two scenarios. To capture this data, the TTX forced players to allocate notional resource points across four potential cyberattack methods: (1) the use of deepfakes to alter public perception, (2) low-cost disruptions (e.g., website defacement and limited denial-of-service attacks), (3) espionage campaigns designed to steal data and gain access for future attacks, and (4) more complex degradation attacks capable of shutting down entire networks or services.
+
+As seen in Figure 3.1, when analyzing non-state attack vectors, experts had a fairly balanced approach outside of deepfakes and had preferences for conducting espionage against agencies involved in science and technology. During the discussions, participants assessed that unlike traditional state-based cyber operations, their espionage preference with respect to non-state actors was more about extracting information for follow-on mis-, dis-, and malinformation campaigns linked to the use of deepfakes. By compromising scientific data or spreading misinformation, adversaries could increase doubt in government policies and actions, leading to public confusion and weakened trust in the current presidential administration. Participants acknowledged the role of science and technology in responding to national emergencies and health crises, such as the Covid-19 pandemic. They saw the potential to undermine public trust in government responses by targeting and distorting scientific data related to vaccination efficacy, treatment protocols, or disease spread. Participants noted that adversaries could amplify existing controversies, such as those surrounding climate change or vaccinations, to intensify polarization and create a society where truth is obscured.
+
+
+_▲ __Figure 3.1: Non-state Actor Cyberattack Type Preferences.__ Source: CSIS Futures Lab. Originally published in Jensen et al., CISA’s Evolving .gov Mission: Defending the United States’ Federal Executive Agency Networks._
+
+As seen in Figure 3.2, when participants analyzed optimal targets for state actors, they adopted a similar set of preferences. Experts see espionage as a tool to win long-term technology competition with authoritarian states eager to steal intellectual property (IP), a finding that parallels previous CSIS research efforts. Second, while disruption was the preferred attack method for basic services and agencies supporting small and medium-sized businesses, experts assumed that states such as China, Russia, Iran, and North Korea would invest more effort in disrupting basic services. This was consistent across the state and non-state actor scenarios.
+
+
+_▲ __Figure 3.2: State Actor Cyberattack Type Preferences.__ Source. CSIS Futures Lab. Originally published in Jensen et al., CISA’s Evolving.gov Mission: Defending the United States’ Federal Executive Agency Networks._
+
+Looking across the games, it is clear that experts see vulnerabilities in the federal agencies. These experts see viable attack options for authoritarian states seeking to create chaos during an election by disrupting the delivery of food and medical care to vulnerable populations and distorting economic data and assistance to U.S. businesses. They see non-state actors as eager to launch similar campaigns but leverage mis-, dis-, and malinformation to further polarize the country by distorting public health research. This attack logic speaks to the importance of federal services and associated critical infrastructure and how these critical requirements for modern society are also critical vulnerabilities if left unprotected.
+
+#### From Games to Public Surveys
+
+To compare observations from experts gathered during the TTX with the general public, researchers at the CSIS Futures Lab converted the game into a public survey using the online platform Prolific. The researchers ensured that the participants were from sufficiently diverse backgrounds and geographic locations to reflect the demographic makeup of the United States. In adapting Shadow Table, the research team also built in attention checks and only recorded responses where the respondents passed these checks.
+
+Like the original TTX, participants were randomly assigned into either a state or non-state malign actor group and asked to make recommendations about their preferred target (i.e., basic needs, small and medium-sized businesses, or science and technology) and method (i.e., deepfakes, disruptions, espionage, or degradation). Unlike the expert TTX, the researchers did not have the general public weight assign resource values to their attack methods, given that the general public was likely to be less familiar with cybersecurity and foreign policy issues. Thus, when juxtaposing the outcomes from both expert and public samples, the research team focused on their initial choices. These choices reflect how different groups image cyber strategy preferences of malign actors.
+
+Participants were presented with descriptions of two types of cyberattacks. The first was a conventional distributed denial-of-service (DDoS) attack, while the second involved the use of deepfakes and disinformation to tamper with health records. When asked which type of attack was more worrisome, respondents indicated that the attack involving deepfakes was of greater concern than the traditional DDoS cyberattack. Deepfakes are emerging as a significant concern in cyber warfare tactics. This was supported by the TTX, which highlighted that deepfakes are increasingly used to spread hostility and disrupt societal harmony for political gains. These digitally manipulated videos or images can convincingly depict individuals saying or doing things they never did, thereby posing unique challenges in ensuring information authenticity and maintaining trust.
+
+To deepen the understanding of participant preferences, the research integrated U.S. Census Bureau data from the 2021 American Community Survey five-year estimate, providing socioeconomic and geometric details at the congressional district level. In addition, the researchers integrated data from the MIT Election Data and Science Lab, focusing on congressional elections. As seen in Figure 4, the player sample is distributed across the continental United States. The player population can be observed through its density, whereby increments increase the size of each circle. In addition, this map is colored by party affiliation for each district as of the 116th Congress (2019–20). The color schemes follow blue for Democratic districts and red for Republican districts. As the map shows, the sample is geographically and politically representative of the U.S. population.
+
+
+_▲ __Figure 4: Public Survey Player Population by 116th Congress Districts.__ Source: CSIS Futures Lab analysis based on [“American Community Survey 5-Year Data (2009-2022),” U.S. Census Bureau, December 7, 2023](https://www.census.gov/data/developers/data-sets/acs-5year.html); and [“Data,” MIT Election Lab + Science Lab](https://electionlab.mit.edu/data)._
+
+The final dataset included players’ congressional district information; socioeconomic variables on race, income, healthcare coverage, social net benefits, and poverty; and MIT election data, confirming that the survey was geographically representative of the U.S. population. At a granular level, zip code analysis was also conducted, but results did not deviate from the orginal analysis at the congressional district level. The detailed statistical results are available in the accompanying methodology annex.
+
+
+### Findings
+
+Overall, the public thinks that the most likely states to target U.S. federal agencies and critical infrastructure are Russia and China. Similar to the experts, they see these states as focused on disrupting how the U.S. federal government and executive agencies distribute basic services such as food and medical assistance and as likely to use deepfakes to undermine trust in institutions.
+
+As seen in Table 1, both experts and the public view Russia and China as the predominant authoritarian states interested in undermining U.S. public institutions. Similar to the TTX, the public survey started with adopting an adversary role (either state or non-state). Participants were tasked with selecting the entities in both categories. Experts that engaged in the virtual TTX leaned more toward Russia (57 percent), while the public favored China (47 percent). Apart from this divergence, results show that experts and the public converge on similar preferences.
+
+
+_▲ __Table 1: Comparing Attacker Choices.__ Source: CSIS Futures Lab. Originally published in Jensen et al. CISA’s Evolving .gov Mission: Defending the United States’ Federal Executive Agency Networks._
+
+The general public is worried about Russia and China and sees these states as most likely to target federal executive services and critical infrastructure linked to basic needs. As seen in Figure 5, 49 percent of participants selected basic needs as their first choice overall. These findings are consistent with the expert TTX observations in which players identified disrupting basic services as the optimal mechanism for causing chaos sufficient to undermine trust and confidence in the U.S. government during an election and, by extension, future foreign policy crises. In other words, the traditional defensive advantages provided by the United States’ geography, including separation from adversaries across oceans, is fading fast as malign actors seek ways of launching attacks through cyberspace against core government functions and critical infrastructure.
+
+
+_▲ __Figure 5: Public Federal Service Targeting Preferences.__ Source: CSIS Futures Lab._
+
+Strategy — the alignment of ends, ways, and means — proved consistent between expert TTXs and the survey of the general public. Both groups prioritized low-cost cyber disruptions against federal agencies and critical infrastructure linked to basic needs and deepfakes linked to science and technology. Figure 6 shows that 60 percent of participants chose to disrupt when targeting basic needs, and 28 percent chose deepfakes when targeting services related to science and technology. The shared preference for using deepfakes to target science and technology is consistent with documented disinformation campaigns during the pandemic that had polarizing effects. In other words, it is not just basic services and critical infrastructure that are vulnerable and at risk during political transitions and crises. Malign actors at home and abroad will target the very foundations of scientific truth.
+
+Based on the public survey, there are clear differences in how different genders and demographic cohorts’ approach cyber strategy. Men are less concerned about deepfakes and believe the government is allocating enough money to cybersecurity. For example, men were 48 percent more likely than women to believe that current spending is sufficient. These concerns are not affected by median household income or party preferences. In other words, gender differences can predict cyber strategy preferences. One possible explanation is that women have disproportionately been victimized by social media and deepfakes, including revenge porn and fabricated images, which likely shapes how they view the future of federal cybersecurity. This dark truth translates into the rational calculation for women to be both more concerned about the risks of deepfakes and more likely to want increased U.S. government funding for cybersecurity. Notably, this does not appear to be a partisan issue.
+
+
+_▲ __Figure 6: Public Cyberattack Preferences across Targets.__ Source: CSIS Futures Lab. Originally published in Jensen et al. CISA’s Evolving .gov Mission: Defending the United States’ Federal Executive Agency Networks._
+
+___`Cybersecurity and Gender`___
+
+_`The odds that a man is concerned about deepfakes as a form of political warfare are 27 percent lower than surveyed women. Men are also 48 percent more likely to believe the federal government is allocating sufficient funds for cybersecurity.`_
+
+Second, age matters. There are clear demographic cohort effects that shape how U.S. citizens see future cyber campaigns designed to hold the .gov ecosystem at risk. Older cohorts (i.e., aged 55 to 64 or over 65) tend to recommend espionage and targeting science and technology more than basic needs and federal services that assist small and medium-sized businesses. The most likely explanation for this divergence is rational. Older Americans, especially those over 65, are more likely to draw on federal programs associated with basic needs, including Medicare and Social Security. Similar to the findings associated with gender, even when survey respondents imagine future cyber campaigns, they tend to avoid targets that would bring them harm in their daily lives. An alternative explanation is that older Americans came of age in an era more defined by public sector basic research and major programs — such as during the Space Race — that they associate with national power and pride. However, both of these explanations are best guesses as to why there are age cohort effects associated with how Americans imagine future malign campaigns designed to hold the nation hostage in cyberspace.
+
+The research team used zip code-level data to conduct robustness checks. The analysis confirmed that gender and age are associated with how groups think malign actors will target the U.S. federal government in cyberspace. Specifically, older cohorts (i.e., aged 55 to 64 and over 65) remain less likely to target basic services and government programs associated with supporting small and medium-sized businesses. These cohorts are more likely to recommend cyber campaigns targeting science and technology. Factors such as political party affiliation, income levels, and majority-minority districts are not statistically significant. This contrast implies that gender and demographic cohorts play a larger role than political ideology, income, or race and ethnicity in shaping how Americans imagine the risks from cyber operations.
+
+Unlike the district-level analysis, party linkage emerges as possible factors shaping malign cyber strategy preferences in the zip code-level robustness check. In Democratic and mixed political zip codes, participants were less likely to target small and medium-sized businesses. This finding further demonstrates rational preferences by the U.S. public with respect to cyber strategy.
+
+Lastly, political ideology did not appear to alter which rival foreign state participants perceived as likely to hold the U.S. government hostage during the upcoming 2024 presidential election. Where participants live (i.e., Democratic- or Republican-leaning zip codes) did not have an impact on the state actor they selected (i.e., Russia, China, Iran, or North Korea). This finding extends to non-state actors. While one might assume Republican-leaning districts would be more likely to select left-wing groups as the malign actor, and Democrats the opposite, this was not the case. The only difference appeared with respect to non-state actor motivation, with Democrat-leaning zip codes being more associated with “lone wolf” cyber actors as opposed to financially motivated cyberattacks (i.e., cybercrime). This difference may suggest that political ideology shapes how people view opposing group motivations, with Democrat-leaning areas more inclined to see malign activity in cyberspace by non-state actors associated with isolated political radicals.
+
+
+### From Surveys to Scenarios
+
+To visualize and describe the findings from experts and general public TTXs, the research team employed a novel approach to constructing scenarios that drew on generative AI. Specifically, the CSIS Futures Lab loaded the text transcripts from the TTXs, comments from the public surveys, and a corpus of over 300 documents on cyber operations and modern strategy to fine-tune a model using Scale AI’s Donovan platform and a retrieval assisted generation (RAG) large language model (LLM).
+
+___`A Recipe for AI-Generated Scenarios`___
+
+- _`Select a base LLM (e.g., ChatGPT, Bard, or Llama).`_
+
+- _`Add a corpus of authoritative texts on strategy and critical factors the model can reference.`_
+
+- _`Mix in structured observations about ends, ways, means, and feedback loops (e.g., TTX transcripts).`_
+
+- _`Garnish with tailored prompts (e.g., using trends and themes to refine questions about alternative futures).`_
+
+RAG works to optimize how the base model classifies text (i.e., fine-tuning) and predicts the next logical sequence. By using a select corpus trained on cyber and great power competition, the expectation is that text generated in response to queries is more accurate and aligns with key concepts. This fine-tuning is further enhanced by training the model with the prompts that are based on the emerging themes of TTX discussions. To facilitate this process of refinement and structure prompts given to the LLM, the CSIS Futures Lab defined a series of trends based on analyzing the TTX results. In other words, the model used thousands of pages of texts and transcripts to answer prompts about how discrete trends could comingle to produce alternative futures. The result is a series of “slices-of-time” that provide portraits of alternative futures in which malign actors seek to hold the United States hostage by launching cyber campaigns targeting federal executive agencies and critical infrastructure during political transitions and foreign policy crises.
+
+The use of LLMs in this context is a time-efficient method that enhances understanding but requires skilled handling to avoid biases. In military planning, the effective use of LLMs depends on translating critical thinking and research into structured queries for the AI model. These models complement, rather than replace, human expertise, and military professionals must adeptly convert their knowledge and concepts into AI-interrogable formats. Generative AI, increasingly used in social science, offers significant opportunities and challenges when integrated into wargaming, red teaming, and scenario construction. It can subtly influence crucial leadership decisions and is subject to the “black box” challenge, where the reasoning behind AI-generated outcomes is not always clear. This necessitates ethical governance, transparent methods, and accountability to responsibly manage AI’s role in wargaming, a key factor in determining future conflict outcomes.
+
+#### Societies Held Hostage
+
+The first major trend that emerged from the TTX discussions concerned how interdependence creates new forms of vulnerability. A connected society requires a mix of online government services and critical infrastructure to function. As a result, the disruption of basic needs and polarizing deepfakes (i.e., disinformation) can amplify underlying fault lines in society during political transitions and foreign policy crises.
+
+__Differences in State Actors’ Strategies__
+
+_TTX participants pointed out that there are significant differences in the strategies of different state actors. During the TTXs, Russia, for instance, was more engaged in disruptive cyber activities, while China was more focused on strategic and espionage-oriented approaches. This assumption is consistent with academic literature on different state strategies in cyberspace. As a result, cyber defense strategies — in both the public and private sectors — need to adapt to different threat characteristics. This process of adaptation will require access to public data on different threat vectors, including statistics on how new attacks compare to past efforts (i.e., cyber statistics)._
+
+__Chaos and Instability__
+
+_An overarching theme was the creation of chaos and instability, especially with the upcoming 2024 election in mind. By targeting critical services and undermining public confidence, state actors could weaken the U.S. federal government’s legitimacy and provoke divisive reactions among the population. This focus on windows of political vulnerability highlights a need to ensure there are sufficient resources as well as collaboration with the private sector to deny adversaries the ability to hold the United States hostage during its political transitions or foreign policy crises._
+
+__Priority on Disruption and Immediate Impact__
+
+_The immediate disruption of services and the ensuing chaos was identified as a key strategy that attackers may prioritize. These tactics aim to impact public perception in the short term leading up to the 2024 election. By causing immediate and visible disruptions, the attackers could potentially cause widespread panic and a loss of confidence among the public in the government’s capabilities. This emphasizes the need for robust disaster recovery plans and the ability to quickly restore services after an attack._
+
+__Cross-Domain Attacks__
+
+_Another emerging pattern was the idea of cross-domain attacks that not only involve cyberattacks but also physical disruptions. For instance, cyber-physical attacks on critical infrastructure could amplify the overall impact of the attacks, increasing their effectiveness in sowing discord and undermining public confidence. This highlights the need for defenses that extend beyond purely digital assets and can also protect against physical disruptions resulting from cyberattacks._
+
+Based on these dynamics, the CSIS Futures Lab generated the following scenario using Donovan:
+
+___`Fracturing Trust`___
+
+_`In the run-up to the 2024 U.S. presidential election, two distinct trends of cyber activity involving Russian and Chinese actors emerge. Leveraging cyber strategies that have been evident in previous conflicts, Russian state operatives appear intent on fanning the flames of political discord within the U.S. electorate. Concurrently, Chinese state-sponsored black-hat hackers are continuously launching large-scale operations aimed at pilfering unprotected IP databases within the United States.`_
+
+_`Russian cyber activities cast a long shadow of a Cold War-style influence operation that deploys strategically crafted disinformation and propaganda campaigns. These campaigns, which are designed to fracture public resolutions and incite social chaos, allude to the tactics used to interfere in the 2016 U.S. presidential election. There appears to be an orchestrated effort to manipulate political perceptions and beliefs in an attempt to shift the electoral landscape in a direction favorable to Russian strategic interests.`_
+
+_`China’s cyber activities, in stark contrast, possess apparent economic drivers. The IP of the United States, held in the form of patents, methodologies, and blueprints, are the primary focus of these cyber breaches. By syphoning off such data, China could potentially undercut U.S. economic competitiveness on a global platform.`_
+
+_`Inevitably, these trends converge, resulting in a dire situation for the United States. The effects of these cyber operations are not restricted to abstract sociopolitical and economic dimensions. Both Russian and Chinese operations have displayed a propensity to target U.S. critical infrastructure, specifically the federal systems that deliver basic assistance programs. Such activities could severely undermine the trust and confidence of U.S. citizens in the government’s ability to ensure their welfare.`_
+
+This scenario is a good example of how these developments could take place in the near future given the vulnerabilities identified during the TTXs and public survey. Of note, the scenario is also the most logical extrapolation from recent trends in cyber operations and great power competition. According to the scenario, the focus of Russian operatives on disseminating disinformation and propaganda to influence public perception and create social chaos is consistent with the document’s findings on political and cognitive warfare. Similarly, in line with findings from the TTXs, espionage, particularly in the science and technology domain, has a strategic emphasis on cyber threats. This resonates with the activities of Chinese hackers, which center on IP theft to undercut U.S. economic competitiveness. This scenario shows the need for robust measures against potential disinformation campaigns using deepfakes and espionage activities against research and development. If the U.S. government cannot find a way to address deepfakes and protect its science and technology enterprise, the country will be increasingly vulnerable and subject to coercion in the twenty-first century.
+
+#### Gender Dynamics Will Continue to Shape How the Public Views Cybersecurity
+
+The second major trend observed concerns the rise of mis-, dis-, and malinformation. During the TTXs, participants focused on rising threats related to deepfakes and AI. The public survey confirmed these concerns but highlighted a clear divide between how self-identified men and women view the threat of deepfakes. As a result, future campaigns to hold the United States hostage during a political transition or foreign policy crisis are likely to see disinformation campaigns tailored to different segments.
+
+__Disinformation and Manipulation of Stolen Data__
+
+_During the TTXs, there was a debate regarding the effectiveness of deepfakes and disinformation campaigns in swaying public opinion. Some participants argued that these tactics might sow discord rather than significantly change people’s minds. This discussion pointed toward the potential for dis- and misinformation campaigns to amplify existing social cleavages. Even small groups with hardened worldviews can amplify disinformation and spread it outside their networks._
+
+__The Gender Gap and Utilization of Deepfakes and Disinformation__
+
+_During the TTXs, participants highlighted how malign actors could use deepfakes to make the government appear incompetent or even outright malicious in delivering essential needs. Combining real information leaks with deepfakes could further erode trust in the government’s crisis management capabilities. Additionally, the public survey highlighted how gender and age cohort differences shape how the U.S. public views cybersecurity. This disparity in sensitivity offers adversaries an opportunity to tailor attacks that exacerbate confusion, complicating the development of effective strategies to counter these threats._
+
+___`The Gender Divide in Cyber Warfare`___
+
+_`Heading into the contentious 2024 U.S. presidential election, extensive studies revealed that women voters expressed far greater concern about potential deepfake videos and manipulated information than men. This gender disparity offered a prime opportunity for exploitation by foreign adversaries keen on disrupting U.S. democracy.`_
+
+_`In the months before the election, Russian state-sponsored disinformation campaigns specifically targeted women voters across social media. Fake news stories and doctored videos portrayed female political candidates as corrupt, unqualified, and even mentally unstable. Some deepfake footage depicted female candidates making inflammatory racist and misogynistic remarks. Other manipulated videos showed women lawmakers struggling to respond coherently to basic policy questions. Many appeared designed to prey on gender biases that question women’s competency for high office. The goal was to suppress support for female candidates among women voters.`_
+
+_`Meanwhile, Chinese cyber operatives stole massive datasets from women’s health organizations and services. They threatened to leak sensitive medical records of female patients from Planned Parenthood and OBGYN practices unless demands were met. This sparked fears that hacked personal health information could be used for blackmail or extortion. Patients worried that intimate details about reproductive health, pregnancies, and sexual health could be made public in an attempt to ruin reputations and lives.`_
+
+_`In the wake of the election, Russian disinformation tactics continued preying on female voter anxieties. Deepfake videos portrayed female members of the cabinet as inept crisis managers unable to deliver basic government assistance to struggling Americans. Doctored footage showed relief supplies rotting in warehouses due to incompetence as Americans suffered.`_
+
+Unlike the first scenario, the above vignette shows how generative AI can help visualize alternative futures based on critical outcomes. AI is not magic. It is math. And the integration of datasets on strategy, net assessment, and cyber operations, alongside transcripts from the games, alters how the underlying model weights different text combinations to write the story. This story is best characterized as a “what if” scenario and a demonstration of how a particular outcome — regardless of party — intersects with observed patterns and trends in cyber operations as they relate to disinformation. Here the model assumes that a woman — regardless of party — wins the 2024 presidential election, a prospect current polling suggests as unlikely but not impossible. Rather than interpret the results as forecasts about elections, the better perspective is to use the fictional future scenario as a foundation for discussing how authoritarian states are and will likely continue to target gender fault lines in the United States. This focus of discontent could create new preferences for how malign actors will seek to target federal executive agencies and critical infrastructure, with a particular focus on health and human services as well as medical providers highlighted in the scenario.
+
+#### Distrust in Government Will Continue
+
+The third major trend observed across the TTXs and public survey responses concerns the declining trust in government across democratic societies and the United States, in particular. There was an underlying assumption across different groups that free people currently experience a trust deficit. According to a recent Pew Research, the U.S. trust in the federal government decline from 73 percent in 1958 to 16 percent in 2023. A second major trend observed concerns the rise of mis-, dis-, and malinformation. During the TTXs, participants focused on rising threats related to deepfakes and AI. The public survey confirmed these concerns but highlighted a clear divide between how self-identified men and women view the threat of deepfakes. As a result, the future campaigns to hold the United States hostage during a political transition or foreign policy crisis are likely to see such campaigns tailored to different segments.
+
+___`Propaganda by Deed`___
+
+_`A nineteenth- and twentieth-century tactic of using protests, terrorist attacks, and other subversive deeds to catalyze further unrest and even open revolt. The idea is closely linked to revolutionary theory and the concept of a “foco” used by Che Guerva. The concept has been used by modern terrorist organizations and is increasingly associated with far right-wing and Islamic extremists.`_
+
+__Disrupting State and Local Elections__
+
+_Participants in the TTX underscored the value of targeting state and local election systems, perceiving them to be more vulnerable to cyberattacks. Such attacks could disrupt the electoral process and weaken faith in the democratic system. More important, this reflected a desire to sow discontent by making it appear that every local disruption was a function of systemic issues at the federal level._
+
+__Espionage and Long-Term Goals__
+
+_Across the TTX and public surveys, participants saw espionage as more than just a means to steal information and technology. They also saw it as a way to undermine trust in government, as Americans perceived each new breach as a sign of a breakdown of sovereignty and the ability of the federal government to safeguard U.S. innovation and the personal information its citizens. This desire to steal IP and undermine trust was seen by participants as a long-term goal beyond any one political transition or foreign policy crisis._
+
+__Importance of Insider Threats__
+
+_The threat posed by insiders, whether intentional or accidental, was a key point in the TTX discussions. Participants noted that insiders, whether in the United States or other countries, could potentially compromise federal networks. This highlights the need for a holistic approach to cybersecurity that goes beyond protecting against external threats and also addresses the potential risks posed by insiders. It also shows how the breakdown in trust creates new threat vectors as disenfranchised citizens look for new forms of protest and “propaganda by deed.” This threat parallels the broader phenomenon also on display in the rise of activities such as swatting involving federal or local elected officials, which involves falsely calling in SWAT teams to a’ residence._
+
+__Strategic Timing__
+
+_The TTX discussions also pointed to the importance of timing in launching cyber operations designed to undermine trust and confidence in the U.S. government. The participants noted that attackers are likely to time their attacks to coincide with critical events, such as elections or other moments of national significance, to maximize their impact and influence public sentiment. This underlines the need for heightened vigilance during such periods and the importance of having contingency plans in place. It also suggests that cyber operations have become a form of propaganda by deed in networked societies._
+
+Based on these dynamics, the CSIS Futures Lab generated the following scenario using Donovan:
+
+___`Chaos at the Ballot Box`___
+
+_`The 2024 U.S. presidential election highlights intensifying cyber threats seeking to undermine democracy and national security. Russian hackers disrupt local election systems and infrastructure, timing attacks for maximum impact. Chinese operatives focus on espionage targeting confidential data to advance long-term strategic interests. Meanwhile, insider threats pose increasing risks of unauthorized disclosures and system compromises.`_
+
+_`Prior to the election, a disgruntled federal contractor with access to classified systems leaks troves of confidential documents revealing the government’s cyber capabilities and gaps. Adversaries gain insight, enabling more successful future attacks on exploited weaknesses.`_
+
+_`Weeks before the 2024 election, ransomware strikes voter registration databases in six key battleground states right before registration deadlines. Chaos ensues at local election offices as critical voter rolls are locked down. Tens of thousands lose the ability to update their registration status, request absentee ballots, or fix errors ahead of election day.`_
+
+_`On election day, reporting systems crash in counties across swing states, delaying results. Claims of voter suppression and fraud spread. Protests form amid the uncertainty calling the election’s integrity into question.`_
+
+_`Throughout the election, Chinese hackers steal datasets from both political parties and all levels of government. In the long term, this facilitates future blackmail and enormous economic advantage from pilfered trade secrets, IP, and proprietary research.`_
+
+Like the second scenario (The Gender Divide in Cyber Warfare), the above vignette shows how generative AI can help visualize alternative futures based on the convergence of key trends. Here the prompts based on trends observed during the TTXs change how the model weights words and their sequence to write a dystopian story. Like wargames, these scenarios are not predictive as much they are illustrative, a helpful mechanism for catalyzing policy debates and security assessments. As a result, the story is a gateway to a larger set of stress tests and red-teaming efforts required to identify vulnerabilities that a mix of foreign states and insiders could use to attack federal agencies and critical infrastructure.
+
+
+### Policy Implications
+
+A connected society is as vulnerable as it prosperous. Each connection creates possibilities for exchanging goods and ideas but opens a vector for spreading malware and holding the entire system hostage. As a result, modern resilience starts with cybersecurity and ensuring that the federal government and critical infrastructure are sufficiently protected from both foreign and domestic threats. Seen in this light, the following policy recommendations warrant further debate and considerations based on the findings from the TTXs, public survey, and generative AI scenarios.
+
+#### Charting a Path toward Comprehensive Cybersecurity for Essential Services
+
+A major finding across all the games, surveys, and scenarios was that future cyber threats will increasingly target the basic needs provided by the federal government as a way of holding the United States hostage during political transitions and foreign policy crises. Traditionally, cyber defense focused on sensitive military and intelligence infrastructure, but this observation changes the logic. Increasingly both federal CISOs and actors such as the Cybersecurity and Infrastructure Security Agency (CISA) will need to prioritize protecting services such as providing food and healthcare to large segments of the U.S. public. These ideas echo the larger recent study on defending the .gov ecosystem. Furthermore, this new focus on public needs will likely require expanding core programs such as threat hunting to include more active red teaming and dynamic consequence management exercises that include stress testing how best to engage the public during a cyber crisis.
+
+#### Addressing Gender and Age Dynamics in Cyber Threat Perception
+
+The fact that gender and age are playing a significant role in shaping perceptions of cyber threats — particularly in the context of misinformation campaigns — means the federal government has to change how it assesses threats and communicates with the U.S. public. Women’s heightened concern about deepfakes and misinformation calls for targeted strategies to address and counter these threats that will likely involve working with private sector social media companies. More generally, CISOs across the federal government, and CISA in particular, will need to incorporate gendered perspectives into cybersecurity policies and awareness campaigns. This could involve conducting gender-specific studies to understand varying threat perceptions and developing tailored public awareness initiatives that address these concerns. By acknowledging and addressing gender-based and age-based differences in cyber threat perception, public communication strategy can become more effective in countering misinformation campaigns and preventing societal divisions.
+
+#### Enhancing Public Awareness and Transparency in Cybersecurity Funding
+
+The apparent lack of public awareness about government funding and efforts in cybersecurity underscores the need for transparent and persistent communication strategies. The federal government must actively engage with the public to explain the complexities of the cyber threat landscape and the importance of resilience building. This recommendation involves not only investing in robust cybersecurity measures but also in extensive public education and information campaigns. By improving public understanding and involvement in cybersecurity matters, governments can strengthen societal resilience against cyber threats and ensure a more informed and cooperative approach to national cyber defense.
+
+#### Funding an Entity to Collect, Analyze, and Share Cyber Statistics
+
+There were expert debates and disagreement across demographic cohorts about whether or not the U.S. government sufficiently resources cybersecurity. This divergence likely speaks to a larger issue: the public does not understand the full extent of the threat and experts are often lost in debating different aspects. There is no, single credible source of information about cyberattacks in the same way that there are public databases on everything from weather patterns to crime statistics to economic data. It should come as no surprise that large segments of the U.S. population see a threat but struggle to understand what the right balance of ways and means is to reach the goal of secure online services and critical infrastructure. Therefore, the U.S. government — whether in the Office of the Cyber Director or CISA — needs to establish an outlet for publishing cyber statistics. This effort should build on new public and private sector data pooling initiatives and ensure cyber dashboards are as accessible to a woman in rural Kansas as they are to a federal CISO in Washington. With a pool of data, the government can make forecasts about future threats and better align federal resources, including money, labor, and technology. This will allow the government to better inform the private sector and general public about the cyber threats and cybersecurity measures.
+
+
+### Conclusion
+
+The shape of the threat is clear. As science fiction writer William Gibson puts it, “The future is already here, it is just not evenly distributed.” The United States has already seen massive data breaches, IP theft, and efforts to plant malware on its critical infrastructure. Foreign actors increasingly look like they are employing cyberattack vectors targeting the federal government and critical infrastructure to “wreak havoc.” The open question is what the United States will do about it. The games, surveys, and generative AI scenarios in this paper represent an effort by the CSIS Futures Lab to employ novel research methods to understand modern policy challenges.
+
+Addressing these threats requires open, honest debate that embraces not just opinion but also large datasets, facts, and even creative scenarios. Diversity of thought and perspective will lead to deeper insights. Too often security questions are treated as sensitive and closed policy discussions, limiting the ability of an educated public to debate the best course of action. Democracy requires these debates and a vibrant marketplace of ideas. Securing the connectivity the U.S. citizens rely on is too important to be left to unaccountable experts debating a handful of marquee case studies and opaque security programs. The public has a stake in understanding the threat and debating how best to confront it. That debate will be messy, but then again so is democracy.
+
+---
+
+__Yasir Atalan__ is an associate data fellow in the Futures Lab at the Center for Strategic and International Studies (CSIS) in Washington, D.C., and a graduate fellow in the Center for Data Science at American University.
+
+__Jose Macias__ is a research associate in the Futures Lab at CSIS and a Pearson fellow at the Pearson Institute for the Study and Resolution of Global Conflicts at the University of Chicago.
+
+__Benjamin Jensen__ is a senior fellow in the Futures Lab at CSIS and a professor in the Marine Corps University, School of Advanced Warfighting.
diff --git a/_collections/_hkers/2024-04-08-ships-trains-and-trucks.md b/_collections/_hkers/2024-04-08-ships-trains-and-trucks.md
new file mode 100644
index 00000000..fd065c06
--- /dev/null
+++ b/_collections/_hkers/2024-04-08-ships-trains-and-trucks.md
@@ -0,0 +1,138 @@
+---
+layout: post
+title : Ships, Trains, And Trucks
+author: Romina Bandura, et al.
+date : 2024-04-08 12:00:00 +0800
+image : https://i.imgur.com/SAXjCYy.jpeg
+#image_caption: ""
+description: "Unlocking Ukraine’s Vital Trade Potential"
+excerpt_separator:
+---
+
+_The full-scale Russian invasion has devastating effects on Ukraine’s trade causing vast destruction of its transport and logistics infrastructure. Ukraine and its partners have to be creative and determined in finding new trade corridors to support business operations._
+
+
+
+Transport and logistics infrastructure serves as a country’s main trade arteries, facilitating the flow of people, goods, and services. Without this vital infrastructure, a country’s economic potential is stifled. In the case of Ukraine, Russia’s full-scale invasion in February 2022 had devastating effects on its economy, including its ability to trade. Due to constant and indiscriminate Russian missile attacks, Ukraine suffered massive destruction of its transport and logistics infrastructure, with air cargo totally suspended and port activity severely interrupted. As a result, Ukraine has to be creative in finding new trade corridors to support business operations and enable the flow of humanitarian and military aid. To that effect, this white paper analyzes how the country has been adapting its trade routes and related infrastructure in wartime and provides recommendations to sustain trade and economic activity now and in the future.
+
+
+### Current Trade Challenges
+
+Ukraine is facing numerous challenges to its trade-related infrastructure. Even before the full-scale invasion, the quality of Ukraine’s infrastructure was low due to the decades-long absence of critical investments. The 2022 invasion has added more complexities to this situation. First, Russian air strikes have destroyed and damaged transport and logistics infrastructure including key ports, roads, and grain silos, rendering these assets unusable or in need of repair and rebuilding. Second, shipping through the Black Sea, a main artery for trade for agricultural products, has partially rebounded but remains susceptible to attacks. Moreover, finding alternative routes for grain shipments via train and roads through Ukraine’s western borders has led to disruptions with neighboring countries and additional time and transportation costs. Third, given the unpredictability of Russian attacks and the duration of the war, insurance for physical assets, such as vessels and silos, and business operations is expensive or lacking altogether. Lastly, all these transportation modes are labor intensive. Personnel shortages abound across sectors as many Ukrainians have left the country or have been mobilized for the army. Transportation is not immune to these trends.
+
+
+### Seaports and Waterways
+
+Ukraine’s seaports have been crucial modes for exporting agricultural commodities and metals. Before the full-scale invasion, Ukraine’s top five ports in the Black Sea cities of Pivdennyi, Mykolayiv, Chornomorsk, Odesa, and Mariupol — were responsible for over 90 percent of Ukraine’s seaport freight turnover. Moreover, 98 percent of grain exports flowed through the Black Sea ports, with Mykolayiv seaport playing an imperative role. Companies such as U.S. Bunge, Ukrainian Nibulon, and Chinese COFCO all had major investments there.
+
+With the start of Russia’s full-scale invasion, commerce through the Black Sea was significantly interrupted. Grain exports via the Black Sea were subject to constant Russian attacks (the heaviest period being February to July of 2022), including aerial (missile and drone) attacks on port infrastructure and sea mines destroying cargo ships. Due to the invasion, Ukraine fully lost control of the port of Mariupol in May 2022 after Russia brutally invaded it on February 24, 2022. Of the other four important ports, Mykolaiv became inoperative due to Russia’s full-scale invasion, while the ports of Chornomorsk, Pivdennyi, and Odesa have operated at partial capacity since February 2022.
+
+To help ease the flow of goods to and from Ukraine, in May 2022, the European Commission launched the Solidarity Lanes action plan. The EU-Ukraine Solidarity Lanes provide logistics alternatives to Ukraine’s seaports, including rail, road, and inland waterways (Figure 1). A total of €2 billion (around $2.2 billion) has been mobilized to meet this demand. According to the European Council, as of July 2023, almost 33 million metric tons of grain (and other foodstuffs) had been exported via the Black Sea Grain Initiative, which is about half of what it exported prior to the full-scale invasion. At the same time Ukraine imported essential goods such as fuel, and military and humanitarian aid was allowed to flow.
+
+
+_▲ __Figure 1: EU Solidarity Lanes.__ Source: Reprinted with permission (CC BY 4.0 DEED) from the [European Commission, “Keeping Ukrainian Goods Moving”](https://transport.ec.europa.eu/ukraine/keeping-ukrainian-goods-moving_en)._
+
+In addition, in July 2022, Russia, Ukraine, Turkey, and the United Nations brokered the Black Sea Grain Initiative. This provided partial safety for Ukraine’s grain exports via the Black Sea ports of Odesa, Chornomorsk, and Pivdennyi for a year. Since August 2022, the initiative has enabled 32 million metric tons of Ukrainian grain and foodstuffs to be shipped across the globe. Furthermore, the initiative helped Ukraine export over 36 million metric tons of nonagricultural goods such as iron, steel, ores, and wood. However, Russia suspended the deal in July 2023 and consequently resumed heavy attacks on Ukraine’s port infrastructure.
+
+After Russia fully compromised the Solidarity Lanes through the Black Sea, Ukraine launched its own alternative Black Sea corridor in August 2023. Established with the help of its Western partners, the corridor between Ukrainian ports and the Bosporus Strait has proved successful. Ships are now traveling on the western coast of the Black Sea through Romanian and Bulgarian territorial waters. Ukraine has also been exporting grain through the ports of Reni and Izmail, both on the Danube River. This new corridor allows Ukraine to continue exporting wheat, corn, sunflower oil, and barley to the Middle East, Asia, and Africa. Since Russia’s refusal to continue the Black Sea Grain Initiative, Ukraine claims it has exported, as of December 2023, approximately seven million metric tons of cargo through its seaports, five million of which were Ukrainian agricultural products. According to recent reports, Ukraine is on track to export all its grain from the 2023 harvest. Nevertheless, there are still major risks as Russia continues to attack commercial ships and infrastructure and as mines float in the Black Sea waters.
+
+Moreover, due to Russia’s full-scale invasion, Ukraine is using more road and rail infrastructure to trade. Before the full-scale invasion, nonmarine modes of transportation were responsible for over 40 percent of Ukraine’s trade turnover and seaports for about 60 percent. According to author interviews with Ukrainian infrastructure and transportation experts, for most of 2023, the picture almost flipped, where rail and roads accounted for about three-fourths of Ukraine’s total trade volume and seaports accounted for about one-fourth. This situation changed dramatically after Ukraine reopened its ports in the fourth quarter of 2023. According to the experts, today, the balance between seaport and non-seaport trade turnover is about 50-50.
+
+
+### Roads
+
+Another important mode of transportation for Ukraine is the road network. However, the 170,000-kilometer road network Ukraine inherited from the Soviet era was in poor condition and needed much updating. With Ukraine’s pro-Western trajectory after 2014, the government took road repair more seriously, allocating substantial sums from the state budget. Ukraine’s roads began to be brought back to life as Ukraine repaired up to 10 percent of the roads between 2016 and 2019. Moreover, in 2019, Ukrainian president Volodymyr Zelensky announced the Big Construction initiative aimed at building or repairing roads and other important infrastructure. As a result, more than 14,000 kilometers of roads were constructed or repaired in the first two years of the projectbut still not enough to cover the immense needs). This initiative then ran into problems, including lack of transparency in the bidding processes and severe corruption allegations in the state-run road agency Ukravtodor.
+
+Before the full-scale invasion, Ukraine’s roads were mainly transporting higher value-added products such as finished goods (both for imports and exports), in addition to some commodities. The war has considerably changed trade dynamics as Ukraine’s roads had to absorb part of the commodities transported via seaports, mainly metals and grain. Ukraine can now export some of the grain using road and rail cargo routes via Poland, Slovakia, Hungary, Romania, and Moldova, albeit with limited capacities and in some cases with political tensions.
+
+In response to Russia’s full-scale invasion, the European Union allowed tariff-free food imports from Ukraine, but that created problems for neighboring countries. In April 2023, Poland closed its border to Ukrainian grain as Polish farmers protested that their grain became less competitive. Slovakia and Hungary took similar action earlier that month. The EU farmers gained partial victory by making the European Commission impose restrictions against imports of Ukrainian grain (wheat, maize, rapeseed, sunflower seed) to Hungary, Poland, Romania, Slovakia, and Bulgaria. Initially, the ban was to last until June 5, 2023, but then it was extended until September 15, 2023, after which it became obsolete. However, in response to lifting the ban, Poland, Hungary, and Slovakia said they would impose unilateral import bans.
+
+This shift in transportation has also generated discontent among truckers in neighboring countries. In November 2023, Polish truckers initiated a boycott of one of Poland’s largest Ukraine border crossings, Medyka, in fear that an influx of Ukraine’s truckers are creating unfair competition. Polish truckers have been demanding more support from their government, including reinstating of permits and limiting the number of licenses for Ukrainian truckers. Slovakia and Hungary joined the boycotting of their own border control points a few weeks later.
+
+This caused thousands of trucks to be stranded for miles near the borders in freezing weather, costing Ukraine’s government and the private sector a hefty sum. The total amount of trucks in queue at one point was nearing 4,000. Altogether, Poland blocked four border crossings: Korczowa-Krakivets, Hrebenne-Rava-Ruska, Dorohusk-Yahodyn, and Medyka.
+
+An additional potential problem is that the stranded trucks could be carrying critical humanitarian aid for Ukrainians, considering that some of these border crossings are close to transit points for humanitarian and military aid to Ukraine.
+
+Although the blockade affected a diverse range of businesses, Polish truckers are damaging Ukraine’s wood, furniture, car parts, and vegetable oil exporters and a quarter of Ukraine’s fuel supplies imports in particular. A Ukrainian trucker association estimated the blockage has already cost €400 million ($436 million) in revenue for companies. The European Business Association estimates the total losses to be much lower — around $8.5 million — based on poll results among its members.
+
+In January 2024, Polish truckers reached an agreement with the government under certain conditions. Polish farmers also stopped a protest at Medyka after they negotiated a deal with the Polish government. Poland and Ukraine also said that they were close to an agreement on agricultural imports on March 28. However, this does not mean Ukraine will be immune to similar boycotts in the future, which presents an ongoing major risk for Ukrainian trade capacity as road transportation has become increasingly important for Ukraine. Traditionally, even before the full-scale invasion, Ukraine’s border checkpoints leading to the European Union were congested and depleted. In addition, there is still ongoing corruption at Ukraine’s customs, though authorities have been attempting to crack down on high-level officials. These fundamental challenges need to be addressed in addition to future boycotts and protests.
+
+
+### Rail
+
+Along with its seaports and roads, Ukraine has a strong rail infrastructure to transport goods and people — one of the biggest and most resilient in the world. According to Transparency International, before the full-scale invasion, Ukraine’s railway system — controlled by Ukrzaliznytsia (UZ), the country’s state-run rail monopoly and largest employer — was responsible for 60–75 percent of the country’s total cargo turnover, which included all of Ukraine’s major commodities: construction materials, grain, and steel.
+
+Due to the war, almost 6,300 kilometers of track were destroyed. Along with increases in fuel costs and constant rebuilding due to Russian air strikes, the government of Ukraine decided to increase rail tariffs by 70 percent in June 2022 to make the company economically sustainable. This allowed the monopoly to achieve a financial surplus. In 2022, UZ had a deficit of 11 billion hryvnias ($290 million) as the company had to transport humanitarian aid and evacuate 3.7 million Ukrainians for free. In 2023, the situation dramatically changed, and UZ predicted it would reach 7 billion hryvnias ($190 million) in net profit.
+
+In November 2023, UZ transported 14 million metric tons of cargo, a 34 percent increase year over year. About half of this was transported domestically, and the rest was exported (of which 2.4 million was grain). Goods transported via rail today include many of the same transported before the full-scale invasion: construction materials, iron and manganese ore, and coal. What has changed are the volumes and pressure on the railway system. During war, these volumes can vary dramatically, and there is little consistency with figures (for example, grain transportation will strongly depend on whether Ukraine has the ability to export grain via the Black Sea). Furthermore, cargo routes have changed since the full-scale invasion: whereas before 2022, most of the railway cargo transportation was for domestic trade purposes, the full-scale invasion pushed the railways to fill in the export void for commodities.
+
+However, the rail sector needs reform and much work to attract international companies that could compete with their rolling stock. To reform and liberalize Ukraine’s railway system, the monopoly should become more transparent, unbundle into at least three separate businesses — infrastructure, passenger, and cargo — and uproot corruption, archaic regulation, and inefficient management. Furthermore, Ukraine’s railway infrastructure must meet the requirements of EU directives. Ukraine’s railways should integrate in unison with the Trans-European Transport Network (TEN-T), meaning it will have to solve its gauge issue: Western Europe uses 1,435-millimeter gauge, whereas post-Soviet countries tend to use 1,540-millimeter gauge. Importantly, in coordination with the reform agenda, multilaterals will be valuable partners in providing significant financing to modernize and fix UZ.
+
+
+### Air
+
+Before the 2022 invasion, Ukraine had bustling airport traffic, with Kyiv’s Boryspil International Airport having the highest activity by far, followed by the Lviv Danylo Halytskyi International Airport, Kyiv International Airport–Zhuliany, Odesa International Airport, and Kharkiv International Airport. Ukraine’s airport infrastructure was up and coming since 2014, when Ukraine signed an association agreement with the European Union and has been making it easier for airline businesses — including from the United States — to operate within the country ever since. Ukraine’s airports were mainly active with passenger traffic as well as parcel transportation. Today its commercial air activity is completely on pause, and some have been severely damaged. Until the country’s skies are protected, air travel will not operate throughout the country for civilian transportation, and there is limited opportunity for some airports to be active in delivering cargo.
+
+
+### Short-Term and Longer-Term Solutions
+
+Considering the war is likely to continue, Ukraine’s trade corridors in the short run need to be fully utilized and protected from Russian attacks. In the long term, Ukraine needs to rethink its existing trade corridors and reconfigure its transport and logistics infrastructure toward the EU market.
+
+As such, the European Union has heavily supported Ukraine’s adoption and implementation of the TEN-T proposal, which would incorporate roads, inland waterways, and railways to allow more Ukrainian grain and products to be exported. There has already been €110 billion (around $119 billion) worth of investments completed along the TEN-T, including the interconnectivity of maritime, aviation, and land infrastructure. Many new standards are being optimized for more efficient rail (track speed requirements of 100 kilometers per hour for freight and 160 kilometers per hour for passenger rail), sea (alternative vessel fuels and adequate mooring/resting areas), air (new spaceports), and road transit (safe and interconnected roads to infrastructure), aiming to decrease shipping time and ensure lower carbon emissions. This initiative could create 840,000 jobs and increase EU gross domestic product by 2.4 percentage points. Of the nine TEN-T transportation corridors, four are planned to fully connect with Ukraine by 2030: the North Sea–Baltic corridor, the Baltic Sea–Black Sea–Aegean Sea corridor, the Baltic–Adriatic corridor, and the Rhine–Danube corridor.
+
+
+### Short-Term Solutions
+
+#### Seaports
+
+If Ukraine wants to ramp up its seaport usage, it ultimately needs to deal with Russia’s continuous military threats. In this regard, stronger military protection of the region and active demining of both land and waterways are key measures to improve the security of seaports. Ukraine’s seaports could be propped up by long-range missiles and air defense that will deter Russia’s fleet farther away from Ukraine’s coast. Plenty of evidence shows this has been effective in the past. Furthermore, Ukraine’s inland waterways should be protected and cleared from mines.
+
+Another tool that can enable more trade via Ukraine’s seaports is war risk insurance. Currently, risk management company Marsh McLennan, in collaboration with Lloyd’s of London and the Ukrainian government, created a war insurance facility called Unity, which is meant to provide affordable insurance for grain export from Ukraine’s Black Sea ports. Unity will insure up to $50 million in hull and separate protection and indemnity war risk insurance, which is not a large amount in overall terms for the industry. This is where international financial institutions and development finance institutions could step in to provide additional insurance support. The European Bank for Reconstruction and Development (EBRD) is working on such a scheme, but it is still not operational.
+
+#### Roads and Rail
+
+For roads and railways, there is a need to expedite border crossings. The business communities in both Ukraine and Poland have provided a list of ways to improve border control inspections by removing red tape and providing more transparency. Moreover, joint road checkpoints could be expanded to ease the flow of trucks. The Ukrainian government is already partially engaging in checkpoint expansion: just recently U.S.-based company DAI Global signed a contract with Miyamoto International to modernize crossing points on Ukraine’s border.
+
+Another barrier for both transportation companies is the licensing requirements for international postal carriers. Currently, not all private sector players are allowed to receive licenses for international mail processing centers (IMPCs). The only holders of IMPCs in Ukraine are state-owned Ukrposhta and Ukrainian-Canadian company Rosan (part of the Meest Group), which curtails competition. Resolving this matter would expedite the processing and delivery of packages to and from Ukraine. In addition, Ukraine will have to fully adapt its environmental and licensing regulations for cargo transportation vehicles in line with those of the European Union.
+
+#### Air
+
+Regarding air transport, Ukraine could boost its cargo if its western airports (for example, Lviv and Uzhhorod) are more secure and if air cargo carriers are allowed to operate. This will increase Ukraine’s trade turnover capacity, though air transport cannot fully substitute Ukraine’s road freight because it is a more expensive means of transportation.
+
+Ukraine and the European Union could negotiate air cargo transportation by reopening the Lviv airport as an initial hub, followed by other airports in western Ukraine, which are only minutes away from EU airspace. Such air travel could be accompanied by a commercial air defense dome or a negotiation similar to the Black Sea grain corridor but only for air cargo transportation. Furthermore, if private sector players were allowed to receive licenses for IMPCs, these companies could transport goods via the skies, alleviating some of the cargo burden from the roads and diversifying the means of transportation.
+
+
+### Long-Term Solutions
+
+Along with these short-term measures, Ukraine could envision new and expanded logistics routes to serve trade activity along the EU border. In this regard, EU membership will be a major incentive to improve the transport and logistics network and align regulations and standards to the EU market. To increase trade with the European Union, Ukraine will need to construct new roads, widen existing ones, modernize the railway system, and increase the capacity of the border checkpoints. In the long run, Ukraine will have to prioritize EU accession requirements related to infrastructure, such as TEN-T-related policies and its overall transport policy. However, Ukraine’s progress in this realm so far has been limited.
+
+On road infrastructure, there is still plenty of work to be done to modernize the current system and build new infrastructure. Private capital and Western companies will play a vital role in the reconstruction of Ukraine’s roads. According to a study by the International Finance Corporation and the World Bank, public-private partnerships (PPPs) had the potential to attract approximately $2 billion in road investments from the private sector between 2021 and 2023. Ukraine could also build more roads that lead toward borders with Moldova and Romania. However, highway construction in Ukraine inherited a reputation as one of the most corrupt sectors in transportation. To address this issue, Ukraine has been implementing reforms since 2014 and needs to continue on this path. The Ukrainian government now requires each company that has won a tender must hire an engineer from the International Federation of Consulting Engineers, which provides more professionalism, transparency, efficiency, and accountability to management. Furthermore, the country’s public e-procurement system (ProZorro) has made the bidding procedure for government contracts more transparent. Ukraine has also decentralized its state roads agency, Ukravtodor.
+
+The port infrastructure requires upgrading as well, including dredging and construction of docking sites. Ukraine’s Odesa port infrastructure has ample potential to develop further, as it is connected to the Dnipro River, which has also been majorly underutilized for cargo transportation during the past decades. If Ukraine advances its river infrastructure, it will put less pressure on roads (which are more expensive for the government to maintain) and expand the overall trade capacity. Furthermore, Ukraine has the advantage of having access to the largest EU river, the Danube, which stretches to the largest EU economy — Germany.
+
+In this regard, Romania has become a critical player in exporting Ukrainian grain in the past year, though more investments in Romanian port infrastructure may be necessary if it is to accommodate further increases in the coming months and years. The European Union and the United States have already sent a delegation to visit Izmail, as the port is key to ferrying cargo down the Danube River into Romania, which then transports the grain to Constanta for its journey into the Mediterranean Sea. In addition, maritime insurance needs to be more readily available, along with infrastructure investments in grain storage capacity in Romanian and Moldovan silos, to accommodate the increased fertilizer and grain surpluses inevitable in an unpredictable war.
+
+At the same time, countries bordering Ukraine’s western regions will have to expand their road and rail capacities as well. Land corridors that allow for trucking are still beneficial to exports, and there is a sense of urgency to widen and expand current roads that traverse out toward Moldova and Romania. With support from the European Investment Bank and EBRD, Moldova is also improving its railway network to ease Ukrainian grain shipments through Moldovan roads.
+
+Currently, the freight throughput capacity of rail border crossing points between Ukraine and the European Union is low. This can be resolved by increasing administrative staff (e.g., customs, border police), modernizing equipment, and expanding infrastructure. The European Union has already contributed to the development of Ukraine’s cross-border railway infrastructure via the Connecting Europe Facility. Furthermore, Ukraine needs to have easier access to main EU distribution points such as in the Adriatic and Baltic Seas and at Danube ports.
+
+In parallel to border issues, Ukraine’s rail system requires deep reforms to create a more competitive rail cargo transportation market that corresponds to EU standards. Currently, this is difficult considering the centralized nature of management during war where rail transportation of humanitarian goods and citizens is important for the country’s functioning. However, this does not mean Ukraine cannot start reforming UZ in the meantime. For example, Ukraine could create an independent railways regulator responsible for tariffs and overall regulation of the monopoly. Furthermore, UZ’s activities should eventually be unbundled, since currently, it has a monopoly both within rail infrastructure and within the cargo transit. The latter could be operated by private sector locomotives and transit companies, which would significantly modernize and expand the fleet. Allowing Western companies to enter would also make Ukraine less dependent on Soviet infrastructure and fleet.
+
+Ukraine’s current rail fleet is a remnant of the Soviet Union. Considering the increase of wear and tear on the rail fleet since Russia’s full-scale invasion, Ukraine has not been able to keep up with the maintenance. More than 70,000 (or 70 percent) of UZ’s wagons have expired their service life, a quarter of which are in critical condition. Western companies specializing in the mechanical management of rail systems could play a significant role in modernizing Ukraine’s rail. In addition, a key problem is that the European Union and Ukraine use different gauges and wagon types, which limits the number of wagons Ukraine can use. A short-term solution could be the construction of multimodal cargo terminals located close to EU borders to convert Ukrainian rail gauge to EU gauge. Such locations can also be industrial and manufacturing hubs.
+
+Ukraine’s long-term reforms should prioritize the independence of industry regulators to ensure the market is fair and competitive. This will significantly strengthen Ukraine’s image in front of investors. As discussed, PPPs will be an important tool in attracting private investment in infrastructure. Ukraine’s lawmakers have been working on reforming Ukraine’s PPP legislation to make partnerships more transparent and create a more competitive business environment. This tool can be applied toward highway development, as done in many other countries.
+
+
+### Conclusion
+
+Ukraine’s ability to trade will remain restricted as long as the Russian military threats remain high. Of the numerous challenges Ukraine faces with trade corridors, one of the primary priorities is to find solutions to protect Ukrainian ports from Russian missile strikes. Second, railways and roads need to be upgraded. Although imperfect substitutes for the existing port infrastructure, railway and road infrastructure must be modernized to complement seaport trade.
+
+Ukraine’s vision for its economy and its future drivers will also help define the nature of its transportation network. Will the economy produce and export at higher levels than those before the full-scale invasion? Will Ukraine add more value to its raw materials and export finished goods, or will it continue to be primarily a commodity exporter? Ultimately, Ukraine’s infrastructure modernization will be intimately linked to the country’s EU accession path.
+
+---
+
+__Romina Bandura__ is a senior fellow with the Project on Prosperity and Development and Project on Leadership and Development at the Center for Strategic and International Studies (CSIS) in Washington, D.C.
+
+__Ilya Timtchenko__ is a program manager and research associate with the CSIS Project on Prosperity and Development.
+
+__Benjamin Robb__ was an intern with the CSIS Project on Prosperity and Development.
diff --git a/_collections/_hkers/2024-04-09-chip-export-control.md b/_collections/_hkers/2024-04-09-chip-export-control.md
new file mode 100644
index 00000000..08765c47
--- /dev/null
+++ b/_collections/_hkers/2024-04-09-chip-export-control.md
@@ -0,0 +1,546 @@
+---
+layout: post
+title : Chip Export Control
+author: Barath Harithas
+date : 2024-04-09 12:00:00 +0800
+image : https://i.imgur.com/e5aKms9.jpeg
+#image_caption: ""
+description: "Mapping the Chip Smuggling Pipeline and Improving Export Control Compliance"
+excerpt_separator:
+---
+
+_Export control evasion of controlled chips is a known concern, but the specifics of this activity are opaque. In addition, a systematic analysis of the entire chip smuggling pipeline, from initial procurement to unlawful distribution, remains conspicuously absent._ _This study aims to bridge that methodological gap. It dissects the smuggling pipeline into four distinct stages: (1) initial procurement; (2) evasion of customs controls; (3) port exit; and (4) transshipment._
+
+This report advocates for a first-principles approach in assessing export control evasion risks. Estimates should be anchored on specific vulnerabilities within the supply chain and actual smuggling tactics. To this end, this report identifies 11 potential tactics across the smuggling pipeline. It finds that export control evasion is likely more prevalent than suspected due to an underappreciation of the range and dimensionality of individual smuggling tactics. Importantly, the compounding risk profile that emerges when multiple tactics are layered together is underestimated.
+
+Crucially, this report observes that as soon as illicit goods depart the port of origin and get buried in transshipment networks, untangling the knotted snarl becomes impractical. As such, policymakers should focus on interventions upstream in the smuggling pipeline. In addition, this report suggests a reorientation in how export control compliance should be approached. Rather than fixating on who to bar from the game, regulators should shift their focus toward who gets to play, moving from a system of exclusion based on the reactive blacklisting of suspicious entities to a system of inclusion built on preapprovals. This will be implemented through a series of policies that will sequentially disable each part of the smuggling pipeline before the illicit cargo can depart the port of origin: (1) a certification program during initial procurement to create a marketplace of trusted sellers and increase compliance know-how; (2) the use of digital waybills to reduce documentation fraud and facilitate traceability in order to address evasion of customs controls; and (3) the use of preapproved logistics providers, tagged at the point of sale, to inoculate against the risk of illicit diversion when exiting a port. Logistics providers will be mandated to report to the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) monthly on any consignments not received within a specified timeframe of two to four weeks, pinpointing suspicious entities and facilitating targeted and timely spot checks by the BIS on vendors identified as potential weak links.
+
+This is ultimately how the United States wins the proverbial “whack-a-mole” game, where smuggling networks surface momentarily, vanish, and reemerge elsewhere as quickly as they can be identified. First, it limits the number of tunnels made available to the moles. This will be operationalized through a stringent preapprovals regime that only permits thoroughly screened chip sellers and logistics providers to operate. Second, by collaborating with partner countries, the United States multiplies the hammers in play, to collectively flush the quarry out of the remaining tunnels. This step can be functionalized through dedicated regional units comprising a few experts from the BIS, along with secondees from individual customs authorities, to strengthen intelligence sharing, risk profiling, interdiction, and investigation competence. Lastly, through the use of modern analytics software, third countries can better and more reliably predict where and how the remaining moles will appear. Collectively, these efforts will allow the United States to reclaim control over the rules of the game and tilt the odds in favor of success against slippery evasion strategies.
+
+
+### Introduction
+
+The prevailing overconfidence in the efficacy of export controls for chips, guided by the “chokepoint theory,” and the related underestimation of export control evasion, first proceeds from an incomplete and cursory understanding of individual smuggling tactics. This is the case for even well-known methods such as the use of shell companies and transshipment networks. For example, the former may be supplemented by front and shell companies and the activation of dormant shelf companies. This defense-in-depth approach makes quick detection and punitive action far more difficult. Similarly, the transshipment challenge extends beyond the circuitous routing of illicit consignments through multiple third countries to muddy the trail. Along the way, smugglers also often utilize multimodal tactics combining air, sea, and land to further confound tracking efforts. In this manner, smugglers exploit regulatory arbitrage not only across different jurisdictions, but also between siloed domestic authorities.
+
+And this only scratches the surface. This report further considers nine other smuggling tactics, ranging from the pedestrian, such as utilizing human carriers or mules and concealing chips in ordinary commodities, to progressively more difficult-to-detect methods such as embedding chips in electrical products, disassembling chips, contaminating container cargo, and even using small submersible vessels. While the last suggestion appears fantastical, a study in the 2000s estimated that “narco-subs” accounted for one-third of maritime cocaine trafficking between South America and the United States.
+
+All of these graft onto the fact that chips are particularly amenable to smuggling. Unlike semiconductor manufacturing equipment — which is large, produced in low quantities, sold at extortionate prices, and requires significant amounts of post-sales support — chips are portable enough to fit in a shoe box, are produced in the millions, are high cost but not prohibitively so, and require little to no post-sales support whatsoever. For comparison, a single state-of-the-art extreme ultraviolet (EUV) lithography machine costs $350 million and requires 13 truck-sized containers and 250 crates for transportation. Meanwhile, an H100 chip costs roughly $40,000 and is sufficiently compact that 609 of them can be hidden within a single small freight box.
+
+In addition, while this report provides a primer on tactics that may be used, given the dizzying profit margins to be made, these are likely only the tip of the iceberg. Take a hypothetical example of an H100 being sold in the black market at three times its retail value, for a markup of an additional $80,000 per chip. If a smuggler sells ten chips, they start to skirt the edges of a millionaire’s lifestyle; if they sell a thousand, they are elevated from nouveau riche to the landed gentry. There are few greater motivators for the imagination than greed, and policymakers should not underestimate that ancient playwright. As a result, customs officials are always working off a playbook that does not accurately render both the range and dimensionality of smuggling tactics.
+
+Furthermore, the depths of what makes the smuggling enterprise so difficult to detect have scarcely been grazed. The principal challenge of intercepting smuggling operations is not related to the difficulty of detecting individual tactics per se. Rather, it arises from a variety of tactics being combined with one another in a complex chain of overlapping mini-sequences, with tactics recalibrated and refined at each transshipment point. Each supplemental tactic and layer of obfuscation compounds the risk profile. Even if each individual tactic has a seemingly manageable risk of detection, by threading through interstitial gaps at each vulnerability and layering tactics as the context demands to always seek the path of least resistance, the compounding probability of evasion by smugglers drastically increases.
+
+Accordingly, the risk profile for export control evasion does not scale linearly. All else equal, it surges almost exponentially with the length and complexity of the smuggling sequence. It should be qualified that a single weak point, such as a poorly forged document or an improperly concealed illicit item, can compromise the entire operation. But given the high stakes and margins of the operations at play here, it is reasonable to expect that the smuggling syndicates involved are at least half-competent and, with the attacker’s advantage, are more likely than not to evade detection.
+
+Laslty, because chips command the forefront of innovation, there is a reflexive instinct to assume that any chip-related challenge, including the bypassing of export controls, demands a similarly high-tech remedy. Without discounting the merits of technical interventions, this report suggests that instead of centering chips as the primary object of attention and smuggling as the backdrop, the reverse may be more instructive. By focusing on smuggling rather than technology, it becomes apparent that chip smuggling will likely not be entirely different from the trafficking of drugs or conflict diamonds, and is beholden to similar attributes, such as compactness, ease of concealment, and unit economics. Importantly, the factors facilitating evasion are steadfastly pre-modern. Seven out of the eleven tactics highlighted in this report hinge on the human element (e.g., bribery) and poor customs infrastructure. Chip smuggling is not a novel issue, but the age-old story of traditional contraband. As such, policymakers should be attentive to the persistent points of failure and timeworn tactics that have sustained this industry.
+
+
+### Methodology
+
+This report puts forward an alternative methodology for assessing export control evasion risks. The traditional approach leans on historical analogues, such as Russia’s circumvention of U.S. export controls for semiconductors following the invasion of Ukraine. While useful, particularly in the absence of reliable information, such approaches are inherently limited and risk overextending region-and country-specific factors.
+
+This report advocates for a first-principles approach. It suggests that estimates for export control evasion be anchored on specific vulnerabilities within the supply chain and potential smuggling tactics. This not only promotes a more grounded representation of the evasion landscape but also equips stakeholders with a more precise and actionable framework.
+
+Each method is scrutinized to assess the likelihood of successful evasion (classified as low, medium, or high), pinpointing specific facilitators or barriers to success. This analysis is further supported with real-world case studies and hypothetical scenarios to illustrate each technique in practice. The report thereafter identifies key conclusions and policy recommendations aimed at improving existing control mechanisms.
+
+
+### The Export Control Evasion Pipeline
+
+This section explores the four elements of the export control evasion pipeline — (1) initial procurement, (2) evasion of customs controls, (3) port exit, and (4) transshipment — and component tactics and strategies within each category. Table 1 provides a short summary of each area, as well as the probability for each of evading detection. The rest of the section then unpacks each element in greater detail.
+
+
+_▲ __Summary of the Export Control Evasion Pipeline and Key Takeaways.__ Source: Author’s analysis._
+
+#### Stage 1: Initial Procurement
+
+Major chipmakers do not engage in direct sales to businesses. NVIDIA, for instance, routes sales through official distributors and authorized original equipment manufacturers (OEMs) and resellers. To demonstrate just how few of these entities exist, Japan, which has the largest NVIDIA sales presence in the Asia-Pacific, only has five official distributors, three authorized OEMs, and ten authorized resellers. Account managers at these intermediaries typically adhere to strict Know Your Client (KYC) procedures and assess non-association with parties on blacklists.
+
+__THE USE OF FRONT, SHELL, AND SHELF COMPANIES__
+
+Buyer screening relies heavily on the accurate identification of the real end user. As such, smugglers often use front and shell companies with stand-in directors or shareholders to obscure the ultimate beneficiaries. They then misrepresent the intended recipient to bypass export licensing requirements, especially for countries that face a presumption of denial. In addition, by activating long-standing but dormant shelf companies, smugglers further complicate the task of differentiating between legitimate and deceptive transactions.
+
+_Likelihood of Evading Detection: Medium–High_
+
+- __Human Detection: High__
+
+ This defense-in-depth approach limits the effectiveness of even the most stringent KYC procedures, creating a disorientating maze of corporate entities that sellers must attempt to understand. Moreover, as soon as an actionable level of suspicion can be established, these companies are torn down as quickly as they were propped up. This makes quick detection and punitive action far more difficult, contributing to the proverbial “whack-a-mole” situation.
+
+- __igital Detection: Medium–High__
+
+ Large distributors, resellers, and OEMs often incorporate advanced KYC and Enhanced Due Diligence (EDD) tools that look beyond surface-level information, delving into the origins, financial flows, and relationships of entities.
+
+ However, there are always workarounds. A practiced shell company might (1) conduct some legitimate business activities to establish a trail of normal commercial transactions; (2) utilize informal banking systems that are not integrated with international banking protocols for illicit transactions; and (3) generate high-quality fabricated business records and financial statements that can withstand scrutiny by standard document verification processes.
+
+ Ultimately, the efficacy of advanced digital KYC and EDD systems rests on the integrity of the data they analyze. Compromised or fabricated data can undermine the ability of these systems to identify and flag suspicious entities.
+
+> #### HYPOTHETICAL SCENARIO 1
+> #### Operation of a Global Network of Front, Shell, and Shelf Companies
+
+> Entity Y with ties to the defense sector in Regime X may establish a front company in another country alongside various affiliates of the shell company in third countries. It may also use a shelf company, alongside the front company, to further muddy the trail.
+
+> Procurement agents, operating covertly on behalf of Entity Y, will orchestrate purchases of chips by the front or shelf company, which receives funding from a shell company’s foreign bank account and in turn transmits funds through a U.S. correspondent bank account to the supplier.
+
+> Moreover, the front or shelf company may order and receive chips from multiple suppliers. In order to avoid drawing attention with large transactions, it will conduct numerous below-threshold transactions that avoid triggering transaction alerts, gradually accumulating significant holdings.
+
+> The company will then route the goods to Regime X, often through permissive jurisdictions such as known transshipment points.
+
+> #### `CASE STUDY 1`
+> #### `Smuggling U.S. Microelectronics to Post-sanctions Russia`
+
+_`Arthur Petrov, a 33-year-old dual citizen of Russia and Germany, was arrested on August 26, 2023, for his involvement in a scheme to illicitly transport U.S. microelectronics technology, which has military uses, to Russia.`_
+
+_`Petrov procured the controlled microelectronics from U.S.-based electronics exporters using a Cyprus-based shell company, Astrafteros Technokosmos LTD (Astrafteros), which he operated.`_
+
+_`Petrov misled U.S. suppliers by claiming that Astrafteros was acquiring the components for use in fire safety systems and other civilian applications, asserting that the final recipients and locations for these items were companies in Cyprus or other third countries. In reality, however, these sensitive electronics were intended for Electrocom in Russia, a company that provides equipment to Russian military manufacturers.`_
+
+__ACQUIRING EXCESS STOCK FROM SMALLER RESELLERS AND OEMS__
+
+Official distributors and authorized resellers and OEMs often purchase excess stock due to bulk discount incentives or to preempt potential shortages. Leading-edge chips such as NVIDIA H100s, facing tight demand-supply constraints, are unlikely candidates for stockpiling.
+
+It is worth noting, however, that following the October 17, 2023, export controls update, controlled chips now also include high-end gaming chips and lower-performing data-center chips. Surplus stock from this expanded category may occasionally be offloaded to smaller resellers or OEMs, who may not enforce stringent KYC protocols compared to larger, established distributors. These are consequently attractive targets for smugglers.
+
+_Likelihood of Evading Detection: High_
+
+- __Human Detection: High__
+
+ Industry insiders note that these lesser-known distributors may not rigorously enforce KYC procedures. This is not driven by conspiratorial intent, but simply due to a lack of capacity and an experience deficit. Smaller resellers lack the financial and human resources to invest in rigorous training for compliance and do not have the extensive experience of larger distributors, which is crucial for spotting sophisticated evasion tactics.
+
+- __Digital Detection: High__
+
+ As previously mentioned, there are advanced KYC and EDD tools available, but these are costly and typically out of reach for smaller resellers and OEMs in developing countries. In addition, unlike larger distributors and OEMs such as Dell or Fujitsu, they likely do not have access to databases that aggregate global information, which is necessary for effective digital scrutiny.
+
+#### Stage 2: Evasion of Customs Controls
+
+The range of tactics to sidestep customs can be broadly collapsed into one key facilitating factor — bribery — and four primary strategies: (1) utilizing human carriers, (2) concealing chips in ordinary commodities, (3) concealing chips in electrical products, (4) disassembling chips.
+
+__BRIBING CUSTOMS OFFICIALS__
+
+Corruption can facilitate several smuggling tactics. Smugglers may bribe customs officials to provide insider information on shift patterns, inspection routines, or red flags officials look for; turn a blind eye to falsified documents; or even digitally manipulate or alter customs records.
+
+_Likelihood of Evading Detection: High_
+
+- __Susceptibility of Customs Officials: High__
+
+ Smugglers often have an in-depth understanding of which countries are more susceptible to corruption. As a result, they are likely to exploit customs officials in developing countries, who are often paid meager salaries. For example, a customs inspector in Cambodia, which is the second-poorest country in Southeast Asia by GDP per capita, is paid an average salary of $6,635 per year, which works out to $553 per month. According to an Economist Intelligence Unit report, it is not uncommon for frontline border officers in less developed economies in Asia to make $100 a month.
+
+ This is not a depressed outlier number supplied to advance this point. For reference, a customs inspector in Malaysia, which is the third-richest country in Southeast Asia by GDP per capita, is still only paid an average salary of $9,336 per year, which works out to $778 per month. Accordingly, officials are less likely to be susceptible to bribery in a country such as Singapore, the richest country in Southeast Asia by GDP per capita, which has a strong anti-corruption culture and where customs inspectors are paid an average salary of $28,979 per year, or $2,415 per month.
+
+__UTILIZING HUMAN CARRIERS__
+
+At first glance, the use of carriers, or “mules,” might seem rudimentary, but it is worth analyzing both for completeness and its continued prevalence. This tactic has the highest likelihood of detection and is not the most efficient method for smuggling at scale.
+
+_Likelihood of Evading Detection: Low_
+
+- __Human Detection: Low__
+
+ Border control screeners, faced with the overwhelming task of screening thousands of travelers, can only scrutinize a fraction in detail. However, the uniformity of the standard security protocol and internal intelligence provides a counterbalance to this challenge.
+
+ Seasoned border control screeners are also trained to observe behavioral cues, body language, inconsistencies in travelers’ responses, and other subtle indicators that might hint at deceptive activities.
+
+- __Machine Detection: Low__
+
+ Full-body scanners (e.g., millimetre-wave scanners) can detect metallic and non-metallic objects as well as items hidden under clothing. However, they do not penetrate the skin and as such are unable to detect illicit goods hidden within body cavities. But unlike contraband such as drugs or conflict diamonds, hiding sensitive electrical products within body cavities may be impractical as chips, especially those on boards, are too rigid and large to be concealed in this manner and the functionality of the chips can be compromised.
+
+> #### `CASE STUDY 2`
+> #### `Trafficking of CPUs in Gongbei Port, Macau`
+
+_`In March 2023, a smuggler was caught at Gongbei Port, the entry point from Macau to China, with 239 central processing units (CPUs) wrapped around his abdomen and legs.`_
+
+_`Customs officials became suspicious due to his ill-fitting black clothing and strange gait. The CPUs were confiscated, and the man was detained.`_
+
+__CONCEALING CHIPS IN ORDINARY COMMODITIES__
+
+This tactic is a play on misdirection. Customs officials rely on the accuracy and integrity of declared goods to efficiently process vast quantities of imports and exports.
+
+A Harmonized System (HS) code (see box below) serves as a beacon, directing authorities’ attention and shaping their expectations about a product. The use of incorrect HS codes effectively hides contraband in plain sight, making it appear as routine cargo. This makes smuggling detection an even bigger needle-in-a-haystack challenge.
+
+> #### Primer on Harmonized System Codes
+
+> The Harmonized System (HS) is an international framework that assigns standardized codes to traded products, facilitating global trade classification. The HS code classification is illustrated below using semiconductors as an example.
+
+> An HS code is a six-digit number, structured in three parts:
+
+> 1. The first two digits (HS-85) indicate the general category or chapter. For example, 85 pertains to “Electrical Machinery and Equipment and Parts Thereof.”
+> 2. The subsequent two digits (.42) pinpoint subcategories within that chapter. Taking the earlier example, 85.42 specifies “Electrical Integrated Circuits; Parts Thereof.”
+> 3. The final two digits (.31) provide even greater detail. For instance, 85.42.31 is reserved for “Processors and Controllers.”
+
+Accordingly, controlled chips can be hidden in almost any conceivable manner. Semiconductors (HS 85.42.31) could be concealed in a bag of rice (HS 10.06.30), hermetically sealed in a barrel of crude oil (HS 15.15.11), or simply hidden in a consignment of electronic waste (HS 85.49.39).
+
+_Likelihood of Evading Detection: Medium–High_
+
+- __Human Detection: Medium–High__
+
+ The vast majority of customs checks are routine. Ordinary commodities are handled with a cursory, less suspicious eye with customs officers inadvertently adopting a pattern of expedited checks for such goods.
+
+ Even well-trained officers might miss chips adeptly hidden within routine shipments, especially if the overall shipment does not raise suspicions. Additionally, the compact size of chips makes this a “needle-in-a-haystack” challenge. A smuggler could discreetly hide as many as 609 H100 graphics processing units (GPUs) in just one small FedEx freight box, which would be outwardly indistinguishable from other identical boxes.
+
+ However, many customs personnel are trained to recognize common smuggling tactics and are aware of the propensity to hide illicit goods in everyday shipments. As a countermeasure, random intensive checks are conducted, even on seemingly mundane shipments. In addition, customs officials have databases that store information on previous shipments. As a result, a sudden change in the pattern, frequency, or nature of shipments from a particular company or to a particular address can raise suspicions.
+
+- __Machine Detection: Medium__
+
+ While the dimunitive size of GPUs can make them nearly imperceptible, especially when masked among bulkier items, they are still likely to show up on modern X-ray scans. X-ray and scanning technologies are also continually improving. Dual-energy X-ray systems can distinguish between organic and inorganic materials, potentially flagging a semiconductor hidden within a bag of rice.
+
+> #### `CASE STUDY 3`
+> #### `Concealment of Intregrated Circuits in a Wood Pulp Consignment`
+
+> _`In June 2023, Hong Kong customs officers seized $153.4 million worth of new integrated circuits stashed in 15 shipping containers. X-rays of the 15 containers, declared to be carrying wood pulp, revealed suspicious images. Two boxes containing wood pulp were placed at the top of each container, underneath which contraband items were stored.`_
+
+__CONCEALING CHIPS IN ELECTRICAL PRODUCTS__
+
+Smugglers may disguise chips within the casings of other electronics such as power supply units or modified computer cases, which would naturally house similar-looking circuitry and components. More concerning, however, is the potential concealment of GPU servers within high-performance workstations or even commercial servers.
+
+Here, GPU servers, which are crucial for enabling high-performance computing with minimal latency at the data-center scale, could be made to look like standard, non-descript internal components and will be less likely to arouse suspicion than when hidden within ordinary commodities.
+
+_Likelihood of Evading Detection: Medium–High_
+
+- __Human Detection: Medium–High__
+
+ Everyday electronics are likely to experience relatively expedited checks. Unless specially trained, officers may overlook embedded chips in an otherwise ordinary-looking electronics product, especially if there is no external indication of tampering. However, some major customs checkpoints could employ electronics experts for random reviews. These experts, familiar with the architecture of common devices, might spot irregularities.
+
+ If customs receives a tip or is randomly conducting in-depth inspections, the physical feel, weight, or even the boot-up process of a tampered laptop, for example, could give away the presence of an embedded chip.
+
+ Moreover, as previously mentioned, customs officials have databases that store information on previous shipments, and sudden changes to the pattern, frequency, or nature of electronic shipments could be a red flag.
+
+- __Machine Detection: High__
+
+ Even with X-ray inspections, the embedded chips will appear like integral components, effectively camouflaged among the device’s internal components. However, laptops or devices embedded with non-standard components might produce more heat or even specific sounds under operation. Such differences, if detected, could alert inspectors during a power-on test.
+
+__DISASSEMBLY OF CHIPS__
+
+Smugglers could deconstruct chips into their constituent parts, which are no longer classified as controlled chips by HS code, effectively bypassing export controls. This would mostly be used for the purposes of reverse-engineering advanced chips, as the process of disassembling or delayering a chip is damaging. Once a chip undergoes this process, it likely cannot be restored to its original functional state.
+
+> #### Hypothetical Scenario 2
+> #### Disassembling Chips
+
+> Technically, a chip can be disassembled, but not in the traditional sense of taking apart larger mechanical assemblies. Instead, “disassembling” a semiconductor chip usually involves chip “decapsulation” and “delayering.” It is typically done for purposes such as failure analysis, competitive analysis, research, and intellectual property verification.
+
+> First, the protective package needs to be removed through decapsulation. This can be done one of two ways:
+
+> 1. Chemical decapsulation, which uses strong acids or bases to dissolve the package
+> 2. Mechanical decapsulation, which involves grinding, polishing, or cutting away the package
+
+> Delayering describes the process by which the many layers of an integrated circuit can be removed one by one. This process can involve various methods:
+
+> 1. Wet etching, where the chip is dipped in specific chemicals to dissolve certain layers while leaving others intact
+> 2. Dry etching, which uses plasma or ions to selectively remove layers
+> 3. Mechanical polishing, which uses very fine abrasives to polish away the top layer without damaging the underlying structures
+
+_Likelihood of Evading Detection: High_
+
+- __Human Detection: High__
+
+ Disassembled semiconductor components, if high in volume and lacking distinctive, recognizable features, may not raise suspicions or warrant detailed inspection against their declared descriptions, particularly when inspections are based on random sampling or partial checks of shipments. As the smuggling technique becomes known, customs may employ experts to recognize disassembled chips, although there will be a time lag.
+
+- __Machine Detection: High__
+
+ Standard X-ray examinations would merely reflect components as inconspicuous, smaller semiconductor fragments, bypassing customs scrutiny.
+
+#### Stage 3: Port Exit
+
+There are a range of tactics smugglers use, but three are worth highlighting: (1) leveraging private couriers; (2) contaminating containger cargo; and (3) use of submersible vessels.
+
+__LEVERAGING PRIVATE COURIERS__
+
+Smugglers often prefer private courier services, which typically apply less rigorous inspection protocols than major, well-established companies. Smaller private couriers might be more susceptible to inducements or bribes due to the nature of their operations and potential financial pressures. In contrast, established logistics providers have more to lose and are less likely to risk severe penalties or reputational damage for illicit gains.
+
+Larger companies also adhere to predetermined routes, minimizing the chances of clandestine diversions that could be used to bypass regulatory checkpoints. Moreover, they often partake in collaborative platforms that allow for real-time information sharing with customs and other regulatory authorities, fostering an environment of cooperation and compliance.
+
+Moreover, established logistics providers have more compliance capabilities at their disposal. Larger companies utilize advanced package screening technologies. They also maintain thorough and standardized document verification procedures, employing expert personnel trained to detect discrepancies that may indicate smuggling. For instance, global logistics giants such as UPS engage security vendors for the express purpose of screening cargo items (see below).
+
+
+_▲ __UPS Cargo X-Ray Screener Job Ad.__ Source: The posting is no longer online but was available at [“Jobs & Careers: Cargo Screener,” UPS, September 2023](https://www.jobs-ups.uk/job/stansted-mountfitchet/cargo-screener/20477/54285091248)._
+
+_Likelihood of Evading Detection: Medium–High_
+
+- __Initial Detection Prior to Leaving Port: High__
+
+ There are a number of tools that private couriers, unlike major global logistics companies, do not have:
+
+1. Advanced inspection equipment, which results in less detailed or less accurate scans, potentially allowing contraband to pass through undetected
+
+2. Standardized operating protocols, leading to variability in the depth and thoroughness of inspections
+
+3. Comprehensive training programs or intelligence sharing on emerging threats, which can lead to oversights or missed cues of smuggling activity
+
+ In addition, private couriers, especially smaller-scale operations, may be more vulnerable to internal collusion or corruption.
+
+- __Subsequent Detection: Medium–High__
+
+ Smugglers could use less-traveled maritime routes to sidestep routine patrol routes. Furthermore, the compact size of their vessels might make them less detectable in open waters, providing an edge in evasion. However, private couriers, being lesser-known entities compared to giants such as UPS, might be viewed with a greater degree of suspicion by maritime patrols, leading to more frequent random inspections.
+
+__CONTAMINATING CONTAINER CARGO (“RIP-ON, RIP-OFF” METHOD)__
+
+One concealment strategy frequently employed by drug syndicates, especially from Brazil, involves exploiting legitimate, often containerized shipments. In this method, illicit cargo is secretly added to a legitimate shipment without the knowledge of the shipper or consignee. According to TradeWinds, the world’s biggest shipping news service, “drug traffickers can open a shipping container and remove a 100-kilogram consignment of cocaine in as little as three minutes.”
+
+For the strategy to work, collaboration is necessary at both the origin and destination. At the departure dock, the insertion or “rip-on” team introduces the illicit goods into the selected container. To mask any interference, they frequently replace the genuine security seal with a counterfeit. At the destination port, retrieval of the concealed items is crucial. This is either done by compromised port staff or by specialized extraction or “rip-off” teams who infiltrate the terminal. After this operation, the container might be either left unsealed or be relocked with another duplicate seal. Locating such containers in large terminals is a challenge. Simply knowing the container identification number is insufficient; it must also be easily reachable, which often demands insider help to adjust the placement of the container.
+
+> #### `CASE STUDY 4:`
+> #### `“Rip-On, Rip-Off” Cocaine Container Bust at Port Botany`
+
+_`Authorities detained two individuals in Sydney following the discovery of 120 kilograms of cocaine, valued at approximately $60 million, concealed within a shipping container they were attempting to break into.`_
+
+_`The pair from Athens were suspected to be local operatives involved in a compromised “rip-on, rip-off” narcotics trafficking scheme. The police interception was prompted by a reported break-in at a Port Botany logistics firm, situated in the vicinity of Sydney’s main maritime terminal, where they uncovered 120 bricks of cocaine, each weighing one kilogram.`_
+
+_Likelihood of Evading Detection: High_
+
+- __Initial Detection Prior to Leaving Port: High__
+
+ By embedding illicit items within genuine shipments, the chances of arousing suspicion are reduced. Since the original shippers and consignees are typically unaware that their containers are being used for smuggling, their documentation and behavior do not raise red flags. With the right network and bribed officials, the drugs can be successfully loaded onto containers without drawing attention.
+
+ However, the process of breaking and replacing the container seals, even if replaced with duplicates, can sometimes be detected if the seals are not placed correctly or if there are visible signs of tampering.
+
+- __Subsequent Detection: High__
+
+ If smugglers successfully load chips onto containers of a reputed logistics provider, the odds of detection decrease significantly for several reasons. First, large logistics providers have built a trustworthy reputation over years, and maritime authorities are less likely to scrutinize these companies as intensely as smaller or less-known shippers. Second, if smugglers manage to bypass the advanced security measures of reputed logistics providers, it may create a false sense of security for officials. However, there are still risks from intelligence tip-offs.
+
+__USE OF SUBMERSIBLE VESSELS__
+
+Drug smugglers have been known to use smaller semi-submersible and even fully submersible vessels, particularly from South America to the United States, to evade radar and visual identification.
+
+Data from the European Monitoring Centre for Drugs and Drug Addiction suggests that larger crewed vessels can transport as much as eight tons of cocaine, a load potentially valued at over $1 billion. According to Colombian navy estimates, the average cost to the drug smugglers for one of these boats is just under $1 million, making this a potentially higly profitable smuggling method.
+
+_Likelihood of Evading Detection: High_
+
+- __Initial Detection Prior to Leaving Port: High__
+
+ Chips are precision engineered and susceptible to environmental factors. Loading them onto submersible vessels demands specialized handling and extended timeframes, necessitating remote loading locations. Countries with sprawling coastlines, underdeveloped maritime infrastructure, and often lax maritime surveillance offer numerous such potential locations.
+
+ However, major ports are equipped with comprehensive CCTV systems, frequent patrols, and stringent entry and exit procedures. Any unexpected loading activities, especially involving atypical vessels such as submersibles, would likely raise alarms.
+
+- __Subsequent Maritime Detection: High__
+
+ In addition to having a low radar signature and being able to submerge quickly when maritime enforcement is detected, submersibles, especially those used in illicit activities, are engineered to be as stealthy as possible. The following are examples of such measures:
+
+1. A reduced acoustic profile (e.g., quieter engines, vibration-damping materials, streamlined shapes) to evade passive sonar systems
+
+2. Air-independent propulsion systems to reduce heat emissions
+
+3. Remote guidance or onboard autonomous systems, which allow them to run riskier routes and further reduce their acoustic profile (e.g., no need for life-support systems)
+
+In addition, they often employ advanced logistics tactics, such as deploying a network of fishing vessels to alert crews about nearby patrols or utilizing offshore refueling vessels to bypass coastal areas.
+
+> #### `CASE STUDY 5`
+> #### `Narco-Submarines in Costa Rica`
+
+_`During the 1980s, go-fast boats were the smuggling vessel of choice in many parts of the world. Go-fast boats became more vulnerable to radar detection as radar technology improved, leading to the development of semi-submersibles.`_
+
+_`In the 1990s, there were rumours that smugglers were using vessels that were nearly fully submersible to reduce detection by visual, radar, sonar, or infrared systems. However, it was only in 2006 that the U.S. Coast Guard successfully seized a 50-foot narco-submarine with three tons of cocaine some 166 km southwest of Costa Rica.`_
+
+#### Stage 4: Transshipment
+
+Upon leaving the initial port, smugglers may redirect the chips for consistency to a third country where customs controls are less stringent. To further obfuscate the trail, they often engage various intermediaries, utilize diverse transportation methods, and transship the chips through multiple countries, further muddying the trail (see Hypothetical Scenario 3).
+
+> #### Hypothetical Scenario 3
+> #### A Sample Transshipment Journey
+
+> __Country A → Country B__
+
+> __Diversionary Tactic:__ Smuggler X first moves the chips overland to Country A, classifying them as generic computer parts for a technology roadshow in a provincial city. In reality, they never make it there. They are rerouted to a small coastal village and loaded onto a fishing vessel.
+
+> __Country B → Country C__
+
+> __“Lost Cargo” Tactic:__ Near Country B, the chips are reportedly “lost at sea.” Instead, they are actually anchored and buoyed just beneath the surface, waiting for retrieval by another party. A recreational diving group (in on the operation) “discovers” the “lost cargo.” They retrieve it and bring it to a port in Country C.
+
+> __Country C → Country D__
+
+> __Shell Companies and Ghost Transactions:__ In Country C, a shell company purchases the “recovered treasure” and then sells it to another entity in Country D as antique electronics for collectors.
+
+> __Country D → Country E__
+
+> __Container Mixing:__ Once in Country D, the chips are embedded within laptops. The products (and chips hidden within) are loaded into containers and shipped to Country E with proper customs declarations for electronics.
+
+> __Country E → Country F__
+
+> __Trade Show:__ Upon arrival in Country E, the chips are quietly retrieved and repackaged inside dummy prototypes of new technology devices. A buyer from Country F visits the trade show and purchases these prototypes as cutting-edge technology from Country E.
+
+> __Country F → Country G__
+
+> __Extraction of Chips:__ Here, the chips are extracted by an intermediary agent and sent to Country G.
+
+> __Country G → Country H__
+
+> __Final Journey Overland:__ The final purchaser, having trustworthy trade relations with Country H, sends the devices overland.
+
+_Likelihood of Evading Detection: High_
+
+- __Cumulative Detection: High__
+
+ The use of multiple third countries as transit points compounds the difficulty of detecting illicit cargo. Even if each individual country has a seemingly manageable risk of detection, by exploiting interstitial gaps between each transit point, the cumulative probability of evasion drastically increases.
+
+ Transshipment is not just about the simple math of probabilities. It is about deliberately and tactically manuevering through a patchwork of customs controls, always seeking the path of least resistance and exploiting the unevenness of the regional and international enforcement landscapes.
+
+
+### Key Observations
+
+#### Early interdiction is more effective than reactive enforcement.
+
+Studying the pipeline of export control evasion (see Table 1), there is a noticeable increase in the difficulty of detecting evasion tactics from Stage 1 (the initial procurement of chips) to Stage 4 (the transshipment phase). As soon as illicit goods depart the port of origin and get funneled through transshipment networks, the supply chain becomes a tortuously fragmented puzzle. Untangling this knotted snarl often requires vast resources, regional and international cooperation, and, often, specific intelligence, making the task daunting for even the best-equipped customs and enforcement agencies. A superior approach is therefore to focus on mitigating export control evasion risks upstream rather than downstream. To the extent possible, it is necessary to dam the river at its source, as neglecting to do so allows the stream to branch out unpredictably.
+
+#### Focus should be placed on improving detection capabilities in third countries, not just BIS enforcement.
+
+Most extant proposals focus on increasing the BIS’s resources to enhance its enforcement capabilities. But if detection precedes enforcement, and if the challenges of doing the former are non-trivial, then perhaps these efforts are putting the horse before the cart. Moreover, given how understaffed and underinvested the BIS continues to be despite the pleas of key voices, can it reliably be expected to police global smuggling networks that span scores of countries, each with multiple ports? Importantly, this singular dependence on the BIS introduces a single point of failure. The BIS may not always recognize specific localized tactics used in transshipment hubs.
+
+#### Capacity building is more constructive than punitive actions.
+
+This report suggests a corrective in the nature of U.S. engagement with third countries. There is too often an assumption that countries that are key transshipment hubs are directly abetting illicit networks. This shapes the language for necessary instruments such as sanctions, country quotas, and outright bans.
+
+This report finds that seven out of eleven of the smuggling tactics identified are more likely to happen in developing countries, which often have poor customs infrastructure. This lack of ability to identify smuggling is not due to wilful negligence but a consequence of infrastructural gaps. These nations typically cannot afford advanced X-ray and scanning technologies (e.g., dual-energy X-ray systems), next-generation KYC and EDD software, or experts who may more reliably spot irregularities, such as chips concealed in electronic products. In addition, such ports are commonly not equipped with comprehensive CCTV systems or stringent entry and exit procedures.
+
+Counterintuitively, technonationalism may demand that the United States find greater security not by turning inward but through outward engagement and extending support for capacity building in select third countries. Otherwise, these countries are unlikely to independently invest in improved export control compliance measures themselves (see next observation).
+
+#### Understanding partner countries’ incentives is crucial.
+
+Historically, the focus of national customs agencies has been on import controls rather than export controls. This was shaped by the demands of collecting tariffs and protecting domestic industries from foreign competition, as well as the assumption that outbound goods, which contribute to national wealth through trade surpluses, pose less of a risk. The emergence of dual-use goods has heightened the necessity for export controls, but a marked imbalance persists between the attention given to import controls versus export controls at the national level.
+
+While the United States might emphasize the importance of increased export control measures, many customs agencies will not prioritize them. Having too restrictive a compliance sieve detracts from their core focus, which is to facilitate trade and increase port revenues. As such, in urging partner nations to increase their efforts, the United States must consider such countries’ domestic priorities. Ultimately, the primary mission of these countries’ customs agencies is to advance their own national development goals, not to aid the United States in its AI ambitions.
+
+
+### Detailed Policy Recommendations
+
+Given the challenges of detecting illicit consignments after they become obscured in transshipment networks, policymakers should focus on upstream sections of the smuggling pipeline, from the initial procurement of chips to before it leaves the port of origin. Importantly, these recommendations should be agreeable to and easily implementable by third countries. They should also be business-friendly, meaning they should be as frictionessless as possible and paired with incentives to match or dampen obligations. Regulatory interventions that work with the market are almost always more effective than those that swim upstream against it.
+
+Lastly, to allay the reflexive reactions of U.S. policymakers to the phrase “capacity building,” the three recommendations proposed here are entirely modest. They include workshops, a regional unit that will only require two to four BIS personnel with shared commitments from partner countries, and the provision of modern analytics software.
+
+#### Recommendation 1: Mandate use of custom digital waybills and preapproved logistics providers.
+
+A custom digital waybill for chips, incorporating a unique identifier, can mitigate the risks associated with the falsification of customs documents. Digital authentication further ensures the integrity of the waybill, making it difficult for smugglers to forge documents without detection. These waybills will be integrated with sales procedures as well as digital sales platforms for ease of business incorporation, and will include several key features:
+
+1. __A Unique Identifier:__ A unique QR code or equivalent tag for easy, tamper-proof scanning
+
+2. __Digital Authentication:__ Digital verification mechanisms to ensure the authenticity and integrity of the waybill
+
+3. __Item Specifics:__ Details that clearly state the nature of the controlled item as well as its quantity, value, origin, and destination
+
+4. __Logistics Providers Details:__ Details of the logistics provider, including its preapproval status
+
+5. __Standardized Sections:__ Sections for customs officials to stamp or digitally sign upon inspection, ensuring traceability at every checkpoint
+
+Furthermore, purchasers of chips will only be permitted to use prescreened logistics providers and routes. The buyer must identify their logistics provider of choice at the point of sale. Failure to do so should lead to cancellation of the sale. Tagging shipments at the point of sale enhances the BIS’s ability to efficiently conduct targeted audits. Logistics providers will be mandated to report to the BIS monthly on any consignments not received within a specified timeframe of two to four weeks. This process will flag discrepancies between recorded sales and actual shipments, facilitating swift spot checks on vendors identified as potential weak links. This will also better pinpoint suspicious entities that could be operating as front, shell, or shelf companies.
+
+The criteria for preapproval of logistics providers should broadly include the following:
+
+1. __Operational Integrity:__ A five-year track record that includes major incidents, policy breaches, or violations
+
+2. __Technological Capabilities:__ Adoption and integration of advanced package screening technologies
+
+3. __Employee Training:__ Regular training for employees handling controlled items
+
+4. __Background Checks:__ Mandatory checks for staff involved in the shipping of controlled items
+
+5. __Financial Assessment:__ Financial audits to ensure stability and solvency (a company in good financial standing is typically less prone to corrupt practices)
+
+6. __Documentation Adherence:__ A demonstrated record of correctly filling, maintaining, and providing necessary shipment documentation
+
+7. __Route Security:__ An assessment of chosen routes, favoring direct routes over transshipments to minimize risks
+
+8. __Collaboration with Customs:__ Established rapport and history of cooperation with customs and enforcement agencies in the region
+
+In addition, to incentivize the use of the waybill by distributors and resellers, this report proposes implementing a revenue-sharing program where distributors and resellers receive a small percentage of the transaction fee from every digital waybill issued. This turns compliance into a direct revenue stream. As for logistics providers, those who submit to BIS audits after the first year will be eligible for green-lane customs treatment in ports of call. In addition, there is room for negotiation with insurance companies to offer lower premiums for shipments that use digital waybills, as they are easier to track and thus present a lower risk of theft or loss.
+
+#### Recommendation 2: Require compulsory certification for official distributors, resellers, and logistics providers.
+
+Promoting a culture of compliance relies on a willingness on the part of exporters to comply with controls. While there certainly will be companies or individuals seeking to willfully circumvent or violate export controls, as mentioned previously, smaller resellers may inadvertently do so out of a lack of awareness or due to limited capacity. Hence, they should not be indiscriminately excluded entirely.
+
+This recommendation seeks to reduce evasion, particularly among these unintentional violators. But in order to be added to the approved list, they will have to undergo and complete the requirements of a certification workshop alongside official distributors, authorized OEMs and resellers, and logistics providers. To ensure that the new policy on custom waybills and use of preapproved logistics providers is well comprehended and implemented by these stakeholders, this report proposes holding a series of targeted capacity-building certification workshops.
+
+__CERTIFICATION WORKSHOP CURRICULUM__
+
+The proposed certification workshop should focus on the following goals:
+
+1. Outline in detail U.S. regulations surrounding the export of controlled chips.
+
+2. Conduct training on emergent tactics used by smugglers and how to spot and report front, shell, and shelf companies using easy-to-understand KYC guidelines (see sample guidelines below).
+
+3. Explain the rationale for the custom waybills as well as criteria for preapproval of logistics providers.
+
+4. Provide hands-on sessions on how to correctly fill and process custom waybills.
+
+5. Provide distributors and logistics providers with technical assistance to integrate the waybill system with existing inventory and sales software.
+
+__CERTIFICATION WORKSHOP MODALITY__
+
+The workshop will be facilitated by BIS export controls experts and customs officials from partner countries in an interactive format consisting of a detailed presentation, case studies, and a Q&A session with hands-on practice. There should also be recorded versions for remote stakeholders or those unable to attend in person, with periodic live Q&A sessions. If possible, e-guides, video tutorials, and FAQs should be made available on a dedicated portal. To reduce costs, this can be integrated to the extent possible with existing capacity-building work that BIS is already undertaking.
+
+__CERTIFICATION WORKSHOP EVALUATION__
+
+An evaluation will be conducted following the workshop by either a BIS or customs official from the host country to ensure comprehension. This could include a mix of multiple-choice questions, waybill filling exercises, and scenario-based questions. Successful participants will receive a certificate, which will be a prerequisite for being listed as an approved distributor, reseller, or logistics provider. This will cost little beyond the logistical costs of organizing the workshop.
+
+__RECERTIFICATION AND REVOCATION__
+
+Considering the dynamic nature of the industry and the regulatory landscape, periodic refresher workshops should be held at least annually. Updates or changes to the policy can be communicated during these sessions. Moreover, authorized sellers found negligent in conducting KYC procedures during BIS audits or random spot checks risk revocation of their certification.
+
+__SAMPLE KYC GUIDELINES (RED-FLAG INDICATORS)__
+
+1. Watchlist Matches: The customer, their address, or affiliated parties resemble entries on the Commerce Control List.
+
+2. Business Mismatch: The chip’s capabilities are inconsistent with the customer’s purported business activities (e.g., an advanced GPU order for a steel mill).
+
+3. Unusual Payment Methods: The customer prefers to pay in cash for high-value orders, despite more standard financing or credit terms being available.
+
+4. Declined Services: The buyer turns down standard post-purchase offerings, such as installation or training.
+
+5. Sketchy Business Background: The customer lacks a clear business history, previous transactions, or an online presence.
+
+6. Lack of Product Familiarity: The customer shows little knowledge about the chip’s specifications and capabilities but is insistent on the purchase.
+
+7. Ambiguous Delivery Details: The order has vague delivery dates or requests for delivery to remote or unusual destinations.
+
+8. Unusual Routes: The proposed transportation route is circuitous or unusual for the given product and end destination.
+
+9. Inconsistent Packaging: The packaging requested does not match the method of shipment or seems overdone or inadequate for the type of product.
+
+#### Recommendation 3: Set up dedicated regional units consisting of BIS staff and secondees from partner countries and incorporate use of modern data analytics.
+
+__SETTING UP A DEDICATED REGIONAL UNIT__
+
+National customs operations have historically been driven by revenue collection and import controls, relegating the task of export controls to the periphery. While the United States might emphasize the importance of such controls, many customs agencies do not prioritize them. Moreover, the infrequent cases related to export control evasion result in an experiential deficit among customs staff, further diminishing its precedence. For reference, even in Germany, the European Union’s largest exporter, the number of criminal proceedings relating to export control violations processed each year is relatively low, in the double digits.
+
+This paucity, coupled with the complexity of such cases, has deterred the establishment of specialized procedures or dedicated departments to detect export control evasion. Consequently, this limited exposure leaves customs officers and even prosecutors and judges ill-equipped to credibly deal with export control evasion cases, potentially overlooking critical aspects due to insufficient experience or a lack of technical or legal familiarity.
+
+As such, to improve risk profiling, interdiction, investigation competence, and intelligence sharing, this report recommends the formation of a dedicated regional unit comprised of two to four specialist advisory experts from the United States, along with secondees from partners’ customs authorities. In this model, when a frontline officer detects a suspicious transaction, they can immediately seek guidance from the specialized team. In turn, the unit proactively disseminates its intelligence to partner countries. This model takes reference in part from specialized national units like in the Netherlands (see Case Study 6).
+
+However, the efficacy of this system depends on robust interagency information sharing at both the national and international levels. Collaboration between customs and intelligence agencies is paramount. This will necessitate granting security clearances for both U.S. experts and secondees in the risk-profiling unit. Furthermore, intelligence data will need to be transformed into a redacted, yet actionable format, ensuring broader dissemination within the customs department without compromising sensitive information.
+
+> #### `CASE STUDY 6`
+> #### `A Specialized Team in the Netherlands`
+
+_`In the Netherlands, a specialist team, Precursors, Strategic Goods and Sanctions (POSS), is responsible for the enforcement of export controls and sanctions under the customs administration. POSS monitors and enforces exporters’ compliance and can also conduct (criminal) investigations. To perform its tasks, the team has the power to demand extensive information from any entity (e.g., manufacturers, traders, and brokers) that deals with the export of dual-use and military goods, including the right to access company premises.`_
+
+__USE OF MODERN DATA ANALYTICS__
+
+This leans on the work by Gregory C. Allen, Emily Benson, and William Alan Reinsch in their paper “Improved Export Controls Enforcement Technology Needed for U.S. National Security,” which recommends the incorporation of data-driven approaches in place of the dated software and databases BIS currently uses. However, whereas their recommendations focus on improving the BIS’s detection capabilities, this recommendation instead looks at improving detection at the customs level, which are the physical points of failure.
+
+To be clear, ensuring that the Commerce Control List is improved and regularly updated to pinpoint companies affiliated to bad-faith actors or regimes is crucial to ensure that ports downstream can more effectively sift out front, shell, and shelf companies. However, this also introduces a single point of failure in the detection system due to the reliance on the BIS to fulfill its role perfectly. Furthermore, the BIS might not always recognize specific tactics used in major transshipment hubs.
+
+Consequently, the United States should collaborate with partner countries and key circumvention nodes to incorporate modern data analytics for improved detection of evasive entities. Below is a sample implementation strategy.
+
+_Sample Recommendations to Enhance Surveillance Capabilities to Detect Evasive Actors_
+
+- __Customized Risk Profiling:__ Implement machine-learning algorithms tailored to each port’s unique profile to auto-score incoming and outgoing shipments based on the history of evasive activities and identified patterns.
+
+- __Supply Chain Analysis:__ Employ supply chain analytics tools to trace the origins and destinations of shipments, identifying unusual routes or odd combinations of cargo that might indicate evasion tactics.
+
+- __Real-Time Vessel Monitoring:__ Integrate real-time tracking systems to monitor vessel movements, especially those taking irregular routes or making unexpected stops, often indicators of evasive or illegal activities.
+
+- __Advanced Document Verification:__ Introduce optical character recognition (OCR) and natural-language processing (NLP) systems to scan, verify, and highlight discrepancies in shipment documents, bills of lading, or manifests.
+
+- __Port Data Integration System:__ Consolidate data from different ports to create a holistic database, improving collaborative efforts in detecting evasive actors across the continent. This system can track entities as they move through various checkpoints, making evasion harder.
+
+- __Behavioral Analytics:__ Utilize algorithms to study behavior patterns of freight forwarders, shipping companies, and other stakeholders. A sudden change in patterns could be indicative of evasive or illicit activities.
+
+- __Collaborative Stakeholder Reporting:__ Foster an environment where port staff, customs officials, and third-party stakeholders can anonymously report suspicious activities, with the system analyzing these reports for recurring patterns or concerns.
+
+- __Dynamic Sanctions and Blacklist Checks:__ Integrate updated international and regional sanctions lists and run real-time checks on entities, ensuring that any newly blacklisted or suspicious entities are promptly flagged during transactions.
+
+
+### Conclusion
+
+The insights in this report are admittedly mostly qualitative. However, it seeks to provide a sufficient base for readers to infer the complexities of export control evasion through straightforward inductive reasoning.
+
+The recommendations in this report also likely do not go far enough. Recent compute governance proposals suggest establishing a “tracking regime” to monitor the distribution and ownership of AI chips. However, practical implementation details of how chains of custody and a chip registry can be established in such a scheme remain largely poorly defined. In addition, the privacy challenges of doing so have not been sufficiently addressed. For example, when Intel introduced the Pentium III processor in 1999, which had a unique serial number embedded in each chip, the ensuing privacy backlash caused Intel to hastily create a disablement tool and exclude serial numbers in subsequent chip models. This is why this report proposes the less invasive and more modest recommendation of a waybill with a unique identifier instead.
+
+Lastly, the recommendations proposed in this report will likely be imperfect. Determined smugglers will try to hack the waybill system by forging or altering it. Shell companies will still overcome enhanced KYC checks and engage private couriers. But this is precisely the point. Export controls are an inherently leaky instrument. Guiding principles must therefore be practical. What chokepoints in the smuggling pipeline can realistically be targeted, thereby sufficiently increasing both the cost of compliance and the likelihood of good-faith actions? It is not about guaranteeing success, but defining the level of failure that is acceptable.
+
+---
+
+__Barath Harithas__ is a non-resident adjunct fellow with the CSIS Project on Trade and Technology and has held diverse public service roles in Singapore spanning the U.S.-China relationship, international trade, and AI standards.