Be respectful in your interactions with fellow members. You can Go Here to read our Terms and Rules. Visit My Profile to create your avatar and see your posts. If you to report a bug or issue, email us at support.GI US.com

Title: August 4, 2025 PM

NEW NATIONAL CYBER DIRECTOR

Cairncross confirmed by Senate to take up role of national cyber director

Sean Cairncross was confirmed by the Senate on Saturday to serve as the national cyber director. In the position, Cairncross will coordinate cybersecurity efforts among various government agencies, develop and implement national cybersecurity policies, and advise the president on critical cyber issues. Cairncross is a former Republican National Committee official and was CEO of the Millennium Challenge Corporation agency during Trump’s first term. The Office of the National Cyber Director (ONCD) has been engaged in effort to harmonize cyber regulations and streamline cyberattack reporting rules for organizations. The office also has been promoting programs to anchor federal cyber jobs in a skills-based hiring structure and to boost the size of the cyber workforce in the U.S. (Cyber Scoop)

NOTE: This leadership position can be a quagmire to maneuver through.There are rules and regulations and demands established by the government, some of which are at odds with one another, and in the end, do little to protect personal information. Do not expect to see any movement to restrict the use of people's information, something the EU has done. The government's approach is to be more of an advisor and push to the States the responsibility to manage cybersecurity. Since the majority of the effort is to secure small businesses, this approach make sense since most businesses are state entities and not federal.

CHINA’S CYBER ATTACKS CONTINUE

Leadership Lacking - Beijing's hackers are playing the long game

Chinese state-linked hackers are increasingly targeting critical U.S. infrastructure, not for immediate disruption, but to maintain long-term, stealthy access in case of future conflict, particularly over Taiwan. Recent attacks have exploited SharePoint vulnerabilities, compromising over hundreds of systems and stealing machine keys that allow persistent access. Groups like Volt Typhoon, Salt Typhoon, and Silk Typhoon are growing more sophisticated, using zero-day exploits and targeting key sectors such as government, transportation, and utilities. Silk Typhoon stands out for developing new hacking tools and having links to private firms. Beijing is increasingly outsourcing cyber operations to contractors, complicating attribution and boosting capability. Meanwhile, U.S. cyber defenses have weakened under the Trump administration due to budget cuts and staff losses, although offensive cyber capabilities are receiving a funding boost. With AI becoming a key part of cyber operations, experts warn that nation-state hackers are already experimenting with advanced tools. (Axios)

NOTE: There is no central leadership leading the charge for ensuring our critical infrastructure is secure. The political will is to talk, but not to put the money necessary where their mouth is. They demand the implementation of security controls but fail to give the entities the ability to recover the costs of these mandates. If they were serious, diverting some of the spending overseas to secure our infrastructure would be a step in the right direction. I am not confident that will happen.

SYRIA & AZERBAIJAN

Energy for Syria. A new pipeline that will bring natural gas from Azerbaijan to Syria has been inaugurated. The ceremony took place in Turkey’s southeastern province of Kilis, on the Syrian border. The pipeline should deliver 1.2 billion cubic meters of natural gas to Syria annually in the first stage – which will then be transported to power plants in Syria’s Aleppo and Homs provinces and used to generate electricity. Syria’s energy minister said his country has more joint projects in the works with Azerbaijan.

TURKEY & SYRIA

Defense support. Turkey and Syria reportedly plan to sign a military cooperation agreement by late August that will allow Ankara to set up three military bases in Syria. The deal will also include Turkish training of Syrian military personnel, military consulting and assistance in reforming the Syrian army. Turkish support for Syrian air defense and unmanned aircraft operations is also being considered.

IRAN’S NEW DEFENSE COUNCIL

Reforms. Iran plans to launch a new security body called the Defense Council as part of structural changes following Israel’s attacks on Iranian nuclear facilities in June. In addition, Ali Larijani, an adviser to Iran’s supreme leader, will take over leadership of the Supreme National Security Council from Ali Akbar Ahmadian, who will assume responsibility for several special and strategic files.

OPEC+ INCREASED PRODUCTION

Oil market. OPEC+ countries agreed in principle to increase oil production by 548,000 barrels per day in September. The decision followed U.S. criticism last week of India’s continued purchase of Russian oil. After repeatedly slashing output in recent years, OPEC+ partners have been steadily increasing production this year, following U.S. President Donald Trump’s demands that they do so.

INDIA, RUSSIAN OIL & U.S. SANCTIONS

India stays the course. Relatedly, Indian Prime Minister Narendra Modi has made no moves toward reducing Russian oil imports, following U.S. President Donald Trump’s statement last week that his country would impose 25 percent tariffs on Indian goods and additional penalties over New Delhi’s energy ties to Russia. Over the weekend, he encouraged Indian consumers to buy locally amid the global economic uncertainty and has refrained from instructing oil refiners to stop buying Russian oil.

PAKISTAN & IRAN

Meeting in Islamabad. Iranian President Masoud Pezeshkian and Pakistani Prime Minister Shehbaz Sharif held talks in Islamabad over the weekend. The two countries signed a dozen cooperation agreements relating to trade, industry and transport. In a joint press conference, Pezeshkian said they aimed to increase bilateral trade from $3 billion to $10 billion. Sharif stressed their common goal of fighting terrorism and condemned Israel’s June attacks on Iran.

ALGERIA

Energy project. Algeria and Nigeria reaffirmed their commitment to developing the Trans-Saharan Gas Pipeline aimed at delivering Nigerian gas to Europe via Algeria. During Nigerian Foreign Minister Yusuf Maitama Tuggar’s visit last week to Algiers, the diplomat spoke with his Algerian counterpart about expanding bilateral cooperation into renewable energy, green hydrogen, regional electric interconnection and strategic planning. The two countries conducted a feasibility study on the pipeline project in March.

GZB INFOCUS: CHINA’S CYBER ATTACK ON THE CITY OF ST. PAUL

This past week, we’ve been closely following a stinging cyberattack on Saint Paul, a city in Minnesota Recovery efforts aren’t over yet, and it’s already clear that mitigating the disruptive attack is going to be expensive.

A huge cyberattack has prompted safety concerns in St. Paul, a major Minnesota city. Last week, a state of emergency was declared (https://qoaoyzd.clicks.mlsend2.com/ty/c/eyJ2Ijoie1wiYVwiOjE0MjU5MDUsXCJsXCI6MTYxODExNjE3NDk2OTU4OTcyLFwiclwiOjE2MTgxMTYzMjM3NzMwMDUzNn0iLCJzIjoiZGY2YjEzYTBkZjI5ZjNiMSJ9), and the breach seems to be so bad that Governor Tim Walz has had to deploy the National Guard.Crippling hacks that knock out city services are a hallmark of ransomware incidents (https://qoaoyzd.clicks.mlsend2.com/ty/c/eyJ2Ijoie1wiYVwiOjE0MjU5MDUsXCJsXCI6MTYxODExNjE3NTAxMTUzMjc5LFwiclwiOjE2MTgxMTYzMjM3NzMwMDUzNn0iLCJzIjoiYTNkY2Y4YWUzYjc5NGY3ZSJ9), in which cybercriminals deploy data-scrambling software to paralyze victim networks until a ransom payment is made.

St. Paul’s cybersecurity protection system first detected “suspicious activity” on its network on July 25th.

After a quick investigation, St. Paul Mayor Melvin Carter said that the city’s IT systems were shut down on July 28th to isolate local infrastructure from potential damage.

“This was not a system glitch or technical error. This was a deliberate, coordinated digital attack carried out by a sophisticated external actor intentionally and criminally targeting our city’s information infrastructure,” Carter said at Tuesday's news conference.

Carter has also swiftly declared a state of emergency in St. Paul, while Minnesota Governor Tim Walz, seeing that the attack was too large and complex for the city to handle on its own, has activated the state’s National Guard and its cyber team.

“We are committed to working alongside the City of Saint Paul to restore cybersecurity as quickly as possible,” Walz said (https://mn.gov/governor/newsroom/press-releases/#/detail/appId/1/id/699945).

“The Minnesota National Guard’s cyber forces will collaborate with city, state, and federal officials to resolve the situation and mitigate lasting impacts. Above all, we are committed to protecting the safety and security of the people of St. Paul.”

St. Paul’s IT systems were already shut on Monday as a defensive step. For instance, city buildings like libraries and recreation centers now have no WiFi. Key emergency services, including 911, have remained operational, though.

Is the people’s data at risk? According to Carter, the attack appears to be limited to city systems. But St. Paul holds “limited” data on residents who are not city employees, so staying alert about your personal data would be smart.

Why It Matters:

Hacking attacks – mostly using ransomware – now hit American cities every few days. They are expensive to mitigate and extremely disruptive: if the records are altered or permanently lost, recollecting them is extremely difficult. That’s why secure backups are a must.

GZB looks at this as a probe. If we were to Red Cell this, — if I were China — I would pick a mid-tier city like St. Paul to study the effects of the hack, (cyber warfare) what the reaction time is, what assets are deployed and tied up by the operation to fix it, a damage assessment on city infrastructure, and the cost —which falls under economic warfare. These two categories are mostly Gray Zone categories — enough to damage your enemy, but not enough to require kinetic conflict.

That being said, I don’t understand why we’ve allowed China — using cyber hacker cells like APT-41 and even proxies that use the facade of Ransomeware ECrime Groups to continue to inflict damage without retaliating in-kind.

Before Iraq’s Communication Tower was unbuilt by J-DAMS, as Baghdad Bob was live on the air, an enter button was pressed on a keyboard that uploaded a virus to everything in the Iraqi Government’s Computer Network. It shut down the entire system and crippled it.

While that’s apples and oranges, and China’s infrastructure, with their estimated 110,000 PLA personnel cyber units, dwarfs anything the Iraqis had in 1991, every government and military computer network has weaknesses and strengths.

There are chinks in the dragon’s scales everywhere. Why aren’t we counter punching

As I have discussed with analyst Rob Dodson, China is playing the long game — death by a thousand cuts. What will this look like in another year, 3, 5, 10 or 20? Do we just allow them to keep doing this, or do we hit them back and put them on notice?

Pray.

Train.

Stay informed.

Build resilient communities.