Back to the Resource Hub / Back to Links
The links below are organised by the month in which they are published
BOOKS |
Agüera y Arcas challenges traditional definitions of intelligence by drawing parallels between biological evolution and computational systems. He argues that intelligence is not a static property but a dynamic capacity to predict and adapt. This view aligns with the “predictive brain” hypothesis in neuroscience, which suggests that the brain evolved primarily to anticipate future events. Similarly, large neural networks in AI—like those used in language models—demonstrate emergent intelligence by learning to predict sequences, revealing that intelligence may arise naturally from systems designed to forecast outcomes.
The book blends insights from evolutionary biology, cognitive science, and machine learning to show how intelligence emerges from feedback loops, environmental interaction, and computational efficiency. Agüera y Arcas emphasizes that intelligence is not exclusive to humans or machines—it’s a general principle observable in nature, from slime molds navigating mazes to algorithms optimizing search results. He also explores how cultural evolution parallels biological evolution, with ideas and technologies evolving through selection and recombination.
A key theme is the role of agency and consciousness. While AI systems can exhibit intelligent behavior, they lack subjective experience. Agüera y Arcas cautions against anthropomorphizing machines, urging readers to distinguish between functional intelligence and sentient awareness. He also reflects on the ethical implications of AI development, especially as systems become more autonomous and embedded in society.
Blaise Agüera y Arcas’s 2025 book What Is Intelligence? explores how artificial intelligence, evolution, and neuroscience converge to reshape our understanding of intelligence—not as a fixed trait, but as an emergent, predictive process rooted in adaptation. The book concludes by proposing a more inclusive and fluid definition of intelligence—one that accounts for diversity across species, systems, and contexts. Intelligence, in this view, is less about solving puzzles or passing tests and more about navigating complexity, adapting to change, and generating meaningful responses to unpredictable environments.
Agüera y Arcas’s interdisciplinary approach makes What Is Intelligence? a compelling read for technologists, philosophers, educators, and anyone curious about the evolving boundaries between mind and machine. It invites readers to rethink intelligence not as a human monopoly, but as a universal phenomenon shaped by prediction, interaction, and evolution.
Donohue traces the evolution of foreign intelligence gathering in the United States, highlighting how technological advances—especially in digital communications—have blurred the lines between domestic and foreign surveillance. Historically, intelligence agencies needed to demonstrate that a U.S. person was acting as an agent of a foreign power before collecting data. However, post-9/11 reforms and the rise of bulk data collection have eroded these safeguards. Today, agencies often collect massive amounts of information first and analyze it later for potential threats, reversing the traditional model of targeted surveillance.
A central theme of the book is the tension between national security and civil liberties. Donohue argues that the Foreign Intelligence Surveillance Act (FISA) and its associated court system have failed to keep pace with technological change. The shift from individualized warrants to programmatic approvals has weakened judicial oversight, allowing broad surveillance programs to operate with minimal transparency. She critiques the expansion of executive power and the lack of meaningful checks from Congress and the courts, warning that this undermines democratic accountability.
Donohue also explores the implications of metadata collection, arguing that even non-content data—such as call logs, IP addresses, and location history—can reveal intimate details about individuals. She emphasizes that the Fourth Amendment’s protections against unreasonable searches must be reinterpreted to account for the realities of digital life. The book calls for stronger statutory protections, enhanced oversight mechanisms, and a renewed commitment to constitutional principles in intelligence policy.
Importantly, Donohue does not reject the need for foreign intelligence. Instead, she advocates for a balanced approach that respects privacy while enabling effective threat detection. She proposes reforms such as narrowing the scope of bulk collection, increasing transparency around surveillance programs, and strengthening the role of the judiciary in authorizing and reviewing intelligence activities.
Laura K. Donohue’s The Future of Foreign Intelligence critically examines how modern surveillance practices challenge constitutional protections, arguing that the U.S. must rethink its legal frameworks to safeguard privacy in the digital age. In sum, The Future of Foreign Intelligence is a rigorous and timely analysis of how surveillance practices have outpaced legal norms. It urges policymakers, legal scholars, and citizens to confront the challenges posed by digital surveillance and to restore constitutional protections in an era of pervasive intelligence gathering.
In this updated edition, Van Puyvelde and Brantly examine cyberspace as a complex and contested arena where individuals, corporations, and states interact—often with conflicting interests. The book begins by unpacking the conceptual foundations of cybersecurity, challenging readers to consider whether cyber threats are real, exaggerated, or misunderstood. It critiques alarmist narratives of “cyber war” while acknowledging the genuine risks posed by surveillance, data breaches, and digital espionage.
The authors emphasize that cybersecurity is not just a technical issue but a deeply political and governance-driven challenge. They explore how states and institutions attempt to regulate cyberspace, often balancing national security with civil liberties. The book analyzes key actors—from governments and intelligence agencies to private tech firms and hackers—and how their actions shape the cybersecurity ecosystem.
A central theme is the governance of cyberspace, which the authors describe as fragmented and contested. They assess international efforts to establish norms and rules, such as the UN Group of Governmental Experts and regional cybersecurity frameworks. The book also addresses conflict in cyberspace, including state-sponsored cyber operations, disinformation campaigns, and the strategic use of digital tools in geopolitical rivalries.
Van Puyvelde and Brantly integrate case studies and empirical data to illustrate how cybersecurity policy plays out in practice. They highlight incidents like the SolarWinds breach and the role of cyber capabilities in the Russia-Ukraine conflict, offering insights into how cyber tools are used for both coercion and defense.
Importantly, the book encourages readers to think critically about the future of cybersecurity governance, urging more inclusive, transparent, and resilient approaches. It’s a valuable resource for students, analysts, and policymakers seeking to understand the intersections of technology, security, and global politics.
Cunningham’s central argument is that China’s People’s Liberation Army (PLA) has embraced information-age weapons—especially cyber and space tools—as substitutes for nuclear threats or conventional military dominance. This strategic shift reflects China’s desire to fight limited wars under the shadow of nuclear deterrence, where escalation risks constrain traditional military options. Unlike other nuclear powers that rely on overwhelming conventional force or nuclear brinkmanship, China seeks to exploit digital tools for precision, disruption, and psychological impact.
The book is grounded in extensive empirical research, including Chinese military doctrine, official statements, and strategic writings. Cunningham shows how China’s leadership views cyber operations and space-based surveillance as essential for shaping adversary behavior, deterring aggression, and controlling escalation. These tools allow China to signal resolve, gather intelligence, and degrade enemy capabilities—all while staying below the nuclear threshold.
A key contribution is Cunningham’s theory of strategic substitution, which explains how states facing the “limited war dilemma”—the challenge of achieving military objectives without provoking nuclear retaliation—may turn to non-nuclear coercive tools. She applies this theory to China’s evolving force posture, highlighting how the PLA integrates cyber attacks, electronic warfare, and satellite systems into its deterrence and warfighting strategies.
The book also examines case studies and scenarios, such as Taiwan contingencies and U.S.-China crises, to illustrate how information-age weapons could be used in practice. Cunningham warns that while these tools offer flexibility, they also introduce ambiguity and escalation risks, especially if misinterpreted by adversaries.
Ultimately, Under the Nuclear Shadow argues that China’s approach reflects a broader transformation in international security, where digital technologies are redefining deterrence, escalation, and strategic stability. It calls for more nuanced policy responses and deeper understanding of how emerging powers navigate the nuclear shadow.
This work is part of the Princeton Studies in International History and Politics series and is a vital resource for scholars, analysts, and policymakers interested in cyber strategy, deterrence theory, and East Asian security dynamics.
NEWS |
Director of the US Central Intelligence Agency John Ratcliffe paid a non-public visit to Brussels in the last week of October, where he met with senior foreign policy and intelligence officials of the European Union. About this reported Politico, citing informed sources.
According to media reports, Ratcliffe made the trip to convey a "not-so-subtle message" that Europe can still trust the United States. Three people with knowledge of the meeting said that Ratcliffe met with the head of European diplomacy Kaja Kallas, as well as with senior officials from the EU Intelligence and Situation Centre (INTCEN) and the Intelligence Directorate of the Military Staff of the bloc (EUMS).
The talks were aimed at calming nerves and reaffirming Washington's commitment to intelligence sharing as concerns grow in some European capitals about the direction of U.S. foreign policy under the president Donald Trump's leadership.
Intel 471, the premier provider of cyber threat intelligence-driven solutions worldwide, delivers the newest release of its Geopolitical Intelligence solution to its Verity471 platform. This enhanced offering provides users with structured, actionable insights on countries and global issues to help organizations manage the impact of these dynamics on business operations, assets, stakeholder safety and strategic endeavors, all within its unified cyber intelligence platform.
According to the World Economic Forum, nearly 60% of organizations state that geopolitical tensions have affected their cybersecurity strategy. Geopolitics shape state and non-state threats in the cyber and physical domains, requiring organizations to continuously monitor areas of interest that affect their business operations and supply chain. Intel 471's Geopolitical Intelligence provides a unique lens into significant regional events, including changes in policy, leadership and technology, that enable organizations to anticipate risk, swiftly identify threats and take decisive action.
“Within the nexus of complex cyber threat landscapes and heightened geopolitical tensions, it is imperative that organizations understand their exposure to regional threats, along with threats to their suppliers, subsidiaries and M&A activities,” says Michael DeBolt, Chief Intelligence Officer at Intel 471. “Our enhanced solution, available via our next-generation cyber intelligence platform, connects the dots between cybercrime, nation-state operations and geopolitical developments. As a result, security teams and intelligence professionals can move beyond siloed threat feeds to proactively mitigate risks to their organization’s attack surface.”
Australia's spy chief says hackers linked to the Chinese government and military are targeting the country's critical infrastructure, warning the country was increasingly at risk of "high-impact sabotage". Mike Burgess, head of the Australian Security Intelligence Organisation (Asio), said "unprecedented levels of espionage" meant a growing threat of "cyber-enabled sabotage" in the next five years.
He singled out "one nation state - no prizes for guessing which one - conducting multiple attempts to scan and penetrate critical infrastructure in Australia" and its allies, "targeting water, transport, telecommunications, and energy networks". The Chinese embassy has been contacted for comment.
The makers of artificial intelligence (AI) chatbot Claude claim to have caught hackers sponsored by the Chinese government using the tool to perform automated cyber attacks against around 30 global organisations. Anthropic said hackers tricked the chatbot into carrying out automated tasks under the guise of carrying out cyber security research.
The company claimed in a blog post this was the "first reported AI-orchestrated cyber espionage campaign". But sceptics are questioning the accuracy of that claim - and the motive behind it.
ARTICLES |
This article examines the ways in which the US intelligence community is leveraging the power of artificial intelligence (AI) for national security purposes. Drawing on declassified intelligence records, it contends that this community has been fascinated by AI for decades. This is important to acknowledge because this historical context has shaped contemporary projects and thinking within the community. It has given the United States a first-mover advantage, establishing precedents that other global actors need to comply with, negotiate or resist. The article advances three arguments. One, the community has long recognized that it needs to collaborate with the tech sector on AI. However, these relationships bring certain challenges since the sector is a curious compound of ideologies and interests. Two, while the community was initially attracted to the data processing advantages of AI to help human analysts to overcome “data smog,” today it has broadened its focus to consider how AI can improve all stages of the intelligence cycle. Three, while many voices feverishly herald the transformative potential of AI in the global security environment, we argue instead that US agencies will not be able to exploit the full potential of AI, and thus talk of an intelligence revolution is premature. This is because of national and international rules on data collection and retention but also because of cultural tensions within the global AI ecosystem. The discussion will appeal to scholars and practitioners interested in the impact of emerging technologies on national security processes and decision-making and, more broadly, global security.
It is a question that successive governments have struggled with: what kind of threat does China really pose to the UK? Trying to answer it may have contributed to the high-profile collapse of the case in which two British men, Christopher Cash and Christopher Berry, were accused of spying for China and charged under the Official Secrets Act. Both deny wrongdoing - but when charges were dropped last month, it sparked political outcry.
Prosecutors and officials have since offered conflicting accounts about whether a failure or unwillingness to label China as an active threat to national security led to the withdrawal of the charges. And yesterday Lord Hermer, the attorney general, blamed "out of date" legislation for the case's collapse. But this all raises the question of what exactly Chinese espionage looks like in the modern world.
This paper about cyber intelligence in the context of national and international security builds on the discussion held during the third EU Cyber Direct Research Seminar organised by Leiden University on 3 November 2022. The paper acknowledges that despite earlier assumptions, cyberspace is less a war-fighting domain than one in which there is constant competition between intelligence agencies. It highlights the scope, scale and tenacity of many of the intelligence and intelligence-led cyber operations discovered over the past decade, each of which has set new precedents in terms of the number of government institutions, businesses and individuals affected, has caused much consternation, yet has led to little discernible action in terms of discussing possible legal or normative restraints or limits at the international level. The paper nonetheless highlights some of the normative actions that are slowly taking place at the national level, or in specialised bodies that shape national-level decisions, to place some restraints on the means and methods used in intelligence and intelligence-led cyber operations. Finally, the paper calls for a franker discussion among states on intelligence-led cyber operations and the different types of action (espionage/intelligence collection, covert action) that they consider to fall under that rubric. Such a discussion can start bilaterally or among a small number of states, but at some stage it will need to be broadened. The paper puts forward some suggestions on what such a discussion could focus on.
The evolution of intelligence marches in step with the development of technology. Intelligence communities must adapt technologically to survive and succeed, or find themselves disadvantaged, and their customers ill-informed or facing unwelcome sur prise. This was true of the second industrial revolution, from the turn of the Twentieth Century, and the mass adoption of radio and its myriad implications for politics, war, and intelligence; and equally so for the third industrial, or digital, revolution, which gathered pace from the mid-Twentieth Century, and which was ultimately characterised by the mass adoption of personal computers, mobile devices, and digital communications over the internet. The story of adapting to the second industrial revolution was the story of adapting to the challenge of intercepting, processing, and leveraging massive volumes of machine-encrypted messages, or learning about distant, enemy military installations. The process prompted developments in computing, aircraft, and satellites, and changed intelligence from a niche industry to one of mass production. During the digital revolution intelligence agencies had to adapt to the web, and the myriad challenges of volume, velocity, variety, veracity, and value that accompanied any attempts to exploit it to learn about enemies, old and new. This called for structural, cultural and technological change. 1 And, as became clear in 2013, when the NSA contractor Edward Snowden began leaking a massive cache of stolen documents – elements of which illuminated the US and UK’s capacity to intercept, process, and interrogate immense volumes of data – western intelligence communities had adapted to the digital era, and thrived.
REPORT |
People’s Republic of China (PRC) state-sponsored cyber threat actors are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military infrastructure networks. While these actors focus on large backbone routers of major telecommunications providers, as well as provider edge (PE) and customer edge (CE) routers, they also leverage compromised devices and trusted connections to pivot into other networks. These actors often modify routers to maintain persistent, long-term access to networks.
This activity partially overlaps with cyber threat actor reporting by the cybersecurity industry—commonly referred to as Salt Typhoon, OPERATOR PANDA, RedMike, UNC5807, and GhostEmperor, among others. The authoring agencies are not adopting a particular commercial naming convention and hereafter refer to those responsible for the cyber threat activity more generically as “Advanced Persistent Threat (APT) actors” throughout this advisory. This cluster of cyber threat activity has been observed in the United States, Australia, Canada, New Zealand, the United Kingdom, and other areas globally.
This Cybersecurity Advisory (CSA) includes observations from various government and industry investigations where the APT actors targeted internal enterprise environments, as well as systems and networks that deliver services directly to customers. This CSA details the tactics, techniques, and procedures (TTPs) leveraged by these APT actors to facilitate detection and threat hunting, and provides mitigation guidance to reduce the risk from these APT actors and their TTPs.
The international system today is characterized by a fracturing of the old order and great uncertainty about what is to come. Strategic Trends 2025 examines the pivotal forces and developments shaping global security, offering critical analysis of the challenges and opportunities in a world undergoing profound transformation. Three key dynamics define the trajectory of the contemporary international system. The first is strategic competition between major powers, with US-China relations at the core. The competitive dynamics of interstate relations are increasingly escalating into conflicts – whether kinetic, cyber, economic, or within the ever-expanding “gray zone.” The traditional boundaries of war and peace have blurred, creating a security landscape where the rules of engagement are no longer clear or universally accepted. The uncertainty of the international system today is magnified by the second key dynamic affecting international politics: the demise of the established global order through the fraying and fracturing of institutions and norms. This has raised fundamental questions about the future of globalization and the prospects for cooperation in addressing transnational challenges. As the balance of power shifts toward a dynamic and competitive multipolarity, we are in a dangerous transition period, with heightened volatility and uncertainty.
OPINION |
MICE-R is an acronym for one way an organization can recruit a spy. It stands for money, ideology, coercion, ego, and lastly, revenge. Money: Investment, employment, or scholarship offers target victims of financial hardship with bribes. Ideology – Civic duty, religious solidarity, political grievances, hacktivism, radicalization.. Coercion – Social pressure, blackmail/extortion, physical threats. Ego – Flattery, recognition, access, statue, power. Revenge – Disgruntled employees.
The most obvious way to recruit someone is, of course, money. It can come as an investment offer, a scholarship, or possibly a business partnership.
An example is a motor company doing distribution within the US and needing new motors to distribute. One of their representatives goes off to a foreign country, has some meetings, and all of the distribution plans get taken because they are offered, as part of this conversation in the business partnership, something seemingly innocuous.
A cost of doing business, perhaps, but that’s a risk that many aren’t taking into account. But even something such as a scholarship or immigration visa. These are things that can monetarily lure people into doing things that they wouldn’t normally do that can cause risk to the rest of us.
Although ideology isn’t as prevalent in the cybersecurity space, it happens in hacktivism all the time. If you know the Old Anony Ops IRC channel, you know it was where federal and criminal recruiters infamously tried to coax members (typically young adults) to do things against “adversaries” to Anonymous causes and conducting illegal acts.
There were levels of plausible deniability, of course, mainly between the government and the person executing the attack, but it was using ideology such as freedom of information or whatever they were doing as far as propaganda is concerned and recruiting people into doing digital a
Artificial Intelligence is not simply another technological tool; it’s a transformative force reshaping the foundations of intelligence and national security. In remarks to the 11 October Aspen-Otago National Security Forum in New Zealand, Anne Neuberger, former U.S. deputy national security advisor for cyber and emerging technology, provided an illuminating account of how AI could revolutionise the future of intelligence operations, analysis and organisation, but also challenge democratic governance of national security.
TALKS, WEBINARS & PRESENTATIONS |
What do shifting power dynamics, the rise of global revisionism, and low-boil conflicts mean for national security? What are the gaps between the U.S. perspective and a European one? Please join CSIS on May 12 from 2:30-3:30 p.m. EDT for a conversation about Strategic Trends 2025: Key Developments in Global Affairs, a new report by the Center for Security Studies (CSS) at ETH Zürich. This year’s volume features chapters on shifting Eurasian partnerships, conflicts in the Middle East, deepening Euro-Atlantic and Indo-Pacific cooperation, the securitization of digital capabilities, and the role of critical technologies in great power competition.
In The Fourth Intelligence Revolution: The Future of Espionage and the Battle to Save America, author Anthony Vinci explores how advances in artificial intelligence (AI) and U.S.-China competition are transforming global espionage, with implications for us all. Vinci’s eye-opening new book traces the evolution of espionage from World War II to present day, describing a new technology-driven global intelligence race that extends from economic espionage to genetic data collection to reconnaissance in the far reaches of space. Join the Center for a New American Security (CNAS) on Tuesday, October 28, from 3:30–4:30 p.m. ET for a live discussion with author and CNAS Senior Adjunct Fellow Anthony Vinci, who previously served as the chief technology officer at the National Geospatial-Intelligence Agency. The conversation will be moderated by Vivek Chilukuri, senior fellow and director of the Technology and National Security Program at CNAS.
Back to the Resource Hub / Back to Links
The subjects, thoughts, opinions, and information made available in AIPIO Acumen reflect the authors' views, not those of the AIPIO.