Good Morning:

Yesterday on #DogShirtTV, mine enemy has perished and Ava is back on the show. Also, the estimable Anastasiia Lapatina and I discussed the negotiation strategy in the Ukraine peace talks, if you’re into that sort of thing:

The Situation

In yesterday’s The Situation column, I offered refinements to President Trump’s bold policy proposals from this weekend:

Ah, yes. And herein my suggestion: If the president wants symbolism, he can do better than Alcatraz.

I have a suggestion for Trump of another small island in a major population center currently being used for tourist purposes but which would make a far bigger statement than Alcatraz if turned into a prison. I’m talking, of course, about Liberty Island in New York Harbor.

While he’s at it, Trump could convert Ellis Island into a prison too. Imagine if the Main Immigration Building—which the National Park Service describes as “the epicenter of one of the greatest migrations in modern history” and is now “a memorial to all who pursued the American dream and have made this nation their adopted home”—were once again used to detain people. That would really sock it to those open borders people.

Today On Lawfare

Compiled by the estimable Caroline Cornett

The World’s Underground Bankers

Sujit Raman and Nick Carlsen explain the crucial role that Chinese underground money laundering organizations play in the operations of Russian crime syndicates, North Korean hackers, and other actors in the illicit finance ecosystem. Raman and Carlsen call for the United States to develop a strategy to combat global financial crime through offensive cyber operations and private sector collaboration:

Each one benefits: North Korea gets cash for its regime, Russian actors get partners in crime and access to Chinese markets, and corrupt Chinese brokers and businesses—which sit at the center of it all—earn hefty fees. This nexus poses a multifaceted threat that spans cybercrime, narcotics, and sanctions evasion, all stitched together through blockchain networks and other internet-based technologies that transcend national boundaries.

The Revenge of the JCPOA

In the latest installment of Lawfare’s Foreign Policy Essay series, Raphael S. Cohen argues that the Trump administration’s negotiations with Iran will encounter the same obstacles—including limited scope, economic incentives, and a lack of permanent relief—that plagued the Joint Comprehensive Plan of Action (JCPOA) in 2015:

Finally, there is the question of whether a new deal would be a permanent or stopgap measure. As the history of the JCPOA demonstrates, any treaty is only good as long as all parties are willing to abide by it—and that is by no means guaranteed. Iran’s ambitions to be a major player in the Middle East, and maybe even a regional hegemon, give it plenty of incentives to try to wiggle out of whatever shackles a new nuclear deal places on it. A future U.S. administration may also have reason to break an arrangement it deems to be flawed. And then there are the outside actors who won’t be party to the deal itself—most notably Israel—who will reach their own conclusions about the merits of the agreement and may take matters into their own hands.

AI-Enhanced Social Engineering Will Reshape the Cyber Threat Landscape

Alex O’Neill and Fred Heiding discuss how state-sponsored cyber threat actors leverage artificial intelligence (AI) to carry out cyberattacks using social engineering techniques such as phishing and impersonation. O’Neill and Heiding emphasize the threat AI-enhanced attacks pose to both digital and real-world security and call for policymakers to proactively respond to these emerging threats:

Despite LLMs’ transformative impact, their social engineering capabilities face some limitations. Many models cannot access up-to-date information, which could lead to errors in gathering intelligence or generating spear phishing messages. For example, a model trained on data from 2023 would not know that a Kimsuky think-tank target has since changed jobs. Additionally, as flimsy as LLM guardrails tend to be, they may prevent less determined would-be attackers from exploiting the models. Security programs may be able to detect some AI-generated content and flag it as suspicious. Moreover, social engineering tactics are typically part of a larger attack chain with multiple steps that current AI tools cannot automate effectively, such as creating malware tailored to a particular target network. Overall, LLMs offer powerful social engineering capabilities but still struggle to execute sophisticated cyberattacks from end to end.

Podcasts

On Lawfare Daily, I sit down with Scott R. Anderson, Anna Bower, Roger Parloff, and James Pearce to discuss the status of the civil litigation against President Donald Trump’s executive actions, including the release of Mohsen Mahdawi, the Alien Enemies Act, and the dismantling of agencies across the executive branch:

Today’s #BeastOfTheDay is this baby fox, which I met when I went to the cabin in the woods this weekend to lay more Canadian hardwood floorboards:

In honor of today’s Beast, I need to find a baby fox shirt. Foxes are, after all, dogs.

Tell Me Something Interesting

In further honor of today’s Beast, I (EJ Wittes) went to find some photos from one of my favorite long-running scientific studies—an investigation of the genetic roots of animal domestication, using silver foxes as the test animal.