Missile Defense System - Control panel of the missile defense system with a radar display screen and digital maps. Officials are reviewing the information received from the sensors.

Growing Foreign Threats to National Security, Part 1: Challenges and Considerations

Sovereign nations – in particular, China, Russia, Iran, and North Korea – continuously challenge the United States. These nation-state threats to the U.S. domestic landscape in physical, cyber, economic, military, and diplomatic domains also pose increasing challenges to traditional emergency response entities. Such threats also put essential services and functions at risk through cyberattacks, such as those against hospital operations, financial services, power provision, water services, and other critical infrastructure elements. These actors interfere with and disrupt normal emergency operations with erroneous information during events to sow mistrust, confuse the public, and widen societal divides. Nation-state threats also include “kinetic” risks, such as sabotage of facilities or even missile attacks.

A growing fear within the national security and defense communities is that confrontational nation-states will activate their full range of capabilities in massive, simultaneous applications of cyberattacks, information influence, and kinetic warfare across wide geographical areas of the U.S. Only recently have these concerns entered the realms of preparedness and strategy at state and local levels. Emergency management is fully committed to current crises’ while it simultaneously tries to prepare for acts of greater consequence and complexity. Impacts on the emergency management community from nation-state threats generally fall into four overlapping elements:

  1. Attacks directly against public health, safety, and security organizations;
  2. Interference in the response operations to traditional incidents and emergencies;
  3. Attacks against resources or infrastructure that are critical to communities in normal and emergency environments; and
  4. Attacks against critical national defense and security assets collocated with or dependent upon state and local communities.

Four Nation-State Threats

According to the 2024 Annual Threat Assessment of the U.S. Intelligence Community produced by the Office of the Director of National Intelligence (ODNI), China, Russia, Iran, and North Korea present multifaceted threats to the U.S., leveraging influence, cyber operations, and – to varying extents – military capabilities. China is actively expanding its global influence through sophisticated operations, including the use of artificial intelligence, to undermine U.S. leadership and democracy. It is also the most persistent cyberthreat, targeting critical U.S. infrastructure and preparing for potential conflicts. Russia, similarly, uses influence and cyber operations as key tools to divide Western alliances and shape global perceptions, particularly during U.S. election cycles. Both nations maintain significant military capabilities, with China potentially possessing chemical and biological weapons and Russia focusing on operations related to its actions in Ukraine which domestically has become a divisive political issue.

The ODNI report states that Iran and North Korea also pose serious threats through cyber and missile programs. Iran’s cyber activities have become increasingly aggressive, targeting U.S. infrastructure and attempting to influence elections, attacking financial accounts of organizations and individuals, while its weapons program continues to develop more accurate and lethal missiles. North Korea remains focused on expanding its nuclear arsenal and advancing missile technologies alongside a sophisticated cyber program aimed at espionage and financial theft, particularly through cryptocurrency operations.

Collectively, these nations utilize a blend of influence operations, cyberthreats, and military capabilities to challenge U.S. interests globally. Their actions highlight a strategic convergence where cyber and influence operations are often the first lines of attack, with their militaries serving as powerful deterrents or, in some cases, active threats to U.S. and allied forces.

Emergency Management Relevance

Potential scenarios requiring emergency management include the following:

  • Campaigns of misinformation (incorrect), disinformation (intentionally misleading), and malinformation (misuse for manipulation) during events or crises intended to disrupt response capabilities, sow distrust of government agencies, and increase societal friction;
  • Disruption or destruction of critical local and national infrastructures, limiting emergency resources with economic and social impacts;
  • Attacks on essential crisis services such as first response agencies, emergency health facilities, dispatch centers, operations centers, etc.;
  • Attempts to limit or divert traditionally available surge resources to other emergencies, such as activation of National Guard units to overseas conflicts or border security operations; or
  • Military attacks, such as missile launches against U.S. territory.

Events of the highest complexity would be combinations of such scenarios promulgated simultaneously across domestic U.S. locations.

Effects on Emergency Management Mission

The emergency management profession has had increases in the scope and scale of its mission space. Intensifications in weather events, along with other natural and technological hazards, have put all communities more and more at risk. Additionally, the expectations placed on emergency management organizations have grown, making it difficult to keep up with a surging workload and meet those expectations.

How the emergency management community addresses the expanded scope and scale of its mission and simultaneously mitigates, prepares for, responds to, and recovers from nation-state threats is a significant challenge. Emergency planners determine which threats to prioritize, how best to allocate resources in preparation, and which responses are most critical in each situation. Nation-state threats might manifest in emergency management in four general categories:

  1. Direct attacks against public health, safety, and security organizations – Deliberate targeting of emergency organizations and facilities degrades, if not destroys, the underlying infrastructures of a planned emergency response. These attacks might include cyber or military operations against dispatch centers, emergency operations facilities, first responder communications, healthcare and emergency room capabilities, and law enforcement centers.
  2. Disruptive attacks that interfere in the response and recovery operations during traditional emergencies – Disruptive attacks can influence the public by promulgating false or misleading reports and incorrect data to confuse public perceptions of the event, its causes, and the effectiveness of the response. The goal is to instill a loss of confidence in government, cause the public to question official information and guidance, and amplify societal divides.
  3. Attacks against the resources or infrastructures critical to communities in normal and emergency environments – Cyber, military, and influence operations might be used singularly or in combination to degrade, divert, or eliminate essential services that communities rely on and the assets critical to mitigating and minimizing the impacts of disasters as they occur. For example, attacks against communications, power, and water services impact a community’s normal functions and the essential resources for responders and governments during an incident.
  4. Indirect attacks against critical national defense and security assets that are collocated with or dependent on state and local communities – Defense and security facilities are vulnerable to attacks and interference outside their often-formidable fence lines. Although military bases and transportation hubs are robust in their security, they rely on local communities and distant jurisdictions to maintain and protect critical infrastructures necessary for daily operations and mobilization efforts. These threats are twofold: Attacks against national security assets could spill over into communities, while assaults against the infrastructures that sustain and support these assets could occur outside the capabilities, jurisdictions, and authorities of defense agencies.

Cascading and Intersecting Implications

Each threat presents cascading implications for emergency management operations and essential government functions. For example, while improved public information efforts might mitigate incident misinformation, the mistrust or confusion that fake information creates may evolve and manifest outside the bounds of traditional emergency endeavors. For example, well-placed disinformation implying that one segment of a population receives more beneficial disaster relief from officials than another could amplify already existing divides, suspicions, and animosities. 

Additionally, emergency management professionals cannot assume these threats are one-offs or linear events that can be singularly planned for and responded to. Adversaries might use several of these attack avenues to maximize the impact with operations intent on spreading misinformation while cyberattacks degrade community services, creating complex and increasingly challenging effects.

Preparedness Perspectives

The types of contingencies that emergency managers prepare for – from increased attention to terrorism prevention and response following 9/11 to the broadened expectations of agencies and the profession during a pandemic – have increased over the past two decades. Concurrently, the effort required to address traditional hazards or novel emergencies exceeds past expectations. This difference is better appreciated when viewed from different perspectives.

Operational

An operations function executes tactics and coordinates resources to solve near- and mid-term issues during the response to an incident, including training on protocols, processes, and practices. Nation-state threats, however, present challenges to traditional operational processes. For example, mis-, dis-, or malinformation generally impact traditional joint information centers and public affairs activities. Information professionals must learn new response tactics to address new threats and exercise skills. Other operational impacts also could be consequential, such as interruptions of essential communications systems, emergency computer networks, command and control centers, facility degradation, etc. New or modified plans and resources are necessary to prepare for this new scenario.

Capabilities

Nation-state attacks affect resources in two ways: those required during a response and those necessary for effective preparedness. Asset supply chains that nation-state attacks could disrupt need to be assessed, and contingency plans developed to prepare for the loss of expected and planned-for resources, such as mutual aid, National Guard, and other surge capabilities. In addition, standard preparedness resources dedicated to planning, training, exercising, and asset acquisitions may not be adequate for the nuances and extremes of a nation-state attack.

Policy and Authorities

In the event of a nation-state attack, emergency management governance needs the appropriate policies and authority structure to deal with the preparation, response, and recovery unique to such an event. A 2011 essay by former Department of Homeland Security Secretary Michael Chertoff, suggests that in the post-9/11 environment; intelligence and information-sharing policies among law enforcement, national security, and the military remain complex which would seemingly compound in today’s nation-state threat environment even more. Emergency declarations must be adequate for the consequences of a nation-state attack. The Stafford Act must be appropriately structured to help communities recover from cyberattacks, infrastructure sabotage, or more serious military attacks. This statute was written in a period that could not have envisioned the hazards and threats faced more than four decades later. Alternatively, new authorities should be developed to address nation-state attack consequences. Likewise, state and local emergency authorities, which originating mostly in the context of the Civil Defense Era of the Cold War (circa 1950-79,) should be reviewed with an eye toward the implications of current and future nation-state threats against state and local communities.

Doctrine

Unified command, mutual aid, resource and aid prioritization, and requests for assistance are examples of doctrinal approaches that could be challenged in the face of a nation-state incident. A unified command may differ in composition and authority in a widespread nation-state attack. When national security is at stake, priorities may also need to change. Federal response to needs and suffering at local levels may require top-down decision-making instead of the current bottom-up structure. Additionally, there are new demands on emergency management systems in a nation-state threat environment. One new element of emergency response even includes civil support to military operations, which may demand new ways of organizing, planning, and resource acquisition. For example, the ability to protect military transportation routes and hubs may require resources from local public safety communities.

Relationships

Core relationships essential to emergency preparedness have been built to support traditional and expected hazards arising mostly from the natural environment. Many of these relationships are codified in comprehensive plans and doctrinal frameworks such as Emergency Support Function agency assignments in the National Response and Recovery Frameworks. Nation-state threats, however, demand information, resources, coordination, and cooperation from entities outside these routine and established relationships. For example, intelligence data from law enforcement entities might be necessary to understand how an incident might unfold and how best to mitigate its effects. Understanding the national security implications of an attack might require interacting with federal agencies that are not normally in communication and coordination channels of emergency response, and the potential impacts on military and other defense assets might require conversations unique to the nation-state context. The incursion over Canadian and U.S. airspace of a Chinese balloon in 2023 demonstrated the challenges of international, interagency, interjurisdiction, and interdisciplinary information and intelligence sharing.

Public and Private-Sector Leadership

In a traditional emergency management landscape, governmental and non-governmental entities’ overall goals and objectives align to alleviate public suffering, support disaster survivors, and help communities recover and rebuild following emergency events. In an adversarial nation-state attack, however, the same alignments may not exist, and friction among agencies, organizations, and levels of government might result. For example, the actions to protect a military facility might be at odds with the normal functions of the surrounding community. A private-sector entity’s response to a cyberattack might conflict with the population’s needs, dependent on that company’s services. What might be considered prudent public messaging in an emergency could conflict with national narratives during international conflict.

Other Important Perspectives

Nation-state threats and their implications might not be viewed in equal measures of severity and importance by those with oversight of emergency management agencies. Governors, mayors, commissioners, legislators, and other officials may differ with their emergency management professionals’ risk assessments and prioritization of nation-state threats. Even emergency managers may disagree with each other along these lines and differ as to where the focus of their efforts should be or how to spend money and time. The public’s perception of these threats also shapes the discussions and debates surrounding the distribution of resources and attention.

All these perspectives intersect and interact in complex and sometimes unpredictable ways. A governor’s perspective on what an emergency management agency should focus on may differ from guidance in a federal grant designed to prepare for nation-state threats. National defense priorities can conflict with traditional disaster response and preparedness efforts. Perceptions of urgency, seriousness, and prioritization of nation-state attack preparedness are as varied as the organizations required to collectively respond to them.

The Next Step

Some paths and challenges that emergency managers consider are foundationally based on perceptions of victory. Nation-state attacks are real and credible as well as confusing and complex. The first question may be more philosophical but might help guide further strategy and effort: How would the emergency management community define success in light of the growing threats of nation-state adversaries?

In Part 2, learn how emergency management decision-makers at all levels might address the implications of foreign threats within the U.S.

Glen Woodbury

Glen Woodbury is an adjunct international/defense researcher at RAND, a nonprofit, nonpartisan research institution. He is also a professor of the Practice Emeritus at the Naval Postgraduate School’s Center for Homeland Defense and Security and was their director for 17 years. He served as the director of the State of Washington’s Emergency Management Division and is a past president of the National Emergency Management Association as well as a former U.S. Army signal officer.

SHARE:

COMMENTS

Translate »