Search dyami insights

Date: 05/12/2025 Executive Summary During 2025, reports have been made indicating the presence of uniformed, armed personnel (likely Russian-associated) aboard civilian vessels thought to be part of the vast Russian ‘shadow fleet’ comprising ageing, uninsured oil tankers and cargo vessels registered under flags of convenience and with deliberately confusing ownership structures. These uniformed personnel serve intelligence, surveillance, and command-and-control functions aboard vessels operating in the North Sea, Baltic Sea, and in proximity to critical energy and telecommunications infrastructure.  This development represents an escalation in Russia's hybrid warfare operations, transforming the shadow fleet from a sanctions-evasion mechanism into an active military intelligence platform with direct implications for North Sea-dependent economies. For North Sea littoral states, this poses an immediate and evolving threat to critical undersea cable infrastructure, offshore energy operations, port security, and maritime commerce. The presence of armed military personnel aboard civilian vessels in European waters, combined with documented drone operations taking place throughout European territory and the use of shadow fleet vessels to damage undersea cables, indicates Russia is preparing for potentially coordinated hybrid attacks on critical European infrastructure. Details Who Highly likely Russian military personnel (reportedly identified as wearing Russian Navy camouflage uniforms); embedded on civilian shadow fleet oil tankers registered under flags of convenience (Panama, Gabon, Comoros, Liberia, etc.); protected by Russian military air assets. What Armed personnel installed aboard civilian merchant vessels; observed photographing bridge passages and critical infrastructure during transits; exercising authority over international crews; intimidating maritime pilots and foreign crew members; gathering intelligence on European maritime infrastructure and critical facilities. Where Baltic Sea (primary focus). North Sea, especially critical infrastructure choke/crossing points.  Danish waters (routes transiting through Øresund Strait and Great Belt). Approaches to German, Polish, Lithuanian, Latvian, and Estonian ports. European Exclusive Economic Zones (EEZs). Approaches to critical oil transfer facilities, LNG terminals, undersea cable landing stations, and port infrastructure. When July 2025 – DanPilot reports uniformed personnel observations. August 2025 – Swedish Herald reports of spying on Danish critical infrastructure by shadow fleet personnel. September–November 2025  – Further Danwatch investigations. November 2025  – DanPilot confirms pattern of uniformed personnel sightings; ongoing through December 2025. Why Intelligence gathering : Russia deploying military observers to map port infrastructure, piloting procedures, security gaps, critical facility locations, NATO military response Tactics Techniques Procedures (TTPs). Crew control : Maintaining operational security and preventing crew defections or reporting of irregular activities. Intimidation : Demonstrating Russian state control and deterring pilot cooperation with European authorities. Diversifying of recent hybrid warfare : Extending Russia's intelligence collection and sabotage preparation into European waters. Political messaging : Signalling Russian willingness to violate international maritime law with near-total impunity. How Insertion of Russian military/state security personnel on board civilian ships as ‘ship's officers’ (particularly ‘second mate’ positions with de facto command authority, mirroring Soviet-era political commissar roles). Use of false credentials and opaque crew manifests. Operation under flag-of-convenience vessels with minimal transparency. Coordination with Russian naval and air assets providing protective cover. Exploitation of international crew diversity to conceal Russian personnel among mixed-nationality crews . What happened? Throughout 2025, several reports have documented an escalating pattern of almost certain Russian military personnel aboard Russian ‘shadow fleet’ vessels transiting European waters. Beginning in mid-2025 and intensifying through November, Danish investigative outlet Danwatch, in coordination with internal reports from DanPilot (Danish state pilotage service), identified seemingly uniformed Russian military or state security personnel embedded aboard civilian oil tankers operating under flags of convenience. These uniformed personnel have been observed conducting apparent surveillance activities, namely photographing bridge passages and critical infrastructure during transits, and exercising command authority over international crews. Pilot reports and internal maritime authority communications indicated that this practice has become increasingly common, with multiple shadow fleet vessels now following similar patterns of embedding uniformed Russian personnel, particularly in senior crew positions such as "second mate" with actual command-level authority over the vessel and crew. These personnel conduct reconnaissance by taking photographs of areas of interest and are likely also able to conduct aerial reconnaissance through the deployment of small drones for surveillance. These tactics, refined during the war in Ukraine, are now being deployed throughout Europe to undermine European societal resilience against potential attacks on infrastructure.   Analysis: Why does this matter for government and businesses? For North Sea Littoral State Governments Direct Escalation of Russian Hybrid Warfare in Sovereign and EEZ Waters The placement of armed Russian military personnel aboard civilian vessels operating in North Sea waters represents an escalation beyond Russia's previous hybrid warfare tactics. This is no longer simple sanctions evasion or passive intelligence collection; it is an active Russian military presence conducting surveillance, infrastructure reconnaissance, and sabotage preparation in European waters, frequently within nations' Exclusive Economic Zones where legal ambiguity complicates response. The concurrent deployment of Russian military aircraft to protect shadow fleet operations and systematic drone reconnaissance across German, Norwegian, Belgian, and Dutch territory indicates Russia has integrated the shadow fleet into a comprehensive European-wide hybrid warfare campaign combining maritime, aerial, and land-based intelligence collection and potential sabotage platforms. Challenge to Maritime Sovereignty and Legal Framework Russia has demonstrated it can: Insert armed military personnel aboard vessels in European waters with near-total impunity. Conduct surveillance and intelligence gathering on European critical infrastructure. Intimidate European maritime officials (pilots) without facing enforcement consequences. Maintain operational security despite NATO monitoring. Operate under flag-of-convenience vessels that complicate jurisdictional response. Coordinate with Russian military assets (aircraft, naval vessels) providing direct protective cover. This signals that North Sea littoral states lack coherent legal, operational, and political mechanisms to enforce maritime sovereignty against Russian hybrid operations. Convergence of Multiple Threat Vectors The shadow fleet armed personnel operations are not isolated, rather, they operate in coordination with: Systematic drone reconnaissance of military installations and critical infrastructure across European territory. increasingly using proxy actors and online recruitment of third-country nationals to carry out sabotage and intelligence gathering in European nations. Several cases of fibre optic cable sabotage throughout Europe since 2022. Russian fighter jet operations in European airspace (Su-35 fly-pasts of Estonian naval vessels attempting to interdict the vessel, JAGUAR, Lithuanian airspace violation October 2025, several Russian drone incursions in Romanian and Polish airspace since 2022). Several incidents since February 2022 are believed to have involved Russian shadow fleet vessels, or those of Russia’s allies, in undersea cable sabotage operations, with such activity necessitating the launch of NATO mission, OPERATION BALTIC SENTRY. The YANTAR (IMO: 7524419) laser-dazzling incident targeting Royal Air Force (RAF, UK) aircraft over critical North Sea cable infrastructure in November 2025.  This convergence suggests Russia is preparing for coordinated hybrid attacks combining maritime, aerial, cyber, and undersea elements to disrupt European critical infrastructure simultaneously. Threat to Critical North Sea Infrastructure Interdependencies The North Sea contains: Approximately 20+ critical undersea fibre optic cables carrying ~90% of North Sea region communications and transatlantic traffic. Multiple energy interconnections and power transmission cables. LNG terminal approaches and offshore oil/gas platforms. Port facilities housing energy transfer terminals. Maritime chokepoints (Øresund Strait, Great Belt) where all Baltic maritime traffic must transit. These infrastructure systems are critically interdependent: disruption to one cascades across multiple sectors. A coordinated attack on cable landing stations in the Netherlands, Belgium, and UK combined with drone strikes on power distribution and port facilities could simultaneously disrupt communications, energy supply, and maritime commerce across the entire North Sea region and UK-Europe trade. Financing Russia's War and Intelligence Operations The shadow fleet finances Russia's war effort to a significant degree. Russian military personnel embedded aboard shadow fleet vessels serve to: Ensure operational security and optimize sanctions evasion efficiency. Gather intelligence on European enforcement capabilities. Pre-position personnel for future sabotage or attack operations. Coordinate with other Russian intelligence and military assets. This means allowing shadow fleet operations with impunity directly finances Russia's continued military operations in Ukraine and preparations for potential NATO conflicts. For Critical Energy and Telecommunications Infrastructure Operators Intelligence Collection Targeting Facilitie s Russian military personnel aboard shadow fleet vessels have been systematically photographing: Port infrastructure and facility layouts at critical energy terminals. Pilot procedures and maritime traffic management systems. Security protocols and vulnerability gaps. Undersea cable landing station approaches and infrastructure. This intelligence will directly inform Russia's sabotage and target development planning. Given Russia's demonstrated interest in undersea cable targeting (YANTAR operations, GUGI capabilities, Baltic Sea cable incidents, etc.), the collection of North Sea port and cable facility intelligence suggests preparation for future attacks. Operational Vulnerability from Drone and Maritime Coordination The documented pattern of: Armed personnel aboard vessels gathering infrastructure intelligence. Concurrent drone sightings near military and critical facilities across European territory. Demonstrated Russian capability to launch drone operations from European-based recruits (via Telegram) or maritime platforms. Russian military protection of shadow fleet vessels via fighter jets and naval assets. These identified indicators can act as advanced warnings for several stakeholders. This activity suggests Russia is preparing for coordinated attacks combining maritime-based sabotage with drone strikes on land-based infrastructure. For North Sea operators, this means a single infrastructure disruption event could be accompanied by drone attacks on backup systems, power distribution, or personnel. Threat from Amphibious Drone Operations Originating from Shadow Fleet Vessels The legal ambiguity surrounding vessels' freedom of navigation in EEZs creates an operational vulnerability: shadow fleet vessels can position themselves near critical infrastructure, disable AIS beacons, and launch drone operations into European territory with minimal risk of immediate interception. Key factors enabling this threat: Drone range: Commercial and military-grade drones have varying ranges, with many being able to fly over 12Nm (22km), allowing launch from offshore vessels to target facilities kilometres inland. Unverified cargo: Many ships' cargoes are not checked when transiting from Russian ports through European waters, meaning vessels could carry drone systems, explosives, other materiel without detection. Vessel ID/ownership opacity: Opaque ownership and management structures make assignment of responsibility extremely difficult. AIS spoofing/shutdown: Shadow fleet vessels often disable tracking systems (AIS; Automatic Identification System) and operate more covertly while positioning for operations. The vessel can also have its position artificially altered, showing it in a location where it currently is not. Legal ambiguity: Foreign vessels enjoy freedom of navigation in EEZs, making it difficult to legally challenge their presence even when armed personnel are visible. Coordination with Land-Based Russian Recruitment Networks Russia maintains networks across European territory of individuals motivated by financial needs ("useful idiots") recruited via social media and messaging platforms (Telegram) to conduct drone reconnaissance of sensitive sites. The October 2025 timing, when Putin laughingly stated he would not send drones into Europe, immediately followed by drone sightings over German military installations, suggests deliberate coordination between: Maritime-based personnel and platforms (shadow fleet vessels). Land-based reconnaissance networks (recruited European operatives). Russian intelligence services coordinating operations. This means attacks on North Sea critical infrastructure could be preceded by drone reconnaissance conducted by European-based operatives, with targeting data shared with Russian military and maritime assets, enabling coordinated strike planning. Cascading Failure Risk in North Sea Region The interdependence of North Sea critical infrastructure means: Disruption to undersea cables affects communications, energy control systems, and financial networks simultaneously. Power system disruption affects port operations, LNG terminals, and offshore platform operations. Port disruption affects energy exports, maritime commerce, and supply chains. Coordinated disruption combining maritime sabotage with drone strikes could cascade across multiple interdependent systems. A single well-planned, coordinated attack could simultaneously disrupt energy supply, communications, maritime commerce, and financial systems across the entire North Sea region. Moreover, if these events happened on the borders of littoral nations’ EEZs, significant delay could be seen whilst nations identify who is responsible for reacting to the incident and repairing damaged assets. Conclusion Incidents taking place throughout Europe such as arson, sabotage, and cyberattacks will almost certainly continue albeit at a slower pace given that European intelligence and security agencies are becoming more aware of these tactics. However, more attention is highly likely to be placed on exploiting the power the Russian state has over a vast and murky maritime fleet that allows it to navigate and evade the rigidity and slow bureaucratic nature of Western authorities’ responses. The documented presence of armed Russian military personnel aboard shadow fleet vessels transiting North Sea waters represents an immediate and evolving threat to the security, sovereignty, and critical infrastructure of North Sea littoral states. This threat operates in coordination with drone reconnaissance operations across European territory, Russian military escort of shadow fleet vessels, and preparation for potential coordinated hybrid attacks on critical energy and telecommunications infrastructure. The North Sea region is uniquely vulnerable due to: Concentration of critical undersea cables and energy infrastructure. Geographic interdependence creates cascading failure risks. Legal ambiguity surrounding military activity in EEZs. Fragmented European response mechanisms. Russia's demonstrated operational skill and willingness to escalate. However, North Sea littoral states possess legal, operational, and strategic tools to respond decisively if political will exists. UNCLOS (United Nations Convention on the Law of the Sea), MARPOL (The International Convention for the Prevention of Pollution from Ships), SOLAS (The International Convention for the Safety of Life at Sea), and national maritime laws provide authority to board, inspect, detain, and exclude shadow fleet vessels. NATO coordination enables unified threat response. Critical infrastructure operator participation enables security hardening and redundancy. The narrow window of opportunity to establish effective enforcement and deterrence will close if Russia successfully integrates the shadow fleet as a routine presence in European waters. Acting decisively now is essential to defend North Sea sovereignty and critical infrastructure. Failure to act decisively can signal to Russia that shadow fleet armed personnel operations can continue with impunity, likely encouraging further escalation and increasing the risk of major incidents affecting European energy security, communications infrastructure, and maritime commerce.

Date:  02/12/2025  (11:30 UTC+01:00) Where?  Tanzania: Dar es Salaam, Arusha, Mwanza, Dodoma (and possibly more cities) What happened?  Recently, it was announced that Tanzania will cancel its celebration for its 64th Independence Day, held on  09/12/2025 . The official reason is that the money for the festivities is needed to rebuild infrastructure damaged during the post-election protests that swept the nation in early November. The decision appears to have deeper political motivations beyond the stated budgetary concerns. Significant national anniversaries often serve as catalysts for political activism and civil resistance movements. This pattern was evident during Kenya's Saba Saba  (July 7th) protests  earlier this year, during which a historic commemoration date became a focal point for mass demonstrations.   A similar scenario is plausible in Tanzania, which continues to grapple with the aftermath of severe post-election violence . Following widespread protests against President Samia Suluhu Hassan's electoral victory - widely viewed as fraudulent - security forces responded with lethal force. According to some estimates, hundreds of people were killed during the unrest. A trusted internal source indicates that the government plans to impose a new curfew beginning on 5 December,  lasting for roughly five days, coinciding with a planned internet shutdown aimed at inhibiting coordination of Independence Day demonstrations. Given the government’s demonstrated willingness to use force to pre-empt political mobilization and its extensive reliance on internet disruption and curfews during the post-election unrest, such measures should be considered a credible scenario. Building on that,  authorities are also likely to deploy significant security forces to key arteries, junctions, and protest hotspots , including Morogoro Road, city-centre districts, and approaches to Julius Nyerere International Airport (DAR/HTDA) beginning several days before 9 December. Due to the expected heavy security presence, large-scale protests in Tanzania’s cities are considered unlikely, as the police will move quickly to disperse crowds and use force if necessary. The possibility of widespread unrest across multiple districts, accompanied by multi-day communication disruptions, is less likely but remains a credible scenario given the intensity of public anger and the government’s sensitivity to international scrutiny. For staff residing in Dar es Salaam, Arusha, Mwanza, and Dodoma, the most significant risks between 5–10 December will stem from transit disruptions, disproportionate security responses, short-notice curfews, and loss of communication capability . Keep into account that stocks in supermarkets and other shops might run out; keep an emergency supply  of food and water available. Don't save photos or videos of the recent violence in Tanzania, as it may be considered a criminal offence For more information, contact Dyami at info@dyami.services

26 November 2025 Executive Summary Venezuela has evolved into one of the most significant hybrid threat hubs in the Western Hemisphere, where state authority, criminal enterprises, armed groups, and foreign intelligence services converge. The Maduro regime’s alliances with Iran, Russia, and Cuba — combined with deep integration with FARC dissident factions, the ELN, and transnational criminal organizations — have transformed the country into a strategic platform for destabilizing regional activity. A recent US Senate testimony (October 2025) confirms that Hezbollah, facing unprecedented financial strain following heavy battlefield losses and disrupted Iranian funding channels, is now increasingly reliant on Latin American drug-trafficking and money-laundering networks. Venezuela sits at the center of these operations, providing documentation, safe haven, logistical support, and permissive access to free-trade zones that facilitate Hezbollah’s global financial architecture. This places Caracas at the core of a hemispheric network that links narcotics flows, illicit finance, and the survival of a major Iranian proxy. Russia’s footprint in Venezuela has simultaneously expanded from political support to direct military enhancement. Ukrainian Intelligence reports indicate that a Russian general implicated in the Kakhovka Dam attack is now training Venezuelan forces to mark  a shift toward embedding Russian doctrine and hybrid warfare capabilities inside the Venezuelan security apparatus. This development strengthens regime resilience while further entrenching foreign strategic influence. These networks sow instability across the Caribbean and in South America.  Armed groups enjoy sanctuary and operational freedom in Venezuelan territory; illicit maritime corridors into the Caribbean are expanding; and Hezbollah-linked financial and logistical cells continue to surface in Brazil, Argentina, and beyond. The result is a transnational ecosystem in which state actors, criminal syndicates, and foreign proxies reinforce one another. In the foreseeable future, barring a US military intervention, the integration of Iranian, Russian, criminal, and insurgent structures into the Venezuelan state is expected to intensify. This presents growing risks to regional governments, international businesses, and Western security interests, while increasing the likelihood that the hemisphere becomes an active theatre for global hybrid conflict dynamics. Situation Overview: Threat networks Venezuela has developed into a permissive operating environment for insurgent and criminal networks with historical roots in the region. FARC dissidents, the ELN, and a mosaic of armed militias have established parallel structures in border areas and mining regions. Their survival depends on illicit economies — gold, cocaine, fuel smuggling, extortion, and migrant trafficking — which are now increasingly integrated with regime-aligned military and political elites . The Cartel de los Soles , embedded within the Venezuelan armed forces, remains central to this fusion of state authority and organized crime. Cuba’s  entrenched role within Venezuela’s intelligence and security architecture reinforces these dynamics. Cuban advisors shape surveillance, counter-dissent operations, and the internal control mechanisms that protect regime elites . This creates a stable authoritarian backbone that enables the regime to absorb foreign partners and maintain cohesion despite economic collapse. Russia ’ s influence has deepened significantly. Beyond political backing and disinformation support, Russian advisors now play a direct role in shaping Venezuela’s military capabilities. Intelligence from Ukrainian, including head of Ukraine’s Military Intelligence HUR Kyrylo Budanov  and Western sources indicates that a Russian general, Oleg Makarevich, associated with hybrid warfare operations in Ukraine — including the Kakhovka Dam sabotage — is training Venezuelan forces in drone warfare, electronic warfare, reconnaissance, and irregular tactics. This marks a shift from advisory presence to direct force-development support, embedding Russian doctrine within Venezuela’s armed forces and securing Moscow’s foothold in the hemisphere. Iran ’s footprint in Venezuela continues to expand across industrial, energy, intelligence, and logistical channels. This presence has taken on renewed significance as Hezbollah faces an acute financial crisis. According to Sales and Levitt ( US Senate hearing of 20–21 Oct 2025 ), Hezbollah has lost a major portion of its funding pipeline due to: destruction of cash and gold stockpiles in Israeli strikes collapse of Syrian regime support reduced Iranian capacity to subsidize its proxy due to sanctions and internal pressures dismantling of Hezbollah’s shadow banking networks such as al-Qard al-Hassan As a result, Hezbollah is doubling down on drug trafficking and money laundering in Latin America — with evidence showing that Venezuela is a key enabler. Sales identifies Venezuela under Maduro as a key operational safe haven, providing: official documentation (passports, IDs) to Hezbollah operatives logistical support for drug shipments, weapons transfers, cash handling, and contraband permissive ports and airports for trans-shipment freedom for Hezbollah-linked figures to operate with impunity Levitt’s testimony reinforces this, documenting cases where Venezuelan-linked couriers moved drug proceeds to Lebanon, where Hezbollah facilitators used Venezuelan Free Trade Zones or FTZs (notably Margarita Island) for money laundering, and where Venezuelan diplomatic cover supported Hezbollah-connected movement across the hemisphere. The impact The regional impact is broadening. Colombian border provinces suffer spillover from Venezuelan-based armed actors; Ecuador’s institutional collapse shows how quickly hybrid networks can overwhelm state capacity; Brazil and Argentina continue to expose Hezbollah-linked financial and logistics cells ; and Caribbean territories linked to Europe (Aruba, Curaçao, Bonaire, British Virgin Islands, Cayman Islands, Guadeloupe, Martinique) function as transit nodes for Venezuelan-origin cocaine, gold, weapons, and illicit finance. These maritime corridors further anchor Venezuela’s position within global criminal–militant supply chains. Across Latin America, risk indicators suggest accelerating hybridization. Armed groups expand territorial control within Venezuela, Iranian technical deployments increase, Hezbollah’s facilitators deepen their financial networks, and Russia’s military presence grows more explicit. Together, these developments indicate the emergence of a fully integrated hybrid threat ecosystem supported — and in some cases orchestrated — by the Venezuelan state. Looking ahead Baseline Scenario: Consolidation of the Hybrid Threat Hub (Most Likely) Hezbollah escalates its reliance on Latin American drug money to offset declining Iranian subsidies. Venezuela tightens its cooperation with Russia, Iran, and Cuba, embedding foreign operatives and intelligence services within its security architecture. FARC/ELN groups expand their control in border zones. Illicit financial flows through Venezuela, Brazil, and Caribbean jurisdictions continue to rise. Outcome:  Increasing regional instability and expanding exposure for financial institutions and logistics operators. Escalation Scenario: Operational Activation and Geopolitical Friction (Plausible) Hezbollah-linked networks, under financial and strategic pressure, transition from financial functions to operational activities, including surveillance or planned attacks against Western or diplomatic targets in the region. Russia expands military training or deploys additional personnel, heightening US.–Russia tensions in the hemisphere. Debate intensifies over designating Venezuela a State Sponsor of Terrorism. Outcome:  High risk of targeted attacks, maritime disruptions, and destabilizing incidents across Latin America. Stabilization Scenario: Partial Rollback Through Regional Alignment (Least Likely) A limited political opening in Caracas, combined with coordinated regional diplomacy and enhanced intelligence-sharing, leads to partial containment of armed group expansion. Colombia regains control over key frontier zones, while Ecuador stabilizes critical institutions. Tehran focuses its resources elsewhere, slowing its operational tempo in the hemisphere. Illicit economies persist, but the strategic environment stabilizes, reducing the momentum of hybrid operations. Outcome:  Moderate friction for Hezbollah but persistent networks. Conclusion Venezuela’s evolution into a hybrid threat hub is now quite firmly established. The convergence of armed groups, criminal economies, and foreign strategic actors — including Russia’s escalating military role, Iran’s expanding intelligence footprint, and Hezbollah’s increasing dependence on Latin American narcotics revenues — positions Venezuela as a hemispheric and global destabilizer. The 2025 Senate testimonies confirm that Venezuela’s permissive environment is now a central regional node in Hezbollah’s financial architecture and to Iran’s broader proxy ecosystem. Over the coming year, these networks could intensify, reshaping Latin America’s security landscape and complicating Western efforts to counter agile, state-supported hybrid threats.

Date:  27/11/2025  (12:00 UTC+01:00) Where?  Guinea-Bissau; Bissau What happened?  On 23/11/2025 , the West-African nation Guinea-Bissau held presidential and legislative elections. If the incumbent Umaro Sissoco Embaló would manage to become re-elected, he would be the first president in Guinea-Bissau to do so in about three decades.  Tensions surrounding the elections had been simmering for a while. On 31/10/2025 , a group of senior officers in the country’s army was arrested overnight. They were accused of plotting to undermine the constitutional order, and disrupt the November elections.  Then later, just two days before the elections on 13/11/2025 , the president of the the African Party for the Independence of Guinea and Cape Verde (PAIGC) - the party which led the armed struggle for liberation in 1973 and had been dominant in the country’s politics for decades - was banned from running in the elections. This ban of the most serious opposition party essentially cleared the way for Embaló to win last weekend’s elections. Shortly after the elections on 24/11/2025 , Embaló as well as his main challenger who did manage to run in the elections - Fernando Dias - both claimed victory on Monday ahead of the publication of the official results, each claiming over half the vote.  Then in the morning of 26/11/2025 , gunfire was reported  near the presidential palace in Bissau. Roads to the palace were reportedly closed with checkpoints manned by heavily armed and masked soldiers. Shooting was also heard near the Interior Ministry and National Electoral Commission, which led to hundreds of people fleeing.  That same day around 13:00 UTC, President Embaló was arrested with resistance by a group of soldiers led by his army chief of staff. Nothing was heard  from him for a while until the French magazine Jeune Afrique   got a phone call from Embaló in which he announced that he was deposed by the army.  That same afternoon, several other high-ranking army officers loyal to Embaló were arrested. Also detained were Interior Minister Botche Candé, opposition leader Fernando Dias, PAIGC’s previous electoral candidate Domingos Pereira and the head of the country’s electoral commission.  Later on 26/11/2025 , military officers led by General Denis N’Canha, former head of the presidential guard, appeared on state TV  broadcasting from the army headquarters. They announced that they - the newly announced ‘High Military Command for the Restoration of Order’ had taken “total control” over the country. Additionally, they announced a curfew starting at 19:00 UTC , the suspension of political institutions, media and electoral processes. Guinea-Bissau’s borders were closed too. According to coup leader N’Canha, this was because of a discovered plot by politicians, foreign figures and a ‘drug lord’ to manipulate election results.  International responses followed. Later at night on 26/11/2025,  Portugal’s MFA called “on all those involved to refrain from any act of institutional or civic violence and to resume the regular functioning of institutions, so that the process of counting and proclaiming the election results can be finalized”. West Africa’s ECOWAS and the African Union also expressed concern over the military takeover.  Analysis and conclusion The latest coup in Guinea-Bissau is far from the first in the West-African country, which has seen at least nine coups or coup attempts since gaining independence from Portugal in 1974. No president has been able to secure re-election in three decades, a pattern that reflects the country’s inability to enjoy political stability and perpetuates a cycle of political unrest. Now-deposed former President Embaló said himself that he survived multiple coup attempts upon becoming president of the nation in 2020.  Yet this coup was hardly unexpected. Tensions had been brewing for a while, as President Embaló had increasingly been trying to centralize power in the country. He pushed to expand presidential powers and dissolved the parliament in December 2023  following clashes between several factions of the country’s armed forces, which the president describes as a coup. Elections were then delayed several times for security reasons: initially planned for late 2024 and eventually rescheduled for November 2025. The military, which has been an influential institution in Guinea-Bissau for long, did not take a liking to Embaló’s centralizing tendencies. Embaló's decision to detain several military officials on 31/10/2025  likely only added fuel to this fire. Notwithstanding if the officers implicated actually had coup plans, it only deteriorated the relationship between Guinea-Bissau’s president and the armed forces. Aside from that, last weekend’s elections also undermined Embaló’s power base and popular mandate. The exclusion of the PAIGC from the polls - two days before the elections were set to take place - seriously distorted the political playing field and fuelled widespread distrust. By sidelining the party which was the most serious challenge to his power, and won two legislative elections in 2019  and 2023  he and his government undermined their legitimacy and created a situation in which a positive outcome is practically impossible. Winning this year’s November elections would likely be widely considered as an engineered victory, rather than a genuine popular mandate. Taken together, this week’s coup against President Umaro Sissoco Embaló comes as no surprise. Last weekend's election served less as the cause than as a trigger - a moment of vulnerability during which the military executed plans likely long in development.  Guinea-Bissau now faces several difficulties for the future. The country’s leadership needs to find a way to rebuild trust in its political institutions, which is not as easy as simply switching leadership. The military and civilian branches of government must forge a new working relationship to break this cycle that has plagued the nation since independence. Complicating matters even further, Guinea-Bissau faces serious external challenges. The country is a critical transit point for drug trafficking  between Latin America and Europe, with cocaine shipments regularly passing through its poorly monitored coastline and the Bijagos Archipelago. This fuels corruption at all levels of government and systematically undermines state institutions, making meaningful reform even more difficult to achieve. How the new leadership in Bissau plans to tackle these complex problems remains to be seen. For now, Guinea-Bissau faces a future of uncertainty.

Date:   25/11/2025 (16:30 UTC+01:00) Where?  Europe; Romania, Moldova,  the Netherlands, Lithuania. Belgium, Sweden, Germany What happened?  On 25/11/2025 , six Russian drones crossed Moldovan and Romanian airspace during a large strike on Ukraine. One crashed near the village of Etulia, with at least one drone tracked heading toward the Romanian border. Romanian air defence remained on alert after previous incursions. The Romanian MoD reported two drone incursions from Ukraine, triggering warnings and scrambles of German Typhoons (from Romanian Air Force 57th Mihail Kogălniceanu air base) and Romanian F‑16s (from Romanian Air Force 86th Borcea Air Base). The type of drones has not been disclosed, but almost certainly entails a long‑range, military‑grade Russian attack/loitering munitions such as Shahed‑type (Geran‑2) or similar UAVs used in mass strikes on Ukraine. One drone was later found crashed in a backyard in Vaslui country , a region bordering Moldova. It had likely run out of fuel. According to Romanian authorities, the drone was not carrying an explosive load. This was the deepest drone breach yet into Romania; the 13th since the start of the Russo-Ukrainian war in 2022. Another drone was found on the roof of a building in Cuhureștii de Jos, Florești district, Moldova (see photo below). This incident was just the latest of a recent string of airspace incursions all over Europe which had been going on for weeks. On the night of 23/11/2025  to 24/11/2025, Lithuania’s Vilnius Airport had to close for a short time twice because unidentified balloons were moving towards its airspace, diverting some incoming flights to other cities. This followed earlier incidents in October, when other unidentified balloons entered the capital’s airspace from Belarus’, which disrupted about 30 flights. Lithuanian officials linked this to earlier balloon incursions from the direction of Belarus and tightened a 90‑km no‑fly zone along the border. This was lifted on 19/11/2025 , but may again be imposed due to the latest incident.  Earlier, on 22/11/2025 , the Dutch MoD stated that its forces had fired on a drone in the vicinity of Volkel Air Base in Noord-Brabant, in the south of the Netherlands. This was a serious security incident, as American nuclear arms are stored at said air base. This incident does not entail the same type of drones such as the Shaheds , but more likely a small to medium‑sized remotely‑piloted or commercially derived drone (multirotor or small fixed‑wing), operated locally. In other words - those you can buy at the shop. On 18/11/2025 , the Romanian MoD detected a drone in their airspace travelling to Ukraine - triggering an alert and leading to fighter jets being scrambled to combat the threat. No debris was found; it is likely that the drone was able to continue its voyage to Ukraine uninterrupted.  On 06/11/2025 , drone sightings over Gothenburg‑Landvetter Airport in Sweden forced diversions to Copenhagen and other cities. This again concerned a commercial civilian-type drone.  Also on 06/11/2025 , operations at Hanover Airport in Germany were halted for about 45 minutes after an unidentified drone was sighted in the vicinity of the airport. Three flights were delayed or redirected; operations resumed shortly after. At the time of writing, it is unclear what happened to the drone.  Earlier in November, Belgium had several drone sightings over airports and other military or strategic locations. On 04/11/2025  drones were spotted over Zaventem airport, resulting in dozens of canceled flights. Earlier, drones were also observed over Kleine Brogel military airbase. Additional reports have come from other airports, including Ostend, Deurne (Antwerp), and to a lesser extent Charleroi, Florennes, and Schaffen. Some reports, such as those at Deurne, were later retracted after investigation. On 09/11/2025 , drones were spotted over the Doel nuclear power plant. Following these incidents, the UK deployed an extra anti-drone team to Belgium. On 02/11/2025 , flights were briefly suspended at Germany’s Bremen airport - also because a drone was flying overhead.  These incidents are just from November 2025 - they followed months in which drone sightings over airports in Europe became so frequent that they even got their own Wikipedia page.  Again, it is important to make the distinction between the long-range military grade drones used against Ukraine and civilian drones. The Romania-incidents, mostly fallout from the Ukraine War, concern the first category, while the airport incursions are because of the latter. Analysis and conclusion The recent wave of airspace incursions across Europe - from Russian military-grade drones straying into Romanian and Moldovan territory to mysterious balloon intrusions over Lithuania and unexplained (civilian) drone activity at airports and military installations in Sweden, Germany, Belgium, and the Netherlands - is a troubling pattern and once again highlights the vulnerability of European aviation security.  It has to be noted first that attribution remains uncertain in many of these incidents. Despite many fingers immediately pointing to Moscow as culpable, this has not been confirmed. Identifying the perpetrators behind such actions is also incredibly difficult, raising questions about whether attribution is even worth pursuing. What is clear, however, is that these incidents are consistent with grey-zone tactics designed to test defenses, generate uncertainty, and demonstrate the inadequacy of current measures and protocols, often used by geopolitical adversaries. These pretty simple incursions have caused disruptions, public confusion, and have threatened critical strategic assets. It appears that Europe remains unprepared in light of these threats. The current response frameworks, which comes down to scrambling fighter jets to intercept drones or closing airports each time an unidentified object appears, is operationally unsustainable and incredibly costly. Fighter aircraft are expensive, resource-intensive assets poorly suited to countering small, cheap drones that may simply run out of fuel and crash harmlessly. The fact that one Russian drone was recovered intact in a Romanian backyard, carrying no payload, illustrates the limited immediate threat of individual incursions and the disproportionate response they trigger. However, doing nothing also comes at a considerable cost, as it gives malicious actors carte blanche to violate NATO-airspace. There is also a risk that pilots may misjudge whether a drone carries a payload, potentially choosing not to shoot it down to avoid collateral damage, only for that assessment to be proven incorrect. This creates a challenging dilemma for NATO partners, forcing them to choose between costly overreaction and potentially dangerous inaction—precisely the kind of no-win complacency scenario that makes this an effective grey-zone tactic. As these incidents appear to be escalating in frequency and geographic spread, European nations require urgent investment in dedicated counter-drone systems, improved detection networks, and coordinated response protocols that don't rely on mobilizing fighter aircraft for every intrusion. Without necessary adaptation, Europe will remain reactive and vulnerable to continued exploitation of its airspace, whether by potential state actors testing boundaries or by the spillover effects of the war in Ukraine.

Date:  24/11/2025 (16:00 UTC+01:00) Who?  Russian intelligence-gathering vessel Yantar (Project 22010 oceanographic vessel, ~108 metres, IMO 7524419); operated by Russian Ministry of Defence Main Directorate of Deep-Sea Research (GUGI); deployed by Russian Navy/intelligence agencies.   Where?  Not expressly given by the British government, but according to open source flight data and the approaches of two military aircraft, the location of the incident likely occurred north west of Scotland IVO Hebrides approximately 45 nautical miles from British coast, with other reports stating as close at 12 nautical miles off the coast. Importantly in this area, there are critical transatlantic and intra-European subsea cables, as well as the homebase of the UK’s nuclear deterrent submarines, HMNB Clyde. The Yantar (ЯНТАРь) in 2018. What happened?  On 19/11/2025 , UK Defence Secretary John Healey confirmed that the Russian intelligence-gathering vessel,  Yantar , had entered UK waters off the northern Scottish coast and directed laser-dazzling devices at RAF pilots conducting surveillance operations. The ship had entered the UK exclusive economic zone (EEZ) within the last two weeks.  That same day, UK Royal Navy and RAF assets were deployed to monitor and track the vessel's movements, given its intelligence-gathering capabilities. During surveillance operations, RAF P-8 Poseidon aircraft pilots reported being targeted by laser-dazzling devices emitted from the  Yantar.  No physical injuries were reported, though the UK Defence Ministry emphasised the serious risk posed by such incidents to aircraft safety. Analysis Continuing Threat to Critical Undersea Infrastructure The undersea cable networks mapped and targeted by the  Yantar  carry approximately 98% of UK international communications and data traffic, including banking, energy sector communications, and civilian internet. Importantly, businesses in Europe, specifically those based in the littoral nations of the North Sea are critically dependent on these undersea infrastructures for Real-time financial transactions and banking operations, cloud-based services and data storage, energy sector operational control systems and sea-based physical assets, supply chain coordination and logistics and international communications and customer services. Disruption to even a single major cable or several at crossing-points would impact business operations across multiple sectors regionally and internationally. Most notably, stakeholders of cables or assets located in the North Sea are at continued risk of being directly or indirectly targeted by grey zone actions, given the target-rich environment for adversaries and the inability to protect so many potential targets in such a vast area.  Escalation of sea and land-based Russian Hybrid Warfare Tactics This incident represents a significant escalation in Russian ‘grey zone’ operations, actions that fall short of declared war, but pose serious military and economic risk. The use of laser-dazzling against RAF personnel indicates: Increased willingness to directly target NATO military assets; Potential expansion of hostile actions beyond reconnaissance to active interference; Testing of UK response capabilities and rules of engagement. Demonstration of capability and resolve to NATO adversaries. As a result, geopolitical tension between UK/NATO and Russia may escalate further, creating unpredictability in operations, especially in the North Sea and Baltic Sea. Furthermore, this latest incident complements the numerous drone sightings over key pieces of infrastructure in European NATO countries, including airfields, commercial airports, military facilities, and energy infrastructure. Business Continuity Risk for North Sea Operations Due to this, companies operating in or dependent on North Sea infrastructure face heightened risks, from offshore energy operations to telecommunication cables, maritime operations and international trade. Oil and gas facilities rely on subsea cables for operational control, remote monitoring, and communications, and offshore wind farms depend on undersea power transmission systems. Shipping, fishing, and marine services depend on GPS, communications, and navigation systems that rely on undersea infrastructure to transmit internet traffic. Delays or disruptions to North Sea shipping lanes or related communications would affect supply chains globally, and consequently global markets. Lastly, there may be insurance and liability implications for disruption to critical infrastructure and regulatory attention to infrastructure resilience may result in new compliance requirements. Information gathering for future attacks The  Yantar's  activities include collecting valuable intelligence on various targets, such as: cable routing and network architecture, operational security protocols of energy and communications networks, geographic vulnerabilities in critical infrastructure, asset clustering/crossings between the UK, the Netherlands and Belgium, threatening a cascading risk, geographic chokepoints i.e. Great Belt (Denmark Strait), and NATO military coordination and response capabilities. This intelligence could inform future Russian cyber or physical attacks on critical systems. Notably, there are thought to be approximately 50 other vessels, operated by GUGI, that conduct similar intelligence-gathering operations worldwide. Conclusion The  Yantar  incident represents a significant escalation in Russian intelligence and hybrid warfare operations targeting critical UK and NATO infrastructure. For businesses operating in the North Sea, dependent on undersea communications infrastructure, or engaged in international trade, this situation requires immediate reassessment of business continuity plans, cybersecurity postures, and supply chain resilience. The incident demonstrates Russia's willingness to directly target NATO military assets in the grey zone, suggesting potential for further escalation. Organisations should treat this as a wake-up call to accelerate implementation of redundancy and contingency planning for critical infrastructure dependencies. This incident is only a part of a Europe-wide grey zone series of events almost certainly being conducted by the Russian state and associated entities, at sea and on land. They do not qualify a war response and therefore continued actions with plausible deniability will continue to be conducted, probing and testing NATOs military resolve, and more importantly, that of its citizens and businesses.

Date:  18/11/2025  (10:45 UTC+01:00) Where?  Bangladesh; South Asia What happened?  On 17/11/2025 , former Bangladesh leader Sheikh Hasina was sentenced to death in absentia by a special tribunal in Dhaka for crimes against humanity over her government’s violent crackdown on student-led protests last year . Hasina was convicted of incitement, issuing kill orders and inaction to prevent atrocities during the government crackdown on the student protests. Along with her, her former interior minister, Asaduzzaman Khan, and police chief, Chowdhury Abdullah al-Mamun, were also sentenced.  Sheikh Hasina and her party, the Awami League  governed Bangladesh dictatorially for 15 years before losing power.  Her administration maintained strict control over the country, particularly targeting Islamist groups across the political spectrum, from extremist to moderate factions. For context: approximately 90% of the population identifies as Sunni Muslim. Despite suppressing Islamist political movements, Hasina simultaneously courted religious constituents by permitting the establishment of thousands of unregulated Islamic religious schools and allocating $1 billion for the construction of hundreds of mosques Her reign came to an abrupt end in the summer of last year during the July Revolution . The movement originated  to protest against the reinstatement of a civil service quota system. The movement has since been described as the world’s first Gen-Z  uprising, now at the heart of protests in countries like Nepal, Indonesia, Madagascar and Mexico. The situation quickly escalated after widespread violence by security forces . During what came to be called the July Massacre, between 16/07/2024 and 04/08/2024 , around 1500 were killed according to estimates by the UN and Students Against Discrimination (SAD), an organization of student activists that participated in the protests. What started as a protest driven by a general lack of employment prospects grew into a popular mass uprising.  On 03/08/2024, in a last resort effort to maintain power, Hasina stated she was ready to listen to the protesters' demands. Mass protests followed, with the protestors refusing to stand down unless Hasina resigned. State-wide “one-demand” (Hasina’s resignation) protests continued throughout the 04/08/2024.  On 05/08/2024, Hasina fled to India . In December 2024, the interim government formally requested that India extradite Ms. Hasina back to Bangladesh to face trial. A spokesman for India’s foreign ministry said it had received the request but otherwise had “no comment to offer on this matter”. Since 08/08/2024, Bangladesh has been led by an interim government headed by Nobel laureate Muhammad Yunus . Under his reign, the country is again opening up for freedom of speech and attempting to reconstruct its democratic institutions and chart a path forward. To do so, political figures from various factions are collaborating on constitutional reforms designed to support this transition. However, the new freedom of speech also gives increasing space to extremist voices once banned under Sheikh Hasina’s rule. For instance, in March of 2025 , a girl’s soccer match in the town of Taraganj was almost cancelled after the town’s mosque leader stated that girls should not be allowed to play the sport . People in the village were warned not to attend.  Meanwhile, relations between India and Bangladesh soured . On 04/12/2024, in a published YouTube-video , Hasina accused Yunus of being involved in the alleged genocide of Hindus in Bangladesh. More fuel to the fire was added when Bangladeshi authorities arrested a Hindu monk on sedition charges  in late November of 2024. Following the arrest, India issued a statement expressing "deep concern" over the arrest and asking Bangladesh to ensure the safety "of Hindus and all minorities".    Meanwhile, Muhammad Yunus and his administration have stated they are actively seeking to diversify Bangladesh's alliances. Between 26/03/2025 and 29/03/2025 for instance, Yunus and his entourage visited China. A total of $2.1 billion in Chinese investment was agreed on, as well as an extension of duty-free access for Bangladeshi exports - promoting trade between the two nations. Analysis and conclusion The verdict against Bangladesh's long-time leader Sheikh Hasina marks a significant step in the country's history, yet it leaves a fragile power vacuum that the interim government under Muhammad Yunus must navigate carefully. While Yunus attempts to restore freedom of speech after years of repression under the Awami League, this can also be seen as a double-edged sword as Islamist fundamentalists are leveraging it to push for a state more strictly governed by Islamic law, with spokespeople from previously banned parties now openly advocating for constitutional changes that would replace secularism with pluralism as a core national principle. This presents a formidable challenge in a country where about 90% of the 175 million population identifies as Muslim, creating a substantial electorate potentially receptive to a more religiously-driven ideology. This internal shift carries serious geopolitical implications for South Asia. Should Bangladesh move toward (more) Islamist governance, the regional balance of power could fundamentally change. Bangladesh has historically been a steadfast Indian ally, proven once more by New Delhi's reluctance to extradite Sheikh Hasina. A religious-political transformation in Dhaka toward more Islamist leadership would reshape South Asia's strategic landscape. India would lose a crucial ally and find itself encircled by states where Islamic fundamentalism plays a dominant role in politics - from Pakistan to Afghanistan, and now potentially Bangladesh. Relations between India and Bangladesh have deteriorated sharply since Sheikh Hasina's sudden downfall. More than a year later, Bangladesh is undergoing a transformation, with Islamist voices gaining greater political space. This development alarms New Delhi, particularly as conditions allegedly worsen for Bangladesh's approximately 13 million Hindus. On the Bangladeshi side, resentment toward India runs deep, with many viewing their neighbor as the primary enabler of Ms. Hasina's semi-authoritarian rule. Building on this popular sentiment and calling for reduced dependency on a single neighbor, Yunus is now courting alternative regional powers. In March this year, Muhammad Yunus led a delegation to China , which has watched the India-Bangladesh rift with considerable interest. As Beijing seeks to counter Indian influence across Asia, it has positioned itself as an attractive alternative partner for Dhaka. Despite the deepening political rift, India and Bangladesh remain interdependent. Beyond their bilateral trade, the two nations rely on each other for border security, counterterrorism cooperation, energy infrastructure, and the management of regional crises like the Rohingya refugee situation. This mutual dependency makes continued diplomatic engagement essential for both sides. Yet Bangladesh's outreach to other potential partners such as China reflects a strategy to reduce this dependency and gain diplomatic leverage.  In conclusion, as Bangladesh is looking for its way forward, more conservative Islamist factions - previously banned -  are gaining increasing political influence. Should an Islamist government come to power in Dhaka, it would significantly alter South Asia's political landscape, aligning Bangladesh with other nations in the region, such as Afghanistan, where Islamist influence dominates politics, and Pakistan, where it remains a significant force. Amid this religious-driven transformation, discrimination against religious minorities both outside (Hinduists, Buddhists) and inside (Shia) Islam, may be normalized, reverting the successes of the July Revolution.

Incident Brief: Drone sightings in Belgium On 03/10/2025 , drones were spotted above the Belgium military base Elsenborn at the German border. Around 1.45pm, German authorities from the city Düren observed 15 drones.  On 26/10/2025 , Reports mention an overnight sighting of five drones above the military barracks of Kamp Koning Albert (Camp King Albert), Marche-en-Famenne.  On 28/10/2025 , another sighting of two drones was reported at Kamp Koning Albert (Camp King Albert), Marche-en-Famenne.  On 31/10/2025,  Oostende airport briefly closed due to a suspected drone sighting.  On 01/11/2025,  Drones were spotted above Kleine Brogel Airbase and Antwerp Airport.  On 04/11/2025 , Drone sightings were reported at Brussels Zaventem Airport and Liege airport. On  06/11/2025  drones were spotted above Brussels Airport, Liege airport and airbase Melsbroek. Air traffic was suspended around 9.20 p.m. for both commercial airports.  On 06/11/2025,  The German Bundeswehr announced it would support Belgium by sending an anti-drone team after receiving a request for support from Belgium.  On the morning of 07/11/2025 , Liege airport temporarily halted flight from 7 a.m. local time due to reports of a drone sighting.  On 07/11/2025 , Belgium Minister of Defense announced on Social Media that a French anti-drone team would be deployed following the incursions over the past week.  On 08/11/2025 , flight operations at Liege airport were halted around 7 p.m. due to drone sightings. After 30 minutes of disruption, flight operations resumed.  On 09/11/2025 , again Liege airport temporarily halted flight operations starting from 7.30 p.m. This time, disruptions lasted until 8.30 p.m. On 09/11/2025 , The British Defense Ministry announced that it will deploy an anti-drone team in Belgium, after similar moves were made by France and Germany.  Update per 10/11:  Belgium is now focusing on improving resilience against drone incursions, given the recent events. It is receiving support from German, French and British units in fencing off these incursions. German defense minister, Boris Pistorius, suggested that the drone incursions are linked to the ongoing talks on using Russian frozen assets to aid Ukraine. Although this cannot be confirmed, the timing of these events coincides is interesting. Over the weekend, strategic sites in Belgium were also targeted, which may support this claim.  Impact on commercial aviation Brussels Airlines announced that the outfall of flights following the incidents from 04/11  and 06/11  have led to significant economical impact for the flight carrier. With additional costs from flight delays and re-routes, including stranded passengers for that had to be accommodated.  In the morning of 07/11/2025,  Liege airport was disrupted again around 7.a.m after reports of drones above FedEx facilities. Following procedures, the airport continued its operations from 8 a.m.  On 06/10/2025 , an initial report of a drone was made around 7 p.m.. Brussels airport Zaventem halted operations from 9.20 pm after confirmation of a drone sighting. This time, only one flight was diverted to Amsterdam. A precautionary closure for airport Liege disrupted flight operations parallel to events at Zaventem that night.  On 04/11/2025,  around 7.30 p.m. local time Skeyes ATC identified 3 drones at Brussels airport Zaventem. After an approximate hour of disruptions, the airport briefly continued operations around 9.15 p.m., but was closed again around 9.45 p.m. due to more drone sightings. Brussels airlines reported that 16 outbound flights were canceled and 6 inbound flights were diverted to Charleroi, which closed its airport briefly as a precautionary measure but did not report any drone sightings. Two flights, from Ryanair and SAS were also diverted. Parallel to the events in Brussel, Liege airport disrupted cargo air-traffic due to reports of a drone sighting.   ATC at Oostende suspended landing and takeoffs for 20 minutes as a precaution following the event on 31/10/2025 . The incident involving Deurne airport on 01/11/2025  was reported around 7 p.m. local time. Skeyes ATC was unable to identify the drone after the initial report was made.  Intervention The events from past weeks highlight increasing tensions. It is suggested that the perpetrator seeks to create disruptions and exploit the absence of counter measures, at least prior to 7/11/2025. As observed during similar events in Denmark, when the political agenda focuses on such issues and the authorities’ response increases, the situation slows down and eventually incursions stop, although future events cannot be excluded.   In response to the first incidents, an emergency meeting was held on 06/11/2025 . As a result, Minister of Defense Theo Francken announced the installation of the National Air Security Center (NASC) in Bevekom. The centre in Bevekom is expected to be fully operational by the start of 2026. On top of that, Francken announced that support will be granted by the international community.  This was effectively the case, since Belgium requested the assistance of the German Bundeswehr after the incidents on 6-7/11/2025 . On short notice, the first response unit arrived in the morning of 07/11/2025  tasked with assisting Belgium in both detection and defense systems (Counter-small Unmanned Aircraft Systems). This indicates that similar episodes are likely to diminish in the upcoming week.  Moreover, Defense Minister Francken announced on 07/11/2025  that a French team would assist Belgium operators in facing new drone incursions and sightings. Following the incidents of the weekend, on 09/11/2025  British Chief of the Defense Staff Richard Knighton announced that Brittain will deploy an anti-drone team in Belgium, after similar pledges were made by France and Germany.

Part 1: The far-right* As Belgium confronts growing social unrest and protest movements, the risk posed by right-wing radicalization has quietly ascended into a more prominent security dimension. Where Part 1 of this series explored the radical left, the Belgian State Security Service (VSSE) since 2024 monitors an estimated 64 individuals linked to far-right extremist networks versus just 14 for the left, underscoring a notable shift in focus. The Coordination Unit for Threat Analysis (OCAD/OCAM)’s 2024 annual report confirms this trend, identifying far-right extremism as the most dynamic form of domestic radicalization over the past two years, particularly among younger demographics active online. The contemporary far-right threat is less about large hierarchical organizations than about agile, online-driven micro-networks targeting youth, mainstream institutions, and protest environments. Its relevance to the Belgian security landscape lies in its ability to exploit moments of disruption—general strikes, infrastructure vulnerability, ideological flashpoints—to inject violent or confrontational elements into otherwise legitimate civic action. This complicates the response, reducing warning time and amplifying downstream risk to critical infrastructure, public order, and democratic resilience. Copyright HLN.be Right-wing radicalization in Belgium is best understood as a diffuse, digitally enabled ecosystem rather than a set of tightly structured organizations. Recruitment and ideological reinforcement occur primarily online; across closed-channel messaging apps, fringe forums, algorithmic video platforms, and increasingly within the manosphere, an international online subculture that fuses misogyny, anti-feminism, and male-grievance narratives with broader conspiratorial and nationalist ideas. This ecosystem, while global in origin, has begun to gain ground among Belgian audiences, particularly younger men who encounter such content on mainstream platforms before being exposed to far-right framings of identity, victimhood, and social decline. Within these digital spaces, conspiratorial rhetoric blends with more familiar motifs of ethno-nationalism, anti-immigration sentiment, and anti-Islam animus—discourses that resonate with populist messaging from Vlaams Belang , Belgium’s primary far-right political party, and social-media influencers. The Coordination Unit for Threat Analysis (OCAD/OCAM)’s 2024 analysis highlights that this ideological landscape is reinforced by transnational narratives circulating through European far-right online networks, notably those focusing on the “Great Replacement” theory and anti-globalist conspiracies. Belgian extremist channels increasingly borrow rhetoric from French, Dutch, and German counterparts, revealing a regional digital ecosystem where linguistic proximity accelerates radical content diffusion. Collectively, these environments lower entry barriers for youth, normalize transgressive discourse, and provide low-risk on-ramps—through memes, irony, and “edgy” humor—that can harden into grievances. Compared to the classic cell model, the contemporary Belgian pattern tilts toward loosely connected micro-clusters and self-radicalizing individuals who share symbols and talking points but rarely exhibit sustained command-and-control. Offline expression tends to be opportunistic and event-driven. Right-wing actors piggyback on broader moments of social tension (mass protests, polarizing policy debates, or high-salience crimes) to stage presence, recruit, or provoke confrontations. Their favored activities include targeted harassment, vandalism against symbolic sites, and counter-demonstrations where antagonism with left-wing groups can escalate quickly. While Belgium has not seen regular complex, coordinated far-right plots, OCAD/OCAM notes a rise in violent rhetoric and hate-motivated incidents, including small-scale arson and threats against journalists and politicians. The combination of youthful profiles, online incitement, and porous boundaries between internet narratives and street action sustains a non-trivial risk of spontaneous violence. The 2011 Anders Breivik attack in Norway remains a reference point for European intelligence services—a case in which a lone actor, radicalized through online echo chambers and ideological manifestos, translated digital grievance into mass violence. Similar dynamics, albeit on a smaller scale, represent the most plausible severe-harm pathway in Belgium, particularly where personal grievance, notoriety-seeking, and accessible targets intersect. Analyst’s Note:   Both OCAD/OCAM 2024 and the VSSE’s strategic assessments explicitly incorporate “lone-actor ideology risk” into Belgium’s current threat model. OCAD/OCAM classifies the far-right threat as “moderate but evolving,” warning that online-to-offline radicalization has accelerated since 2022. Belgian authorities regard this hybrid of digital grievance, ideological isolation, and performative violence as the most difficult threat vector to detect. Counter-radicalization efforts now emphasize early detection through school and community networks, enhanced cyber-monitoring, and targeted digital-literacy campaigns for youth. This is a shift OCAD/OCAM frames as “preventive resilience.” Ideologically, Belgian right-wing extremism draws from a transnational repertoire but is refracted through local concerns. Economic strain, immigration, and distrust in “the establishment” (government, media, academia) are common accelerants. Narrative frames often depict mainstream institutions as corrupt, positioning “defensive” action as a moral imperative. This framing widens the target set beyond minorities or asylum infrastructure to include journalists, officials, and civic venues associated with pluralism. The visibility of Vlaams Belang ’s anti-immigration rhetoric and nationalist-identity discourses contribute to mainstreaming exclusionary ideas, creating interpretive overlap that more radical actors can exploit. OCAD/OCAM notes that this mainstreaming effect—where extremist tropes are echoed in legitimate political discourse—acts as an “amplifier” of grievance culture, complicating early-intervention thresholds and enforcement boundaries. From a security perspective, the principal vulnerabilities arise at convergence points: large demonstrations, charged court cases, memorial dates, and locations that confer symbolic value. These are settings where small numbers can create outsized disruption, where anonymity in crowds masks intent, and where hostile-counter-hostile dynamics increase the probability of rapid escalation. OCAD/OCAM’s 2024 threat matrix explicitly identifies critical-infrastructure protests, refugee reception sites, and media facilities as potential flashpoints for far-right mobilization. The online-to-offline pipeline is also shortening; calls to action may coalesce within hours, leaving limited lead time for preventive measures unless digital indicators are actively monitored. Predicted Future Security Issues Early-warning indicators in the Belgian context include spikes in local propaganda (e.g., content tied to a specific municipality, school, or official), cross-posting of “event packs” (graphics, chants, route maps) from transnational channels into Belgian groups, sudden growth in newly created chats that cluster around a single grievance, and the appearance of doxxing materials targeting individuals. Among youth, abrupt shifts toward dehumanizing language, fixation on martyr narratives, or interest in weapons and/or violence topics can signal radicalization. Because much activity is ephemeral in encrypted spaces, effective detection depends more on pattern recognition across multiple weak signals. Looking ahead, the near-term outlook is for continued online mobilization with street-level episodes, rather than a steady campaign of organized violence. The risk profile is asymmetric: most content remains performative, but a small subset will translate rhetoric into action, particularly when catalyzed by specific events. OCAD/OCAM anticipates that election cycles, austerity debates, and migration policy disputes will serve as short-term accelerants of polarization for the remainder of 2025. Mitigations with the highest return are those that shorten the sensor-to-response loop in the digital domain (timely detection of Belgium-specific mobilization cues), strengthen de-escalation capacity at mixed-ideology gatherings, and expand youth-focused prevention that treats online culture as the operational environment, not a peripheral concern. Coordination between police, local authorities, schools, and social services improves the odds of intercepting at-risk individuals before grievance hardens into intent. In summary, right-wing radicalization in Belgium is characterized by fluid networks, youth exposure, and opportunistic offline expression. It is less about hierarchical organizations than about a narrative ecosystem that periodically condenses into action. Threats will likely manifest as low- to mid-level violence, targeted intimidation, and protest-adjacent disorder, with lone-actor harm as a low-probability but high-impact tail risk. Effective posture balances proportionate security measures, digital situational awareness, and community-level prevention—aimed not only at deterring incidents but also at narrowing the pool of individuals for whom radical narratives become operational. *This article is part one of a two-part series on radicalization and security within left- and right-wing leaning groups.

Part 1: The left-wing dynamic* In October 2025, Belgium experienced nationwide protests against proposed austerity measures by Prime Minister Bart De Wever’s government. While most demonstrations were peaceful, a subset of radical left-wing groups engaged in violent acts such as vandalism, clashes with police, and property damage. These events are part of a broader cycle of unrest, as major trade unions — ABVV/FGTB, ACV/CSC, and ACLVB/CGSLB — have already announced three additional strike days on 24, 25, and 26 November 2025. The upcoming strikes will successively involve railway workers, public-sector employees, and culminate in a nationwide general strike, targeting the government’s austerity and pension reforms. Authorities fear that these actions, coinciding with ongoing social tension, could once again attract radical groups and trigger new outbreaks of violence. © Kristof Vadino - https://kristofvadino.com/   While the majority of the October demonstrations were organized by trade unions and remained largely peaceful, a subset of radical elements reportedly engaged in violent acts during the protests. Groups were observed among the protesters and initiated violent actions, including vandalizing buildings and clashing with police forces. For instance, near Pacheco Boulevard, a splinter group threw projectiles, paint bombs, and fireworks at a federal migration services building, causing damage and small fires. The Brussels public prosecutor’s office charged five individuals in connection with these incidents, including charges of criminal association and vandalism. Authorities noted that these individuals wore masks and blended into the larger crowd to avoid identification. The unrest occurred amid widespread opposition to the government’s proposed reforms, which include raising the retirement age, freezing wage indexation, and reducing early retirement options. These measures have been criticized for potentially undermining Belgium’s social welfare system. While major unions led the protests, several political figures, such as Defense Minister Theo Francken, condemned the violent actions by radical elements, labeling them as “extreme left-wing Antifa thugs” and calling for stronger police responses. The involvement of radical left-wing groups in recent protests highlights the complex dynamics of Belgium’s current social and political landscape. While most demonstrators sought to express opposition peacefully, the actions of a small minority have raised concerns about possible escalation during future protests, including the planned November strikes. The recent riots, particularly those on October 14, 2025, have been linked to several left-wing groups with a history of direct action and anti-capitalist activism. Members of Antifa reportedly participated in riots, engaging in acts of vandalism and clashes with police. Code Rood, a climate activist collective, staged a separate protest on October 11, 2025, blocking the entrance to a steel factory in Charleroi to protest alleged arms-related steel exports to Israel. Stop Arming Israel Belgium also joined the October 11 protest, emphasizing its opposition to Belgian arms exports to conflict zones. Authorities have since arrested individuals linked to the incidents and called for increased security measures during future demonstrations. In drawing links between these recent events and the historic Cellules Communistes Combattantes (CCC), several ideological and tactical parallels emerge. The CCC, active in the early 1980s, carried out bombings targeting NATO, U.S., and Belgian institutions, motivated by anti-imperialist and anti-capitalist ideology. Both the CCC and modern radical left-wing groups share these ideological foundations and a willingness to use direct action. The protests against austerity, multinational corporations, and military support to Israel reflect similar opposition to perceived capitalism and imperialism. However, critical differences remain: the CCC was a clandestine terror organization capable of executing coordinated bombings, whereas today’s groups are loosely organized, relying on spontaneous violence within protest movements rather than premeditated terror campaigns. The CCC’s actions were strategically targeted at state and military symbols, while modern incidents primarily involve opportunistic vandalism of government and corporate property. As of October 2025, there is no direct organizational link between the historic CCC and the radical groups active in Belgium today. Nonetheless, former CCC member Bertrand Sassoye remains an influential figure in the far-left scene, serving as an ideological reference point for some younger activists. He continues to advocate for revolutionary anti-capitalism and has participated in events and discussions that bridge generational divides within Belgium’s radical left. This connection underscores how historic extremist ideologies can persist through influence and discourse rather than organizational structure. In parallel, Belgium faces a growing threat from right-wing extremism. The VSSE (State Security Service) currently monitors approximately 64 individuals linked to far-right radical networks, compared to 14 linked to left-wing extremism. Right-wing radicalization is increasingly taking place online, targeting youth through hate-based propaganda and nationalist narratives. Authorities are concerned that the simultaneous rise of both left- and right-wing extremism may result in ideological confrontations, particularly during major public demonstrations. This topic will be explored in part two of this series. Predicted Future Security Issues Belgium is likely to continue experiencing localized security incidents during large-scale protests, driven by radical left-wing groups. While coordinated terrorist activity remains unlikely, future risks include property damage, targeted direct actions, and street-level confrontations. The ideological influence of figures like Bertrand Sassoye could encourage more confrontational tactics among younger activists. Authorities should maintain enhanced monitoring of radical networks and prepare for potential escalation during the November 2025 strikes. Separately, the Belgian government’s military deployment plans in Brussels, initiated by Defense Minister Theo Francken, are primarily focused on addressing drug-related violence rather than the recent protests. However, these deployments may indirectly strengthen the city’s preparedness for unrest. Security Concerns at Zaventem and Charleroi Airports Amidst National Unrest The nationwide general strike on October 14, 2025, led to significant disruptions at Belgium's major airports. At Brussels Airport in Zaventem, all departing flights were canceled due to a walkout by security staff, while Charleroi Airport, a hub for Ryanair, also ceased operations entirely. This widespread disruption affected approximately 120 flights, including around 72 between Belgium and the UK, impacting nearly 13,000 passengers. These events underscore the vulnerability of critical infrastructure to labor actions and public unrest. The proximity of these airports to Brussels, where protests and riots have been concentrated, raises concerns about potential spillover effects. While there is no direct evidence linking the airport disruptions to the protests, the simultaneous occurrence highlights the interconnectedness of public sector labor actions and urban unrest. Looking ahead, authorities may need to consider enhanced security measures at transportation hubs to mitigate the risk of further disruptions. This could include increased coordination between airport security, local law enforcement, and intelligence agencies to monitor and respond to potential threats stemming from the ongoing social unrest. *This article is part one of a two-part series on radicalization and security within left- and right-wing leaning groups.

Summary Global supply chains for rare earth elements (REE) are under significant strain due to China’s export controls, geopolitical conflicts and rising demand for green technologies. The US and EU are accelerating efforts to diversify supply, increase domestic production, and boost recycling, but face challenges in meeting ambitious targets. Market volatility and regulatory uncertainty continue to impact manufacturers and downstream industries. Recent developments The Chinese Ministry of Commerce (MOFCOM) recently announced new export restrictions ahead of a planned meeting between US President Donald Trump and Chinese President Xi Jinping. Both nations have been engaged in trade negotiations to ease tensions following a series of reciprocal tariffs earlier this year, some of which were later reduced. REE remain a significant point of leverage for China in its dealings with the US. In its “announcement No. 61 of 2025,” China revealed it would expand export controls to include five additional REE—holmium, erbium, thulium, europium, and ytterbium—on top of the seven elements already restricted since April. These additional elements are especially critical in the production of dual-use (military-civilian) technology, ranging from wind turbines to fighter jets. To put the new export rules in perspective: of the 17 REE, China now restricts exports of 12. The new measures also cover specialized equipment used for refining REE. Most of these rules will take effect on December 1. Under the new policy, foreign and domestic companies must secure special approval from Beijing to export rare-earth magnets and certain semiconductor materials containing at least 0.1% heavy REE (HREE), a specific group of elements with higher atomic numbers within the REE grouping. China’s dominance in the rare-earth sector has long been a concern for the US and other countries, but worries intensified after Beijing’s export controls in April. Those earlier restrictions affected the supply of samarium, gadolinium, terbium, dysprosium, lutetium, scandium, and yttrium, requiring export licenses for companies shipping these materials and finished products abroad. This announcement followed similar controls imposed in February on certain elements, including tungsten and bismuth. The US increased domestic rare earth production to 45,000 metric tons in 2024 but still relies heavily on imports for refined materials and magnets. Recent US tariffs on Chinese goods and federal investments aim to build a more resilient supply chain, but progress is slow. The EU enacted the Critical Raw Materials Act (CRMA) in May 2024, setting targets to mine 10%, process 40% and recycle 25% of its annual needs by 2030. It also launched 47 different projects to diversify supply and reduce dependency on specific countries. The CRMA encourages circularity, strategic reserves, and joint purchasing mechanisms to protect the EU from future supply shocks. The global demand for REE is rising, driven by the shift toward renewable energy and electric vehicles. According to the World Meteorological Organization (WMO), investment in renewable energy must triple to achieve net-zero emissions by 2050. By 2030, the energy transition will require three times more copper, lithium, nickel, cobalt, and other materials compared to current levels. To meet these net-zero targets, an additional 50 lithium mines, 60 nickel mines, and 17 cobalt mines will need to be opened. Rare earth elements in current conflict zones Ukraine Ukraine possesses significant deposits of REE, accounting for approximately 5% of the world’s reserves, even though the country covers only 0.4% of the Earth’s surface. These materials—including lithium, cobalt, scandium, graphite, tantalum, and niobium—are essential for manufacturing devices used in green energy technologies. However, access to these resources is currently affected by ongoing conflict, making their development both challenging and crucial for Ukraine and its international partners. Key resource sites, such as Kruta Balka in Donetsk and Shevchenkivske in Zaporizhzhia, are currently under Russian occupation. Myanmar Myanmar's Kachin State, rich in REE like dysprosium and terbium, has become a focal point of conflict. Since the 2021 military coup, the Kachin Independence Army (KIA), an ethnic armed group, has taken control of key mining areas, including Chipwi and Pang War. These regions have seen a surge in mining activities, with over 370 active sites by the end of 2024. The KIA then closed all but about 10 of the REM mining sites again in October 2024. However, the rapid expansion of mining operations has led to severe environmental degradation, including deforestation and river pollution, impacting local communities and ecosystems. Additionally, the KIA had implemented taxation on mining activities, further complicating the region's economic and political landscape. REE are reportedly being smuggled into China through unofficial routes now. Madagascar In Madagascar, the Steenkampskraal and Ampasindava sites are rich in heavy REE such as neodymium and dysprosium, elements essential for magnets in renewable energy technologies and electronics. Despite the economic potential, local communities have repeatedly protested mining operations. Their concerns focus on deforestation, water contamination, and the displacement of farmland, with several projects experiencing delays or legal challenges due to disputes over land rights and environmental protection. This tension exemplifies how local resistance can effectively shape the trajectory of resource extraction in resource-rich but economically vulnerable regions. Greenland Similarly, Greenland has emerged as a point of contention over its Kvanefjeld project, which contains large deposits of REE, alongside uranium, although the project remains undeveloped. Nevertheless, indigenous Inuit communities and environmental groups have voiced strong opposition to the mining project, highlighting the risks associated with both radioactive waste as well as the extraction of REE, which carry high environmental and health risks and would disrupt the traditional livelihood of Inuit communities. The Greenlandic government faces the delicate challenge of balancing economic development and international investment interests against environmental safety and indigenous rights. Brazil In Brazil, the Minas Gerais region, particularly around Araxá, is home to niobium and rare earth deposits. Mining in these areas has provoked concerns among local populations and environmental organizations over tailings contamination, deforestation, and water pollution. Legal disputes and community protests have slowed some projects, illustrating the persistent tension between resource extraction and environmental stewardship in countries with comparatively strong legal frameworks and active civic engagement. Vietnam Vietnam has also experienced localized disputes in regions such as Lai Chau and Lam Dong, where deposits of monazite and bastnäsite are present. Farmers and indigenous groups in these areas have resisted mining operations due to fears of environmental degradation and the loss of agricultural land, which highlights the recurring theme of conflicts between mining interests and local livelihoods in emerging economies. DRC In the Democratic Republic of Congo, the rare earth issue is intertwined with broader conflicts over cobalt and other valuable elements. While cobalt dominates the discourse, some REE occur alongside these deposits. In certain regions, artisanal miners and armed groups exploit these resources, fueling low-intensity conflicts, human rights abuses, and environmental harm. The informal and sometimes illicit nature of this extraction complicates governance and exacerbates local instability. Looking ahead Between 2025 and 2030, REE supply chains are expected to be shaped by several major geopolitical and economic conflicts. The rivalry between the US and China is intensifying, with China’s broad export controls on REE and related technologies, and the US imposing tariffs as high as 130% on selected Chinese imports. These actions have escalated trade tensions and are increasingly used as strategic tools, especially targeting defense supply chains and advanced manufacturing. As a result, US and NATO defense industries, which depend on Chinese-origin REE for critical systems like fighter jets and missiles, face significant supply bottlenecks. China’s new licensing rules now specifically block exports to foreign militaries, raising the risk of direct disruptions in future crises. NATO countries are trying to boost domestic production and stockpiling, but full independence from foreign sources remains years away. The US is also pressuring allies such as Ukraine and Australia for access to alternative supplies, sometimes linking security guarantees to mineral deals. In Europe, tensions with China are also high. The EU remains heavily dependent on China for REE imports, with some elements sourced almost exclusively from Chinese suppliers. China’s export controls have already caused production delays in European industries, particularly in automotive and green technology sectors. In response, the EU is working with the US and G7 to counter China’s restrictions through joint projects and efforts to diversify supply chains. However, progress is slow, and the risk of future supply shocks remains significant. Delays in rare earth supply threaten the EU’s climate and energy goals, and could spark internal disputes over resource allocation and industrial priorities. Ukraine and Eastern Europe present another flashpoint. Ukraine’s large reserves of REE have recently become a point of contention with Trump’s return to the White House. Control over these resources is likely to remain contentious, with Russia seeking to retain occupied, resource-rich territories. The US and EU have offered mineral deals with Ukraine, with the US even trying to coerce Ukraine into allowing resource access in exchange for military aid. However, most deposits are located in conflict zones, and extraction is limited by war and infrastructure damage, creating a high-risk, low-reward scenario for Western supply chains. As global competition intensifies, resource-rich regions like Ukraine could see renewed or prolonged conflict, driven by the strategic value of elements rather than purely territorial disputes. Asia and Africa are emerging as new frontiers, but also new sources of risk. China continues to dominate mining and processing in Asia and is expanding its influence in Africa and Central Asia through the Belt and Road Initiative (BRI) and bilateral deals. This increases the risk of “resource diplomacy” turning into economic coercion or proxy conflicts. Countries such as Burundi, Myanmar, and Vietnam are ramping up production, but face political instability, weak governance, and the risk of foreign intervention. Africa’s mineral wealth is central to future supply chain battles, with both China and the West vying for control. Rapid expansion of mining in fragile regions could trigger local conflicts over land, water, and pollution, further complicating global supply chains. Finally, the Arctic and Greenland are becoming new arenas for competition. The US, EU, UK, and China are all seeking access to Greenland’s REE, but environmental and indigenous rights concerns add complexity. As the Arctic melts, new resource frontiers are opening up, but so are new geopolitical tensions. Conclusion In summary, the next decade will likely see resource conflicts shift from traditional military confrontations to economic, technological, and proxy battles over supply chain control. Rare earths and strategic elements are now central to national security, green transitions, and global power dynamics, with regions like Ukraine, Africa, and even the Arctic at increased risk for future conflict, while US–China and EU–China tensions continue to drive global supply chain instability.

Report date: 14 October 2025 (17:00 hours UTC+2) Executive summary Recent military activity by the United States and Venezuela in the southern Caribbean increases exposure for civilian airliners and merchant ships to short-notice airspace and sea-lane restrictions, re-routing and delays. Night-time reconnaissance patterns in the southern Puerto Rico FIR, added airlift and refuelling flights, and exercises near busy approaches raise the chance of misidentification, especially in low visibility or during degraded communications. Electronic interference, such as GPS disruption, radar clutter or radio degradation, could complicate navigation, air traffic control co-ordination and collision avoidance. Concentration of Venezuelan movements in the north, alongside US units operating outside the Venezuelan EEZ, may create congested diversion paths, tighter logistics for energy supply, crew duty pressures and higher insurance and operational costs. Overall, the operating environment for civil traffic is more fluid and carries a higher risk of inadvertent spillover from military actions. Current situation  While political tensions between Venezuela and the United States date to Hugo Chavez’s rise in 1999 and continued under Nicolás Maduro Moros after 2013, recent months show a sharper US political rhetoric and subsequent militarisation of the southern Caribbean as political goals of the US translate into military pressure. President Trump appears to be sustaining a maximum-pressure approach linking Venezuela to organised crime and terrorism, namely the Tren de Aragua cartel, designated as an International Terrorist Organisation (ITO) in February of this year. The cartel was sanctioned in July, and referred to Venezuela’s current president Nicolas Maduro as its leader. A month later, in August, the US Secretary of State officially referred to Maduro as a “fugitive from American justice,” increasing a bounty on him from $25 million placed in January to $50 million. The same month, the US armed forces were authorised to use military force against drug-trafficking boats and deployed around seven warships and a submarine to the Southern Caribbean, targeting the first reported Venezuelan narco trafficking boat in or near Venezuela’s exclusive economic zone on 02 September, killing 11. US policy on Venezuela has evolved across administrations, from designating the country as a national security concern under Obama, with sanctions placed on senior officials during both the Chávez and Maduro governments, to the current developments under the Trump administration.   Parallel to the new US posture, in  September, President Maduro responded  with a rare press conference in which he alleged the US was seeking regime-change, among concerns of US officials meeting several Venezuelan opposition leaders months before. He also stated that “Venezuela’s military is super prepared,” warning that any US attack would trigger armed resistance and mobilisation. In September, Venezuela then mirrored the late August-to-September US amphibious assault exercises in Puerto Rico with exercises on La Orchila and Patos islands, deployed over 25,000 personnel across multiple areas, mobilised and trained militia units, and placed its aerospace forces on high alert on 3 October after five F-35 aircraft reportedly came within 70 km of their coastline the previous day.  Both the US and Venezuela have stepped up not only rhetoric against each other, but have deployed numerous military assets in what appears to be an unprecedented militarisation of the south Caribbean region. In this context, not only are the two countries subjected to threats and risks from each other, but civilian airliners and maritime vessels using Venezuela’s flight information region (FIR) and exclusive economic zone (EEZ) are at increased risk when operating in the region due to the possibility of accidental targeting, be it through missiles or non-kinetic radio frequency, GPS or radar  jamming, or other electronically-disruptive measures.  Beyond politics, long-term causes for tensions  Beyond political rhetoric, underlying factors for US-Venezuela tensions may be found in the energy security dynamics and a more robust foreign policy projection by the Trump administration, expected to last throughout his presidential term. In 2019, about 41% of Venezuelan crude exports went to the United States but by 2023 this had fallen to 23%, while China’s share rose from 25% to approximately 69%. Over six years, exports to the United States were cut in half and exports to China almost tripled, showing China’s growing influence on an energy security partner who, even during Hugo Chavez’s time, did not significantly modify energy exports to the US.  Even with the US administration’s decision in July 2025 to renew Chevron’s licence for limited operations, American investment and activity remain constrained, with Venezuela constituting the only OPEC member in the western hemisphere linking part of its energy policies to a non-regional organisation.  Immediately adjacent to Venezuela, strategic US interests have appeared in Guyana, linked in the energy security sector. Around €12.3 billion US direct investments have flowed instead into neighbouring Guyana between 2020 and 2024. Between 2015 and 2019, roughly 96% of total foreign direct investment in that period came from the US aimed at developing significant offshore discoveries leading to first production of oil in the country in 2019. Washington is also strengthening its military posture; at Guyana’s presidential inauguration on 8 September the US Embassy in Georgetown reaffirmed support for the country’s defence, signalling beyond counter-narcotics to backing Guyana in its decades-long dispute with Venezuela over the Essequiba, particularly after renewed claims by the Venezuelan leadership in 2023.  The current increase in US pressure on Venezuela may aim to quell the Venezuelan claims on Guyana, reassert US influence in former Monroe Doctrine areas during a reformulation of the US military-foreign policy doctrine under the current administration, protect US energy interests and leave open the possibility of regime change in Caracas to a more regionally-integrated government. Additionally, US interests in safeguarding energy security have seen it competing with China in an area traditionally under its geopolitical sphere of influence, as Beijing increases its reach and presence in Latin America to include not only trade deals, but police training programmes and other security-related cooperation. Similar ties also include Venezuela, pursuing mutually exclusive interests with the US for over two decades.  Growing militarisation of the southern Caribbean?  Significant US naval deployments to the Caribbean Sea have historically been rare and short-lived. However, since August 2025 at least ten US naval vessels have operated in the region, presumably outside but in areas bordering Venezuela’s EEZ. The build-up heightens risks to civilian aircraft and merchant shipping, as both sides possess capabilities that could prompt airspace and sea-lane closures and raise the chance of misidentification or accidental targeting. Military flight activity has also increased, particularly night-time reconnaissance patterns in the southern Puerto Rico flight information region (FIR) and additional airlift and refuelling flights by the US military, while most Venezuelan movements remain concentrated in the north of the country. Overall, the regional posture suggests an elevated risk environment in which routine civil traffic could be disrupted with little warning. Military presence in the southern Caribbean Sea: Deployments, patrols and operations Significant United States naval deployments to the Caribbean Sea are not common, as the perceived threat level to the United States in the area does not warrant such operations. Since 2017, deployments in the area have typically involved single-ship missions for storm or earthquake relief or military exercises, excluding simple transits through the region between home ports or other overseas deployments. Previous deployments of United States naval assets in the Caribbean Sea, before the current one, have included the following: April 2024: Aircraft carrier USS George Washington, guided-missile destroyer USS Porter  and the USNS John Lenthall  replenishment ship deployed only temporarily in the area for the Southern Seas 2024 exercises during which they circumnavigated the South American continent.  August 2021 : USS Arlington , LHD deployed for earthquake relief to Haiti. October 2020 : USS Gerald Ford deployed off the coast of Florida for test and trials ahead of deployment. July 2020 : Landing helicopter assault ship USS Tripoli sails through Caribbean to get to home port in San Diego, no military operations. October 2018 : USNS Comfort , a hospital ship present in the Caribbean en route to Honduras to support US Southern Command’s operations such as the Enduring Promise initiative to boost partnership, not related to direct military operations. September - October 2017 : Aircraft carrier USS Harry S. Truman Amphibious assault ships USS Wasp  and USS Kearsarge , as well as the dock landing ship USS Oak Hill  deployed to areas between Dominica and Puerto Rico to provide humanitarian relief to areas affected by hurricanes Irma and Maria. USS Iwo Jima and USS New York also deployed with the 26th Marine Expeditionary Unit.  Beginning in August 2025, the United States deployed at least ten naval vessels in the southern Caribbean, according to publicly-available information.  This development appears to be unprecedented since Operation Just Cause in Panama between 1989 and 1990 and the 1983 intervention in Grenada. There is no evidence to suggest that any United States naval ships are operating within the Venezuelan Exclusive Economic Zone, as all official reports indicate their positions have placed them outside that area. Current United States deployments in the Caribbean include the following warships: USS San Antonio:  Amphibious transport dock vessel, berthed at Ponce, Puerto Rico, as of 6 October. USS Fort Lauderdale:  An amphibious transport dock, part of the Amphibious Ready Group, operating in an undisclosed area south of Puerto Rico as of 6 October. USS Iwo Jima:  Landing helicopter dock, last reported at St Thomas, United States Virgin Islands, during a port visit; capable of carrying at least three CH-53E, ten MH-60S and fourteen MH-60R helicopters. USS Jason Dunham:  Guided-missile destroyer based at Mayport Naval Station, Florida. USS Gravely:  Guided-missile destroyer based at Norfolk Naval Station, Virginia. USS Stockdale:  Guided-missile destroyer based at San Diego Naval Station, California; deployed at Ponce, Puerto Rico, as of 6 October. USS Lake Erie:  Guided-missile cruiser based at San Diego Naval Base, California; officially reported as operating in an unspecified area of the Caribbean,  unofficially reported to be off the east coast of Trinidad and Tobago as of 04 October. USS Minneapolis–Saint Paul:  Littoral combat ship located at Guantánamo Bay. MV Ocean Trader:   Merchant vessel converted into a special operations mothership, thought to have been used in military operations around the world, was unofficially reported to be off the east coast of Trinidad and Tobago as of 04 October. USS Newport News : Nuclear-powered attack submarine reportedly deployed in the Caribbean region according to media sources, unconfirmed by US official sources. Deployments of US naval assets in the Caribbean Sea as of October 2025 *Exact current locations of vessels may differ from those shown on map The growing militarisation of the southern Caribbean Sea could pose serious risks to commercial airliners and merchant vessels. While the combat readiness of US forces is generally high, their exact willingness to engage perceived adversaries, in this instance Venezuelan assets, is not publicly known. Although there have been no recorded incidents of the Venezuelan military engaging US forces, any potential confrontation would endanger not only military targets but also civilian aircraft and shipping in the area. The specific weapons fitted to US warships may vary according to mission requirements and are not always publicly disclosed, but a combination of the following systems could be employed by those currently deployed in the region: Mk 46 30 mm gun systems : Range up to 4,000  metres, used against high-speed surface targets.  Phalanx CIWS radar guided 20 mm cannon : Used against high-speed sea/surface craft, and low flying aircraft,  rate of fire 3,000 to 4,500 rounds per minute, presumed range 3,600 metres.  RIM-116 missile:  Solid-fuel supersonic surface-to-air missile known to have been used by amphibious assault (LHA, LHD) and littoral combat vessels, fired from the Rolling Airframe Missile system, infrared passive radar homing guidance (fire-and-forget), range between 9 and 16 km depending on the model.  RIM-162 Evolved Sea Sparrow Missile : Solid fuel surface-to-air and surface-to-surface  missiles launched through the MK 41 Vertical Launching System, range up to 50 km.  SM-2 missile : Surface-to-air missile, primary defence missile of the US navy, fired from the MK41 Vertical Launching System, command guided and semi-active radar homing, able to target at an altitude of 19,800 metres and range of between 160 and 240 km.  SM-3 missile : Surface-to-air ballistic missile used against exo-atmospheric ballistic targets, command, GPS and infrared guided, range 700 km. SM-2 missile launched from an unspecified US warship during trials unrelated to the current US-Venezuela tensions Source: Raytheon In relation to military flights between the United States and the central Caribbean, sample data from May, August, September and October indicates an increase in activity during the latter two months. According to publicly available AIS flight-tracking software, cargo aircraft were the main type to show this rise, operating between the continental United States, Puerto Rico and the US Virgin Islands. When cross-referenced with official statements from both Venezuelan and US authorities, the following aircraft have been identified as active in the aforementioned areas: F-35 Lightning : Thought to be deployed alongside US forces in the Caribbean, possible based out of Puerto Rico. On 02 October, Venezuelan authorities reported five F-35 aircraft flying 75 km off the country’s coasts, also sighted by a civilian airliner from Avianca. The use of these is thought to be for reconnaissance purposes, although their combat capabilities may also be used for further show of force.  AV-8B Harrier II : Thought to be deployed on the USS  Iwo Jima , these aircraft briefly flew over the Guyanese capital on 07 September during the country’s presidential inauguration. Official notifications from the US embassy in the country stated that the flyover  "symbolises the US’ full solidarity with the Guyanese people” as both advance “regional security.” Suggesting the presence or willingness to deploy combat aircraft on Venezuela’s eastern flank in Guyana.  P-8 Poseidon : Used for reconnaissance, these aircraft have been tracked operating in the southern portion of the Puerto Rico FIR. Regular sorties are observed between 20:00 and 04:00 Puerto Rico time (UTC−4), with the vast majority routed towards the southern FIR boundary between Puerto Rico and Venezuela. C-17 Globemaster III : Numerous flights originating from the continental United States (e.g. El Paso, Fort Walton Beach, Charleston, Tampa and Alamogordo) to Ceiba, Puerto Rico and the US Virgin Islands have been tracked during US military exercises at the beginning of September this year and in the first week of October. Although the cargo is more likely than not military grade, given the origin and destinations, the contents of cargo remains unidentified.  KC-130J Super Hercules : Similar to C-17 flights, KC-130 flights have been seen from areas in the continental US such as Charleston and Miami en route to Puerto Rico and the US Virgin Islands.  KC-135 Stratotanker : Although less frequent, at least one flight was confirmed to have departed an air base in Tampa, Florida, transited near the southern edge of the Puerto Rican FIR, then returned to base shortly before entering the Venezuelan FIR on 7 October. No other aircraft were tracked or identified in the vicinity, though the sortie likely supported an unspecified air mission in the area. KC-46 Pegasus : At least two confirmations of this air-to-air refuelling aircraft were observed, the most recent on 16 September, when it departed the US Virgin Islands, flew south towards the boundary between the Puerto Rico and Venezuelan FIRs, then dropped from public tracking roughly halfway to the latter. This pattern suggests it was supporting an air mission deeper into the Caribbean, possibly close to the Venezuelan coast. RQ-4  Global Hawk : Numerous social media reports have claimed the involvement of this aircraft type from bases in Puerto Rico, although these remain unverified. Additionally, in mid-September, Venezuela’s Ministry of Defence issued a statement suggesting that RQ-4 flights were being conducted and extended into night-time hours. While unconfirmed, the US military routinely employs these aircraft for reconnaissance in other theatres of operation. Troop presence A potential US force relevant to Venezuela is the 22nd Marine Expeditionary Unit (MEU), reportedly embarked on the USS San Antonio after forming at Camp Lejeune, North Carolina. The MEU consists of Marine Medium Tiltrotor Squadron 263 providing rapid air mobility, Combat Logistics Battalion 26 for sustainment and engineering support and a Battalion Landing Team built around 3rd Battalion 6th Marines with attached armour, fires and reconnaissance enablers. Operating from an amphibious platform, it can conduct maritime security, show-of-presence patrols, limited amphibious raids, air assault insertions, non-combatant evacuations and crisis response along littoral areas. Its presence would not confirm intent but offers a flexible and scalable option for contingencies in the wider Caribbean. Exact numbers and locations of deployments remain unspecified.  There has been no explicit and significant detection of increased US troop numbers or movements around the Caribbean beyond official reporting on the 22nd Marine Expeditionary Unit. Troop numbers and movements from other US bases in the region appear unchanged, with no significant indicators of a broader build-up according to publicly available information. Although US military flights to and from Colombia (Barranquilla), Costa Rica (Daniel Oduber Quiros airport), US Virgin Islands, Puerto Rico and Antigua, as well as in the airspace over Honduras and El Salvador, have been observed by AIS-based software, these movements alone do not constitute clear evidence of heightened deployments and may reflect routine patterns rather than a substantive shift in posture. Venezuelan air defence  Venezuela fields a layered combination of S-300VM, Buk-M2E, S-125 Pechora-2M systems and at least 4,000 Igla-S MANPADS that, if engaged, could complicate both civilian and military aviation around key hubs and approach corridors. Although locations and readiness remain largely unconfirmed, reported positions at Manuel Ríos, Caracas, Puerto La Cruz, Isla Margarita and La Carlota imply engagement ranges from high to low zones that raise the risk of misidentification, airspace restrictions and inadvertent engagements. BUK 2M : Official statements indicate Venezuela acquired three Buk-M2 air-defence systems in 2013, while unofficial reporting suggests the total could be as high as twelve. Given their mobility on tracked and wheeled chassis, precise deployment locations are uncertain, though sightings and analysis point to Punto Fijo, location of the country’s largest refinery with a 940,000 b/d capacity, Caracas (including La Carlota airfield as of 05 October 2025), La Orchila Island during September 2025 exercises, and movements to or from Güiria port in the east. The systems are believed to be distributed across multiple branches of the armed forces. The Buk-M2E is a radar-guided, medium-range system with an engagement range of up to 50 km.  S-125 Pechora 2M : With an approximate range of 35 km and mounted on tracked or wheeled vehicles, Venezuela acquired at least eleven of these systems in 2014. Footage from military exercises over the years shows them being tested, and they have been reported or sighted near Cúcuta (on the Colombian border), Maracay, Caracas, Puerto La Cruz and Isla Margarita, although precise deployment locations remain officially unconfirmed. S-300VM : With a range of up to 250 km, open-source geolocations indicate Venezuelan S-300VM systems at Manuel Ríos Air Base (115 km S of Caracas). Additional reports, all officially unconfirmed, place S-300 systems in Caracas (defending government sites), Puerto La Cruz (commercial port, second largest refinery, Rafael Egañez Marcano naval complex), and on Margarita Island, this latter according to an exiled admiral with limited other verifying sources. Typical S-300VM deployment would include a command post, acquisition radars, an engagement radar and interceptors, enabling high-altitude, long-range area defence and limited intercept capability. Actual Venezuelan inventory, readiness and missile loads are unverified. Igla-S MANPADS : With an approximate range of 6 km and maximum flight altitude of 11,000 km, Venezuela purchased two separate batches of 2,000 Igla MANPADS from Russia in 2010 and 2012. Their precise distribution across the country remains unclear, but units are believed to be deployed within the army, navy and air force, as well as at strategic sites such as military bases, airports, government facilities and refineries. The system has appeared frequently in footage of military exercises and is thought to have a shelf life of around ten years from the date of manufacture, although those dates are unknown. Without maintenance or life-extension work, many of these systems may be prone to misfires or malfunctions. Left to right: Venezuelan S-125 2M Pechora, BUK 2M and S-300VM anti-air defence systems Source: Alys Blanchard, FAF-Club, date of image unknown (accessed 13 October 2025) Air and Naval bases in Venezuela Venezuela has at least sixteen air bases and airports, some believed to be dual use and others dedicated to military roles. Although the status of several sites is unclear, flight tracking shows activity at a number of them. Major air bases are concentrated in the north and are thought to operate Russian-acquired Su-30s and legacy F-16s procured in the 1980s. Other air assets include C-130 transports, Chinese Shaanxi Y-8s, Mi-35 attack helicopters and Mi-17 utility helicopters, plus smaller types and up to fifteen Iranian-designed Mohajer armed UAVs acquired around 2012. Naval assets number about thirty-five and include three diesel-electric submarines, six gunboats and at least twenty patrol craft of varying tonnage based at several Caribbean ports. The exact level of readiness and crew training remains uncertain, though the systems listed have appeared in exercise footage in recent years. Air and naval bases in Venezuela known to be active at the time of writing Venezuelan military flights and naval movements are less numerous on AIS tracking software, and open-source reporting likewise offers limited detail on exact locations and assets. In parallel with an increase in US military flights in September and October this year, Venezuelan military flights, although with limited visibility in open sources, have increased by 100% based on flight samples taken from May, August, September and October. These flights mainly include east–west C-130 transport sorties and coastal tracks over the Caribbean Sea resembling reconnaissance by an unspecified low-flying, low-speed aircraft taking off from and returning to Caracas’s Francisco de Miranda Air Base. No significant north–south movements have been identified in open sources, suggesting the majority of military movements in the country remain in the northern area. US military deployments (left) and participating military hardware in the Caribe Soberano 200 snap drills (right) on Orchila Island as reported by Venezuelan authorities  Source: TeleSur Military exercises by Venezuela In response to Venezuela’s perceived threats, a series of military drills were carried out between September and October of this year. Venezuela’s true combat readiness and capabilities remain unclear and are unlikely to withstand a large-scale US incursion. If imagery shared by official and unofficial accounts is accurate, the main risks stem from inadvertent targeting of merchant vessels or civilian and military aircraft. The following outlines what was reportedly conducted. Isla de Orchila : Venezuela conducted a three-day Caribe Soberano 200 exercise on La Orchila Island, centred on the Antonio Díaz naval base, with over 2,500 personnel, 12 navy vessels (including six Lupo-class frigates, four Avante 2400 offshore patrol vessels, U-209/A-1300 diesel-electric submarines, logistics and multipurpose ships), 22 aircraft, and 20 militia peñeros. Activities included Su-30MK2 over-water flights with Kh-31 anti-ship capability, employment of armed UAVs for air defence and surveillance, Buk-M2 surface-to-air missiles, ZU-23 anti-aircraft artillery, coastal live fire, amphibious landings with armoured vehicles, air-defence drills, parachute drops, cargo airdrops, and tactical air support. Special forces conducted air, sea and land infiltration and underwater reconnaissance, while intelligence and electronic warfare units practised call interception, jamming and communications disruption. The Bolivarian Militia operated armoured vehicles and co-ordinated shipboard electronics, and the National Police supported reconnaissance tasks. Images of Venezuela’s military exercises on Isla de Patos, 10 km from Trinidad and Tobago Source: Venezuelan authorities Isla Margarita : Around 8 October, Venezuelan officials reported the start of “Operación Defensa Insular Luisa Cáceres de Arismendi 200” along Margarita Island’s coasts and adjacent waters, though participation levels remain unclear. Unconfirmed reports suggest the event was cancelled or scaled down in response to increased US military presence in the region. Prior official descriptions pointed to intensive patrols, maritime surveillance and exploration with artisanal fishing councils, plus parachute and cargo drops within integrated air–sea–land manoeuvres. A co-ordinated military–police–civil approach was highlighted for deterrence and maritime control, but the actual extent of execution remains uncertain. Isla de Patos : Footage and reports emerged that Venezuela was conducting rare live-fire exercises simulating an amphibious landing using patrol boats and anti-air exercises 10 km from Trinidad and Tobago on the northeastern end of Venezuela, with the participation of a Los Frailes class transport vessel and smaller landing craft. Zu-23 23mm anti-air cannons were observed in a video, as were what appeared to be .50 calibre guns firing on the island. Unconfirmed reports stated the event disrupted local fishing operations, although this remains unverified. Venezuela’s defence minister showing a map of the “Caribe Soberano 200“ military exercises on La Orchila island Source: TeleSur, September 2025   Threats to maritime and aviation Military presence of the two sides can be broken down into deployments, patrols and operations, each side interacting with the other in a tense environment where split-second decisions or misidentification of adversary aircraft may contribute to a serious incident.  Maritime field Accidental targeting, misidentification : Heightened alert states, non-standard interventions (missile targeting of suspected drug trafficking boats) and rapid decision cycles increase the risk that civilian craft are misidentified as hostile or narcotics carriers. Contributing factors include low visibility, AIS outages, high-speed approaches, poor radio communication and profile similarity to narcotics-laden craft. Probable outcomes range from boardings and warning shots to disabling fire, with elevated risk near exclusion perimeters, convoys and exercise boxes.    Collateral damage to nearby vessels : Exchanges of fire with suspected threats, air or surface weapon tests during exercises, as well as missile interceptions can endanger merchant vessels and small boats operating in the proximity of such events. Risks include stray rounds, fragmentation, shock effects and debris fields. Choke points or port approaches may be of particular concern during live-fire periods, air-defence alerts or when multiple forces manoeuvre in confined spaces.  Deviation due to closed maritime spaces : Short-notice activation of exclusion zones for exercises or operations, modification of patrol lines and ad hoc safety corridors can close or constrict established routes. Even with Notices to Mariners (NOTMAR), rerouting may be required with limited warning, causing schedule disruption, traffic compression, higher collision risk and pilotage challenges at primary hubs. Expect rolling adjustments to sea lanes around task groups, tanker routes and approaches to major Caribbean ports. Aviation field Accidental targeting, misidentification : Aircraft operating in or near conflict zones face a heightened risk of misidentification, where a military actor may mistake a civilian flight for a threat and engage it. This has occurred in the past, notably PS752 (Ukraine International Airlines), shot down shortly after take-off from Tehran in January 2020, and J2-8243 (Azerbaijan Airlines), reportedly shot down near Grozny in December 2024 by Russian air defence. Small, low-flying aircraft are at greater risk, particularly following deviation from a cleared route or during loss of communication. While such incidents are unlikely, they remain a credible consideration amid regional tensions. Source: FlightRadar24 (flight data) Heightened GPS jamming and spoofing : These forms of electronic interference can disrupt or manipulate satellite-based navigation and timing signals, potentially affecting civilian airliners transiting the area. At present there are no signs of heightened digital interference in the area in question. If the situation were to escalate, significant interference would be a likely scenario. Flight interruptions, Closed airspace, airports : Sudden closure of airspace during armed confrontation can occur and cause significant disruptions for aircraft, passengers and businesses. Individual airports may also close at short notice if landing and take-off are deemed unsafe. This can cause disruptions, re-routing and aircraft to enter holding patterns. If tensions escalate, these are very likely scenarios and aircraft may need extra fuel for possible re-routing.