The law under review is the amendment to the Staatsschutz- und Nachrichtendienst-Gesetz that the Nationalrat passed on July 9 last year. It gives the DSN, Austria’s domestic intelligence service, the power to monitor messages on services like WhatsApp and Signal, encrypted or not. The trigger conditions are terrorism, activities that endanger the constitutional order, and espionage. Orders run for three months and can be extended. Before anything happens, the Rechtsschutzbeauftragter in the Interior Ministry reviews the request and the Federal Administrative Court has to approve it.

On paper that is a layered system. In practice I have yet to meet anyone in Vienna’s security community who can explain how a court is supposed to meaningfully review a surveillance technique it cannot inspect.

How we got here

The vote last July was ugly. ÖVP and SPÖ carried it, FPÖ and the Greens voted against, and even inside the coalition the NEOS deputies Krisper and Scherak broke ranks. That fracture mattered. In January, FPÖ and the Greens filed a Drittelbeschwerde, a constitutional challenge that requires one third of the Nationalrat. Sixty-two deputies signed. When the parliamentary far right and the Greens agree that a law goes too far, the Constitutional Court tends to listen carefully.

There is also precedent, and it is not on the government’s side. In 2019 the same court struck down Austria’s first attempt at a Bundestrojaner. The judges called covert surveillance of computer systems a grave intrusion into private life under the European Convention on Human Rights, permissible only within extremely narrow limits. The Interior Ministry’s lawyers have spent the years since trying to draft around that ruling. June 22 is the test of whether they succeeded.

The part nobody wants to say out loud

Here is the technical reality the political debate keeps avoiding. You cannot wiretap Signal. End-to-end encryption means there is nothing useful on the wire. There are only two ways in. Either the provider hands over the messages, which Signal will not and structurally cannot do, or the state installs spyware on the target device by exploiting a vulnerability in the operating system.

The second option is what this law actually authorizes, whatever the legislative language says. And the budget figures confirm it. The impact assessment attached to the reform set aside ten million euros from 2026, followed by roughly two million per year in license fees through 2029. License fees. Nobody pays recurring license fees for a tool they built themselves. Austria is shopping at an international spyware vendor, and the shortlist of companies selling state-grade mobile exploitation is not long. The same paperwork mentions an IMSI catcher for location data, almost as an afterthought.

So the state becomes a customer in the exploit market. That has consequences the law does not address. Every zero-day a government buys and keeps alive is a vulnerability deliberately left open in phones carried by everyone else, including ministers, judges and the DSN’s own officers. People in allied services have been blunt with me about this trade-off for years. You do not get a Trojan that only works on terrorists.

Why the timing is awkward for everyone

The government will argue necessity, and it has material. Sylvia Mayer, running the DSN since January, says openly that Russia is the largest espionage threat and that among Vienna’s thirteen thousand accredited diplomats, some delegations are more than one fifth intelligence officers. The Egisto Ott verdict in May, four years and one month for spying for Moscow from inside the old BVT, gave Austria its first major espionage conviction of the new era. The services finally have political momentum after a decade of being the embarrassment of European counterintelligence.

The opposition will argue proportionality, and it also has material. The 2019 ruling. The technical impossibility of limiting spyware once deployed. The fact that the agency asking for this capability is the institutional successor of the office Ott worked for. Trust is the currency here, and Austrian domestic intelligence has been printing very little of it.

The court has said it intends to announce its decision in the days after the hearing. Whichever way it falls, the law is supposed to enter into force in 2027, which means the procurement process is presumably already moving. That is the thread I find more interesting than the constitutional question. If the judges uphold the law, Austria signs a contract with a spyware vendor within months. The name on that contract, and the export jurisdiction behind it, will tell us more about the future of Austrian surveillance than anything said in court on June 22. I intend to find out what it is.

On 4 May, the Austrian Foreign Ministry confirmed an ORF report from the previous evening. Three Russian diplomats had been declared persona non grata over the antennas on the roof of the embassy on Reisnerstrasse in the 3rd district and on the Donaustadt compound described above. The installations, according to ORF’s sources, were used to intercept data transmitted by international organisations based in Vienna over satellite internet. The three have already left.

This is the largest single Russian expulsion in Austria’s post-2022 period and brings the cumulative total to 14 since the full-scale invasion. The 14 figure, set against the seven-thousand-or-so hostile officers operating in this city and the dozens of accredited Russian personnel still in Vienna, is small. The story matters less for the numerical impact than for what it signals about how the new coalition is actually treating the espionage portfolio.

Foreign Minister Beate Meinl-Reisinger framed it in unusually direct language for an Austrian foreign minister: “Espionage is a security problem for Austria. In this government, we have initiated a change of course and are taking consistent action against it.” Then, more pointedly: “It is unacceptable for diplomatic immunity to be used to conduct espionage.”

Both sentences should be read in the context of what the Austrian government did before reaching the expulsion decision.

The Russian ambassador was summoned to the Foreign Ministry in April. Vienna asked Moscow to waive the immunity of the three officers so that the prosecutor’s office could open a case. Russia refused, which is the answer everyone in the building expected. Once that refusal was on the record, the only remaining instrument was a PNG declaration. That sequence, asking for immunity to be lifted before going to expulsion, is itself meaningful. It tells you the Justice Ministry would have preferred to prosecute, not deport. That is the institutional logic of the §319a draft I wrote about last month coming into view. The government is signalling that it wants foreign espionage on Austrian soil treated as a criminal matter rather than a diplomatic one.

The technical layer matters, and I will be brief about it because there are people in this city who know more than I do about exactly what those antennas were doing. The basics are these. When an international organisation in Vienna sends and receives traffic over satellite, the uplink and downlink are not magic. They are radio waves with side lobes that bleed off the main beam, and they pass over rooftops in defined geometric patterns. Anyone with the right antenna at the right altitude in the right place can pick up that traffic. Decrypting it is harder, but the volume of communications moving through the IAEA, UNOV, the OSCE and the EU Agency for Fundamental Rights, accumulated over years, gives serious cryptanalytic teams plenty to work with. Embassy rooftops are uniquely valuable platforms for this work because of immunity. Nobody, including DSN, can come up and look at the equipment.

The Donaustadt compound is what makes this case sharper than the standard embassy SIGINT story. The site sits within walking distance of the UN City complex. The line of sight is, to put it generously, ideal. Anyone who has walked along Wagramer Strasse on a clear afternoon understands the geometry instinctively. The question that has been quietly asked in Vienna’s diplomatic circles for years is why nobody acted on this earlier.

Part of the answer is that DSN until recently was not in shape to act. Sylvia Mayer took over on 1 January as the first female director of the agency. The Russian ambassador was summoned in April. The expulsions were announced on 4 May. That is the operational rhythm of a service that has decided to spend its first major political capital on this file. Mayer herself was on the podium at the press conference. Asked why these installations were a particular threat, she limited herself to saying it had to do with their size and nature, and declined to comment on the timing. The decline to discuss the timing is the whole story. The timing is a political choice, not an intelligence one. The antennas have been there for years.

There are limits to what I will read into a single expulsion. Austria has now expelled 14 Russian diplomats in four years, which compared to other European countries is still on the low side. The bulk of accredited Russian personnel are still here, doing whatever they do, with the same immunities. The Donaustadt compound is still in operation. The antennas, as a class of equipment, are not going anywhere, and Russia will rotate in new staff under different cover within months. The structural facts of Vienna’s exposure have not changed.

What has changed, possibly, is the political ceiling on what can be done about that exposure. For most of the past decade, the standard official Austrian position was that Vienna’s hosting role required a particular kind of equidistance, and that expulsions complicated relationships with international organisations that depended on diplomatic stability. That position has been quietly retired by the current government. Meinl-Reisinger’s “change of course” line is not rhetorical. It maps onto a sequence of concrete decisions: the §319a draft, the summoning of the ambassador, the public request for immunity waiver, the public expulsion. These are not the actions of a government still committed to the bridge.

The next move belongs to Moscow. The Russian embassy called the expulsions “outrageous” and “politically motivated,” and warned of a “harsh” response, calling the bilateral relationship “at a historical low.” In recent pattern, “harsh response” usually means a reciprocal expulsion of Austrian diplomats, often more than the original number, and visa frictions for Austrian citizens. The relationship will degrade further. That is also part of the price of the course change, and the government appears to be prepared to pay it.

The piece I wrote last month argued that the §319a draft was real progress but that the Ott verdict would tell us more than the law itself. The expulsions on 4 May added a third data point to that picture. Taken with the verdict that landed on 20 May, the bill, the expulsions and the conviction are starting to look less like isolated events and more like a deliberate sequence. Vienna, for the first time in a long time, is acting like a country that takes its espionage problem seriously.

Whether that lasts beyond the next election cycle is a question I will not answer today. It depends on which parties are at the table after the next vote and what they decide to do with the institutional momentum the current government has built. The political risks are real. The operational improvements are also real. Both things can be true.

The European conversation about the gray zone is happening at full volume. White papers, conferences in Brussels and Helsinki, ECFR reports, Council conclusions in March, a CSIS analysis that finally puts numbers on the sabotage. The actual operational people who would have to do something about it, at least in this country, are still treating it as somebody else’s file.

There is a doctrine emerging inside European intelligence services that finally, openly, names what has been happening for the past several years. Blaise Metreweli, the new chief of MI6, set it out in her first public speech on 15 December. “We are now operating in a space between peace and war,” she said. “This is not a temporary state or a gradual evolution.” Then she listed what that space contains: arson, sabotage, cyberattacks on critical infrastructure, drones over airports and military bases, aggressive undersea activity, and what she called the deliberate creation of fractures inside societies.

That speech was, by the careful reading of a few people I trust in London, a doctrinal moment. Metreweli spent very little time on China and almost none on terrorism, the two priorities that have dominated British intelligence work for two decades. She did not really mention the United States at all, which is itself a signal. The framing was entirely about Russia and about a Europe that has to start acting on the gray zone rather than just documenting it.

Joseph Fitsanakis sharpened the argument in a 5 May intelNews piece. His point, distilled, is that European intelligence services were built for a strategic environment in which they complemented American primacy. Their job was to support NATO, fill in regional gaps, provide national-level warning, and feed the larger US machine. That model is operationally insufficient now. Trump’s pivot, including the January withdrawal from the Helsinki-based Hybrid CoE, was the formal closure of the old arrangement. What Europe needs instead is autonomous intelligence structures capable of supporting an actual independent strategy. Most European services are not there yet, and the gap is widening.

The case for the doctrine, if you want it in numbers, is overwhelming. CSIS counted 219 suspected Russian hybrid warfare incidents in Europe between 2014 and 2025, with 46 percent of them occurring in 2024 alone. German media revealed in February that the Bundeskriminalamt counted 321 sabotage cases inside Germany during 2025. In September 2025, between 19 and 21 Russian-launched drones crossed into Polish airspace, forcing NATO Article 4 consultations and the closure of several airports. Drone sightings shut down operations at Munich Airport. Lithuania declared a state of emergency over repeated Belarusian balloon incursions. At the February Munich Security Conference, BND president Martin Jäger put the global Russian intelligence officer count at 60,000, not including informants. Whatever the precision on that figure, the scale is unmistakable.

This is the strategic backdrop. Now the part that actually matters from where I sit.

Austrian neutrality, as written into the Constitution in 1955, was designed for a different kind of conflict. The architects had in mind blocs, armies, formal alliances. The neutrality law commits Austria not to join military alliances, not to host foreign military bases, and not to participate in aggressive war. None of those conditions are triggered by the activity Metreweli described. A drone over Vienna’s airport does not require Austria to declare its alliance status. A cyberattack on the IAEA does not engage the army. A sabotage operation against a logistics hub in Lower Austria does not breach any of the formal conditions of neutrality. So Austria sits, technically neutral, while operations against its partners, its institutions, and increasingly its own infrastructure are run through its territory.

This is the part of the doctrine that nobody in Vienna wants to address out loud. Neutrality, as a legal category, is operationally meaningless in a gray-zone conflict. The conflict does not generate the moments that neutrality is built to manage. There is no declaration of war, no troop movement, no formal alliance request. There is only constant, low-grade, deniable pressure. And in a country that hosts the IAEA, UNOV, the OSCE, OPEC, the EU Agency for Fundamental Rights, several thousand accredited foreign personnel, and the seven-thousand-or-so hostile intelligence officers I have written about before, the absence of a formal war does not mean the absence of strategic stakes. It just means Austria is currently choosing not to act on them.

The §319a bill I covered last month is the dim reflection of this realization inside the Justice Ministry. The drafters know, even if they cannot put it in the explanatory memorandum, that the current legal framework is calibrated for a world that no longer exists. Closing the espionage loophole is the easy half. The harder half is asking whether a country can credibly call itself neutral when its capital is the operational backyard for at least one belligerent in an ongoing European conflict.

I do not see the DSN reaching that question on its current trajectory. Sylvia Mayer took over as director on 1 January. The service is still rebuilding from the BVT collapse, and the allied agencies I speak with regularly describe DSN as analytically respectable and operationally thin, which is the wrong shape for “between peace and war” work. The doctrine Metreweli outlined assumes a service capable of running disruption operations against hostile networks on its own initiative. That is not what DSN does, and it is not what DSN, given Austrian political reality, will be doing any time soon.

The political reality is the second-order problem. The FPÖ leads the polls. The party has spent the past decade building its base on a soft-Russia, hard-neutrality position, and there is no electoral incentive for them to revisit it. If they form the next government, or play kingmaker in the next coalition, the most likely outcome is that Austria stays inside the EU institutional framework on paper while drifting operationally outside the European gray-zone response architecture. Other European services will adjust by routing around Vienna. I have already heard variations of that sentence in a couple of allied capitals over the past year.

So what does Metreweli’s doctrine actually mean for this country.

It means the choice is becoming explicit. Either Austria modernizes its understanding of neutrality to allow active counter-hybrid work, including offensive cyber, disruption of hostile networks on its own territory, and meaningful operational sharing on hybrid campaigns against partners. Or it accepts that its strategic position will erode quietly, year by year, until the city is treated by allied services as a permissive environment to be worked around rather than worked with.

The Constitution does not actually prevent the first option. The Constitution prevents joining a military alliance. It does not prevent treating sabotage, cyberattacks, drone incursions and hybrid operations against European partners as serious matters that Austria acts on. That is a political choice presented as a legal constraint. Most Austrian politicians find the legal framing convenient because it spares them the conversation.

Metreweli’s speech, read carefully, was an invitation. She was telling other European services that the UK is moving from documenting to acting. She was telling Moscow that the cost calculus is about to change. She was telling Washington, very politely, that London no longer believes the transatlantic intelligence relationship is what it once was. And she was telling neutral countries that the gray zone does not respect their preferred categories.

Vienna has not yet had this conversation with itself. It will. The only question is whether it happens because Austrian politicians chose to have it, or because allied services stopped waiting.

Section 256 of the Criminal Code criminalises espionage only when it is directed against the Austrian state. So if a Russian, Chinese or Iranian officer sits in a Viennese café and tasks a contact to collect on the IAEA, surveil a dissident who fled here precisely because she thought the Republic would protect her, or lift material from an OSCE delegation, none of that is a crime under Austrian law. The targeted state can complain. The targeted institution can withdraw cooperation. Austria itself has nothing to charge.

This is what produces the “spy capital” cliché. The figure people quote is 7,000 hostile officers operating in this city. It comes from the Austrian Center for Intelligence and Security Studies and is several years old. I have my doubts about that level of precision, since counting people whose entire job is not being counted is a strange exercise. But the structural fact the number gestures at is real, and any allied service will tell you the same thing about Vienna without much prompting.

On 9 March, the Justice Ministry circulated a draft bill that finally moves to close §256. Falter obtained the text and reported on 3 April. Bloomberg followed the same morning. The draft is now sitting with the ÖVP-NEOS coalition partners.

The headline change is a new §319a, criminalising espionage against international organisations headquartered in Austria, with prison terms of six months to five years. The IAEA, UNOV, the OSCE, the EU Agency for Fundamental Rights, all of them become protected. Operating against them from Austrian soil becomes a domestic offence rather than a diplomatic embarrassment that the Foreign Ministry has to manage privately.

That is the part everyone is writing about. The two changes underneath it are more interesting.

The first widens the legal concept of Nachteil der Republik, detriment to the Republic. Under the draft, the conduct does not have to actually harm Austria. It is enough that it is capable of endangering the country’s reputation, security or prosperity. So espionage against another EU member state, conducted from here, becomes prosecutable on the theory that hosting it could damage Austria’s relations with the partner. This shifts the offence from a results-based crime toward something closer to abstract endangerment. The Constitutional Court has historically not been comfortable with that kind of construction, and the provision will end up there sooner or later.

The second targets what the trade calls disposable agents. These are the low-skilled people, often very young, recruited through Telegram or Signal to do small, discrete tasks. Photograph a building. Drop a package. Walk behind a target for an afternoon. The Bulgarian cell that worked through Jan Marsalek and was convicted in London last year relied heavily on this model, including in Vienna. Under current law, prosecuting them was awkward, because their individual contribution was small and their knowledge of the wider operation was usually genuine ignorance. The draft makes participation itself the offence, including for volunteers.

The political pressure behind all of this is coming, very specifically, from one courtroom on Landesgerichtsstrasse.

The Ott trial

The trial of Egisto Ott opened on 22 January. Ott is a former officer of the BVT, the domestic intelligence service that was dissolved after the 2018 raid that, more than anything else, destroyed Austria’s standing inside the European intelligence community for most of the next decade. The indictment runs to 172 pages. The headline charge, which is what makes this politically explosive rather than just embarrassing, is supporting a foreign intelligence service to the detriment of Austria.

Prosecutors say Ott pulled large volumes of personal and operational data from national and international police databases between 2015 and 2021, kept some of it in a private Gmail account, and passed it through Marsalek, the fugitive Wirecard COO who has been in Russia since 2020. The list of alleged products is bad. Addresses of Russian dissidents living in Austria. Phone metadata of senior interior ministry staff. At one point in 2022, a laptop containing classified EU electronic security hardware that ended up with Russian intelligence.

The allegation that should make any journalist in this region uncomfortable is that Ott provided Marsalek with the Vienna address of Christo Grozev, the Bellingcat investigator who has spent years exposing GRU operations from Salisbury to Berlin. Marsalek arranged for the apartment to be broken into. Grozev eventually left Austria after being told the threat to him was credible. Anna Thalhammer at Profil, who has been writing on Ott and Marsalek for years, is a witness in the trial and has described being a target of disinformation and physical surveillance in this city.

The personal details are not the point. The point is that the same investigation that produced Ott’s arrest also surfaced what the Bulgarian cell had been doing in Vienna for months, and almost none of it was prosecutable here. That is the political fact that finally moved the bill.

Two things missing from the conversation

The first is operational capacity. Writing §319a into the Criminal Code is one parliamentary vote. Building the kind of counter-intelligence service that can actually make a §319a case against a foreign professional working under official or commercial cover in Vienna is several budget cycles, at minimum.

The DSN took over from the BVT in late 2021 and is still rebuilding. Sylvia Mayer started as the first female DSN director on 1 January. Allied services I have spoken to over the past two years tend to describe the DSN as analytically competent and operationally thin, and the gap between those two things is exactly where §319a cases live. I am not saying nothing will happen. I am saying that for the first two or three years after this passes, the cases that get charged will probably look like the Bulgarian one, meaning they will fall into Austria’s lap because someone else made the original arrests.

The second is press freedom. The widened Nachteil der Republik language is broad enough that I can already see a future prosecutor reaching for it against a journalist who publishes material the government finds awkward, particularly anything connected to allied state operations on Austrian soil. I want a clear source-protection carve-out in the final text. Falter’s reporting did not mention one. The Justice Ministry will presumably say existing media protections apply. In practice they do not always apply, especially when the story embarrasses a partner government.

What this actually changes

It changes what the prosecutor can charge once a case has been built. That is a real change.

It does not change the geographic and institutional facts that make Vienna useful in the first place. It does not change the diplomatic immunities attached to the several thousand accredited foreign personnel in this city. It does not change the political reality that the FPÖ, currently leading in the polls, has spent the better part of a decade benefiting from the absence of pressure on this question and has every interest in the new law being enforced as gently as possible if and when they are in government.

The Ott verdict is the test, not the law. If a jury sitting through 172 pages of evidence and ninety witnesses cannot bring itself to convict a former officer on the espionage count, the new statute will not matter, because no prosecutor will want to be the one to bring the next case. If they do convict, the Republic will have signalled, for the first time in a long time, that it is prepared to treat espionage on its territory as the serious matter it has always been.

The attacker, İsa Aras Mersinli, also died. He turned the gun on himself.

In the hours that followed, investigators began working through his digital life. What they found was not a mystery. It was a map, drawn in plain sight, that nobody had thought to read.

A Profile Picture as a Manifesto

Mersinli’s WhatsApp profile picture was a photo of Elliot Rodger.

For those unfamiliar with the name: Rodger was a 22-year-old who, in May 2014, killed six people in Isla Vista, California before taking his own life. Before the attack, he uploaded videos explaining his motivations and left behind a 137-page document he called his manifesto. He had become, in the years since, an icon in online communities built around male grievance, rejection, and the glorification of mass violence. He is arguably the most influential figure in the so-called “incel” subculture that has since been linked to multiple attacks across North America and Europe.

A teenager in southern Turkey had put this man’s face as his public-facing identity. He had done it voluntarily. He had done it where anyone who knew him could see it.

His computer also contained a document, dated April 11, 2026, four days before the attack, describing what he was planning to do.

The Turkish Prosecution’s Office confirmed the attack was premeditated. There was no spontaneity here. There was a timeline, a target, and a model.

The Telegram Layer

The attack in Kahramanmaraş did not happen in isolation. The same week, another school in Şanlıurfa was targeted. And in the immediate aftermath, a Telegram group called “C31K,” with approximately 100,000 members, began circulating messages celebrating the attackers and posting specific schools, dates, and locations as the next targets.

Turkish authorities identified 591 social media accounts spreading what they described as disinformation and provocation. Cybercrime units opened investigations. The group had previously been connected to two separate murder cases in Turkey.

This is a pattern that European security analysts should be paying very close attention to.

What we are seeing is not just copycat violence driven by media coverage. It is something more structured: online communities that actively cultivate the mythology of mass attackers, offer belonging to isolated and radicalized young people, and then, after an attack, use it as recruitment material and operational inspiration for the next one. The digital infrastructure of this ecosystem runs primarily through encrypted messaging platforms, gaming communities, and fringe imageboards, most of which operate with minimal oversight.

The Incel Pipeline and Its European Reach

The incel phenomenon is not a Turkish story. It is not an American one either. Since Rodger’s 2014 attack, the ideological framework he helped define has been cited in mass casualty events in Canada, the United Kingdom, Germany, and Finland. In 2018, a van attack in Toronto killed ten people. In 2021, a man in Plymouth, England killed five. In both cases, investigators found significant engagement with incel forums and, in particular, with content venerating Elliot Rodger specifically.

What connects Kahramanmaraş to Plymouth to Toronto is not geography. It is an online ecosystem that operates without borders and targets young men who feel, for whatever reason, invisible and powerless.

In Mersinli’s case, the behavioral indicators were present. Teachers described him as withdrawn and increasingly isolated. He was reportedly spending large amounts of time online. His social media profile displayed an open tribute to a foreign mass killer. His computer contained a pre-attack document. None of this triggered a formal intervention.

What Monitoring Actually Means

There is a legitimate debate in Europe about the limits of social media surveillance, and it is a debate worth having. The GDPR framework, fundamental rights law, and democratic principles all impose real constraints on how states can monitor private communications. Those constraints exist for good reason.

But what happened in Kahramanmaraş was not a question of encrypted messages or private channels. Mersinli’s profile picture was visible to anyone who had his contact. His behavioral isolation was observable to teachers and classmates. The warning signs were not hidden. They were unread.

This is where the conversation about monitoring needs to be more precise. The choice is not between mass surveillance and willful blindness. There is a middle space that involves:

Training educators and school counselors to recognize the specific behavioral and digital markers associated with radicalization toward mass violence. A student who idolizes a foreign school shooter is not simply “troubled.” That is a specific and documented warning sign with its own established literature.

Building structured reporting pathways between schools and threat assessment teams. Several European countries, including Germany and the Netherlands, have developed multi-agency behavioral threat assessment programs modeled on the US Secret Service’s work in this area. These programs work when they are actually resourced and integrated into school environments.

Monitoring open-source digital signals without requiring access to private communications. What Mersinli displayed on his profile was open-source. A school or a social worker or a platform flagging system could theoretically have caught it. The question is whether any of those systems were in place or whether anyone was looking.

Engaging platform providers on incel content specifically. The Telegram group that celebrated the Kahramanmaraş attack had 100,000 members and had already been linked to two previous murders. That it continued to operate until this moment is a failure of platform governance, not an intelligence gap.

The Copycat Problem Is Structural

One of the more uncomfortable findings in mass violence research is that extensive media coverage of attackers, particularly sympathetic or fascinated coverage that focuses on the attacker’s psychology and background, demonstrably increases the probability of subsequent attacks. The so-called “contagion effect” has been documented in peer-reviewed research for decades.

Online communities have essentially weaponized this effect. They do not just report on attacks. They archive them, analyze them, build personas around the perpetrators, and actively market them as role models to young men who are already vulnerable. Elliot Rodger has been dead for twelve years. He has, in that time, inspired more violence than he carried out himself.

Mersinli did not invent his frame of reference. Someone, or more likely some community, handed it to him. That community is still operating. It has 100,000 members in a single Telegram group in Turkey alone.

What Europe Should Be Doing Differently

The EU’s Digital Services Act, fully in force since 2024, creates obligations for very large online platforms to assess and mitigate systemic risks, including risks to public security. Mass violence glorification communities of 100,000 members on major messaging platforms are, by any reasonable reading, a systemic risk. Whether the DSA’s enforcement mechanisms are being applied to this specific category of content with any seriousness is an open question.

At the national level, the more practical gap is in threat assessment capacity at the local level. National intelligence services are not positioned to monitor every isolated teenager in every European school. But schools, social services, and local police can be. They need better tools, better training, and better coordination structures to do it.

The UK’s Channel program, Germany’s VERA-2 radicalization assessment tool, and the Netherlands’ integrated approach to neighborhood-level threat assessment all represent the kind of infrastructure that can catch individuals before they cross a threshold. The precondition is that people in daily contact with at-risk youth know what they are looking for.

A boy who puts Elliot Rodger on his profile picture is telling you something. The question is whether anyone in his environment had been taught to hear it.

A Note on What This Is Not

This is not a case where better surveillance technology would have made the difference. It is not a case for reading teenagers’ private messages or expanding state access to encrypted communications. The signals that Mersinli sent were not encrypted. They were in plain view on a platform billions of people use every day.

What failed was human awareness, institutional training, and platform responsibility. Those are solvable problems, and solving them does not require trading privacy for security. It requires investment, coordination, and a clearer-eyed understanding of how radicalization toward mass violence actually works in 2026.

Criminal profiling has always rested on one core assumption: criminals are creatures of habit. They leave behavioral signatures. They escalate predictably. Their psychology leaks through their methods. For decades, this held up well enough. The FBI’s Behavioral Analysis Unit built an entire discipline around reading crime scenes like psychological fingerprints, classifying offenders as organized or disorganized, mapping modus operandi against personality types, and predicting the next move based on the last one.

Then AI entered the equation. Not as a tool for investigators, but as a tool for criminals. And it didn’t just make crime easier. It fundamentally altered who commits crime, how they behave while doing it, and what traces they leave behind. That shift is quietly dismantling the foundations of classical profiling.

The Old Rules

Traditional profiling works on a set of behavioral axioms. Behavior reflects personality. Crime scenes tell stories about the offender’s psychology. Signature behaviors, those acts unnecessary for completing the crime but driven by deep psychological needs, remain consistent across offenses. Modus operandi evolves as the offender learns, but the core emotional drivers stay stable.

These principles gave investigators a framework: analyze the scene, read the behavior, build a psychological sketch, narrow the suspect pool. It was never perfect. FBI internal data suggested profiling contributed to solving roughly 17% of cases where it was applied. Academic reviews have been even less generous. But as a supplementary tool alongside forensic evidence and traditional detective work, it had value.

The problem is that every one of these axioms assumes the offender is acting from their own psychology, with their own skills, under their own operational limitations. AI has removed those constraints.

The New Criminal Doesn’t Fit the Old Mold

Consider what AI has done to the barrier of entry for sophisticated crime. Voice cloning now requires 20 to 30 seconds of audio. Convincing deepfake video can be produced in under an hour using freely available tools. Dark LLMs and jailbreak-as-a-service platforms generate phishing campaigns, social engineering scripts, and even malware with minimal technical knowledge required from the operator.

This is the first major break from classical profiling logic. The old model assumed a correlation between crime sophistication and offender capability. An organized crime scene implied an intelligent, socially competent, methodical individual. A well-crafted social engineering attack suggested experience, psychological insight, and confidence. AI has severed that link entirely. A teenager with a laptop can now execute attacks that would have previously required a team of experienced operatives.

The Trend Micro research team documented this shift in their 2025 criminal AI report: the underground ecosystem has moved from experimentation to industrialization. Criminals no longer build their own tools. They rent them. The barrier has collapsed, the tooling has professionalized, and the attack surface has expanded across every domain. Telegram channels now recruit “AI video actors” and “deepfake presenters” as a service category.

What does this mean for profiling? It means the behavioral signature, the profiler’s primary analytical unit, is increasingly a product of the tool rather than the person behind it. When a deepfake CEO orders a wire transfer on a video call, the behavioral cues that investigators would normally analyze (speech patterns, confidence level, emotional state, decision-making style) belong to the AI model, not the attacker. The criminal becomes invisible behind the synthetic layer.

AI Doesn’t Just Enable Crime. It Redirects It.

Here is the less obvious but more consequential effect. AI isn’t simply making existing criminal patterns more efficient. It is creating entirely new behavioral categories that classical profiling has no framework to address.

Take synthetic identity fraud. Criminals now build complete fake identities using a mix of real and fabricated data, pass automated KYC checks with AI-generated documents, and operate accounts that leave behind a perfectly normal behavioral footprint. There is no psychological signature to read because the “person” never existed. The behavior was designed by algorithm to look average.

Or consider AI-powered behavioral mimicry. Trend Micro and Group-IB both documented cases where AI studied institutional behavior patterns (transaction timing, approval workflows, communication styles) and then replicated them precisely to avoid triggering fraud detection. The criminal isn’t acting like themselves anymore. They are acting like the system expects a legitimate user to act. This is the opposite of what profiling relies on: instead of behavior revealing identity, behavior is engineered to conceal it.

The 2025 AI Incident Database recorded 346 AI-related incidents in a single year. Of those, 179 involved deepfake impersonation. The targets ranged from CEOs to private individuals. In one case, a British widow lost half a million pounds in a romance scam powered by deepfake video of a celebrity. A Florida couple lost $45,000 to a fabricated Elon Musk giveaway. These are not sophisticated adversaries with complex psychological profiles. These are operators running playbooks, sometimes literally purchased as step-by-step tutorials from underground forums.

The Profiling Crisis

Classical profiling depends on three things that AI is systematically eroding:

Behavioral consistency. AI allows criminals to switch personas, communication styles, and operational methods between attacks with zero psychological cost. There is no escalation pattern to track because each attack can be calibrated independently by the tool.

Skill-behavior correlation. The assumption that crime complexity reflects offender sophistication is broken. AI democratizes capability. The profile of “who could do this” expands from a narrow suspect pool to essentially anyone with internet access and basic prompt engineering skills.

Psychological leakage. Crime scenes and communications used to leak the offender’s personality involuntarily. When AI generates the phishing email, conducts the video call, or crafts the social engineering script, the psychological content belongs to the model’s training data, not the operator’s mind.

This doesn’t mean profiling is dead. But it means the discipline needs to shift its unit of analysis. Instead of asking “what kind of person did this,” investigators increasingly need to ask “what kind of toolchain produced this behavior.” The profiling target is migrating from psychology to infrastructure.

Where Profiling Still Works, and Where It Can’t

Profiling retains value in crimes that remain fundamentally physical and personal: serial violent offenses, sexual crimes, stalking, arson. These still carry strong behavioral signatures because the offender’s psychological needs drive the act directly, not through a technological intermediary.

But for the fastest-growing categories of crime (fraud, identity theft, business email compromise, financial manipulation, extortion through synthetic media), classical profiling is increasingly irrelevant. The offender’s psychology matters less than their toolkit. Their behavioral patterns are shaped more by the AI model they are using than by their own personality.

The intelligence community and law enforcement agencies that recognize this shift will adapt. Those that keep trying to build psychological profiles of operators who are essentially invisible behind AI-generated behavior will waste time and resources chasing ghosts.

The profiler’s question used to be: Who is this person?

Now it needs to be: What system is this person hiding behind, and where does that system leak?

I’ve been covering cyber threats for years now, and I’ve sat through countless conference panels where retired generals talk about “the coming cyber war.” Always in the future tense. Always hypothetical. That era is over.

On February 28, the US and Israel hit Iran. But the shooting started in cyberspace. Hours before any jet crossed Iranian airspace, US Cyber Command had already gutted Tehran’s communications and sensor networks. General Dan Caine confirmed it publicly: space and cyber operations came first, leaving Iran unable to “see, coordinate, or respond effectively.” Think about what that means. By the time the bombs dropped, the Iranian military was already operating blind.

And it only got stranger from there.

Tehran’s traffic cameras killed the Supreme Leader

This is the part that reads like fiction but isn’t. Israeli intelligence had been inside Tehran’s traffic camera network for what appears to be months, possibly longer. Not just watching. Feeding the footage into a machine alongside CIA human intelligence, signals intercepts, satellite imagery, communications metadata. The Financial Times was first to report the scope of it. One Israeli source called the whole setup an AI-powered “target production machine.” You pour data in, you get a 14-digit grid coordinate out.

They built what they called a “life pattern” for Khamenei. His routes. His schedules. Which aides traveled with him. When his security detail was thinnest. The Jerusalem Post reported that Israeli analysts mapped these patterns over an extended period, cross-referencing traffic camera data with other intelligence streams.

Then the CIA confirmed Khamenei would attend a senior military meeting on the morning of the 28th. The entire operation timeline shifted around that single piece of intelligence. The result: Khamenei dead, along with the IRGC commander, the defense minister, the chief of staff, the head of the National Defense Council. More than a dozen top officials, gone before lunch.

I keep coming back to what RUSI wrote about this. They pointed out something that gets lost in the spectacle: cyber’s biggest contribution here wasn’t disruption. It was reconnaissance. Years of quiet network access, pre-positioned in Iranian infrastructure, activated at the decisive moment. That’s not a hack. That’s a long-term intelligence operation that happened to run through fiber optic cables instead of dead drops.

Israel doesn’t want to depend on Silicon Valley for its kill chain

Here’s something that should concern anyone in the AI policy space. Haaretz reporter Omer Benjakob told NPR that Israel is building its own military AI systems specifically because it can’t afford to rely on American commercial platforms. His quote was memorable: “One day someone will discover we also use Claude, and then there’ll be a protest in San Francisco, and then they’ll take Claude away from us.”

He said this on the record.

The Anthropic dispute with the Trump administration over military use of Claude is well documented at this point. But the strategic implications go deeper than one company’s ethical stance. If your precision targeting pipeline depends on a model whose provider can revoke access based on a policy change or public pressure campaign, you have a serious sovereignty problem. Israel clearly sees it that way. Others will too.

None of this means AI targeting is ready for primetime, though. The March 8 strike on the Shajareh Tayyebeh school in Minab killed 165 people. 110 of them were schoolgirls. The building used to be a military base. Whether AI targeting systems worked off stale data is still under investigation, but a UCL computer scientist put the core issue bluntly: “This stuff is only two or three years old.”

Speed and precision are not the same thing. This war is proving that every day.

60 hacktivist groups, one internet blackout, and a paradox

Iran’s internet dropped to somewhere between 1% and 4% connectivity on February 28. That’s barely functional. You’d think that would cripple the regime’s cyber response. And for the state-run APT groups operating inside Iran, it probably did, at least initially.

But that’s not how Iran’s cyber infrastructure actually works. Tehran has spent years building out proxy networks. Hacktivist groups, some loosely affiliated, some directly run by MOIS or the IRGC, operating from outside Iran’s borders. When the internet went dark domestically, these external nodes lit up.

Unit 42 counted around 60 groups active in the first week alone. Handala Hack, which has documented ties to the Ministry of Intelligence, ran wiper and exfiltration campaigns against Israeli defense targets. On March 12, they hit Stryker, one of the largest medical technology companies in the US. MuddyWater, an IRGC-linked group, turned out to have pre-planted backdoors in Israeli-adjacent defense and financial networks. They didn’t need to break in after the war started. They were already inside.

March 2 was when things escalated beyond the Middle East. Pro-Russian hacktivist group NoName057(16) formally joined the Iranian coalition. Since then, the combined front has been hitting targets in Cyprus, Romania, across the Gulf states. Government websites, airports, telecom providers. The Russia-Iran cyber axis is no longer theoretical. It’s operational.

Now, the OT and SCADA claims. Groups have been posting screenshots alleging access to Israeli water systems, Jordanian grain storage controls, various industrial systems. John Hultquist at Google Threat Intelligence has been saying for years that Iran exaggerates its cyber successes for psychological effect, and he’s right. A lot of these claims don’t hold up under scrutiny.

But I’d be careful about dismissing all of it. CyberAv3ngers compromised real US water systems in 2023 using nothing more sophisticated than default passwords on Unitronics PLCs. The capability is proven. What we don’t know is how much coordination these proxy groups can maintain while their state sponsors are dealing with an actual shooting war.

The information battlefield is now indistinguishable from the physical one

Before the first airstrike, Israel had already compromised BadeSaba, a popular Iranian prayer app with over five million users. They pushed messages to regime supporters urging military defection. They hijacked state news websites to publish anti-regime content. Later, they sent AI-equipped drone swarms over Tehran to hit Basij militia checkpoints.

Iran’s been playing the same game in reverse for years. Dozens of Israeli nationals recruited through Telegram, paid to commit low-level sabotage: starting fires, spraying antigovernment graffiti, sowing social discord. A Clemson University researcher called Israel’s approach “psychological operations integrated with military operations in one clean campaign with a single goal: toppling the Iranian regime.”

Both sides have turned every digital platform into a weapon. Messaging apps, news sites, social media, traffic infrastructure. There’s no longer a meaningful line between “cyber operation” and “influence operation.” It’s all one battlefield.

CISA is running on fumes at the worst possible time

I can’t write about this conflict’s cyber dimension without mentioning what’s happening at CISA. The agency has lost roughly a third of its staff. The temporary director got reassigned to another corner of DHS right as the war kicked off. FBI and NSA have put out joint warnings about Iranian targeting of US defense contractors and financial firms. Jamie Dimon at JPMorgan went on CNBC and said banks are bracing for a wave of cyber and terrorist attacks.

So at the exact moment when motivated, state-aligned Iranian cyber actors are looking for American targets, the primary agency that’s supposed to coordinate civilian cyber defense is hollowed out. That should worry people far more than it seems to.

European organizations need to pay attention

The NCSC in the UK puts Iran in the same threat tier as Russia and North Korea. That was true before February 28. It’s more true now, because the Russian hacktivist groups that joined the Iranian coalition have broadened the targeting aperture into Europe.

Organizations in Austria and the DACH region might feel geographically removed from this conflict. They’re not. If your supply chain touches Israeli technology, if your cloud provider hosts workloads for companies in targeted sectors, if you run Israeli-manufactured OT equipment, you’re in scope. CyberAv3ngers targeted Unitronics PLCs in 2023 specifically because they were Israeli-made. That logic doesn’t stop at borders.

Trellix published research showing that Iranian threat groups have expanded from targeting a handful of countries to more than twenty since the conflict started. Western Europe is on that list. The tactics are familiar: spear-phishing, unpatched edge devices, ransomware that looks criminal but serves state interests, data leaks timed for maximum embarrassment.

This doesn’t end when the bombing stops

Iranian APT groups like APT42, APT34 and MuddyWater have a well-documented habit of running campaigns for years after the initial trigger. The proxy networks are activated. Russia and Iran have found operational common ground in cyberspace. The infrastructure built for this conflict will be repurposed, not dismantled.

Two decades of defense policy debates about whether cyber is a “real” domain of warfare just got their answer. In this conflict, cyber was the opening move, the intelligence backbone, the targeting enabler, the psychological weapon, and the retaliatory instrument of choice for a regime that lost its conventional military options in a matter of hours.

We’re not waiting for the first cyber war anymore. We’re in it.

Having spent over a decade in intelligence and security operations, from securing diplomatic missions for the German Federal Foreign Office to advising law enforcement on digital threats, I have observed a consistent pattern. Organisations do not fail because they lack firewalls or antivirus software. They fail because they do not know what they are exposing to the internet in the first place.

The Problem No One Talks About

Every organisation has an attack surface. It includes every domain, subdomain, IP address, open port, exposed API, cloud instance, and forgotten staging server connected to the internet. For a company with even a modest digital footprint, this can amount to hundreds of potential entry points.

The challenge is visibility. Most SMEs have no systematic way to inventory their external-facing assets. A marketing team spins up a subdomain for a campaign and never takes it down. A developer leaves a test environment exposed with default credentials. An old mail server runs an unpatched version of Exchange. Each of these is an open door.

Large enterprises address this through dedicated security operations centres and expensive enterprise tools. But for a company with 50 or 100 employees, these solutions are neither accessible nor affordable. This gap between awareness and capability is where most breaches begin.

Attack Surface Management: From Military Doctrine to Cyber Defence

The concept of attack surface management (ASM) has its roots in military intelligence. Before any operation, you map the terrain. You identify vulnerabilities in your own position before the adversary does. The same principle applies to cybersecurity.

Modern ASM platforms automate the process of discovering, cataloguing, and continuously monitoring an organisation’s external-facing digital assets. They scan for exposed services, misconfigurations, known vulnerabilities, leaked credentials on the dark web, and other indicators of risk.

What makes ASM fundamentally different from traditional vulnerability scanning is scope and continuity. A vulnerability scan checks known assets at a point in time. ASM discovers unknown assets and monitors them continuously. It answers the question most security teams cannot: What do we not know about our own exposure?

The European Dimension

For European organisations, the stakes are compounded by regulation. The NIS2 Directive, which came into full effect across EU member states, imposes strict cybersecurity requirements on a far broader range of companies than its predecessor. Entities classified as “essential” or “important” must implement risk-based security measures, conduct regular assessments, and report incidents within tight timeframes.

GDPR adds another layer. A breach resulting from an unmonitored attack surface does not just cause operational damage. It triggers mandatory notification requirements and potential fines of up to 4% of global annual turnover.

Despite these pressures, most European SMEs still rely on periodic penetration tests, conducted once or twice a year, as their primary security assessment. In a threat landscape where new vulnerabilities are disclosed daily and attack infrastructure is automated, annual testing is the equivalent of checking your locks once a year in a neighbourhood where break-ins happen every week.

Continuous Monitoring as the New Baseline

The shift from periodic assessment to continuous monitoring is not optional. It is a necessity. Attackers use automated reconnaissance tools that scan the entire IPv4 address space in minutes. If an organisation exposes a vulnerable service, it can be discovered and exploited within hours, sometimes within minutes.

This is the operational reality that led me to develop SecurityScanner.ai, an attack surface management platform designed specifically for the European market. The platform provides continuous external monitoring, automated vulnerability detection, dark web credential monitoring, and AI-driven risk assessment. It is built from the ground up with GDPR-compliant infrastructure and priced for organisations that do not have six-figure security budgets.

The philosophy behind it is straightforward. Every organisation, regardless of size, deserves the same level of visibility into its attack surface that was previously only available to large enterprises and government agencies.

What a Proper ASM Workflow Looks Like

For organisations beginning to take attack surface management seriously, the process follows a clear logic.

Discovery is the first phase. You cannot protect what you do not know exists. This means automated enumeration of all domains, subdomains, IP ranges, cloud assets, and third-party services associated with your organisation. The results are often surprising. Most companies discover 30 to 40 percent more external assets than they were aware of.

Assessment follows discovery. Each discovered asset is evaluated for known vulnerabilities, misconfigurations, exposed sensitive data, outdated software, and weak encryption. This is where automated scanning intersects with threat intelligence, correlating discovered exposures against actively exploited vulnerabilities in the wild.

Monitoring makes the process continuous. New assets, new vulnerabilities, and new threats emerge constantly. A platform like SecurityScanner.ai runs these checks on an ongoing basis, alerting security teams to changes in their attack surface before adversaries can exploit them.

Dark web intelligence adds a critical layer that traditional scanning misses entirely. Stolen credentials, leaked databases, and mentions of your organisation on underground forums represent threats that exist outside your network perimeter but directly impact your security posture. Integrating dark web monitoring into the ASM workflow provides early warning of compromised accounts and data breaches.

The Intelligence Perspective

From an intelligence standpoint, attack surface management is fundamentally an exercise in counter-reconnaissance. You are attempting to see yourself the way an adversary sees you, and to close gaps before they are exploited.

This is not theoretical. In my advisory work with law enforcement and government institutions, I have seen repeatedly how even well-resourced organisations are compromised through forgotten assets. A subdomain pointing to a decommissioned server. An exposed admin panel with weak authentication. A cloud storage bucket with public read access. These are not sophisticated attacks. They are failures of visibility.

The lesson is clear. Cybersecurity is not primarily a technology problem. It is an intelligence problem. And like all intelligence problems, it begins with knowing your own terrain.

Conclusion

The European cybersecurity landscape is at an inflection point. Regulatory pressure is increasing. Attack automation is accelerating. And the gap between enterprise-grade security and SME capability remains dangerously wide.

Attack surface management is not a luxury. It is the foundation upon which all other security measures depend. Without continuous visibility into your external exposure, every other investment in cybersecurity is built on incomplete information.

For organisations ready to take this step, the tools now exist to make it practical and affordable. The question is no longer whether you can afford to implement continuous attack surface monitoring. It is whether you can afford not to.

Your WiFi router does more than connect you to the internet. The radio waves it sends are bouncing off everything in your room, including you. And those reflections contain a surprising amount of information.

This is called CSI sensing, and it is quietly becoming a big deal in security, smart homes, and healthcare.

What is CSI?

CSI stands for Channel State Information. When WiFi signals travel from your router to your phone, they dont go in a straight line. They bounce off walls, furniture, and people. This is called multipath propagation.

Modern WiFi (802.11n and newer) divides its channel into many subcarriers. For each one, the system measures amplitude (signal strength) and phase (timing). This data is CSI.

Here is why this matters: when a person moves through a room, they disturb these signal paths. The human body contains a lot of water, which affects radio waves significantly. This disturbance shows up in CSI data as measurable changes.

So if you can read CSI data and analyze it properly, you can detect human presence and movement without any cameras or sensors on the person.

How it actually works

Think about throwing a stone in a pond. The ripples spread out and reflect off the edges. If someone walks through the water, the ripple pattern changes in a predictable way.

WiFi signals work similarly. There are regions between transmitter and receiver called Fresnel zones where signals interfere with each other. When you walk through these zones, you cause phase shifts that can be detected.

The processing pipeline looks like this:

First you collect raw CSI data from WiFi hardware. Then you clean it up, remove noise, fix phase errors. After that you extract features like variance, frequency components, correlation patterns. Finally you feed this into a classifier, could be SVM, could be a neural network like LSTM or CNN.

Recent papers from 2024 and 2025 report accuracy rates above 99% for activity recognition on standard datasets. Real world performance is lower, but still impressive.

What can you do with this?

Detecting people

The most basic application. Is someone in the room or not? This works even through walls, which is something cameras cannot do. You dont need line of sight.

Activity recognition

With good training data, you can distinguish walking from sitting from falling. This is useful for elderly care. If grandma falls and doesnt get up, the system can alert someone. No wearable device needed.

Vital signs

This one surprised me when I first learned about it. When you breathe, your chest moves a few millimeters. This tiny movement creates detectable changes in CSI. Researchers have demonstrated breathing rate detection and even heart rate estimation in controlled conditions.

Intrusion detection

This is where it gets interesting from a security perspective. Traditional motion sensors have problems. They have blind spots. They can be fooled if you move slowly enough. They need to be installed and maintained.

CSI based intrusion detection uses your existing WiFi infrastructure. It can detect slow, careful movement that would fool a PIR sensor. It works through walls. The intruder cannot see where the sensors are because there are no sensors, just your router.

Systems like Wi-Alarm have shown reliable detection of various intrusion patterns in research settings.

Counting people

You can estimate how many people are in a room. Useful for building management, energy savings, or compliance with occupancy limits.

How to Get Started – Technical Implementation

The cheapest way to experiment with CSI sensing is an ESP32 microcontroller. Espressif provides an official esp-csi toolkit on GitHub. You flash the firmware, connect the ESP32 to your WiFi network, and it starts outputting raw CSI data over serial. The data includes amplitude and phase for each subcarrier, typically 52 values per packet at 100-200 packets per second. From there you pipe it into Python for processing. Basic presence detection works by calculating variance across subcarriers. When someone moves, variance spikes. When the room is empty, it stays flat. You can get this working in an afternoon.

For better results you need better hardware. Raspberry Pi 4 with Nexmon firmware gives you access to CSI from the Broadcom WiFi chip. More subcarriers, cleaner phase data, higher sample rates. The setup is more involved, you need to patch the firmware and compile kernel modules, but there is good documentation. Intel 5300 NIC is the classic research platform with the most published code to reference, but requires an older laptop with mini PCIe slot. Once you have data flowing, the processing pipeline is standard: denoise with a low-pass filter or PCA, extract features like variance, entropy, dominant frequency from FFT, then train a classifier. Start with SVM for binary presence detection before moving to LSTM or CNN for activity recognition. Scikit-learn and PyTorch both work fine. The main challenge is not the code, it is collecting good training data for your specific environment.

Law enforcement and intelligence use

This is not just academic research. Government agencies are already using this technology operationally.

The US Department of Homeland Security has been developing through-wall sensing systems for years. Their latest project, DePLife (Detect Presence of Life), was developed with MIT Lincoln Lab. In 2024, six law enforcement agencies across California, Texas and South Carolina conducted field assessments of the technology. The system uses radar on WiFi frequencies to detect human presence through walls, showing results on a mobile app.

Israeli company Camero-Tech makes the Xaver series, which is already deployed by military and police units worldwide. Their XLR80 model can detect people through concrete walls from over 100 meters away. It shows real-time position, movement direction, and can even detect breathing of stationary targets.

MaXentric sells the Detex Pro to US law enforcement for around 6000 dollars. It is compact enough to lean against a wall and streams results to a smartphone. Police have used similar devices in hostage situations and warrant services.

The Range-R is another device in active use by US police departments. It can detect movement and breathing through standard building materials.

What makes WiFi CSI interesting is that you do not need specialized military hardware. The same physics works with commercial routers and cheap microcontrollers. The difference is range and reliability, but the basic capability is accessible to anyone.

The security angle

I work in cybersecurity, so I see two sides here.

On one hand, CSI sensing is a powerful tool. You can monitor spaces without visible cameras, which some people prefer for privacy. It works in darkness. It is hard to detect or jam. It uses infrastructure you already have.

On the other hand, the same capabilities create risks. If an attacker has access to your WiFi network, they could potentially monitor your activities. Research has shown CSI can be used to infer keystrokes, identify individuals by their gait, and build activity profiles.

This is not theoretical. The technology exists in commercial products and government hands. Whether it becomes a widespread threat depends on how aware people are and how we design systems going forward.

Getting started practically

If you want to experiment with this, you have options at different price points.

The cheapest is ESP32, around 5 euros. Espressif provides official CSI tools and it is relatively easy to get started. The data quality is moderate but enough for presence detection.

Raspberry Pi with Nexmon firmware is maybe 50 euros total. Better CSI quality, more flexibility, but requires more setup.

Intel 5300 NIC is the classic research platform. Good data quality, lots of existing code and papers to reference. You need a compatible laptop though.

For software, check out the ESP-CSI repository from Espressif, or the Linux CSI Tool for Intel hardware.

A good first project is simple presence detection. Binary classification, room empty versus occupied. Once that works, you can try activity classification or multi-room setups.

Limitations

I should be honest about the challenges.

Environment sensitivity is the big one. A model trained in your living room probably wont work in your office without retraining. Even moving furniture can break things. This is an active research area but not solved.

Hardware support varies. Not every WiFi chipset exposes CSI data. Consumer routers usually dont. You need specific hardware or firmware modifications.

Multi-person scenarios are hard. When two people are moving, separating their contributions to the signal is complicated.

Real-time processing needs decent hardware. If you want to run neural networks on CSI data continuously, you need computing power.

Where this is going

WiFi 7 is coming with wider channels, which means more subcarriers and finer resolution. Some enterprise vendors like Huawei already ship access points with built-in CSI sensing for smart building applications.

I expect we will see more commercial products in the next few years. The question is whether security and privacy considerations keep pace with the capabilities.

Final thoughts

The WiFi signals in your home carry more information than most people realize. This technology is real, it is improving, and it has both positive and concerning applications.

For security professionals, it is worth understanding. For everyone else, it is worth being aware that walls dont provide as much privacy as you might think.

We used to say that intelligence work was like looking for a needle in a haystack. It was difficult, sure, but at least we knew that if we found something sharp and metallic, it was probably the needle.

Those days are over.

Today, AI isn’t just hiding the needle; it’s dumping thousands of “fake needles” into the pile every second. They look real, they shine like metal, and they even feel sharp. But they are decoys. The modern analyst’s nightmare isn’t a lack of information it’s Information Overload on an industrial scale. We aren’t just looking for the truth anymore; we are trying to survive a flood of convincing lies.

The Weapon of Exhaustion

We often think of cyber warfare as hackers breaking down firewalls or stealing secrets. But the new threat is subtler and perhaps more dangerous. It’s what we call a “Bureaucratic DDoS.”

Think of it as a weapon of exhaustion. Adversaries are using generative AI to create a “Cognitive Flood” millions of synthetic reports, deepfake videos, and bot managed panic. The goal isn’t to destroy our data; it’s to force us to waste our limited resources verifying it. It’s a “deceleration weapon” designed to clog the gears of intelligence agencies with perfectly formatted junk.

Chasing Ghosts in the Gray Zone

This isn’t just a digital problem; it has physical consequences. We are seeing the rise of “Physical DDoS” attacks.

Imagine a crisis scenario: An AI bot farm floods emergency channels with reports of a massive fire or an armed conflict in a specific neighborhood. The reports look genuine. Photos generated by AI start circulating. Police and first responders rush to the scene, sirens wailing. But when they arrive, the streets are empty.

While our security forces are busy chasing these digital ghosts, the real threat actors are operating unchecked elsewhere. This is the Gray Zone where digital deception translates into real world blindness.

The Cost of Verification

In this noise, the “Weak Signals” the subtle, quiet indicators of a real terrorist plot or a foreign intelligence operations are completely drowned out.

There is a concept called “Open Source Intoxication.” It means we are getting drunk on bad data. Every hour an analyst spends analyzing a high quality deepfake is an hour stolen from investigating a real threat. The “Verification Tax” we are paying is becoming too high to sustain.

Fighting Fire with Fire

So, how do we fix this? We have to admit that the human eye is no longer enough. We can’t “eyeball” our way out of this.

We need a “Zero Trust” approach to open source data. Unless a piece of information from the web (OSINT) can be cross referenced with human assets (HUMINT) or technical signals, it should be treated as noise.

More importantly, we need to adopt an “AI vs. AI” doctrine. If the attack comes at machine speed, the defense cannot move at human speed. We need our own algorithms to filter the noise, spot the synthetic patterns, and clear the haystack, so human analysts can get back to doing what they do best: finding the real needle.