Klaerenn
⌘K
Klaerenn
English

I Am Altering the Deal

On January 7, 2026, the United States withdrew from the Hybrid CoE, the Freedom Online Coalition and the GFCE. Three Western cyber forums abandoned. European dependencies remain intact.
I Am Altering the Deal
Cloud City, January 2026

On 7 January 2026, the United States withdrew from the Hybrid CoE. A centre based in Helsinki. 33 EU-NATO members. Mission: coordinating the response to Russian hybrid threats. Joint exercises, disinformation research, intelligence sharing.

The war in Ukraine is entering its fourth year. This is the moment chosen to shut down this channel.

On the same day, the administration confirmed its support for the ITU, the International Telecommunication Union. 194 member states. China is highly active there.

This asymmetry deserves attention.

The 7 January memorandum withdraws the United States from 66 international organisations. 31 UN entities, 35 non-UN bodies. The State Department describes them as "wasteful, ineffective, and harmful".

Among them, three cyber and hybrid structures created with Washington for Western security:

The Freedom Online Coalition (FOC), 42 democracies coordinating their positions on internet freedoms since 2011. The Global Forum on Cyber Expertise (GFCE), 60+ members, global coordination of cyber capacity building. And the Hybrid CoE mentioned above.

These three forums share one trait. China and Russia are not members. They are Western clubs. These are precisely the ones being abandoned.

NPR, the leading American public broadcaster, reports that the administration wants to "focus taxpayer money on expanding American influence" in organisations "where there is competition with China, like the International Telecommunications Union".

Geneva Solutions, a media outlet specialising in Geneva-based international organisations, confirms: the United States has "signalled support" for the ITU, headed by an American Secretary-General, Doreen Bogdan-Martin.

The official narrative is clear: pivot towards Chinese competition, end of "useless" multilateralism.

But this narrative masks a sequence.

Phase 1 (1999-2024): Distribution. Free CVE/NVD, open standards, generous coordination, shared intelligence. Europe plugs its tools into American infrastructure. 85% of European security solutions depend on the NVD. Teams are trained on US frameworks. Dependency takes hold.

Phase 2 (2024-2026): Degradation. The NVD accumulates 20,000 CVEs awaiting analysis. CVEs prior to 2018 are marked "Deferred"; NIST acknowledges the backlog continues to grow. The CISA budget is cut. And now coordination is withdrawn: FOC, GFCE, Hybrid CoE.

Phase 3 (?): The dependencies remain. The NVD, American cloud services (65%+ of European data), SWIFT. These levers were not on the list of 66 organisations. They remain intact.

What Europe loses: coordination, intelligence on Russian threats, capacity building.

What Europe keeps: the dependencies.

AUKUS, September 2021. Announcement of a United States/United Kingdom/Australia partnership on nuclear submarines. Immediate cancellation of a French contract worth 56 billion euros. France recalls its ambassadors.

The episode demonstrated that European interests can be sacrificed without notice when they conflict with American priorities.

The 7 January memorandum does not touch Five Eyes, the Quad, or AUKUS. These formats are being strengthened. Europe does not belong to the inner circle.

I interpret these elements as follows, though other readings are possible.

The emerging doctrine is not limited to a repositioning towards China. It builds a position of strength vis-à-vis Europe.

Withdrawing coordination whilst retaining dependencies creates leverage. The NVD, already under strain, could see its limited resources prioritise vulnerabilities affecting American systems. The ITU could be used to push standards favourable to US industry. SWIFT has already been used against Iran.

These levers may never be activated explicitly. But they exist. And in a transactional relationship, what matters is the balance of power when it comes time to negotiate.

Europe enters this negotiation with fewer capabilities, the same dependencies, and an active Russian front that prevents it from focusing on building alternatives.

What I do not know.

Whether this pressure will be activated, how, and on which issues. Whether the next waves of withdrawals will hit the Paris Call (France-led, 80+ states), the IGF (internet governance), or the GPAI (AI, OECD, China absent—same profile as the GFCE). Whether Europe will find the capacity to build alternatives whilst managing the Ukrainian front.

What these events suggest.

The 7 January memorandum is not a clarification of the transatlantic relationship. It is a unilateral modification of terms.

Europe has a choice between three options. Alignment, accepting a subordinate position. Decoupling, unrealistic in the short term with Ukraine ongoing. Or the patient construction of alternatives, under pressure, with constrained resources.

One billion dollars for offensive cyber. 66 organisations abandoned. Selective preservation of the ITU. The timing in the midst of the Ukraine war. These decisions do not outline a disengagement. They outline a power play.

One does not clarify a relationship by withdrawing the benefits and retaining the levers. One prepares a negotiation.

Cyber is but one front among many.

Pray I don't alter it any further.

This article is part of a series analysing the structural flaws of Western cybersecurity (articles 1-5 in French):

References

¹ White House, "Fact Sheet: President Donald J. Trump Withdraws the United States from International Organizations", 7 January 2026

² U.S. Department of State, "Withdrawal from Wasteful, Ineffective, or Harmful International Organizations", 7 January 2026

³ NPR, "U.S. to exit 66 international organizations in further retreat from global cooperation", 7 January 2026

⁴ Geneva Solutions, "Trump's withdrawal from dozens of organisations further isolates international Geneva", 8 January 2026

Socket.dev, "NVD Backlog Tops 20,000 CVEs Awaiting Analysis", 15 November 2025

⁶ NIST, "NVD General Update", 19 March 2025 and "NVD General Announcement", 2 April 2025

More like this

Lord of Cyber War

Lord of Cyber War

The last American letter of marque dates back to 1812. Two centuries later, Congress considers reviving the instrument. To fight cybercrime, they say. The explanation does not hold. Something else is being prepared.
The Last Channel

The Last Channel

"The intelligence was genuine. That was the beauty of it." On January 7, the US withdrew from three cyber cooperation forums. On January 9, CISA closed ten Emergency Directives. Less like maturation than a constrained trade-off.
I Am Altering the Deal

I Am Altering the Deal

Le 7 janvier 2026, les États-Unis ont quitté le Hybrid CoE, la Freedom Online Coalition et le GFCE. Trois forums cyber occidentaux abandonnés. Les dépendances européennes, elles, restent intactes.
Final report, 2026. Third officer reporting.

Final report, 2026. Third officer reporting.

600 million records exposed. 50 major organizations compromised. EDR in place, SOC operational, compliance achieved. They were still breached. 2025 in review.
Final report, 2026. Third officer reporting.

Final report, 2026. Third officer reporting.

600 millions de données exposées. 50 organisations majeures compromises. EDR en place, SOC opérationnel, conformité respectée. Elles ont quand même été compromises. Bilan 2025.
Desert Power : survivre sans l'Empire

Desert Power : survivre sans l'Empire

1 milliard de dollars pour les opérations cyber offensives US. CISA démantelée. CVE menacé. Les événements de l'automne 2025 valident un diagnostic posé depuis des mois.