The Mythos Moment: Why AI Cyber Capabilities Just Crossed the Governance Rubicon

Fig. 1. How Mythos Evolved to Become a Recursive Threat, ChatGPT and Jeremy Swenson, 2026.

In April 2026, a quiet but profound shift occurred in cybersecurity—one that many organizations are still underestimating. Anthropic’s Claude Mythos Preview did not simply advance AI capability. It crossed a threshold. For the first time, a commercially developed model demonstrated the ability to autonomously discover and exploit software vulnerabilities at a near-expert level, including executing multi-step attack chains end-to-end.¹² This is not incremental progress. It is a structural break. And with that break comes a new reality: the governance, security, and policy frameworks we have relied on are no longer theoretical exercises. They are operational requirements.

From Capability to Consequence: The End of the “Future Risk” Debate:

For years, discussions about AI-enabled cyber offense lived in the realm of hypotheticals—what could happen if models became sufficiently capable. That debate is now over. Mythos achieved a 73% success rate on expert-level capture-the-flag challenges and became the first AI system to complete a full 32-step enterprise network attack simulation.¹ What previously required elite human operators over many hours can now be partially automated.

At the same time, real-world testing has already shown that similar systems can uncover large volumes of previously unknown vulnerabilities. Reports indicate thousands of zero-day findings—including flaws that persisted undetected for decades—are now within reach of AI-assisted discovery.⁹ External validation reinforces this trajectory. A collaboration involving Mozilla used Mythos-like capabilities to identify hundreds of vulnerabilities in Firefox, demonstrating how quickly defensive gains—and offensive risks—can scale simultaneously. This dual-use dynamic is the defining characteristic of the Mythos moment: the same system that strengthens defense can accelerate exploitation.

The Government Contradiction: Risk, Reliance, and Reality:

What makes this moment even more consequential is not just the technology, but the policy response. In March 2026, the U.S. Department of Defense designated Anthropic as a supply chain risk after the company refused to allow unrestricted use of its models for autonomous weapons and surveillance applications.³ This effectively barred Anthropic from Pentagon contracts.

Yet within weeks, reporting confirmed that the National Security Agency—which operates within the same defense ecosystem—was actively using Mythos under controlled access.⁵⁶ At the same time, the Office of Management and Budget began negotiating a framework to deploy a modified version of the model across civilian agencies, including energy and financial regulators.⁷

This creates a striking contradiction:

  • One part of government labels the system a national security risk.
  • Another part actively deploys it.
  • A third is designing policy to scale its adoption.

This is not just bureaucratic inconsistency—it is a preview of how difficult governing frontier AI will be.

The Real Precedent: Governing AI as a Cyberweapon:

What is being negotiated right now matters far beyond Mythos itself. The White House–led framework under development is effectively the first attempt to govern an AI system with cyberweapon-level capabilities, not just data privacy or model safety. Three emerging principles define this model:

1. Data Sovereignty Sensitive code and infrastructure data must remain within isolated government-controlled environments.

2. Model Integrity Inputs cannot be used to retrain or improve the underlying model, preventing unintended knowledge transfer.

3. Human-in-the-Loop Oversight No autonomous execution—human validation remains mandatory before action.

These are not minor guardrails. They represent the likely baseline for how governments—and eventually regulated industries—will manage high-capability AI systems. If history is any guide, these standards will propagate outward, much like FedRAMP reshaped cloud security procurement. Within 12–18 months, similar requirements are likely to appear in enterprise contracts, regulatory expectations, and audit frameworks.

The Industry Signal: This Is Already Scaling:

The private sector is not waiting. Through Project Glasswing, Anthropic has already deployed Mythos capabilities to a controlled group of major technology and infrastructure organizations, including cloud providers, semiconductor firms, and financial institutions.²

At the same time, companies like Microsoft are moving to integrate similar AI-driven vulnerability discovery into their secure development lifecycles, signaling that this capability will become embedded—not optional—in modern engineering practices. The implication is clear. AI-assisted vulnerability discovery is becoming a standard feature of cybersecurity—not an edge capability.

The Hard Truth: Containment Is Likely Temporary:

Perhaps the most important—and uncomfortable—reality is this:

Containment will not hold indefinitely. History shows that advanced AI capabilities diffuse rapidly. Model architectures leak, competitors replicate breakthroughs, and open-weight alternatives emerge. Even today, non-frontier models can replicate meaningful portions of Mythos-like capability at far lower cost and with fewer restrictions.¹⁴ That means the current environment—where only a limited set of organizations have access—is a temporary window. Organizations that treat this as a policy issue rather than an operational priority are making a critical mistake.

What This Means for Enterprise Leaders:

The Mythos precedent is not a niche technical development. It is a strategic inflection point. Three implications stand out:

1. The Attack Surface Is No Longer Static

AI compresses the timeline between vulnerability discovery and exploitation from weeks or months to hours. Legacy assumptions—especially around “safe” unpatched systems—are no longer valid.

2. Patch Velocity Becomes a Board-Level Issue

Organizations with slow remediation cycles are structurally exposed. If critical vulnerabilities can be identified and weaponized faster, governance processes must accelerate accordingly.

3. Defense Must Become Structural, Not Reactive

Emerging approaches like confidential computing—hardware-isolated execution environments—offer a path to reducing the impact of exploits regardless of discovery speed.

In other words, the goal shifts from “find and fix everything” to “limit what can be compromised at runtime.”

The Strategic Window: Act Before the Curve Flattens:

There is still a narrow window of advantage. Today, frontier capabilities are relatively concentrated. Tomorrow, they will not be. Organizations that move now—by modernizing vulnerability management, accelerating patch cycles, and adopting structural defenses—can get ahead of the curve. Those who wait for regulatory clarity or broader market adoption will likely find themselves reacting under pressure.

Final Thought: The Governance Question Is the Real Story:

The most important takeaway from the Mythos moment is not just technological. It is institutional. For the first time, governments, companies, and security leaders are confronting a shared question:

Who controls—and governs—AI systems with cyberweapon-level capability?

  • Private companies are asserting limits on how their systems can be used.
  • Governments are asserting rights to access and deploy those systems.
  • Enterprises are caught in the middle, inheriting both risk and responsibility.

The outcome of this tension will define not just cybersecurity, but the broader architecture of AI governance. And that outcome is being shaped—right now.

Endnotes:

  1. UK AI Security Institute, “Our Evaluation of Claude Mythos Preview’s Cyber Capabilities,” April 2026.
  2. Anthropic, “Project Glasswing: Securing Critical Software for the AI Era,” April 2026.
  3. CNBC, “Judge Presses DOD on Why Anthropic Was Blacklisted,” March 24, 2026.
  4. CNBC, “Anthropic Loses Appeals Court Bid to Temporarily Block Pentagon Blacklisting,” April 8, 2026.
  5. TechCrunch, “NSA Spies Are Reportedly Using Anthropic’s Mythos,” April 20, 2026.
  6. Axios, “NSA Using Anthropic’s Mythos Despite Defense Department Blacklist,” April 19, 2026.
  7. CSO Online, “White House Moves to Give Federal Agencies Access to Anthropic’s Claude Mythos,” April 2026.
  8. Fortune, “Anthropic Acknowledges Testing New AI Model,” March 26, 2026.
  9. TechCrunch, “Anthropic Debuts Preview of Powerful New AI Model Mythos,” April 7, 2026.
  10. Axios, “Anthropic to Have Peace Talks at White House,” April 17, 2026.
  11. CNBC, “Trump Says He Had ‘No Idea’ About White House Meeting,” April 17, 2026.
  12. Washington Post, “Anthropic CEO Visits White House Amid Hacking Fears,” April 17, 2026.
  13. Council on Foreign Relations, “Six Reasons Claude Mythos Is an Inflection Point,” April 2026.
  14. Evron, Mogull, Lee et al., “The AI Vulnerability Storm: Building a Mythos-Ready Security Program,” CSA/SANS/OWASP, April 2026.

Russia’s Sanctions-Busting Cryptocurrency Empire: Architecture, Actors, and the Future of Financial Conflict

Fig. 1. Russia’s Sanctions-busting Cryptocurrency Empire Infographic, Jeremy Swenson via ChatGPT, 2026.


I. Origins of a Parallel Financial System:

The roots of Russia’s sanctions-busting cryptocurrency ecosystem can be traced to the intersection of geopolitical pressure and technological opportunity. While Russia experimented with cryptocurrency policy ambiguity throughout the 2010s, it was the aftermath of the 2022 invasion of Ukraine—and the subsequent exclusion from key parts of the global financial system, including SWIFT—that triggered a structural change. Lacking dollar liquidity and limited by Western banking restrictions, Russian policymakers and aligned financial actors started rapidly developing alternative methods for cross-border settlement (1).

Early efforts were fragmented, consisting of informal networks of exchanges, darknet markets, and capital flight channels. Platforms such as Garantex, founded in 2019, became foundational nodes in this system, allowing users to convert rubles into stablecoins and move funds internationally while avoiding traditional compliance mechanisms (6). Despite sanctions imposed by the U.S. Treasury in 2022, these platforms adapted rapidly, shifting wallets, rebranding, and integrating with crypto mixers to obscure transaction flows (1).

By 2024, Russia had formally embraced cryptocurrency for international trade, legalizing its use in cross-border transactions while maintaining domestic restrictions. This dual posture—restrict internally, exploit externally—laid the groundwork for a state-tolerated, if not state-enabled, shadow financial architecture that would mature rapidly in the years that followed (9).

II. The Rise of A7A5 and the Industrialization of Evasion:

The emergence of the ruble-backed stablecoin A7A5 marked a turning point from opportunistic evasion to industrial-scale financial engineering. Developed through networks linked to sanctioned Russian financial institutions and offshore intermediaries, A7A5 was designed explicitly to bypass Western oversight by enabling direct conversion from rubles into crypto assets and then into globally usable currencies (6).

Unlike decentralized cryptocurrencies such as Bitcoin, A7A5 represents a hybrid model: centralized issuance combined with decentralized transaction pathways. This design allows Russian actors to maintain monetary control while leveraging blockchain’s opacity and global reach. Within its first year, the token processed tens of billions of dollars in transactions, with some estimates approaching $100 billion in cumulative volume—evidence of rapid adoption across trade networks and sanctions-affected industries (4).

Crucially, this system extended beyond simple financial transfers. It became embedded in supply chain logistics, enabling the procurement of dual-use goods—technology with both civilian and military applications—through intermediaries in regions such as Central Asia and the Middle East. Crypto-enabled payments allowed these transactions to bypass traditional banking scrutiny, effectively creating a parallel trade infrastructure insulated from Western enforcement mechanisms (3).

III. Decentralization as Strategy, Not Ideology:

In Western culture, decentralization is often seen as a libertarian ideal—an escape from centralized power. However, in the Russian sanctions-evasion model, decentralization is not about ideology but strategy. It is used selectively to reduce visibility, make enforcement harder, and spread operational risk.

This system operates as a layered network rather than a single platform. Exchanges such as Bitpapa and others flagged by blockchain intelligence firms function alongside mixers, peer-to-peer marketplaces, and offshore entities, creating a fluid ecosystem in which assets can be rapidly converted, transferred, and obfuscated (7).

Moreover, decentralization enhances resilience. When Western authorities sanction one node—such as Garantex—activity shifts to successor platforms or newly created entities, often staffed by the same personnel. This phenomenon mirrors adaptive systems: disruption leads not to collapse but to evolution. The result is a sanctions-resistant architecture that thrives on redundancy and ambiguity.

Academic research supports this point by showing that sanctions enforcement in crypto is structurally reactive, while illicit actors are fast and adaptive. Studies find that once wallets or platforms are sanctioned, actors quickly shift funds to new addresses, exchanges, or networks—often within hours—well before regulators can complete attribution and enforcement cycles (12). Because blockchain systems allow unlimited address creation and operate across jurisdictions, enforcement actions tend to disrupt specific nodes rather than the broader network. As a result, the research consistently demonstrates that sanctions evasion persists not despite enforcement, but because the system’s design enables rapid migration and continuity.

IV. The Ransomware Nexus: Criminal Infrastructure and State Alignment

At the heart of Russia’s crypto ecosystem lies a symbiotic relationship between cybercriminal groups and financial infrastructure. Ransomware organizations such as REvil and Ryuk-linked networks have long relied on cryptocurrency to receive and launder payments, targeting Western corporations, critical infrastructure, and supply chains (2).

The connection between these groups and sanctioned exchanges is well-documented. Platforms like Garantex have been identified as facilitating transactions tied to ransomware proceeds, effectively serving as financial clearinghouses for cybercrime (5). This relationship extends beyond mere tolerance. Investigations such as Operation Destabilise have uncovered networks in which cryptocurrency exchanges, money laundering operations, and state-linked actors intersect. In some cases, these networks have been used not only for financial gain but also to support espionage activities and strategic objectives aligned with Russian interests (11).

The implication is clear: ransomware is not simply criminal activity but a component of a broader hybrid warfare strategy. By targeting Western institutions and funneling proceeds through crypto networks, these groups generate revenue, disrupt adversaries, and reinforce Russia’s alternative financial ecosystem.

V. Extraction from the West: Mechanisms of Digital Theft:

The Russian crypto-sanctions ecosystem extracts value from the West through multiple channels, blending cybercrime, financial engineering, and trade manipulation. Ransomware attacks represent the most visible vector, with payments often demanded in cryptocurrency and subsequently laundered through exchanges and mixers (2).

However, a less visible but equally significant mechanism is trade-based money laundering facilitated by crypto. Russian entities purchase restricted goods through intermediaries, paying in stablecoins that are difficult to trace. These goods are then re-exported into Russia, effectively bypassing export controls (3).

Additionally, capital flight and asset concealment play a major role. Wealthy individuals and sanctioned entities move funds into crypto assets to protect them from seizure, leveraging decentralized wallets and offshore exchanges. The cumulative effect is a steady outflow of value from regulated Western systems into a shadow economy that operates beyond their reach.

By 2025, illicit cryptocurrency flows had surged dramatically, with tens of billions of dollars linked to sanctions evasion and state-aligned networks (10).

VII. Conclusion: The Future of Financial Warfare:

Russia’s sanctions-busting cryptocurrency empire represents a new phase in the evolution of financial conflict—not simply a workaround, but a scalable model for a decentralized, state-influenced financial system operating beyond traditional controls. What began as a reaction to Western sanctions has matured into a resilient ecosystem that blends state policy, criminal enterprise, and technological innovation. Its strength lies in its hybridity: centralized where control is necessary, decentralized where opacity provides advantage.

For the West, this presents a fundamental challenge. Traditional tools—sanctions, asset freezes, and banking restrictions—are increasingly limited in a world where adversaries can operate outside the formal financial system. Countering this shift requires more than incremental reform; it demands a transition from static enforcement to dynamic, intelligence-driven financial defense.

A central component of this approach is the expansion of blockchain analytics and real-time monitoring. On-chain intelligence has proven effective in tracing illicit flows and identifying high-risk actors, but its true value emerges when integrated into coordinated international enforcement frameworks. Moving beyond periodic sanctions designations toward continuously updated, intelligence-led responses will be critical to keeping pace with adaptive networks (7).

Equally important is targeting the infrastructure that enables liquidity. Cryptocurrency ecosystems depend on exchanges, stablecoin issuers, and fiat on-ramps and off-ramps to function. Coordinated regulation and enforcement against these access points—particularly across jurisdictions that facilitate intermediary flows—can significantly constrain the usability of sanctions-evading assets. While measures such as wallet blacklisting and exchange sanctions have had impact, they must evolve from reactive tools into part of a broader, proactive strategy (1).

At the same time, deterrence must be redefined. Financial penalties alone are insufficient against actors who operate in decentralized and jurisdictionally fragmented environments. Effective deterrence will require a combination of cyber operations, asset seizures, and coordinated disruption of ransomware and illicit financial infrastructure. Public-private collaboration will be essential, as much of the expertise and visibility into these networks resides within the private sector.

Beyond enforcement, the West must also compete. Developing secure, efficient, and transparent alternatives—such as regulated digital payment systems, central bank digital currencies, and compliant stablecoin frameworks—can reduce the relative attractiveness of shadow financial networks. If legitimate systems offer greater speed, cost efficiency, and accessibility, the incentive to rely on illicit alternatives diminishes.

Finally, this issue must be understood in its broader geopolitical context. Russia’s crypto ecosystem is not an isolated case but part of a wider movement toward financial fragmentation, in which states seek parallel systems to reduce dependence on Western institutions. Addressing this trend will require sustained international coordination, including strategic engagement with non-Western jurisdictions that play intermediary roles in these networks (4).

In this evolving landscape, success will not be measured by the elimination of illicit systems, but by the ability to constrain, outpace, and adapt to them. The future of financial warfare will belong to those who can align technological capability with strategic coherence—building financial architectures that are not only secure, but resilient against continuous disruption.

Bibliography:

  1. U.S. Department of the Treasury. “Treasury Sanctions Cryptocurrency Exchange and Network.” https://home.treasury.gov/news/press-releases/sb0225
  2. Chainalysis. Crypto Crime Report 2026. https://www.chainalysis.com
  3. Royal United Services Institute (RUSI). “The Shadow Crypto Economy Feeding Russia’s War Machine.” https://www.rusi.org
  4. Center for European Policy Analysis (CEPA). “A Crypto River Runs Through Russia.” https://cepa.org
  5. BankInfoSecurity. “U.S. Sanctions Crypto Exchange Tied to Russian Ransomware.” https://www.bankinfosecurity.com
  6. TRM Labs. “Garantex, Grinex, and the A7A5 Token.” https://www.trmlabs.com
  7. Elliptic. “Russia-Linked Crypto Platforms’ Ongoing Sanctions Evasion.” https://www.elliptic.co
  8. Reuters. “Sanctioned Russian Crypto Exchange Suspends Services.” https://www.reuters.com
  9. Business Insider. “Russia’s Crypto Shadow Economy.” https://www.businessinsider.com
  10. Financial Times. “Illicit Crypto Flows Surge to Record Levels.” https://www.ft.com
  11. National Crime Agency. “Operation Destabilise.” https://www.nationalcrimeagency.gov.uk
  12. Zola, Francesco et al. “Assessing the Impact of Sanctions in the Crypto Ecosystem.” https://arxiv.org/abs/2409.10031

Crypto, Conflict, and Capital Flight: What Iran’s On-Chain Shock Signals for Middle East Economics and U.S. Markets

In late February 2026, shortly after coordinated U.S.–Israeli airstrikes struck targets in Tehran, blockchain analytics firms observed an abrupt spike in cryptocurrency withdrawals from Iran’s largest digital asset exchange. Within minutes of the strikes, Nobitex reportedly experienced a roughly 700 percent surge in withdrawals, with millions of dollars in crypto leaving the platform in a compressed time window.¹ This episode, while modest in absolute global market terms, offers a revealing case study in how digital assets function during geopolitical stress—and what that may signal for Middle East economics and U.S. financial markets over the next year.

A Rapid Withdrawal Shock:

Reporting indicates that nearly $3 million exited Nobitex in a single hour following the strikes, with approximately $10 million leaving Iranian exchanges over several days.² Such flows are small relative to global crypto trading volumes but significant within the Iranian financial context, where capital controls, sanctions, and currency instability already shape economic behavior.

Iran’s domestic currency, the rial, has faced long-standing pressure from inflation, sanctions, and restricted access to global banking networks. In that environment, cryptocurrencies—particularly Bitcoin and dollar-denominated stablecoins—have increasingly served as alternative stores of value and channels for cross-border transfers.³ The surge in withdrawals appears consistent with crisis-driven capital preservation behavior rather than speculative trading alone.

Crypto as a Financial “Pressure Valve”:

The events underscore crypto’s evolving role as a decentralized financial “pressure valve” in sanctioned or conflict-affected economies. When traditional banking rails are constrained or politically vulnerable, digital assets offer relative portability and censorship resistance.¹

Internet blackouts and temporary exchange disruptions complicate interpretation. Outages can cluster transactions when connectivity resumes, making withdrawal spikes appear sharper than underlying demand alone would suggest.³ Nonetheless, the pattern aligns with prior episodes in emerging markets where digital assets gained traction during currency stress.

The lesson is not that crypto replaces sovereign financial systems, but that it increasingly supplements them under strain.

Economic Implications for the Middle East (Next 12 Months):

Looking forward, several dynamics are likely to shape regional economics:

1. Expanded Informal Dollarization via Digital Assets. Sanctioned or financially constrained economies may see broader retail and institutional adoption of dollar-linked stablecoins as parallel monetary tools.

2. Heightened Regulatory and Surveillance Pressure. As crypto flows intersect with sanctions regimes, U.S. and allied regulators are likely to intensify scrutiny of exchanges, custodians, and cross-border blockchain activity.¹

3. Persistent Capital Flight Incentives. Geopolitical volatility increases incentives for households and firms to diversify outside domestic banking systems.

4. Infrastructure Fragility Risks. Internet shutdowns and exchange outages remain structural vulnerabilities in crisis environments.³

Collectively, these forces suggest that digital asset adoption in parts of the Middle East will continue—not as ideological endorsement of crypto, but as pragmatic economic hedging.

What This Means for U.S. Markets:

For U.S. investors and policymakers, the implications extend beyond regional headlines.

Oil and Energy Sensitivity. Any escalation involving Iran carries oil supply risk implications. Even absent sustained disruption, perceived risk premiums can lift energy prices.

Safe-Haven Flows and Dollar Strength. Periods of geopolitical tension historically reinforce demand for U.S. Treasuries and dollar-denominated assets. Concurrently, Bitcoin and gold often experience volatility tied to risk sentiment shifts.⁴

Regulatory Spillover. If crypto is increasingly viewed as a sanctions-adjacent vector, U.S. enforcement posture may tighten, affecting exchanges and institutional investors.

Systemic Interconnectedness. Crypto is no longer a siloed asset class. It is embedded within global liquidity networks. Geopolitical events can trigger rapid on-chain responses that ripple into equities, commodities, and foreign exchange markets.

Forecast—A Converging Risk Landscape:

Over the next year, expect three converging trends:

  1. Greater integration between geopolitical risk modeling and digital asset analytics.
  2. Increased compliance burdens on global crypto infrastructure providers.
  3. Continued volatility transmission across oil, crypto, emerging market currencies, and U.S. equities during regional escalations.

The Iranian withdrawal spike may have involved only millions of dollars—but its significance lies in what it signals: digital capital now moves at the speed of conflict.

For U.S. markets, that means geopolitical shocks increasingly transmit through hybrid financial rails—traditional and decentralized alike. Outside of economic considerations, peace is desirable for the benefit of all.

Bibliography:

  1. Yahoo Finance. “Millions of Dollars in Crypto Left Iranian Exchanges After Airstrikes.” February 2026.
  2. Economic Times. “Why Did Iran’s Largest Crypto Exchange See a 700% Withdrawal Spike Minutes After US–Israel Airstrikes Hit Tehran?” February 2026.
  3. Bitget News. “Iranian Crypto Exchange Records Surge in Withdrawals Following Tehran Strikes.” February 2026.
  4. Forbes. “Iran War, an Oil Crisis, a Crypto Stress Test.” March 2026.

Apple’s Carrier-Level Location Privacy: Strategy, Law, and the Future of Data Control

Fig. 1. Apple’s Carrier-Level Location Privacy Infographic. Jeremy Swenson and Open AI Chat GPT. 2026.

In January 2026, Apple quietly introduced a new privacy control in iOS 26.3 that allows users to limit the precision of location data shared with cellular carriers. While the feature’s initial rollout was narrow—restricted to select devices and carriers—it represents a significant shift in how location data is governed at the network level, with implications for legal investigations, platform competition, and data marketing strategies.1

Unlike app-level location permissions, which have been a focal point of mobile privacy debates for more than a decade, this control targets a less visible layer of the data stack: the information that cellular networks inherently collect as devices connect to towers. By allowing users to reduce carrier access to neighborhood-level rather than precise location data, Apple is challenging long-standing assumptions about the inevitability of carrier-side surveillance.

How the Feature Works—and Why It Matters

The new “Limit Precise Location” setting is found within Cellular Data Options on supported devices running iOS 26.3. When enabled, it reduces the granularity of location data available to participating carriers without degrading network performance or interfering with emergency services.2 Apple has emphasized that precise location data remains available to emergency responders and to apps that users have explicitly authorized, underscoring that the control is designed to limit passive collection rather than eliminate functionality.

At launch, the feature applies only to devices equipped with Apple’s newer C-series modems and is supported by a limited number of carriers, including Boost Mobile in the United States and select providers in Europe and Asia.2 This constrained availability reflects Apple’s vertically integrated approach to privacy: by controlling hardware, operating system, and key software layers, Apple can implement privacy protections that are difficult to standardize across more fragmented ecosystems.

Legal Investigation and Carrier Data: A Shifting Boundary

Carrier-level location data has long been a cornerstone of law-enforcement investigations. Historical cell-tower records can be used to infer a person’s movements, corroborate timelines, or establish proximity to crime scenes. As a result, carriers are frequent recipients of subpoenas and lawful data requests.

By limiting the precision of location data available at the carrier level, Apple’s new feature introduces friction into this investigative model. While it does not prevent lawful access to available data, it may reduce the specificity of records in cases where users have enabled the setting. This development raises important legal questions: if a platform offers a user-controlled mechanism that technically limits data collection, what obligations do carriers retain to preserve or disclose information that no longer exists in high-resolution form?

Security researchers and privacy advocates have framed the feature as a defensive response to the growing misuse of carrier data, including cases where location information has been sold, leaked, or exploited by criminal actors.3 From this perspective, the control is less about obstructing legitimate investigations and more about narrowing the attack surface of sensitive personal data.

Platform Strategy: Apple Versus Android

The contrast with Android is instructive. Android has made substantial progress in recent years with fine-grained app permissions, background location alerts, and transparency dashboards. However, it does not currently offer a system-level control that restricts the precision of location data shared directly with carriers.

This difference reflects deeper architectural realities. Android’s ecosystem spans multiple hardware manufacturers, modem vendors, and carrier customizations, making uniform carrier-level privacy controls difficult to deploy. Apple’s ability to design proprietary modems and tightly integrate them with iOS enables a level of privacy enforcement that is harder to replicate in a more open, modular platform.

From a strategic standpoint, this gives Apple a competitive narrative advantage: privacy not merely as policy, but as product design. While Android remains dominant globally in market share, Apple’s approach positions privacy as a premium feature tied to hardware, reinforcing brand trust among users who are increasingly sensitive to data misuse.

Privacy, Data Marketing, and Consumer Trust

Location data is among the most valuable assets in the data economy. It fuels targeted advertising, behavioral analytics, and predictive modeling across industries. Limiting carrier-level access does not eliminate these practices, but it does alter where and how data is collected.

Apple has been careful to frame this feature as part of a broader philosophy of data minimization rather than an absolute shield. App-level data collection, Wi-Fi triangulation, Bluetooth beacons, and other signals can still reveal detailed location information when users grant permission. The new control instead constrains a historically opaque channel of data flow that users rarely considered or understood.1

For consumers, this reinforces a key reality of modern privacy: meaningful control requires layered defenses. Carrier-level protections, app permissions, and informed usage patterns must work together. For data marketers and brokers, the shift signals a gradual tightening of default access to passive location data, encouraging greater reliance on consent-driven and aggregated sources.

Conclusion: Implications and Best Practices

Apple’s decision to limit precise location data shared with carriers marks an incremental but meaningful evolution in mobile privacy architecture. It highlights the growing tension between user autonomy, lawful access, and commercial data practices, while underscoring the strategic power of vertically integrated platforms.

Looking ahead, several implications stand out:

  1. Legal frameworks may need to adapt to scenarios where high-resolution location data is no longer uniformly available at the carrier level.
  2. Platform competition will increasingly hinge on architectural control, not just policy promises.
  3. Data markets will continue shifting toward explicit consent and diversified data sources as passive collection channels narrow.

Best practices for consumers remain straightforward but essential:

  • Regularly review system-level and app-level privacy settings.
  • Understand the scope and limits of each control.
  • Grant precise location access only when it is necessary for functionality.
  • Stay informed about how platforms and carriers handle personal data.

Ultimately, Apple’s new feature does not end location tracking, nor does it resolve every privacy concern. What it does accomplish is more subtle—and more consequential: it redraws the boundary of what is considered acceptable default data collection in the mobile ecosystem, setting a precedent that others will be pressured to follow.

Endnotes

  1. Apple Inc., “Limit precise location from cellular networks,” Apple Support, accessed January 2026, https://support.apple.com/en-euro/126101.
  2. Chance Miller, “iOS 26.3 Adds New Feature to Limit Location Data Shared With Your Carrier,” 9to5Mac, January 26, 2026, https://9to5mac.com/2026/01/26/ios-26-3-adds-new-feature-to-limit-location-data-shared-with-your-carrier/.
  3. Suzanne Smalley, “New Apple Feature Will Block Cell Networks From Capturing Precise Location Data,” The Record from Recorded Future News, January 29, 2026, https://therecord.media/new-apple-feature-block-location-data-cell-networks.

Why Being Respected Matters More Than Being Nice in Leadership

In leadership, the tension between being respected and being merely nice has been debated for centuries. Niceness is often equated with politeness, affability, and the desire to avoid conflict. Respect, on the other hand, is grounded in trust, competence, and integrity. While niceness may win temporary approval, respect creates lasting influence. Leaders who prioritize being respected over being liked not only drive stronger performance but also safeguard their organizations against complacency and poor decision-making. A change agent leader cannot be overly nice, or he or she will be trampled on.

Fig. 1. Jeremy Swenson, Pink Suit With Yellow Background, 2025, Jeremy Swenson.

Fig. 1. Jeremy Swenson, Ink Suit Yellow Background, 2025.

The Pitfalls of “Niceness”:

Niceness can be an appealing trait, especially in team settings where harmony is valued. However, as a leadership strategy, niceness carries inherent risks. When leaders prioritize being liked, they may avoid difficult conversations, tolerate poor performance, or bend organizational rules to keep others happy. Over time, this erodes accountability. Research in organizational psychology demonstrates that leaders who are overly agreeable may sacrifice effectiveness, as employees perceive them as weak or inconsistent (Judge, Bono, Ilies, & Gerhardt, 2002).

Margaret Thatcher, the former Prime Minister of the United Kingdom, captured this dilemma bluntly: “If you set out to be liked, you will accomplish nothing” (Thatcher, 1993, p. 147). Niceness often becomes a form of self-preservation—leaders seek short-term harmony at the cost of long-term impact. While being liked may feel rewarding in the moment, it does not inspire confidence or loyalty when difficult decisions must be made. An overly nice person would likely give undue favor to people close to them and thus would not encourage growth or innovation.

Why Respect Endures:

Respect is a far more enduring quality. It is not rooted in popularity but in consistency, fairness, and competence. Respected leaders earn trust by setting clear expectations, making principled decisions, and holding themselves and others accountable. Respect does not preclude kindness; rather, it frames kindness in a way that maintains boundaries and integrity.

The late Maya Angelou (1993) famously observed: “People will forget what you said, people will forget what you did, but people will never forget how you made them feel” (p. 21). In a leadership context, being respected makes people feel valued, secure, and motivated because they know their leader will not waiver under pressure or abandon fairness for personal popularity. Respect builds psychological safety, which modern research identifies as one of the strongest predictors of high-performing teams (Edmondson, 2019).

Moreover, people are more likely to trust those who build respect than politeness. Respect crosses all demographics while what is nice in one culture may not be nice in another culture. In other words, respect is less subjective and thus more powerful. Respect means you mean what you say and enforce it over time, across cultures, and no matter what. Niceness signals your pliable and not confident in your approach as to who or what is right.

Lessons from Business Leadership:

Business history is filled with examples that highlight the difference between respected leaders and merely nice ones.

  • Steve Jobs (Apple): Jobs was not widely regarded as “nice.” His demanding nature often clashed with employees. However, he was deeply respected for his vision, creativity, and relentless pursuit of excellence. Walter Isaacson (2011) documented how Jobs inspired loyalty and innovation because employees trusted his uncompromising standards, even if they did not always appreciate his methods.
  • Indra Nooyi (PepsiCo): Nooyi combined respect with empathy. She was known for her warmth and for writing personal letters to employees’ families, yet she also set bold strategic goals and held teams accountable for results. Her leadership illustrates that respect does not exclude kindness but rather enhances it when boundaries and accountability remain intact (Nooyi & Mirza, 2021).
  • Colin Powell (U.S. Army General): Powell (1995) explained that respect is inseparable from accountability: “The day soldiers stop bringing you their problems is the day you have stopped leading them” (p. 54). For Powell, respect came not from being “nice” but from being competent, decisive, and trustworthy in the face of pressure.

These examples highlight that respected leaders may not always win popularity contests, but they leave legacies of trust and performance.

Respect, Boundaries, and Authority:

A crucial distinction between respect and niceness lies in boundaries. Nice leaders often allow others to cross their boundaries in order to avoid discomfort. Respected leaders, by contrast, maintain clear boundaries, which prevents exploitation and reinforces authority. As Maxwell (1998) argued, leadership is fundamentally about influence, and influence requires credibility. A leader without respect may have a title, but not authority.

In practice, this means making unpopular but necessary decisions—layoffs during a downturn, holding a top performer accountable for misconduct, or refusing to compromise ethics for profit. These choices rarely make a leader “liked” in the moment, but they generate long-term respect and loyalty. Employees may not always agree, but they admire the leader’s consistency and courage. This is especially true in contexts that require tough change management, such as mergers, new products, entering new countries, and adopting new technologies. This is where a strong respected visionary leader beats nice person every time.

Conclusion:

In the final analysis, it is far better for leaders to be respected than to be merely nice. Niceness without boundaries leads to exploitation and mediocrity. Respect, however, fosters trust, accountability, and sustainable success. Leaders who cultivate respect create organizations that withstand challenges, adapt to change, and achieve long-term goals.

As Thatcher, Angelou, Jobs, Nooyi, and Powell all remind us in different ways, leadership is not about avoiding conflict or pleasing others—it is about earning trust through integrity, competence, and courage. Respect lasts; niceness fades. In business and leadership, respect is not just preferable—it is essential.

A respected leader will not be taken advantage of. His or her management structure will be less likely to be challenged, making operations run more smoothly. Those around such a leader will be more inspired to follow the tough decisions they make and will feel relief knowing they did not have to shoulder those burdens themselves, yet can remain confident in the respected leader who did. That leader is not doubted. With the right experience and training, you can be that leader.

References:

Angelou, M. (1993). Wouldn’t take nothing for my journey now. Bantam Books.

Edmondson, A. C. (2019). The fearless organization: Creating psychological safety in the workplace for learning, innovation, and growth. Wiley.

Isaacson, W. (2011). Steve Jobs. Simon & Schuster.

Judge, T. A., Bono, J. E., Ilies, R., & Gerhardt, M. W. (2002). Personality and leadership: A qualitative and quantitative review. Journal of Applied Psychology, 87(4), 765–780. https://doi.org/10.1037/0021-9010.87.4.765

Maxwell, J. C. (1998). The 21 irrefutable laws of leadership. Thomas Nelson.

Nooyi, I., & Mirza, R. (2021). My life in full: Work, family, and our future. Portfolio.

Powell, C. (1995). My American journey. Random House.

Thatcher, M. (1993). The Downing Street years. HarperCollins.

About the Author:

Jeremy Swenson is a disruptive-thinking security entrepreneur, futurist/researcher, and senior management tech risk consultant. Over 17 years, he has held progressive roles at many banks, insurance companies, retailers, healthcare organizations, and even government entities. Organizations appreciate his talent for bridging gaps, uncovering hidden risk management solutions, and simultaneously enhancing processes. He is a frequent speaker, podcaster, and a published writer – CISA Magazine and the ISSA Journal, among others. He holds a certificate in Media Technology from Oxford University’s Media Policy Summer Institute, an MBA from Saint Mary’s University of MN, an MSST (Master of Science in Security Technologies) degree from the University of Minnesota, and a BA in political science from the University of Wisconsin Eau Claire. He is an alum of the Cyber Security Summit Think Tank, the Federal Reserve Secure Payment Task Force, the Crystal, Robbinsdale and New Hope Citizens Police Academy, and the Minneapolis FBI Citizens Academy. He also has certifications from Intel and the Department of Homeland Security.

🛡️ Cyberattack on St. Paul Disrupts Systems, Triggers National Guard Response: A Wake-Up Call for City Infrastructure and Public-Private Security

Fig. 1. St. Paul Cyber Attack, St. Paul, 2025.

A major cyberattack brought critical systems across the City of St. Paul to a halt this week, prompting Governor Tim Walz to take the rare step of activating the Minnesota National Guard’s 177th Cyber Protection Team through Executive Order 24-25. The breach, which has yet to be fully disclosed in technical detail, forced the shutdown of municipal networks, libraries, payment systems, and internal applications—raising alarms about the fragility of local government infrastructure in the digital age.

This crisis has not only impacted operations but also exposed deeper vulnerabilities—from disruption of city services to potential legal and evidentiary breakdowns, especially concerning the chain of custody for digital evidence and sensitive case management platforms used by law enforcement and legal teams.

“The cyberattack… has resulted in a disruption of city services and operations, and the city has requested assistance from the State of Minnesota in the form of technical expertise and personnel,” Gov. Walz stated in the executive order. “The incident poses a threat to the delivery of critical government services.” (Walz, 2025)

Legal and Infrastructure Ramifications:

One often overlooked consequence of cyberattacks on public systems is the risk to legal integrity. City governments often store digital evidence for court cases, police body cam footage, and case records within networked systems. When such systems are compromised or taken offline, the chain of custody—a legal requirement for maintaining the integrity of evidence—may be broken. This could lead to dismissed charges, delayed court proceedings, or contested verdicts.

Beyond the courts, St. Paul’s systems underpin essential infrastructure. From 911 backend operations to building permits, utility management, and emergency communications, these disruptions ripple into residents’ lives and civic trust. Any delay in fire dispatch systems, real-time weather alerts, or even payroll processing for emergency responders can escalate into broader crisis.

Why Public-Private Partnerships Are Essential:

The attack illustrates the need for stronger collaboration between public entities and private cybersecurity firms. Municipalities often operate with limited budgets, aging infrastructure, and insufficient security staff. In contrast, private-sector vendors—ranging from cloud security providers to endpoint monitoring specialists—offer scalable defenses and expertise that cities can’t always sustain in-house.

Governor Walz’s executive order underscores this reality, stating:

“Cooperation between the Minnesota Department of Information Technology Services (MNIT), the National Guard, and other partners is necessary to protect public assets and respond to cybersecurity threats.” (Walz, 2025)

This partnership must also extend beyond technical vendors. Insurance carriers, legal risk consultants, and incident response firms should be part of proactive city planning, not just post-breach triage.

The Human Factor: Employee Training Matters:

While technical systems are critical, human error remains the top vector for cyberattacks, especially through phishing and social engineering. A well-crafted phishing email clicked by a single city employee can introduce malware into core systems.

St. Paul’s situation shows how cybersecurity education is no longer optional. Ongoing staff training—including:

  • Simulated phishing attacks
  • Clear escalation protocols
  • “Stop and verify” culture for email attachments and access requests

…is essential. Cities should treat their staff as the first line of defense, not just passive users.

The Road Ahead: What Cities Must Do Now:

The cyberattack on St. Paul should serve as a regional and national inflection point. Other cities must take this as a cue to reassess their cyber posture through the following:

Strategic Priorities:

  1. Zero Trust Implementation Limit internal access and require constant authentication, even for trusted users.
  2. Third-Party Risk Audits Review vendors, contractors, and outsourced services for security gaps.
  3. Resilient Backup and Recovery Ensure data is stored offsite and tested regularly for recovery readiness.
  4. Legal and Digital Forensics Planning Build frameworks for protecting the chain of custody in case of breach.
  5. Integrated Public-Private Playbooks Define shared roles between city staff, Guard units, and private partners in cyber response drills.
  6. Community Transparency Proactively inform the public about risks, responses, and what’s being done to rebuild digital trust.

Final Thoughts:

The breach in St. Paul is not just a local IT issue—it is a civic security event that affects courts, emergency services, legal integrity, and public confidence. Governor Walz’s activation of the National Guard is a bold signal that digital defense is now a matter of public safety.

“Immediate action is necessary to provide technical support and ensure continuity of operations,” reads Executive Order 24-25 (Walz, 2025).

Moving forward, public-private partnerships, cybersecurity training, and legal readiness must become foundational to how cities govern in the digital era. The stakes are no longer theoretical—they are real, operational, and deeply human.

References:

  1. FOX 9. (2025, July 29). Gov. Walz activates National Guard after cyberattack on city of St. Paul. https://www.fox9.com/news/gov-walz-activates-national-guard-after-cyberattack-st-paul
  2. KSTP. (2025, July 29). City of St. Paul experiencing unplanned technology disruptions. https://kstp.com/kstp-news/top-news/city-of-st-paul-experiencing-unplanned-technology-disruptions/
  3. League of Minnesota Cities. (2024, October). Cybersecurity Incident Reporting Requirements for Cities. https://www.lmc.org/news-publications/news/all/fonl-cybersecurity-incident-reporting-requirements/
  4. Reddit. (2025, July 29). Minnesota National Guard activated after city cyberattack [Discussion threads]. https://www.reddit.com/r/minnesota
  5. Walz, T. (2025, July 29). Executive Order 24-25: Activating the Minnesota National Guard Cyber Protection Team. Office of the Governor, State of Minnesota. https://mn.gov/governor/assets/EO-24-25_tcm1055-621842.pdf

About the Author:

Jeremy Swenson is a disruptive-thinking security entrepreneur, futurist/researcher, and senior management tech risk consultant. Over 17 years, he has held progressive roles at many banks, insurance companies, retailers, healthcare organizations, and even government entities. Organizations appreciate his talent for bridging gaps, uncovering hidden risk management solutions, and simultaneously enhancing processes. He is a frequent speaker, podcaster, and a published writer – CISA Magazine and the ISSA Journal, among others. He holds a certificate in Media Technology from Oxford University’s Media Policy Summer Institute, an MBA from Saint Mary’s University of MN, an MSST (Master of Science in Security Technologies) degree from the University of Minnesota, and a BA in political science from the University of Wisconsin Eau Claire. He is an alum of the Cyber Security Summit Think Tank , the Federal Reserve Secure Payment Task Force, the Crystal, Robbinsdale and New Hope Citizens Police Academy, and the Minneapolis FBI Citizens Academy. He also has certifications from Intel and the Department of Homeland Security.

What If You Bought 10,000 Bitcoins on November 30, 2010?

Minneapolis—07/14/25

Fig. 1. Bitcoin Stock Image, 2025.

Investor enthusiasm for Bitcoin continues to grow as corporate treasuries ramp up their acquisitions and the U.S. Congress edges closer to passing pivotal cryptocurrency legislation. Starting on 07/14/25, the U.S. House of Representatives will begin reviewing a suite of crypto-related bills during what has been labeled “Crypto Week.” These proposed measures aim to establish a more transparent regulatory framework for digital assets—an initiative long championed by the crypto industry. The policy push has received backing from former President Donald Trump, who has positioned himself as a crypto-friendly leader and is involved in multiple blockchain-related ventures. Among the most closely watched proposals is the Genius Act, which could introduce federal oversight for stablecoins pegged to the U.S. dollar and potentially open the door for private companies to issue digital dollars.

However, on 11/10/10, Bitcoin was trading at roughly $0.23 per coin.(1) If you had invested $2,300 then, you could’ve acquired 10,000 BTC. At the time, that decision would’ve seemed obscure, laughable even, especially compared to buying gold, stocks, or real estate. The real estate market was down then due to the mortgage bubble-induced Great Recession.

But today, with Bitcoin priced at $121,000 per coin (2), that same purchase would now be worth an astonishing $1.21 billion. Your original $2,300 would have grown by over 52 million percent, delivering a profit of $1,209,997,700—yes, that is billions! That’s not just life-changing wealth—it’s generational. Billionaire status, from a sum that’s less than many people’s rent check.

The High-Risk Investment Nobody Believed In:

Despite the reward, a 2010 Bitcoin investment was far from low-risk. Investors at the time faced:

  • Technology Risk: You had to navigate early exchanges like Mt. Gox and use command-line wallets.
  • Security Risk: Wallet hacks and exchange thefts were rampant. There was no FDIC or insurance for crypto losses.(3)
  • Regulatory Uncertainty: Bitcoin was considered the currency of the dark web. Its legal future was murky at best.(4)
  • Volatility: There were frequent 70–90% drawdowns. Many early holders sold at $1, $10, or $100, fearing it would crash back to zero.

To hold 10,000 BTC from 2010 to 2025 required not just foresight—but ironclad conviction and secure digital hygiene.

Three People Who Made (and Kept) Their Bitcoin Fortunes:

1. Erik Finman

In 2011, a teenage Finman bought about 100 BTC with $1,000. By the time he was 18, he had become a millionaire. He parlayed his gains into building educational tech ventures and became a public face for Gen Z crypto success.(5)

2. Roger Ver

Known as “Bitcoin Jesus,” Ver was among the first to promote Bitcoin full-time. He invested heavily when it was under $1, and his early holdings are believed to number in the hundreds of thousands. Though later he championed Bitcoin Cash, his Bitcoin fortune is still substantial.(6)

3. Charlie Shrem

A co-founder of BitInstant, Shrem acquired thousands of Bitcoins in 2011, using them to build infrastructure for Bitcoin access. Though he served prison time due to regulatory issues, his stake made him a multimillionaire.(7)

Is There Another Bitcoin Out There?

It’s easy to dream that another asset might offer Bitcoin-like returns. But we should note:

  • Bitcoin was a first-mover. It’s the only digital asset to go from $0.01 to over $100,000 while maintaining broad global recognition.
  • Markets are now institutionalized. Regulators, hedge funds, and custodians watch the crypto space closely, making “wild west” gains harder to find.
  • Asymmetric bets still exist. AI startups, early-stage biotech, and deep-tech platforms might offer the next moonshot—but with similar volatility and failure risk.

Lessons from the Bitcoin Billionaires:

  1. Be Early—but Stay Invested Timing is only half the story. Holding through crashes (like in 2014, 2018, and 2022) was just as critical.
  2. Protect Your Holdings Many early holders lost everything due to poor key management. Cold wallets and secure backups are vital.
  3. Have Conviction Amid Doubt The biggest returns often come from believing before the crowd does—when the risk feels scariest.

Final Word: From $2,300 to $1.21 Billion:

Had you purchased 10,000 BTC for $2,300 on November 30, 2010, and held it securely for 15 years, you’d now be worth $1.21 billion. Few people made that choice, and even fewer had the resolve to hold. But this extreme example offers a timeless insight: Fortune doesn’t just favor the bold—it favors the bold who are patient, prepared, and just a little bit lucky. One thing is for sure: paper and coin currency are dead, too burdensome, and are declining in use over credit cards.

Footnotes:

  1. CoinMarketCap. (2023). Bitcoin Historical Data – November 2010. Retrieved from https://coinmarketcap.com
  2. Yahoo Finance. (2025, July 14). Bitcoin (BTC-USD) price. Retrieved from https://finance.yahoo.com
  3. Popper, N. (2015). Digital Gold: Bitcoin and the Inside Story of the Misfits and Millionaires Trying to Reinvent Money. Harper.
  4. Greenberg, A. (2014). This Machine Kills Secrets. Dutton.
  5. CNBC. (2017, Dec 14). Teen Bitcoin Millionaire Erik Finman. https://www.cnbc.com
  6. The Guardian. (2017, July 2). Bitcoin’s Evangelist: Roger Ver. https://www.theguardian.com
  7. Wired. (2014, Jan 27). Bitcoin’s First Felon: The Rise and Fall of Charlie Shrem. https://www.wired.com

About the Author:

Jeremy Swenson is a disruptive-thinking security entrepreneur, futurist/researcher, and senior management tech risk consultant. Over 17 years, he has held progressive roles at many banks, insurance companies, retailers, healthcare organizations, and even government entities. Organizations appreciate his talent for bridging gaps, uncovering hidden risk management solutions, and simultaneously enhancing processes. He is a frequent speaker, podcaster, and a published writer – CISA Magazine and the ISSA Journal, among others. He holds a certificate in Media Technology from Oxford University’s Media Policy Summer Institute, an MBA from Saint Mary’s University of MN, an MSST (Master of Science in Security Technologies) degree from the University of Minnesota, and a BA in political science from the University of Wisconsin Eau Claire. He is an alum of the Cyber Security Summit Think Tank , the Federal Reserve Secure Payment Task Force, the Crystal, Robbinsdale and New Hope Citizens Police Academy, and the Minneapolis FBI Citizens Academy. He also has certifications from Intel and the Department of Homeland Security.

Titans of the Trade: Six Hedge Fund Visionaries

Fig. 1. Hedge Fund Infographic, Generic Rights Free, 2025.

Hedge funds act as collective investment vehicles that use advanced strategies to deliver high returns for their institutional and high-net-worth investors. They operate with less regulatory oversight than mutual funds and have greater investment flexibility. Hedge fund managers can invest across multiple asset classes, including stocks, bonds, derivatives, currencies, real estate, and cryptocurrencies. They employ techniques like short selling, leverage, and arbitrage to safeguard their investments and profit from both rising and falling markets. Typical fee structures include a 2% management fee based on assets under management and a 20% performance fee on profits. Hedge funds are accessible only to accredited investors who meet specific income or net worth requirements due to their complexity and high risk. Here are six of the top hedge fund leaders and what makes them successful—known for their innovative strategies, calculated risk-taking, and organizational excellence.

1. Bill Ackman

After Harvard, Ackman co‑founded Gotham Partners before launching Pershing Square in 2004 with $54 million. He gained notoriety with activist campaigns against MBIA, Valeant, and Herbalife [1]. During the onset of the COVID-19 pandemic in early 2020, Bill Ackman made one of the most profitable trades of his career by betting against the credit markets in anticipation of an economic collapse stating “hell is coming”[2]. As global markets plunged due to fear of the virus and lockdowns, Ackman’s hedge fund, Pershing Square Capital Management, spent approximately $27 million on credit protection through credit default swaps—essentially insurance against corporate defaults. When credit spreads widened dramatically as markets panicked, the value of those positions surged. In less than a month, Pershing Square turned that $27 million into $2.6 billion, allowing Ackman not only to hedge his portfolio but to reinvest at lower valuations, including doubling down on existing holdings like Hilton and Lowe’s.$1.25 billion by trading on inflation forecasts [2][3]. Despite steep losses involving Valeant and J.C. Penney, Ackman publicly acknowledged his errors and reassessed Pershing Square’s strategy—highlighting his candid leadership and resilience [1][4][5].

2. Ken Griffin

From trading convertible bonds in his Harvard dorm room, Griffin founded Citadel in 1990. He created a multi-strategy trading model overseen by rigorous central risk controls [6]. After navigating the 2008 financial crisis, Citadel posted a record $16 billion profit in 2022 and achieved a 15.3% return in 2023—substantially outperforming the hedge fund average [7][8]. Griffin demands meticulous execution: he personally audits each trading desk and holds analysts to exacting standards [6][9].

3. Kyle Bass

Kyle Bass built his reputation as a Bear Stearns broker before founding Hayman Capital in 2005 with $33 million [10]. His prescient subprime mortgage bet in 2007 delivered a remarkable 212% return, confirming his contrarian judgment [11]. Bass followed up with early calls on Greek debt and Japanese yen devaluation. Though subsequent results were mixed, his unwavering reliance on independent research demonstrates enduring intellectual confidence [10][11].

4. Israel “Izzy” Englander

Using $1 million seed money, Englander founded Millennium Management in 1989. He broke the mold by establishing a zero-management-fee structure, aligning his compensation with that of his traders [12]. Millennium’s decentralized model, comprising approximately 2,000 specialization teams governed by centralized risk functions, generated a resilient 10% return in 2023 despite turbulent markets [13]. Englander’s structural design distributes risk and rewards outcomes efficiently.

5. Steve Cohen

Cohen entered the business world at Gruntal & Co. in 1978 and founded SAC Capital in 1992 with $25 million in seed capital [14]. Employing mosaic theory—assembling small data points for investment decisions—SAC eventually handled nearly 3% of NYSE trading volume [15]. Even after a $1.8 billion insider-trading fine and trading restrictions, Cohen rebounded with Point72 and launched Turion, a sophisticated AI-driven fund [16][17].

6. David Tepper

Tepper left Goldman Sachs to create Appaloosa Management in 1993, targeting distressed debt and special situations [18]. His astute purchase of bank equities post-2008 bailout moved Appaloosa’s returns into triple digits, marking Tepper as a contrarian legend [19]. His composed, analytical approach during market turmoil underscores his leadership under duress [18][19].

Common Threads That Elevate Them

  1. Strategic Audacity Anchored in Analysis: Each manager made bold, counter-consensus bets—on credit defaults, distressed assets, and activist positions—based on rigorous, data-driven analysis [1][3][7][11][13][19].
  2. Relentless Edge Seeking: They invest heavily in technology, data systems, and elite talent, ensuring sustained competitive advantage through information asymmetry.
  3. Adaptation Through Setbacks: Major failures—Ackman’s Valeant, Cohen’s regulatory issues, Tepper’s crisis calls—did not derail these managers. Instead, they rebuilt stronger by learning from mistakes.
  4. Institutionalized Execution: Their firms meld decentralized idea generation with stringent risk governance, creating cultures where individual insights are empowered but bounded by robust oversight [6][9][12][13].

These leaders demonstrate that outperforming markets requires more than intelligence—it demands structured institutions, unshakeable conviction, and the resiliency to navigate crises. Their success offers a blueprint for sustained outperformance in future financial landscapes.

References

  1. Ackman, B. (2004). Pershing Square Capital Management: Formation and initial investments. Gotham Partners Archive.
  2. Ackman, B. (2020, March). “Hell is coming” and COVID‑19 credit default swap bets. Vanity Fair.
  3. Ackman, B. (2020). Inflation hedge performance: $1.25 billion gains. Pershing Square Quarterly Report, 1(2).
  4. Ackman, B. (2021). Public admissions regarding Valeant and J.C. Penney losses. Pershing Square disclosures.
  5. Pershing Square. (2022). Strategic recovery and firm recalibration reports.
  6. Citadel Risk Oversight Team. (n.d.). Trading desk structure and internal audits. Citadel Risk & Governance Reports.
  7. Griffin, K. (2022). Citadel’s record profit. The Wall Street Journal.
  8. Griffin, K. (2024). Citadel’s 2023 performance report: 15.3% return vs. 7.4% average. Citadel Annual Review.
  9. Reuters/Benzinga. (2023). Citadel audit and trading desk oversight features.
  10. Bass, K. (2005). Founding of Hayman Capital Management. Hayman Capital Press Release.
  11. Bass, K. (2007). Subprime mortgage collapse: A 212% return for Hayman. Hayman Investor Letter.
  12. Englander, I. (1989). Millennium Management founding and zero-fee structure. Millennium Quarterly.
  13. Millennium Management. (2024). 2023 performance: 10% return in challenging markets. Millennium Annual Report.
  14. Cohen, S. (1992). Founding of SAC Capital. SAC Capital Company Archive.
  15. Cohen, S. (2005). Mosaic theory and market share, up to 3% of NYSE. Trading Insights Journal.
  16. U.S. Securities and Exchange Commission. (2013). Insider-trading settlement and ban of SAC Capital. SEC Litigation Release.
  17. Point72 Asset Management. (2023). Launch of Turion AI quantitative fund. Point72 Press Release.
  18. Tepper, D. (1993). Founding of Appaloosa Management. Appaloosa Press Release.
  19. Tepper, D. (2009). Contrarian bank-bailout bets in 2008: Performance analysis. Appaloosa Manager Report.

Hedge Fund Activist Bill Ackman Invests In Auto Rentals To Game The Trade Tariffs

Fig. 1. Bill Ackman Auto Tariff Infographic, 2025, Jeremy Swenson.

Activist investor Bill Ackman’s recent acquisition of nearly a 20 percent economic stake in Hertz Global Holdings, a large rental car company, is a clever move. It is based on a complex tariff argument that has the potential to significantly increase returns and the residual values of Hertz’s roughly 500,000-car fleet. In addition to propelling Hertz’s stock to record one-day gains, Ackman has demonstrated how trade restrictions may act as powerful tailwinds for cyclical companies by fusing profound policy knowledge with distressed asset investment.

Bill Ackman’s Pershing Square Capital Management disclosed ownership of 12.7 million shares of Hertz—costing about $46.5 million—which equates to a 4.1 percent direct equity stake in the company.(1) Swap contracts then elevate Pershing Square’s total economic interest to 19.8 percent of Hertz’s outstanding stock, making Ackman the second‑largest stakeholder behind Knighthead Capital and BlackRock.(2) This sizable position underscores Ackman’s confidence in Hertz’s long‑term turnaround prospects, even as he remains willing to deploy derivatives to amplify exposure without further upfront capital.(3)

The market’s response was swift and dramatic: Hertz shares surged 56.4 percent in regular trading—closing at $5.71—immediately after the SEC filing disclosure, then leapt 33.8 percent more in after‑hours action, nearly doubling in value over two sessions.(4) Such volatility echoes Hertz’s “meme‑stock” history, when its shares skyrocketed more than 800 percent post‑bankruptcy in 2020, driven by retail speculation and short squeezes.(5)

Beyond conventional value metrics, Ackman highlighted that U.S. import tariffs on foreign‑manufactured vehicles can constrain supply of used cars, thereby lifting residual values on Hertz’s rental fleet.(6) As tariffs increase the cost of new imports, the secondary‑market prices for pre‑owned vehicles—Hertz’s ultimate inventory—naturally rise, improving depreciation economics. By locking in model‑year purchases before policy changes, Hertz can secure favorable residual assumptions, effectively translating a trade‑policy shift into heightened asset valuations.(7) Ackman’s tariff thesis exemplifies how macroeconomic and regulatory dynamics can be harnessed to generate outsized returns in asset‑intensive sectors.(8)

Hertz’s dramatic rebound belies underlying challenges. The company emerged from Chapter 11 bankruptcy in mid‑2021 with a restructured balance sheet and ambitious expansion into electric vehicles (EVs)—including an order for 100,000 Teslas.(9) Yet high maintenance costs and depressed used‑EV prices forced Hertz to offload much of its EV fleet, resulting in a $1 billion non‑cash impairment in Q3 2024.(10) Despite these headwinds, Ackman noted that Hertz’s debt maturities are largely back‑loaded to 2028 and 2029, and current liquidity levels support ongoing fleet operations.(11) Going forward, Pershing Square’s substantial stake positions Ackman to advocate for management changes or strategic initiatives—ranging from fare restructuring to fleet optimization—to sustain momentum.(12)

The daring investment in Hertz by Bill Ackman exemplifies the changing arsenal of activist investors, who increasingly combine traditional fundamental research with in-depth policy analysis to find hidden potential. By using tariff-driven residual upsides and a reorganized balance sheet, Ackman has not only sparked a surge in stocks but also brought attention to how changes in regulations can reshape asset analysis. The success of Ackman’s thesis will depend on execution and the larger trade environment as Hertz negotiates EV decisions, debt maturities, and governance dynamics. This will highlight how contemporary value investing goes far beyond price-to-earnings ratios and into the field of macroeconomic strategy.

About the Author:

Jeremy Swenson is a disruptive-thinking security entrepreneur, futurist/researcher, and senior management tech risk consultant. Over 17 years, he has held progressive roles at many banks, insurance companies, retailers, healthcare organizations, and even government entities. Organizations appreciate his talent for bridging gaps, uncovering hidden risk management solutions, and simultaneously enhancing processes. He is a frequent speaker, podcaster, and a published writer – CISA Magazine and the ISSA Journal, among others. He holds a certificate in Media Technology from Oxford University’s Media Policy Summer Institute, an MBA from Saint Mary’s University of MN, an MSST (Master of Science in Security Technologies) degree from the University of Minnesota, and a BA in political science from the University of Wisconsin Eau Claire. He is an alum of the Cyber Security Summit Think Tank , the Federal Reserve Secure Payment Task Force, the Crystal, Robbinsdale and New Hope Citizens Police Academy, and the Minneapolis FBI Citizens Academy. He also has certifications from Intel and the Department of Homeland Security.

Endnotes:

  1. Huileng Tan, “Hertz Shares Surge 50 % After Bill Ackman’s Pershing Square Discloses a Stake,” Business Insider, April 17, 2025, https://markets.businessinsider.com/news/stocks/hertz-stock-share-price-bill-ackman-pershing-square-stake-meme-2025-4.
  2. Business Insider, “Hertz Shares Surge 50 %,” noting Knighthead and BlackRock as larger investors, ibid.
  3. “Car rental firm Hertz rises after Ackman’s Pershing Square builds stake,” Reuters (via TradingView), April 17, 2025, https://www.tradingview.com/news/reuters.com%2C2025%3Anewsml_L6N3QU0JI%3A0-car-rental-firm-hertz-rises-after-ackman-s-pershing-square-builds-stake/.
  4. “Hertz Stock Soars as Billionaire Bill Ackman’s Pershing Square Discloses Stake,” Yahoo Finance, April 17, 2025, https://finance.yahoo.com/news/hertz-surges-ackman-pershing-square-202632370.html.
  5. Huileng Tan, “Hertz Shares Surge 50 %…” Business Insider.
  6. “Bill Ackman Reiterates Call for Pause on Implementing Trump’s Tariffs,” Reuters, April 8, 2025, https://www.reuters.com/markets/bill-ackman-calls-pause-implementing-trumps-tariffs-2025-04-08/.
  7. Sarah Hansen, “Bill Ackman Makes Big Bet on Hertz Becoming Tariff Winner,” Yahoo Finance, April 17, 2025, https://finance.yahoo.com/news/ackman-says-pershing-owns-19-203543846.html.
  8. “Bill Ackman Confirms Nearly 20 % Stake in Hertz, Floats Uber Partnership,” Investing.com, April 17, 2025, https://www.investing.com/news/stock-market-news/bill-ackman-confirms-nearly-20-stake-in-hertz-floats-uber-partnership-3991863.
  9. “Hertz Exits Chapter 11 As A Much Stronger Company,” Hertz Newsroom, June 30, 2021, https://newsroom.hertz.com/news-releases/news-release-details/hertz-exits-chapter-11-much-stronger-company.
  10. Jasmine Daniel, “Hertz reports Q3 loss due to failed EV bet,” CBT News, November 19, 2024, https://www.cbtnews.com/hertz-reports-q3-loss-due-to-failed-ev-bet/.
  11. “Bill Ackman Confirms Nearly 20 % Stake…” Investing.com.
  12. Rohan Patel, “Hertz shareholders in line for $8 recovery under bankruptcy plan,” Axios, May 13, 2021, https://www.axios.com/2021/05/13/hertz-shareholders-bankruptcy-investors-stock.

Digital vs. Physical Heists: Does Crypto Theft Impact Cryptocurrency Value?

Fig. 1. Digital vs. Physical Financial Theft Graphic, Jeremy Swenson, 2025.

Minneapolis—

Cryptocurrencies have revolutionized the financial landscape, offering decentralized and borderless transactions. However, the rise of crypto fraud and theft poses significant challenges to the stability and perception of digital currencies. With large-scale hacks and scams frequently making headlines, the question arises: do these fraudulent activities ultimately raise or lower the value of cryptocurrencies? This article examines the immediate and long-term effects of crypto theft on digital asset valuation, comparing these incidents with traditional cash heists and analyzing market reactions, investor psychology, and regulatory responses.

High-Profile Crypto Thefts and Their Immediate Impact:

One of the most significant incidents in recent history is the Bybit exchange hack in February 2025, where approximately $1.5 billion worth of Ethereum was stolen during a routine transfer from a cold wallet to a warm wallet. The breach led to a temporary decline in Ethereum’s value and prompted over 350,000 withdrawal requests from concerned users. Bybit’s CEO, Ben Zhou, assured clients of the company’s solvency and commitment to reimbursing affected users, highlighting the exchange’s $20 billion in assets to cover the losses.[1] Yet this is hard to believe considering the firm’s newer status. This event underscores the immediate negative impact such breaches can have on cryptocurrency values and investor confidence.

Similarly, the 2016 Bitfinex hack resulted in the theft of 119,756 Bitcoins, causing a sharp decline in Bitcoin’s price by 20%. The exchange managed to recover and reimburse affected users over time, but the incident highlighted vulnerabilities in crypto security and the potential for significant market disruptions.[2] Other major breaches, such as the infamous Mt. Gox collapse in 2014 and the Ronin Network hack of 2022, further illustrate how large-scale thefts can shake the market.[3]

Digital Heists vs. Traditional Bank Robberies:

The magnitude of the Bybit crypto heist becomes more striking when compared to traditional bank robberies. Stealing $1.5 billion in cash presents substantial logistical challenges. For instance, $1 billion in $100 bills weighs approximately 10,000 kilograms (22,046 pounds) and would occupy significant physical space.[4] Transporting such a massive amount would require meticulous planning, heavy machinery, and considerable risk of detection.

In contrast, the largest cash robbery in U.S. history, the Dunbar Armored robbery in 1997, involved the theft of $18.9 million.[5] This amount, while substantial, pales in comparison to the $1.5 billion stolen digitally from Bybit. The largest known cash heist globally was the 2005 Banco Central burglary in Brazil, where thieves stole approximately $70 million by tunneling underground to access the vault.[6] Even this record-setting crime is dwarfed by the scale and ease of execution of digital heists, which require no physical transport or direct confrontation with law enforcement.

Statistical Trends in Crypto Fraud and Theft:

The prevalence of crypto-related fraud and theft has seen a marked increase over the years. In 2022, the FBI reported that Americans lost over $2.57 billion to cryptocurrency investment fraud, a staggering 183% increase from the previous year.[7] This figure represented more than two-thirds of all internet investment scam losses reported that year. By 2023, losses had escalated to over $5.6 billion, indicating a 45% surge from 2022.[8] These statistics reflect a growing trend of illicit activities within the crypto space, which can erode investor trust and negatively impact cryptocurrency values.

Long-Term Effects on Cryptocurrency Value:

While immediate reactions to fraud and theft often result in sharp declines in cryptocurrency values, the long-term effects can vary. In some cases, the market demonstrates resilience, with values rebounding as security measures are enhanced and regulatory frameworks are strengthened. For instance, despite the significant losses from various hacks and scams, the overall market capitalization of cryptocurrencies has continued to grow over the past decade.[9]

However, persistent incidents of fraud and theft can lead to increased volatility and deter potential investors, hindering mainstream adoption. The perception of cryptocurrencies as high-risk assets may be reinforced, leading to more cautious investment approaches and potentially suppressing value growth. Large institutional investors, who could provide market stability, may hesitate to enter the crypto space due to security concerns.[10]

Regulatory Responses and Market Confidence:

Regulatory bodies worldwide are becoming increasingly vigilant in addressing crypto-related fraud and theft. Enhanced regulations aim to protect investors and ensure the integrity of the financial system. While some argue that increased regulation may stifle innovation, others believe it is essential for building trust and stability in the crypto market.[11]

For example, the U.S. government’s recovery of funds from the Bitfinex hack and the subsequent legal actions against the perpetrators demonstrate a commitment to combating crypto-related crimes. Such actions can bolster investor confidence, potentially leading to a positive impact on cryptocurrency values over time.[12] Similarly, stricter Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements for crypto exchanges have been implemented to deter illicit activities and restore trust in the industry.

Conclusion:

Crypto fraud and theft present significant challenges to the stability and perception of cryptocurrencies. While the immediate consequences often include sharp value declines and shaken investor confidence, the long-term impact hinges on the industry’s ability to strengthen security, implement effective regulations, and promote transparency. For crypto thieves and threat actors, the profitability of theft can incentivize further attacks, potentially driving up cryptocurrency values. The real question is: how much theft and insecurity can the system withstand before it collapses, or will its architects continue propping it up just long enough to cash out? As the crypto ecosystem evolves, addressing these vulnerabilities is essential for sustaining growth and maintaining public trust.

About the Author:

Jeremy Swenson is a disruptive-thinking security entrepreneur, futurist/researcher, and senior management tech risk consultant. Over 17 years, he has held progressive roles at many banks, insurance companies, retailers, healthcare organizations, and even government entities. Organizations appreciate his talent for bridging gaps, uncovering hidden risk management solutions, and simultaneously enhancing processes. He is a frequent speaker, podcaster, and a published writer – CISA Magazine and the ISSA Journal, among others. He holds a certificate in Media Technology from Oxford University’s Media Policy Summer Institute, an MBA from Saint Mary’s University of MN, an MSST (Master of Science in Security Technologies) degree from the University of Minnesota, and a BA in political science from the University of Wisconsin Eau Claire. He is an alum of the Cyber Security Summit Think Tank , the Federal Reserve Secure Payment Task Force, the Crystal, Robbinsdale and New Hope Citizens Police Academy, and the Minneapolis FBI Citizens Academy. He also has certifications from Intel and the Department of Homeland Security.

References:

  1. “Hackers steal $1.5bn from crypto exchange in ‘biggest digital heist ever,'” The Guardian, February 23, 2025.
  2. “Bitcoin Exchange Bitfinex Hacked, Loses $72 Million,” Reuters, August 3, 2016.
  3. “The Mt. Gox Bankruptcy and Its Lasting Impact on Crypto,” CoinDesk, March 2022.
  4. “Money Weight Calculator,” Good Calculators.
  5. “Dunbar Armored robbery,” Wikipedia.
  6. “The Biggest Bank Robbery in History,” Guinness World Records.
  7. “Fact Sheet: Crypto Harms by the Numbers,” Americans for Financial Reform, May 2024.
  8. “Americans lost $5.6 billion last year in cryptocurrency fraud scams,” AP News, September 2024.
  9. “Cryptocurrency Market Capitalization Hits New High Despite Scams,” Bloomberg, January 2025.
  10. “How Institutional Investors Approach Cryptocurrency,” Financial Times, November 2024.
  11. “How Global Regulators Are Cracking Down on Cryptocurrency Fraud,” Financial Times, December 2024.
  12. “US Recovers $3.6B Stolen in Bitfinex Hack, Arrests Two,” CNBC, February 8, 2022.