
Situation Summary
The United States faces a composite threat score of 27 with 3,683 tracked events, placing it in a moderate-risk tier globally. Recent security signals indicate concurrent spikes in protest activity, law-enforcement operations, and critical-infrastructure cyber incidents across multiple states. California leads sub-national risk rankings at 31.3, driven primarily by active cyber threats to water systems and municipal agencies; concurrent activity in Kansas, Texas, and New York suggests distributed rather than localized pressure. The trajectory over the next 7 days will depend on the pace of infrastructure-sector cyber incidents and the resolution of active detention and law-enforcement events flagged in Missouri and other high-activity zones.
Key Developments
- Bakersfield & Central Valley, California (June 22–23, 2026): State and local officials reported a series of cyber intrusions and attempted intrusions targeting water-system operators and municipal agencies. Heightened cybersecurity monitoring and incident-response coordination remain active across the region's critical water infrastructure.
- Omaha, Nebraska – Eppley Airfield & medical facilities (June 22, 2026): U.S. Air Force medical and bioenvironmental teams continued response operations for Americans exposed to hantavirus transported to Omaha for evaluation and treatment. Specialized containment and public-health protocols remain in place at receiving facilities.
- Nationwide (June 22–23, 2026): Multiple healthcare providers and municipal systems reported data-security incidents and attempted breaches. Professional and public-health channels circulated elevated cyber-risk advisories for critical infrastructure and healthcare providers, citing ransomware and sensitive-data theft as primary threats.
- Missouri (June 23, 2026): Arrest/detention operations and conventional military-force signals involving Jordan and Missouri entities were flagged. Concurrent public statements from representatives and judicial figures suggest active legal or administrative proceedings tied to these operations.
- Protester activity (June 23, 2026): Threat signals associated with protester groups were recorded nationwide, with specific clustering in high-risk states. Context and scale remain under clarification.
Highest-Risk Areas
California's risk score (31.3) is substantially elevated by the ongoing cyber campaign against water infrastructure and municipal systems, a critical-infrastructure vulnerability affecting millions of residents and dependent industries. Kansas (21.4), Texas (21.1), and New York (20.9) show elevated composite scores driven by a combination of protest activity, law-enforcement operations, and localized threat signals; these states warrant sustained monitoring for escalation or contagion to adjacent regions. Florida, Illinois, Utah, and Ohio round out the top tier at scores between 10–13, indicating lower but sustained activity. Geographic distribution suggests no single geographic hotspot but rather concurrent pressure points across the country.
How GeoBit Would Assist
Security teams should employ AOI Monitoring & Early Warning capabilities to establish persistent watch on California's water-system operators and related municipal agencies, with alerting configured for cyber-incident indicators and official notices. Intel Sweep and OSINT fusion capabilities enable real-time corroboration of healthcare and municipal data-breach claims across the nationwide dataset, reducing false positives and identifying common threat actors or vectors. Risk & Threat Assessment with temporal and sentiment analysis should be applied to protest-activity signals to distinguish noise from genuine escalation risk in high-activity states.
7-Day Outlook
The cyber campaign against critical infrastructure is likely to persist or evolve over the next 7 days as attackers test defenses and municipal response protocols. Law-enforcement and detention-related activity in Missouri and other states should stabilize or resolve through judicial or administrative channels, barring significant escalation triggers. Sustained monitoring of California, Kansas, and Texas is warranted; no major nationwide incident is forecast unless cyber or protest activity accelerates beyond current levels.
Highest-Risk Areas — Ranked
| # | State / Region | Risk |
|---|---|---|
| 1 | California | 31.3 |
| 2 | Kansas | 21.4 |
| 3 | Texas | 21.1 |
| 4 | New York | 20.9 |
| 5 | Florida | 12.9 |
| 6 | Illinois | 11.9 |
| 7 | Utah | 11.4 |
| 8 | Ohio | 10.1 |
| 9 | Arizona | 8.5 |
| 10 | New Mexico | 8.5 |
| 11 | Massachusetts | 8.5 |
| 12 | Washington | 8.1 |
Sources
Previous Daily Briefs
A new United States brief is written every day — each with its own risk map and downloadable CSV. Here's the last week; use the calendar to go further back.
📅 Browse every day by calendar →
Highlighted days have a brief. Tap a day for that day's map & analysis, or “csv” for that day's dataset ($5).