.png)
German (DE) 
English (US) 
Spanish (ES) 
French (FR) 
Hindi (IN) 
Italian (IT) 
Russian (RU) 
17 hours ago
1
Defense Secretary Pete Hegseth has ordered U.S. Cyber Command to halt offensive cyber and information operations against Russia as President Donald Trump seeks to end President Vladimir Putin’s war in Ukraine on terms that are widely seen as favoring Moscow, according to one current and one former U.S. official familiar with the order.
The pause is meant to last only as long as negotiations continue, said the current and former official, who like several others, spoke on the condition of anonymity because of the matter’s sensitivity.
While it is not unusual to stop operations in the midst of high-level talks or similar engagements, the move comes as Trump has engaged in a startling reversal of 80 years of U.S. foreign policy, showing an apparent willingness to abandon European allies and make common cause with Putin in his designs on Ukraine.
And, experts warn, it represents a concession to one of America’s most active cyber adversaries.
“Russia continues to be among the top cyberthreats to the United States,” said James A. Lewis, a former diplomat in the Clinton administration and former U.N. cyber negotiator. “Turning off cyber operations to avoid blowing up the talks may be a prudent tactical step. But if we take our foot off the gas pedal and they take advantage of it, we could put national security at risk.”
The Pentagon declined to comment on the matter. “There is no greater priority to Secretary Hegseth than the safety of the warfighter in all operations, to include the cyber domain,” a defense official said.
The pause on offensive cyber operations was first reported by The Record.
The cyber and information operations being halted are not so aggressive as to be considered an act of war, the officials said. They could include exposing or disabling malware found in Russian networks before it can be used against the United States, blocking Russian hackers from servers that they may be preparing to use for their own offensive operations or disrupting a site promoting anti-U. S. propaganda.
“I have seen many times when we are in some type of negotiation with another nation, especially if it’s one that is considered an adversary, that we stop operations, exercises, we even cancel speeches sometimes,” said retired Lt. Gen. Charlie “Tuna” Moore, former deputy commander of U.S. Cyber Command. “It’s fairly common to pause anything that could potentially derail the talks.”
Planning for potential operations against Russian networks has not stopped, said one former senior military official. Also continuing is cyberespionage against Russia conducted by the National Security Agency, the nation’s electronic surveillance agency headquartered alongside Cybercom at Fort Meade, Maryland.
“The reason you don’t stop espionage is you want to know if they’re lying to you,” said the former official. “The reason you don’t stop planning is if the talks don’t work out, you want to have options you can use against them.”
The danger, though, is that even a temporary stop runs counter to U.S. defense strategy of maintaining “persistent” engagement with top cyber adversaries such as Russia. “You need to see if there are vulnerabilities you can exploit, whether you can get through their fire walls, whether you can get access to the targets,” said a former senior defense official.
“What’s the risk of stopping? You lose track of your adversary. If the pause is for days or weeks, it’s not so serious; if it’s for months or permanent - that’s serious,” the former official said.
At the Cybersecurity and Infrastructure Security Agency, an arm of the Homeland Security Department that helps defend civilian government and U.S. critical infrastructure networks, some cyberthreat experts have been directed to focus on adversaries other than Russia, according to a private sector consultant familiar with the matter.
“CISA remains committed to addressing all cyberthreats to U.S. critical infrastructure, including from Russia,” DHS spokesperson Tricia McLaughlin said. “There has been no change in our posture or priority on this front.”
Hegseth’s order comes as the administration has signaled it wants to go harder against adversaries in cyberspace - though perhaps not Russia. In an interview with Breitbart News in January before Trump was inaugurated, then-incoming national security adviser Michael Waltz said “on cyber, we’ve been playing a lot of defense” and it was time to “do better on offense.”
He called out China and Iran, but did not mention Russia.
“How will we reestablish deterrence so that some of these actors - particularly state actors like China and Iran - stop trying so hard?” he said. “I believe personally you can do that by demonstrating if you’re putting cyber time bombs in our ports and grid, that we can do it to you, too, so let’s both not.''
At a United Nations cyber meeting in New York last week, a State Department official spoke of foreign adversaries targeting U.S. critical infrastructure, according to a video of her remarks. Liesyl Franz, deputy assistant secretary for international cybersecurity at the State Department, mentioned hackers affiliated with China compromising American telecommunications networks, a reference to the Salt Typhoon hacks discovered last year.
But she made no reference to Russia, which the United States has accused of supporting ransomware groups that have broadly targeted critical sectors, including fuel pipelines and hospitals. The omission was first reported by the Guardian.
“We’ve never pulled punches on Russia before in U.N. cyber discussions, so that’s very notable,” said one former senior State Department official. “Many diplomats noticed it.''
Franz did not respond to a request for comment.
For more than a decade, Russia has been named by the Office of the Director of National Intelligence as a major cyberthreat to the United States. Its hackers spy, deploy ransomware and seek to embed in critical infrastructure across American networks. In 2017, the U.S. intelligence community concluded that Russia sought to influence the 2016 election in favor of Trump, an assessment that drew Trump’s ire as he perceived it as questioning the legitimacy of his victory.
Trump has said he believes Putin’s denials of Russian attempts to interfere in the U.S. election. For years, Trump and his allies disputed the intelligence agencies’ finding. Now the new administration has begun dismantling many of the organizations set up in the wake of 2016 to combat foreign interference in U.S. elections. Attorney General Pam Bondi dissolved an FBI task force that worked to uncover efforts by Russia, China, Iran and other adversaries to manipulate U.S. voters. Separately, DHS placed on leave a number of CISA employees who work on combating foreign disinformation in U.S. elections.
Rep. Bennie G. Thompson (D-Mississippi) decried the administration’s latest moves that affect the government’s ability to counter Russian cyberthreats to national security.
“To capitulate now, as we appear to bail on our allies in Ukraine, is an inexplicable dereliction of duty that puts American critical infrastructure at risk,” said Thompson, ranking member on the House Homeland Security Committee. He urged the chairman, Rep. Mark Green (R-Tennessee), to hold hearings on the issue.
- - -
Alex Horton and Aaron Schaffer contributed to this report.
Related Content
Federal workers haunted by Oklahoma City bombing fear Trump’s barbs
The best frozen french fries? Our taste test found a clear winner.
Scientists warn of long-term damage as Trump’s orders slow research
Comments