- Defense Secretary Pete Hegseth ordered U.S. Cyber Command to halt cyber-offense operations against Russia, according to reports. That comes as President Donald Trump is seeking to end Russia's war on Ukraine and warm up to Moscow.
Defense Secretary Pete Hegseth has instructed U.S. Cyber Command to pause offensive cyber and information operations against Russia, according to reports.
He recently ordered the unit to stand down planning against Russian cybersecurity threats, sources told The Record. The order doesn't apply to the National Security Agency or its signals intelligence targeting Russia.
Cyber Command has started putting together a "risk assessment" that lists what actions or missions were halted due to Hegseth's order and explains what potential threats could come from Russia, the report added.
"Due to operational security concerns, we do not comment nor discuss cyber intelligence, plans, or operations," a senior defense official told Fortune. "There is no greater priority to Secretary Hegseth than the safety of the Warfighter in all operations, to include the cyber domain."
Meanwhile, a separate report from the Washington Post said the pause that Hegseth ordered is meant to remain in effect while negotiations to end Russia's war on Ukraine are ongoing as President Donald Trump seeks terms that are seen as favorable to Moscow.
The cyber-offense operations being halted stop short of acts of war, sources told the Post, and could include disabling malware on Russian networks or blocking Russian hackers from servers they might use. Another source said planning for potential cyber-operations is continuing.
Such a pause in operations isn't unheard-of.
“I have seen many times when we are in some type of negotiation with another nation, especially if it’s one that is considered an adversary, that we stop operations, exercises, we even cancel speeches sometimes,” Retired Lt. Gen. Charlie “Tuna” Moore told the Post. “It’s fairly common to pause anything that could potentially derail the talks.”
But it comes as the administration has broken with European allies over Russia's war on Ukraine. That was underscored Friday, when a public meeting at the White House between Trump and Ukrainian President Volodymyr Zelensky turned into a screaming match.
Rep. Bennie G. Thompson (D-Miss.) condemned Hegseth’s order to the Cyber Command, saying the government now lacks the ability to counter Russian cyber threats.
“To capitulate now, as we appear to bail on our allies in Ukraine, is an inexplicable dereliction of duty that puts American critical infrastructure at risk,” Thompson told the Post.
Elsewhere in the Trump administration, there have been notable omissions of Russia as a cybersecurity threat.
In a speech before a United Nations working group on cybersecurity, Liesyl Franz, deputy assistant secretary for international cybersecurity at the State Department, raised cyberspace concerns about China and Iran, but didn't mention Russia.
In the same meeting, the European Union and the United Kingdom emphasized their concerns with Russian cyber threats. The U.K. said that Russia was using offensive and hostile cyberattacks in its illegal invasion of Ukraine.
"We continue to view Russia as a malign cyber actor," a State Department spokesperson said.
And a memo released by the Cybersecurity and Infrastructure Security Agency (CISA), a branch of the Department of Homeland Security that detects cyber threats to U.S. essential infrastructure, outlined the agency’s new decree prioritizing China and safeguarding local systems. It, too, did not name Russia.
Although Russian threats have previously been the primary focus of the agency, a person familiar with the matter told the Guardian that analysts at CISA were verbally briefed to not follow or report threats from the country. They also said that ongoing work with “Russian-related” projects was effectively “nixed.”
Another person who worked on U.S. joint task forces to track and fight Russian cyber threats told the Guardian this was “truly shocking.”
“There are thousands of U.S. government employees and military working daily on the massive threat Russia poses as possibly the most significant nation state threat actor,” they said. “Not to diminish the significance of China, Iran, or North Korea, but Russia is at least on par with China as the most significant cyber threat.”
A DHS spokesperson told Fortune that the memo isn't from the administration and that CISA remains committed to addressing threats from Russia and hasn't changed its posture.
The U.S. has long considered Moscow as a threat to national cybersecurity. And last year, the U.S. reiterated the risk of Russian cyberattacks in its annual threat assessment.
“Russia will pose an enduring global cyber threat even as it prioritizes cyber operations for the Ukrainian war,” the report said. “Moscow views cyber disruptions as a foreign policy level to shape other countries’ decisions and continuously refines and employs its espionage, influence, and attack capabilities against a variety of targets.”
The report specified that Russia maintains the ability to attack underwater cables and industrial control systems within the U.S., its allies, and partner countries.
