Stop targeting Russian hackers, Trump administration orders US Cyber Command

For years, the United States has joined with much of the rest of the world, in declaring that Russia poses a significant cyber threat - hosting cybercriminal gangs and state-sponsored hackers who present a danger to national security, critical infrastructure, and commercial organisations.

But, in a radical departure from longstanding assessments by national intelligence agencies, Donald Trump's administration has now indicated that it no longer views Russian hackers as a threat - and has ordered US Cyber Command and the Cybersecurity and Infrastructure Security Agency (CISA) to no longer follow or report on Russian threats, despite them previously being their main focus.

Yes, that's right - Russia. The country which is home to, for instance, the LockBit gang - the world's most notorious ransomware group - as well as many others including Evil Corp, Conti, and Qilin.

As The Guardian reports, recent statements from officials, including Liesyl Franz, deputy assistant secretary for international cybersecurity at the US state department, omitted any mention of Russia as a cybersecurity threat - focusing instead on China and Iran.

The policy change is confirmed by a CISA memo that makes specific priorities protecting against Chinese cybersecurity threats, but makes no mention of Russia.

As The Guardian reported:

"A person familiar with the matter who spoke to the Guardian on the condition of anonymity said analysts at the agency were verbally informed that they were not to follow or report on Russian threats, even though this had previously been a main focus for the agency. The person said work that was being done on something 'Russia-related' was in effect 'nixed'."

It's a similar story at US Cyber Command, which Defense Secretary Pete Hegseth has ordered to halt all operations targeting Russia according to reporting from The Record.

Meanwhile, the New York Times has separately described how FBI and CISA officials who protected elections from cyber attacks, and tracked and publicised Russian online disinformation campaigns had been reassigned to new roles.

Commentators have speculated that the dramatic change in approach reflects Donald Trump's unhidden warmth towards Vladimir Putin, with cybersecurity experts concerned that United States systems will find themselves increasingly vulnerable to Russian cyber attack.

But it's not just American computer networks that could find themselves in the firing line if US Cyber Command and CISA turns a blind eye to Russian hacking activities.

Ukraine is probably going to be impacted more than any other country. Its digital defences have been bolstered significantly by United States intelligence and assistance since Russia's invasion, helping to protect itself from hacking campaigns that have attempted to spy on and sabotage Ukrainian operations.

As ever, it's not just one country's citizens which are impacted by the decisions of its leadership. Do not imagine for one second that this news does not impact you if you do not reside in the United States or Ukraine.

Wherever you are in the world reading this, it is almost a certainty that your sensitive data is being stored on servers operated by US organisations. Any decision which is made to weaken the security of the defence of those systems has a direct impact on all of us.