The Trump administration publicly and personally signaled that Russia does not believe it represents a cyber threat to US national security or critical infrastructure, indicating a fundamental departure from long-standing information assessments.
The change in policy could make the US vulnerable to Russian hacking attacks, experts warned, and appeared to reflect warming relations between Donald Trump and Russian president Vladimir Putin.
Two recent incidents show that the US no longer characterizes Russia as a cybersecurity threat.
Liesil Franz, deputy director of international cybersecurity at the State Department, said in a speech before the UN Working Group on Cybersecurity last week, that the US is interested in the threats committed by several states, but that the threats named China and Iran were not mentioned in Russia’s remarks. Franz also did not mention the Russian-based Rockbit Ransomware Group, which the US previously said was the world’s most prolific ransomware group and has been called in the UN forum in the past. Last year, the Treasury Department said Lockbit operates in a ransomware model as a service for the group to license ransomware software to criminals in exchange for a portion of its payroll.
In contrast to Franz’s statement, representatives of the European Union and the United Kingdom’s US allies focused on their statements on the threat posed by Moscow, noting that the UK is using aggressive and malicious cyberattacks against Ukraine along with illegal aggression.
“I don’t understand speeches about threats in cyberspace, and Russia doesn’t mention them. It’s a paranoia to think this will turn Russia and the FSB (Russian Security Bureau) into friends.” “They hate the US and are still angry at losing the Cold War. Otherwise this won’t change.”
US policy changes are also established behind closed doors.
A recent memo on the Cybersecurity and Infrastructure Security Agency (CISA) sets new priorities for agencies that are part of the Department of Homeland Security and monitors cyber threats to critical U.S. infrastructure. The new directive set priorities involving China and protected local systems. He did not mention Russia.
Those familiar with the issue of speaking to the Guardian while anonymous, said the agency’s analysts were verbally notified that they would not follow or report the Russian threat, despite this previously the agency’s main focus.
The person said that the work being done “Russia-related” is actually “knix.”
“Russia and China are our biggest enemies. Many cybersecurity personnel have been fired because all the cuts are being made to various agencies. Our systems are not protected and our enemies know this,” the person said.
The person added: “People say Russia is winning. Putin is inside now.”
The New York Times separately reports that the Trump administration has reallocated CISA officials, which focused on protecting elections from cyberattacks and other attempts to disrupt the vote.
Another person involved in the US joint task force, which operates at a high classification level to track and fight cyber threats in Russia, said the development was “really shocking.”
“There is military work done every day with thousands of US government officials based on the huge threat that Russia poses as perhaps the most important national threat actor. Rather than decreasing the importance of China, Iran or North Korea, Russia is at least on the par with China as the most important cyber threat,” the person said.
The person added: “There are many Russian national support hacker teams dedicated to carrying out information theft with the goal of generating damage to the US government, infrastructure and commercial interests and maintaining permanent access to computer systems.”
Sign up for This week at Trumpland
A deep dive into the policies, controversy and eccentricity surrounding the Trump administration
Privacy Notice: Newsletters may contain information about charities, online advertising, and content funded by external parties. For more information, please refer to our Privacy Policy. We use Google Recaptcha to protect our website and the application of Google Privacy Policy and Terms of Use.
After the newsletter promotion
The CISA and the State Department did not respond to the Guardian’s request for comment.
This change is not entirely surprising given the Trump administration made its clear that it wanted an amendment with Moscow. Earlier this week at the United Nations, the United States voted with Russia for a resolution by the EU-Ukrainians that condemned Russia to announce the third anniversary of Russia’s invasion of Ukraine.
“The US has long been evaluating Russia, China and Iran as cyber threat leaders. It’s a bit of a shock to see US representatives completely erase Russia’s role in an international setting – in line with Russia and its satellites and satellites on the world stage,” said Scott Horton, an American lawyer who previously worked in Moscow and advised Russian human rights advocates.
The US has long warned that Russia has posed cyber threats to US infrastructure, including an annual threat assessment released by the US intelligence agency last year. The report said Russia has raised a “permanent global cyber threat” despite prioritizing cyber operations against Ukraine. The Moscow report concluded that “we view cyber turmoil as a diplomatic lever to shape decisions from other countries, and continually improve and adopt the ability to spy, influence and attack against a variety of targets.” Russia was able to target critical infrastructure and industrial regulatory systems in the US and its Allied and partner countries.
When he was still a Florida Senator, few lawmakers like Marco Rubio had spoken openly about the issue before. In 2020, Rubio, who now serves as Trump’s Secretary of State, chair of the Senate Intelligence Election Committee, said the US will retaliate against a massive, continuous cyberattack that violated businesses and federal agencies, including the Energy Agency’s National Nuclear Safety Agency. At the time, he said the attacks were “consistent with Russian cyber operations.”
However, there was no indication of such responsibility from Franz. Franz is currently reporting to Rubio at the State Department. The recent linguistic changes in the UN speech are not only notable for omitting Russia and Lockbit, but also for excluding mentions about Valentin Weber, a senior researcher at the German Council on diplomacy, as well as for excluding mentions about allies and partners.
“For a quarter of a century, Putin’s Russia has pushed an authoritarian agenda in UN cybersecurity negotiations, engaged in non-stop cyberattacks and information operations around the world, and the US and other democracies have retreated.” “But now, the Trump administration has abandoned the liberal international order… (and) the United States is no longer a global force seeking to maintain an open, rules-based international system. It is a greater force with narrower self-interests affected by China’s cyberattacks.”
Are there any hints in this story? Send us a message at +1 646 886 8761 signal
