US cyber security: capitulation to Russia or a sign for negotiations?

Media reports about new orders from the US Secretary of Defense caused an uproar in the security scene at the weekend. According to media reports, US Secretary of Defense Pete Hegseth, who is in charge of both the conventional and cyber forces of the United States, had imposed a moratorium on all operations directed against Russia in cyberspace. This was reported by the New York Times, among others, citing anonymous sources.

Anzeige

The Record first reported that Hegseth had ordered General Timothy Haugh, who is responsible for the US Cyber Command, to suspend all planning against Russia until further notice. The foreign intelligence service National Security Agency (NSA), which also reports to Haugh, is exempt from the order. It also remained unclear whether the moratorium related exclusively to offensive cyber operations or whether espionage and defense against Russian reconnaissance were also affected.

A speech by US representative Liesyl Franz to a UN working group on cyber security on February 17, 2025 already indicated that the US IT security strategy would focus less on Russia and more on other adversary states in the future. Although Franz mentioned China and Iran several times, unlike her British colleague, she left Russia completely unmentioned. Even her detailed description of ransomware attacks on US healthcare facilities did not mention the country of origin of most ransomware programs.

Horrified experts, relaxed Russians

The Guardian vehemently denied a report that the US cybersecurity agency CISA would now also have to scale back its fight against Russian disinformation and cyberattacks: according to the agency, there has been no change in CISA priorities. A high-ranking representative of the Department for Homeland Security (DHS) also contradicted the Guardian’s account – saying it was “garbage”, according to Patricia McLaughlin on X. The internal memo for CISA employees cited by the Guardian was not from the Trump administration.

On social media, the order was the most discussed weekend topic of the IT security bubble, which was not stingy with striking judgments such as “cybercapitulation”. Security journalist Brian Krebs joked in Fediverse about a “zero-day vulnerability called CVE-2025-TRUMP” – Further reactions from the IT security industry to the moratorium on cyber warfare varied between disbelief, horror and anger. Democratic Senator Chuck Schumer told the New York Times that he feared Russian actors now had a free pass to launch cyberattacks and ransomware attacks against American infrastructure.

Other reactions to the revelation were more moderate. Charlie Moore, former deputy commander of the US cyber forces, was cautious in his assessment of the incident. In his career, he had often experienced such incidents. “It’s quite common to pause anything that could potentially derail peace talks,” Moore told the Washington Post.

So instead of a cyber capitulation, it could also be a sign of goodwill towards Moscow so as not to jeopardize peace talks between Russia and Ukraine – and possibly support the resumption of economic relations between Russia and the US.

Kremlin spokesman Dmitry Peskov welcomed the apparent efforts at détente in a statement to Russian state television. “The new [US] government is rapidly changing all the cornerstones of its foreign policy. This is largely in line with our ideas,” Peskov said, although he did not explicitly refer to the Hegseth order.

Future direction unclear

Russian security expert Oleg Shakirov, operator of an information service on cyber security, sees the moratorium as a renunciation of offensive cyber operations, which would not take place anyway. He is skeptical of the official Russian doctrine that the US cyber command supports pro-Ukrainian activists, for example. In addition, Russian intelligence services have not provided any concrete examples of US cyber attacks against Russian infrastructure in recent years, Shakirov said in his analysis. It is therefore difficult to say what effect Defense Minister Hegseth’s order will have in practice.

Whether the alleged order from the Department of Defense heralds a turnaround in the US assessment of the threat situation from Russia remains unclear for now. However, there are already cautious signs of rapprochement elsewhere. As Kommersant reports, the Russian Ministry of Economic Development is already planning to send a delegation to the “GovTech and Public Sector Innovation Global Forum”, which will focus on the digitalization of public administration in Washington DC at the end of May 2025. The event is being organized by the World Bank.

(cku)