US suspends offensive cyber operations against Russia

In a move raising concerns about potential vulnerabilities, the United States has reportedly suspended operations and planning for offensive cyber operations targeting Russia. This decision, revealed by a senior U.S. official to CNN, has sparked debate within national security circles, particularly given the backdrop of ongoing tensions and Russia's established cyber capabilities.
The U.S. official characterized the suspension as "a major blow," emphasizing that the complex nature of planning and executing such operations requires significant time and resources. The core worry is that halting these offensive preparations could leave the U.S. more exposed to cyberattacks from Moscow, which is known to possess a sophisticated network of hackers capable of disrupting critical U.S. infrastructure and pilfering sensitive intelligence.
This pause in operations and planning originates from U.S. Cyber Command, the military's unified offensive and defensive cyber unit. The decision aligns with what appears to be a broader effort by the Trump administration to seek a détente with Russia, even amidst the ongoing conflict in Ukraine, which began three years ago. Adding another layer of complexity to the situation, President Donald Trump and Vice President JD Vance reportedly rebuked Ukrainian President Volodymyr Zelensky in the Oval Office on Friday, introducing uncertainty into the U.S.-Ukraine relationship.
When reached for comment, a senior defense official offered a cautious response: "Due to operational security concerns, we do not comment nor discuss cyber intelligence, plans, or operations. There is no greater priority to Secretary Hegseth than the safety of the warfighter in all operations, to include the cyber domain." The statement notably referred to Defense Secretary Pete Hegseth.
The initial report regarding Cyber Command's suspension of planning came from The Record. Jason Kikta, a former Cyber Command official, provided insights into the situation, telling CNN, "It is not uncommon for the Pentagon to pause actions which are potentially destabilizing or provocative for negotiations, including cyber-effects operations. But if a planning pause was also directed, that could cause offensive options to become stale and therefore nonviable."
Kikta further elaborated on the potential risks: "Any extended period without checking on access and updating planning, risks losing that access or missing a critical change." However, he also clarified that he was not personally aware of any changes in the status of Cyber Command operations.
Current and former U.S. officials acknowledge that Russia and the U.S. are continuously engaged in a state of confrontation within cyberspace. The Kremlin views cyberspace as a domain where it can gain an asymmetric advantage over the U.S., with the ability to infiltrate critical infrastructure and potentially influence U.S. elections. In response, American military and intelligence hackers have increasingly targeted Russian cybercriminals and intelligence operatives in recent years.
Since 2016, when Russia interfered in the U.S. election through the use of bots, trolls, and hackers to favor Trump, U.S. officials assert that Moscow has replicated this approach in subsequent U.S. presidential elections.
Cyber Command was established over a decade ago to address threats emanating from Russia and other foreign adversaries. Since its inception, the command has evolved significantly, now comprising a force of several thousand computer specialists responsible for conducting both offensive and defensive missions. Operating from Fort Meade, Maryland, alongside the National Security Agency, Cyber Command has increasingly become a tool for projecting U.S. power.
The command has also deployed specialists to allied nations worldwide to assist in defending against cybercriminals and spies. This included a deployment to Ukraine in December 2021, preceding Russia's full-scale invasion, to bolster Kyiv's defenses against anticipated Russian cyberattacks. Months after the invasion, Cyber Command confirmed its active involvement in aiding Ukraine through cyber operations.
Despite the shifts in planning at Cyber Command, another key federal cybersecurity agency has stated that it is maintaining its current posture. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the primary civilian agency tasked with safeguarding federal networks from cyberattacks, affirmed on X (formerly Twitter) that its mission remains to "defend against all cyber threats to U.S. Critical Infrastructure, including from Russia."
"There has been no change in our posture," the agency emphasized, seemingly responding to media reports suggesting a shift in focus away from Russian threats. "Any reporting to the contrary is fake and undermines our national security."