The Trump administration has made a surprising and alarming change in its policy towards Russia's cyber threats.
Despite longstanding intelligence assessments, the administration has publicly and privately signaled that it no longer considers Russia a significant cyber threat to US national security or critical infrastructure.
A Departure from Established Intelligence
This radical shift in policy has raised concerns among experts, who warn that it could leave the US vulnerable to hacking attacks by Russia.
The change appears to be a reflection of the warming relationship between Donald Trump and Russian President Vladimir Putin. Two recent incidents have highlighted the US's new stance on Russia's cyber threat.
Liesyl Franz, a deputy assistant secretary at the State Department, failed to mention Russia in a speech about cybersecurity threats, instead focusing on China and Iran.
Ignoring the Elephant in the Room
Franz's omission of Russia was striking, given the country's history of cyber attacks against the US and its allies. The US has previously identified the Russia-based LockBit ransomware group as a major threat, but Franz didn't mention it in her speech.
This lack of acknowledgment has raised eyebrows among experts, who warn that downplaying Russia's cyber threat could have serious consequences.
Experts Weigh In: A "Delusional" Move
James Lewis, a veteran cyber expert, called the Trump administration's move "incomprehensible" and "delusional". He warned that pretending Russia is not a cyber threat won't change the fact that the country is a major adversary of the US.
Another expert, Scott Horton, noted that the US has long assessed Russia, China, and Iran as leaders in cyber threats, making it shocking to see Russia erased from the picture.
Behind-the-Scenes Changes
The policy shift isn't just limited to public statements. A recent memo at the Cybersecurity and Infrastructure Security Agency (Cisa) set out new priorities that didn't include Russia.
Analysts at the agency were reportedly told not to follow or report on Russian threats, despite the country's history of cyber attacks. This change has left many in the cybersecurity community stunned and concerned.
A Betrayal of US Interests?
One person familiar with the matter said that work on Russian-related threats was effectively "nixed", leaving the US vulnerable to attacks. The person warned that Russia and China are the US's biggest adversaries, and that ignoring Russia's cyber threat is a mistake.
Another expert noted that there are dozens of Russian state-sponsored hacker teams dedicated to causing damage to US government, infrastructure, and commercial interests.
A Change in Tone from the Trump Administration
The Trump administration's change in tone on Russia's cyber threat is not entirely surprising, given its efforts to make amends with Moscow.
However, the move has been met with criticism from experts and lawmakers, who warn that it could have serious consequences for US national security.
As one expert noted, the US is no longer a global power trying to maintain an open and rules-based international system; instead, it's just a great power with narrower self-interests that happen to be impacted by China's cyber attacks.
What's Next?
The implications of the Trump administration's policy shift on Russia's cyber threat are still unclear. However, one thing is certain: the US needs to take a strong stance against cyber threats from all countries, including Russia.
By downplaying Russia's cyber threat, the US may be leaving itself vulnerable to attacks and undermining its national security.
