The United States Cyber Command has reportedly paused its offensives against Russia, as US President Donald Trump’s administration attempts to shift its relations with Russian President Vladimir Putin while diplomats push to end the invasion of Ukraine.
According to US publication The Record, the directive reportedly came in late February from Trump’s Defence Secretary Pete Hegseth, a former Army National Guard officer and television presenter.
The supposedly secret order reportedly did not apply to the US National Security Agency (NSA), which carries out intelligence monitoring.
The changes — which if legitimate would mark a major shift in the treatment of a key US adversary — reportedly took place before Friday’s heated White House exchange between US President Donald Trump and Ukrainian President Volodymyr Zelenskyy.
Trump has softened America’s position towards Russia since returning to office in January, allegedly with the goal of ending Russia’s three-year invasion of Ukraine while attempting to secure a critical minerals deal with Zelenskyy.
Friday’s discussions ended early with no minerals deal signed, after Trump and his Vice President JD Vance scolded Zelenskyy for what they saw as a lack of thanks for their nation’s help with Russia.
Trump has recently appeared to align himself with Putin’s false claim that Ukraine started the war, and has also falsely accused Zelenskyy of being a dictator.
Writing on his Truth Social platform on Monday, Trump said, “We should spend less time worrying about Putin, and more time worrying about migrant rape gangs, drug lords, murderers, and people from mental institutions entering our Country - So that we don’t end up like Europe!”
Trump also paused all military aid to Ukraine on Tuesday.
The reasons for Hegseth's supposed cyber directive and how long it might last have not been revealed, but multiple unnamed US officials have reportedly confirmed the changes with The Record and other US media.
A senior US defence official reportedly told local reporters, "Due to operational security concerns, we do not comment nor discuss cyber intelligence, plans, or operations.
“There is no greater priority to Secretary Hegseth than the safety of the warfighter in all operations, to include the cyber domain."
Ukrainian President Volodymyr Zelenskyy (left) and US President Donald Trump (right) held a heated meeting on Friday. Photo: The White House / YouTube
An ‘act of self-sabotage'?
Russia has been a major cyber adversary of the US and Australia for decades, and has been linked to cyberwarfare and election interference efforts.
Matthew Sussex, an Associate Professor at the Australian National University, described Hegseth’s purported direction to the US Cyber Command as “a breathtaking act of self-sabotage".
Any relaxation of US Cyber Command’s posture against Russia was also expected to have an impact on Ukraine’s digital defences.
Senior US Democrat and Senate minority leader Chuck Schumer said a pausing of cyber offences against Russia was "a critical strategic mistake".
Trump appeared to be giving Putin "a free pass as Russia continues to launch cyberoperations and ransomware attacks against critical American infrastructure", he argued in a statement.
Some senior Republicans have reportedly said they were not aware of any changes to US cyber posture and questioned some publications’ reporting on the issue.
Australia's Defence Minister Richard Marles (left) met with US Defence Secretary Pete Hegseth (right) in February. Photo: Richard Marles / Facebook
Australia bans Russian software, sanctions alleged cybercriminals
Reports of the US relaxing its cyber posture against Russia come after the Australian government banned Russian-made Kaspersky antivirus software from its systems last month, citing espionage and foreign interference concerns.
The move followed the banning of the software from the US private sector last year, and from US government departments back in 2017.
February also saw Australia impose new cyber sanctions against a hosting platform and five Russian individuals who were allegedly behind the 2022 Medibank data breach, which affected almost 10 million Australians.
The Russian government is believed to have close ties to numerous Russian-based hacking groups.
Last year, an Australian army IT worker and her husband were also arrested and charged after allegedly obtaining sensitive national security information and planning to share it with Russian authorities.
