The Record reports:

Defense Secretary Pete Hegseth last week ordered U.S. Cyber Command to stand down from all planning against Russia, including offensive digital actions, according to three people familiar with the matter.

Hegseth gave the instruction to Cyber Command chief Gen. Timothy Haugh, who then informed the organization’s outgoing director of operations, Marine Corps Maj. Gen. Ryan Heritage, of the new guidance, according to these people, who spoke on the condition of anonymity because of the matter’s sensitivity.

The order does not apply to the National Security Agency, which Haugh also leads, or its signals intelligence work targeting Russia, the sources said.

While the full scope of Hegseth’s directive to the command remains unclear, it is more evidence of the White House’s efforts to normalize ties with Moscow after the U.S. and international allies worked to isolate the Kremlin over its 2022 invasion of Ukraine. [Continue reading…]

The Guardian reports:

Liesyl Franz, deputy assistant secretary for international cybersecurity at the state department, said in a speech last week before a United Nations working group on cybersecurity that the US was concerned by threats perpetrated by some states but only named China and Iran, with no mention of Russia in her remarks. Franz also did not mention the Russia-based LockBit ransomware group, which the US has previously said is the most prolific ransomware group in the world and has been called out in UN forums in the past. The treasury last year said LockBit operates on a ransomeware-as-service model, in which the group licenses its ransomware software to criminals in exchange for a portion of the paid ransoms.

In contrast to Franz’s statement, representatives for US allies in the European Union and the UK focused their remarks on the threat posed by Moscow, with the UK pointing out that Russia was using offensive and malicious cyber-attacks against Ukraine alongside its illegal invasion.

“It’s incomprehensible to give a speech about threats in cyberspace and not mention Russia and it’s delusional to think this will turn Russia and the FSB [the Russian security agency] into our friends,” said James Lewis, a veteran cyber expert formerly of the Center for Strategic and International Studies think tank in Washington. “They hate the US and are still mad about losing the cold war. Pretending otherwise won’t change this.”

The US policy change has also been established behind closed doors.

A recent memo at the Cybersecurity and Infrastructure Security Agency (Cisa) set out new priorities for the agency, which is part of the Department of Homeland Security and monitors cyber threats against US critical infrastructure. The new directive set out priorities that included China and protecting local systems. It did not mention Russia. [Continue reading…]