The US government’s cybersecurity agency CISA says there is no change to its stance detecting and disrupting Russian APTs , even as a recent directive from the Trump administration pauses offensive cyber operations against Russia amid high-stakes negotiations.
“There has been no change in our posture. Any reporting to the contrary is fake and undermines our national security,” the agency said in a post on the X social media platform.
The public clarification follows reports that Defense Secretary Pete Hegseth has directed a temporary halt to cyber and information operations against Moscow, a decision intended to keep negotiations on the Russia/Ukraine war on track.
“CISA’s mission is to defend against all cyber threats to U.S. Critical Infrastructure, including from Russia,” the agency declared, an apparent response to reports that the Hegseth stand-down order included the agency’s monitoring and thwarting of Russia’s malware campaigns.
According to a Washington Post report, the offensive operations pause is designed to prevent any cyber actions from undermining ongoing dialogue aimed at resolving the conflict in Ukraine.
The decision to pause offensive actions has sparked a debate in both political and cybersecurity circles with the temporary halt is seen as a necessary risk to foster negotiations; on the other, it potentially leaves American critical infrastructure exposed at a time when cyberattacks from nation-state actors have become more brazen.
On the CISA website, the agency keeps a close eye of APTs linked to the Kremlin and curates a list of advisories and alerts on Russia-linked malware operations. The agency has also partnered with law enforcement and allies on exposing and disrupting campaigns attributed to Russia’s FSB and SVR intelligence services.
The agency is currently in the midst of a leadership change following the departure of director Jen Easterley.
The US government has also warned that Russian authorities turn a blind eye to ransomware criminals launching crippling data-encryption attacks against critical infrastructure, hospitals and large enterprises.
Related: CISA Issues Warning for Russian ‘Star Blizzard’ APT Spear-Phishing Operation
Related: Senators Ask DHS About Efforts to Protect US Against Russian Cyberattacks
Related: CISA Again Warns U.S. Organizations of Potential Russian Cyberattacks
Related: CISA, FBI Issue Warnings on WhisperGate, HermeticWiper Attacks