Confusingly, the Pentagon has already denied what was previously confirmed – that the US Cyber Command is now at least temporarily pausing offensive cyber operations against Russia. An American intelligence veteran tells Cybernews this would be a grave mistake.
“The idea that the United States would stop defending themselves or stop making plans for offensive operations against a known adversary is ludicrous. It sounds like something that would be on The Onion,” AJ Nash told Cybernews.
“And yet now we're at a state where we have to wonder if this is a real thing, which tells us a lot about where we are as a country.”
Nash, an intelligence and security consultant who founded Unspoken Security last year, spent part of his long career at the US National Security Agency (NSA) and Cyber Command and is intimately familiar with the threats posed to America by foreign state-sponsored threat actors, including those associated with the Russian government.
Consequences can be severe
He freely admits he’s very concerned about the way President Donald Trump’s administration is going about normalizing ties between the US and Russia, including the alleged order from the Defense Secretary Pete Hegseth to Cyber Command to pause offensive operations against the Kremlin.
Last week, a report by The Record said that Hegseth had given such an order. This was then confirmed by sources of various reputable US media outlets and news agencies.
The unspoken suggestion was that the US was attempting to show goodwill towards Russia, America’s long-term adversary, as both countries are now speaking about how to end the war in Ukraine.
Soon after, though, the Department of Defense clarified the matter on its new Rapid Response account on X, saying that “there has been no stand-down order whatsoever from that priority.” But Nash is still confused as all these reports contradict each other.
TO BE CLEAR: @SecDef has neither canceled nor delayed any cyber operations directed against malicious Russian targets and there has been no stand-down order whatsoever from that priority. https://t.co/OxGK0aQXN1
undefined DOD Rapid Response (@DODResponse) March 4, 2025
“You're talking about one of three or four nations in the world that are the most significant cyber threats to the US. You're talking about a nation that's actively conducting cyber operations right now against the US and its allies,” Nash told Cybernews.
“I'm not sure any sort of a cyber détente is plausible because the Russians haven’t stopped doing anything.”
According to Nash, “It is not unusual for the Trump administration to float an idea that would be quite shocking and then see what happens.”
“One of two things can happen. Either people react so violently against it, and the reaction is sustained, so they decide not to do it, or people react but then calm down, and the administration goes, well, maybe we actually can do this,” said Nash.
Intelligence is a non-stop business, he adds: “Stopping operations, even temporarily, results in setbacks as adversaries maintain constant activity. Deliberately impeding or ceasing operations, whether established or potential, can have severe consequences.”
According to Nash, this could range from failing to observe and report on adversarial actions to missing crucial intelligence, potentially leading to catastrophic outcomes.
“I'm not sure any sort of a cyber détente is plausible because the Russians haven’t stopped doing anything,"
AJ Nash
“A Russian group was responsible for the Colonial Pipeline attack, Russians are currently going after Signal and Microsoft. It goes on and on, but then imagine that you stop seeing all of that. Naturally, you can't defend yourself against what's happening,” he said.
Furthermore, ceasing proactive or offensive operations eliminates the deterrent factor: “You may have spent years putting things together to be in position to do things to your adversary if needed. Now you no longer have that.”
Private sector won’t save us
What if there’s more, and the US is really no longer tracking Russia’s cyber capabilities at all? Could commercial cybersecurity entities fill the gap?
After all, Google, Microsoft, and other companies are constantly publishing reports about one or another Russia-related hacking collective or a ransomware gang. Smaller cybersecurity firms also employ loads of white-hat hackers.
To Nash, a couple of things come into play, and the most important one is that commercial companies cannot actually take action – if the federal government isn’t reacting, these firms “can report all they want.”
“If you’re screaming about people burning down houses in your neighborhood but you aren’t legally allowed to grab a hose and put out the fires, then all you’re doing is telling people what they already know,” said Nash.
“The second issue is the domino effect. Of course, this is hypothetical but if the US aligns with Russia and steps away from what America has so far been like, I think we will see the US government putting pressure on private organizations that oppose Russia.”
That’s why Nash thinks it’s particularly dangerous that the big tech CEOs have now become “awfully” friendly with Trump. In a way, that’s natural, he said, because the powerful corporations don’t want to be crushed.
“But they could just quietly stop publishing these reports about Russian hacking. We’d never get the national news saying they were ordered to stop doing it but it just won’t be something they do anymore,” Nash told Cybernews.
“So I think the private sector would only be a temporary bulwark. It would crumble under the weight of the US government under Trump.”
He just finds it incredible that Trump “consistently says things that are documented to be untrue, even though some things are still facts – for instance, it’s a fact that Russia invaded Ukraine.”
“To somebody who grew up in intelligence, it's incredibly frustrating, frightening, and irritating,” said Nash.
Your email address will not be published. Required fields are markedmarked