Did the Trump Administration Minimize Russian Cyber Threats? ⇥ zetter-zeroday.com
Stephanie Kirchgaessner, the Guardian:
A recent memo at the Cybersecurity and Infrastructure Security Agency (Cisa) set out new priorities for the agency, which is part of the Department of Homeland Security and monitors cyber threats against US critical infrastructure. The new directive set out priorities that included China and protecting local systems. It did not mention Russia.
Martin Matishak, the Record:
Defense Secretary Pete Hegseth last week ordered U.S. Cyber Command to stand down from all planning against Russia, including offensive digital actions, according to three people familiar with the matter.
Taken together, the two stories raised alarms that the policy changes would have a drastic impact on U.S. national security and make the country more vulnerable to cyberattacks from Vladimir Putin’s hackers. The Record noted that the order to Cyber Command provided “evidence of the White House’s efforts to normalize ties with Moscow,” and the Guardian quoted a source who said that the change at CISA represented a win for Russia. “Putin is on the inside now,” the source told the Guardian.
Although a number of people on social media seem to believe The Record story corroborates The Guardian story (I won’t call anyone out here), the two stories are reporting different things and are based on different sources.
[…]
I’ll first parse what the two stories said and didn’t say and then look at what has changed since they published.
We all know that reporting during a breaking news cycle is going to contain inaccuracies. When it is the policy of the U.S. government to set in motion a series of these cycles on a seemingly daily basis, it is difficult to get a handle on anything. I appreciate Zetter’s more careful reading and verification with her sources. If you want a better idea of what is — and is not — known about the U.S. cybersecurity posture regarding Russia, her analysis is the one to read.