The United States has suspended its offensive cyber operations against Russia, according to reports, in a move aimed at granting Moscow concessions to end the ongoing war in Ukraine. The decision, authorized by US Defense Secretary Pete Hegseth, affects operations carried out by US Cyber Command, a division of the Department of Defense focused on hacking and operations in cyberspace.

The reported order does not apply to espionage operations conducted by the National Security Agency (NSA). The news was confirmed by The New York Times and The Washington Post, citing sources familiar with the matter. The instruction was handed down before Friday's Oval Office meeting between US President Donald Trump, Vice President JD Vance, and Ukrainian President Volodymyr Zelensky.

The move is seen as part of a broader effort to draw Russian President Vladimir Putin into talks about the country's ongoing war in Ukraine. However, the decision has raised concerns about the US's cybersecurity posture, particularly given the country's history of cyberattacks against the US. The US intelligence community has repeatedly warned about the "enduring cyber threat" posed by Russia, citing the country's Foreign Intelligence Service (SVR) as a major threat to US government agencies and critical infrastructure.

Furthermore, the Trump administration has reportedly signaled that it no longer views Russian hackers as a cybersecurity threat, ordering the US cybersecurity agency CISA (Cybersecurity and Infrastructure Security Agency) to no longer report on Russian threats. According to The Guardian, a recent memo set out new priorities for CISA, including threats faced by China and protecting local systems, but omitted any mention of Russia. CISA employees were reportedly informed verbally that they were to pause any work on Russian cyber threats.

However, the Department of Homeland Security, which oversees CISA, denied the report in a statement to TechCrunch. Tricia McLaughlin, assistant secretary of Homeland Security, said the memo did not come from the Trump administration, and that "CISA remains committed to addressing all cyber threats to US critical infrastructure, including from Russia." McLaughlin emphasized that "there has been no change in our posture or priority on this front."

The reported shift in US policy towards Russia comes just months after the US intelligence community warned about the country's ongoing cyber threats. Over the past few years, the US government has taken action against Russian cybercriminals, disrupting the infrastructure of Russia-linked ransomware groups, reclaiming millions in ransom payments, and targeting notorious Russian hackers with indictments and sanctions.

The implications of this decision are far-reaching, with many experts warning that it could embolden Russian hackers and undermine the US's cybersecurity efforts. As the US continues to navigate the complex geopolitical landscape, it remains to be seen how this decision will impact the country's cybersecurity posture and its relationships with Russia and Ukraine.