DHS says CISA will not stop monitoring Russian cyber threats

The US Cybersecurity and Infrastructure Security Agency says that media reports about it being directed to no longer follow or report on Russian cyber activity are untrue, and its mission remains unchanged.

“CISA’s mission is to defend against all cyber threats to U.S. Critical Infrastructure, including from Russia,” the US cyber agency posted to X.

“There has been no change in our posture. Any reporting to the contrary is fake and undermines our national security.”

This comes after The Guardian reported on Saturday that the Trump administration no longer sees Russia as a cyber threat against US critical infrastructure and its interests.

According to the report, a new memo at CISA directs the agency to prioritize China and protecting local systems and does not mention Russia. The Guardian further reports that CISA analysts were verbally told not to follow or report on Russia’s cyber activity.

CISA is a U.S. government agency responsible for protecting critical infrastructure, including election infrastructure, from cyber and physical threats. The agency monitors and mitigates cyber threats from foreign adversaries, including Russia, by sharing threat intelligence, coordinating incident response, and working with government and private organizations to strengthen national cybersecurity defenses.

In response to questions about the Guardian’s story, Tricia McLaughlin, Assistant Secretary for Public Affairs, U.S. Department of Homeland Security, told BleepingComputer that the memo is fake and that CISA will continue to address cyber threats from Russia.

“This is garbage. The Guardian’s entire story is based on an alleged memo that the Trump Administration never issued and the Guardian refuses to let us see or provide the date of said memo,” McLaughlin told BleepingComputer.

“CISA remains committed to addressing all cyber threats to US Critical Infrastructure, including from Russia. There has been no change in its posture or priority on this front.”

TheRecord also reported on Friday that Defense Secretary Pete Hegseth ordered Cyber Command to stand down from any planned offensive operations targeting Russia.

This was further confirmed by The New York Times and The Washington Post on Saturday, with sources stating this shift in posture is only meant to last during the ongoing negotiations to stop Russia’s invasion of Ukraine.

A senior defense official shared the following statement when contacted about the shift in Cyber Command’s directives.

“Due to operational security concerns, we do not comment nor discuss cyber intelligence, plans, or operations,” shared the defense official.

“There is no greater priority to Secretary Hegseth than the safety of the Warfighter in all operations, to include the cyber domain.”