U.S. Cyber Command Ordered to Halt Planning Against Russia

WASHINGTON — Defense Secretary Pete Hegseth last week ordered U.S. Cyber Command to cease all planning against Russia, including offensive digital actions, according to three individuals familiar with the situation.

The directive was communicated to Cyber Command chief Gen. Timothy Haugh, who then informed Marine Corps Maj. Gen. Ryan Heritage, the outgoing director of operations. The sources, who spoke on the condition of anonymity due to the sensitive nature of the topic, indicated that the order does not extend to the National Security Agency or its signals intelligence operations targeting Russia.

Although the full scope of Hegseth’s instruction remains unclear, it signals a significant shift in the White House’s approach toward Moscow, as efforts have intensified to normalize relations after Russia’s 2022 invasion of Ukraine. This directive follows a pattern of statements from former President Donald Trump that appeared to align him with Russian President Vladimir Putin, including controversial remarks blaming Ukraine for the conflict.

Trump recently met with Ukrainian President Volodymyr Zelensky in Washington to sign a deal providing the U.S. access to Ukraine’s mineral resources. Reports suggest that the agreement comes amid tensions, with the two leaders having an intense exchange during the meeting.

The duration of Hegseth’s order is unknown; however, it has been conveyed to Cyber Command that the guidance will remain in effect for the foreseeable future. Heritage, who may retire soon, is responsible for coordinating communication regarding the halt of operations, which includes advising relevant teams to pause their activities.

As a response to the new guidance, Cyber Command is reportedly compiling a “risk assessment” for Hegseth. This report will detail what ongoing missions have been suspended and identify potential threats posed by Russia.

The impact of Hegseth’s order on the command’s personnel is uncertain. If it affects only the digital warriors focused on Russia, hundreds may be impacted; these include members of the 2,000-strong offensive and defensive cyber teams. Current estimates indicate that approximately 25% of the offensive units prioritize operations against Russia.

However, if the directive applies to broader areas such as intelligence and analysis, the number of personnel affected could expand significantly. Cyber Command employs between 2,000 and 3,000 employees and shares its campus with NSA personnel at Fort Meade, Maryland.

This directive arrives as Cyber Command grapples with resource challenges, notably efforts to confront Mexican drug cartels. The administration has emphasized targeting cartel figures to curb the influx of drugs across the border.

A spokesperson for Cyber Command referred media inquiries to the Pentagon. A senior Defense official stated, “Due to operational security concerns, we do not comment nor discuss cyber intelligence, plans, or operations. There is no greater priority to Secretary Hegseth than the safety of the Warfighter in all operations, including within the cyber domain.”

The stand-down order could undercut several high-profile missions against digital threats from Russia, hindering previous U.S. efforts to bolster cybersecurity in Ukraine prior to the invasion. The command deployed “hunt forward” teams to Kyiv to enhance its defenses and has maintained vigilance regarding Russian digital capabilities.

Russia has emerged as a hub for cybercrime, with state-sponsored and criminal ransomware actors targeting organizations worldwide. Cyber Command plays a critical role in countering these malicious activities.

The halt in offensive operations could expose both public and private sector entities in the U.S. and globally to increased risk if Cyber Command is unable to monitor Russian intelligence and military sectors, known for employing notorious hacking groups.

Last year, Microsoft reported that Russia’s Foreign Intelligence Service (SVR) had compromised organizations in numerous countries to access their systems.

The news of Hegseth’s directive has raised immediate concerns among policy experts and political analysts, who fear it signals a concerning shift in U.S. foreign policy regarding adversarial powers.