CISA Refutes Claims of Order to Stop Monitoring Russian Cyber Threats

It's been a confusing few days in the world of American cybersecurity, with reports emerging that the Trump administration had allegedly ordered the US Cybersecurity and Infrastructure Security Agency (CISA) to pause its monitoring of Russian cyber threats. The news sent shockwaves through the industry, with many experts expressing concern over the potential implications for national security.

The reports, which were widely picked up by major news outlets including The Guardian, the New York Times, Washington Post, and The Record, claimed that staff at CISA had been given instructions to turn a blind eye to hacks directed against the United States that might be linked to Russia. However, an article from The Guardian detailing what it described as "a retreat in the fight against Russian cyber threats" has now been refuted by CISA.

CISA took to Twitter to dismiss the claims, stating that media reports of it being ordered to no longer follow or report on Russian cyber threats were "fake" and that there had been "no change" in its mission to defend against all cyber threats to U.S. Critical Infrastructure, including from Russia.

The Disbanding of the Cyber Safety Review Board

However, another development has raised concerns over CISA's ability to effectively respond to cyber threats. The US Department of Homeland Security has dismantled the Cyber Safety Review Board (CSRB), an advisory committee that has played a crucial role in probing major cybersecurity incidents.

The CSRB has been involved in some high-profile investigations, including the Log4J vulnerability, the Lapsus$ hacking gang, and the hack of Microsoft Exchange Online in 2023. The disbanding of the board would appear to be bad news for its current inquiry into Salt Typhoon, a Chinese-linked hacking group that has attacked multiple major US telecoms companies and even the US Treasury.

The Challenges Ahead

Whether or not CISA was indeed ordered to turn a blind eye to Russia's hacking activities is unclear. However, it's clear that the agency will face significant challenges in its mission to defend critical US infrastructure if it continues to be weakened.

Last month, at least 130 employees were fired from CISA - reportedly including staff focused on securing US elections and fighting state-sponsored misinformation campaigns. The implications of this move are still being felt, and it remains to be seen how CISA will adapt to its new challenges.