**

Trump Administration Turns to Private Firms in Cyber Offensive

The White House is preparing to unveil a new national cyber strategy that would enlist private companies to help mount aggressive cyberattacks against foreign adversaries, a move that could expand the scope of electronic warfare and create lucrative business opportunities for firms with expertise in offensive cybersecurity.

A draft of the strategy, obtained by Bloomberg News, outlines plans to tap into the capabilities of private businesses to counter hacking groups sponsored by foreign governments or engaged in ransomware attacks on critical infrastructure and telecommunications networks. The move is seen as a significant shift from traditional defensive strategies, where intelligence agencies and the military have taken the lead in cyber warfare.

The administration's decision to involve private companies reflects a growing recognition within the intelligence community that the US needs more capacity to counter hostile hacking groups, which often receive state support. By partnering with private firms, the government aims to expand its cyber warfare resources and free up intelligence agencies and the military to focus on work that only they can handle.

Details on how the administration plans to utilize private companies in offensive cyber operations remain scarce. However, a spokesperson for the Office of the National Cyber Director confirmed that the White House is committed to cybersecurity for Americans and US infrastructure, networks, and information.

The draft strategy also calls for streamlining data security regulations, modernizing federal systems, securing critical infrastructure, promoting adoption of post-quantum cryptography and secure quantum computing. The White House has invited industry officials to provide feedback on the draft, which could still change before its release in coming weeks.

Legislation may be required to support the administration's plans, as there is currently no legal basis for private firms to conduct their own offensive cyber operations. This raises concerns about potential risks and liabilities for companies involved in such activities, including the possibility of being targeted by foreign government entities whose intelligence services often use affiliates to carry out cyberattacks.

Despite these challenges, many cybersecurity firms known for defensive operations could easily adapt their expertise and technology to launch attacks. However, this would come with significant financial and legal risks, potentially deterring customers and investors alike, according to Michael Janke, co-founder of Datatribe, a tech foundry for cyber startups.

"That gray area provides a lot for both government and commercial to flow within," Janke said. "Once you shrink that to legislation, you may not have that gray area."

**

A $1 Billion Boost for Offensive Cyber Operations

The Trump administration has already signaled its commitment to taking more aggressive action against hacking groups through a provision in the multi-trillion-dollar tax and spending law. This provision allocates a $1 billion boost for offensive cyber operations, which have typically been conducted by the military's Cyber Command or intelligence agencies.

While this allocation does not prescribe how the money should be spent, its inclusion in Trump's cornerstone bill underscores the administration's emphasis on expanding US capabilities to counter hostile hacking groups.

**

A New Era of Cyber Warfare?

The potential shift towards involving private companies in offensive cyber operations raises questions about the future of electronic warfare and the role of industry players in this realm. As the White House moves forward with its plans, cybersecurity firms will need to carefully consider the financial and legal implications of participating in such activities.

The draft strategy's call for streamlining regulations and modernizing federal systems also suggests a broader effort to address weaknesses in US cyber defenses. This could lead to new opportunities for private companies to contribute to improving national security through more proactive approaches to cybersecurity.