GeoPolitics - Nocturnalknight's Lair

Trump and Cyber Security: Did He Make Us Safer From Russia?

By Ramkumar Sundarakalatharan | March 7, 2025 | Comments 0 Comment

U.S. Cyber Warfare Strategy Reassessed: The Risks of Ending Offensive Operations Against Russia

Introduction: A Cybersecurity Gamble or a Diplomatic Reset?

Imagine a world where cyber warfare is not just the premise of a Bond movie or an episode of Mission Impossible, but a tangible and strategic tool in global power struggles. For the past quarter-century, cyber warfare has been a key piece on the geopolitical chessboard, with nations engaging in a digital cold war—where security agencies and military forces participate in a cyber equivalent of Mutually Assured Destruction (GovInfoSecurity). From hoarding zero-day vulnerabilities to engineering precision-targeted malware like Stuxnet, offensive cyber operations have shaped modern defence strategies (Loyola University Chicago).

Now, in a significant shift, the incoming Trump administration has announced a halt to offensive cyber operations against Russia, redirecting its focus toward China and Iran—noticeably omitting North Korea (BBC News). This recalibration has sparked concerns over its long-term implications, including the cessation of military aid to Ukraine, disruptions in intelligence sharing, and the broader impact on global cybersecurity stability. Is this a calculated move towards diplomatic realignment, or does it create a strategic void that adversaries could exploit? This article critically examines the motivations behind the policy shift, its potential repercussions, and its implications within the frameworks of international relations, cybersecurity strategy, and global power dynamics.

Russian Cyber Warfare: A Persistent and Evolving Threat

1.1 Russia’s Strategic Cyber Playbook

Russia has seamlessly integrated cyber warfare into its broader military and intelligence strategy, leveraging it as an instrument of power projection. Their approach is built on three key pillars:

Persistent Engagement: Russian cyber doctrine emphasises continuous infiltration of adversary networks to gather intelligence and disrupt critical infrastructure (Huskaj, 2023).
Hybrid Warfare: Cyber operations are often combined with traditional military tactics, as seen in Ukraine and Georgia (Chichulin & Kopylov, 2024).
Psychological and Political Manipulation: The use of cyber disinformation campaigns has been instrumental in shaping political narratives globally (Rashid, Khan, & Azim, 2021).

1.2 Case Studies: The Russian Cyber Playbook in Action

Several high-profile attacks illustrate the sophistication of Russian cyber operations:

The SolarWinds Compromise (2020-2021): This breach, attributed to Russian intelligence, infiltrated multiple U.S. government agencies and Fortune 500 companies, highlighting vulnerabilities in software supply chains (Vaughan-Nichols, 2021).
Ukraine’s Power Grid Attacks (2015-2017): Russian hackers used malware such as BlackEnergy and Industroyer to disrupt Ukraine’s energy infrastructure, showcasing the potential for cyber-induced kinetic effects (Guchua & Zedelashvili, 2023).
Election Interference (2016 & 2020): Russian hacking groups Fancy Bear and Cozy Bear engaged in data breaches and disinformation campaigns, altering political dynamics in multiple democracies (Jamieson, 2018).

These attacks exemplify how cyber warfare has been weaponised as a tool of statecraft, reinforcing Russia’s broader geopolitical ambitions.

The Trump Administration’s Pivot: From Russia to China and Iran

2.1 Reframing the Cyber Threat Landscape

The administration’s new strategy became evident when Liesyl Franz, the U.S. Deputy Assistant Secretary for International Cybersecurity, conspicuously omitted Russia from a key United Nations briefing on cyber threats, instead highlighting concerns about China and Iran (The Guardian, 2025). This omission marked a clear departure from previous policies that identified Russian cyber operations as a primary national security threat.

Similarly, the Cybersecurity and Infrastructure Security Agency (CISA) has internally shifted resources toward countering Chinese cyber espionage and Iranian state-sponsored cyberattacks, despite ongoing threats from Russian groups (CNN, 2025). This strategic reprioritisation raises questions about the nature of cyber threats and whether the U.S. may be underestimating the persistent risk posed by Russian cyber actors.

2.2 The Suspension of Offensive Cyber Operations

Perhaps the most controversial decision in this policy shift is U.S. Defence Secretary Pete Hegseth’s directive to halt all offensive cyber operations against Russia (ABC News).

3. Policy Implications: Weighing the Perspectives

3.1 Statement of Facts

The decision to halt offensive cyber operations against Russia represents a significant shift in U.S. cybersecurity policy. The official rationale behind the move is a strategic pivot towards addressing cyber threats from China and Iran while reassessing the cyber engagement framework with Russia.

3.2 Perceived Detrimental Effects

Critics argue that reducing cyber engagement with Russia may embolden its intelligence agencies and cybercrime syndicates. The Cold War’s history demonstrates that strategic de-escalation, when perceived as a sign of weakness, can lead to increased adversarial aggression. For instance, the 1979 Soviet invasion of Afghanistan followed a period of perceived Western détente (GovInfoSecurity). Similarly, experts warn that easing cyber pressure on Russia may enable it to intensify hybrid warfare tactics, including disinformation campaigns and cyber-espionage.

3.3 Perceived Advantages

Proponents of the policy compare it to Boris Yeltsin’s 1994 decision to detarget Russian nuclear missiles from U.S. cities, which symbolised de-escalation without dismantlement (Greensboro News & Record). Advocates argue that this temporary halt on cyber operations against Russia could lay the groundwork for cyber diplomacy and agreements similar to Cold War-era arms control treaties, reducing the risk of uncontrolled cyber escalation.

3.4 Overall Analysis

The Trump administration’s policy shift represents a calculated risk. While it opens potential diplomatic pathways, it also carries inherent risks of creating a security vacuum. Drawing lessons from Cold War diplomacy, effective deterrence must balance engagement with strategic restraint. Whether this policy fosters improved international cyber norms or leads to unintended escalation will depend on future geopolitical developments and Russia’s response.

References & Further Reading

ABC News (2025) Hegseth orders suspension of Pentagon’s offensive cyber operations against Russia. Available at: https://abcnews.go.com/Politics/wireStory/hegseth-orders-suspension-pentagons-offensive-cyberoperations-russia-119408032 (Accessed: 3 March 2025).
BBC News (2025) Understanding the U.S. cyber policy shift. Available at: https://www.bbc.com/news/articles/c2er34w0jgdo (Accessed: 4 March 2025).
Chichulin, N.A. and Kopylov, A.V. (2024) ‘The impact of cyber warfare on national security’, Society: Politics, Economics, Law, 11(1), pp. 20–26. Available at: http://dx.doi.org/10.24158/pep.2024.11.2 (Accessed: 5 March 2025).
GovInfoSecurity (2025) Cyber Cold War: U.S. vs Russia. Available at: https://www.govinfosecurity.com/blogs/cyber-cold-war-us-vs-russia-p-227 (Accessed: 2 March 2025).
Huskaj, G. (2023) Offensive cyberspace operations for cyber security. Available at: http://dx.doi.org/10.34190/iccws.18.1.1054 (Accessed: 1 March 2025).
Loyola University Chicago (2025) Cyber conflicts and international law. Available at: https://lawecommons.luc.edu/cgi/viewcontent.cgi?article=1214&context=pilr (Accessed: 6 March 2025).
Politico (2025) France has trouble understanding U.S. halt on cyber operations against Russia. Available at: https://www.politico.eu/article/france-has-trouble-understanding-us-halt-on-cyber-operations-against-russia/ (Accessed: 3 March 2025).
Rashid, A., Khan, A.Y., and Azim, S.W. (2021) ‘Cyber hegemony and information warfare: A case of Russia’, Liberal Arts and Social Sciences International Journal (LASSIJ), 5(1), pp. [insert page numbers]. Available at: http://dx.doi.org/10.47264/idea.lassij/5.1.42 (Accessed: 5 March 2025).
Vaughan-Nichols, S.J. (2021) SolarWinds: The more we learn, the worse it looks. ZDNet. Available at: https://www.zdnet.com/article/solarwinds-the-more-we-learn-the-worse-it-looks/ (Accessed: 2 March 2025).

UK And US Stand Firm: No New AI Regulation Yet. Here’s Why.

By Ramkumar Sundarakalatharan | February 22, 2025 | Comments 0 Comment

Introduction: A Fractured Future for AI?

Imagine a future where AI development is dictated by national interests rather than ethical, equitable, and secure principles. Countries scramble to outpace each other in an AI arms race, with no unified regulations to prevent AI-powered cyber warfare, misinformation, or economic manipulation.

This is not a distant dystopia—it is already happening.

At the Paris AI Summit 2025, world leaders attempted to set a global course for AI governance through the Paris Declaration, an agreement focusing on ethical AI development, cyber governance, and economic fairness (Oxford University, 2025). 61 nations, including France, China, India, and Japan, signed the declaration, signalling their commitment to responsible AI.

But two major players refused—the United States and the United Kingdom (Al Jazeera, 2025). Their refusal exposes a stark divide: should AI be a globally governed technology, or should it remain a tool of national dominance?

This article dissects the motivations behind the US and UK’s decision, explores the geopolitical and economic stakes in AI governance, and outlines the risks of a fragmented regulatory landscape. Ultimately, history teaches us that isolationism in global governance has dangerous consequences—AI should not become the next unregulated digital battleground.

The Paris AI Summit: A Bid for Global AI Regulation

The Paris Declaration set out six primary objectives (Anadolu Agency, 2025):

Ethical AI Development: Ensuring AI remains transparent, unbiased, and accountable.
International Cooperation: Encouraging cross-border AI research and investments.
AI for Sustainable Growth: Leveraging AI to tackle environmental and economic inequalities.
AI Security & Cyber Governance: Addressing the risks of AI-powered cyberattacks and disinformation.
Workforce Adaptation: Ensuring AI augments human labor rather than replacing it.
Preventing AI Militarization: Avoiding an uncontrolled AI arms race with autonomous weapons.

While France, China, Japan, and India supported the agreement, the US and UK abstained, each citing strategic, economic, and security concerns (Al Jazeera, 2025).

Why Did the US and UK Refuse to Sign?

1. The United States: Prioritizing National Interests

The US declined to sign the Paris Declaration due to concerns over national security and economic leadership (Oxford University, 2025). Vice President J.D. Vance articulated the administration’s belief in “pro-growth AI policies” to maintain the US’s dominance in AI innovation (Reuters, 2025).

The US government sees AI as a strategic asset, where global regulations could limit its control over AI applications in military, intelligence, and cybersecurity. This stance aligns with the broader “America First” approach, focusing on maintaining US technological hegemony over AI (Financial Times, 2025).

Additionally, the US has already weaponized AI chip supply chains, restricting exports of Nvidia’s AI GPUs to China to maintain its lead in AI research (Barron’s, 2024). AI is no longer just software—it’s about who controls the silicon powering it.

2. The United Kingdom: Aligning with US Policies

The UK’s refusal to sign reflects its broader strategy of maintaining the “Special Relationship” with the US, prioritizing alignment with Washington over an independent AI policy (Financial Times, 2025).

A UK government spokesperson stated that the declaration “had not gone far enough in addressing global governance of AI and the technology’s impact on national security.” This highlights Britain’s desire to retain control over AI policymaking rather than adhere to a multilateral framework (Anadolu Agency, 2025).

Additionally, the UK rebranded its AI Safety Institute as the AI Security Institute, signalling a shift from AI ethics to national security-driven AI governance (Economist, 2024). This move coincides with Britain’s ambition to protect ARM Holdings, one of the world’s most critical AI chip architecture firms.

By standing with the US, the UK secures:

Preferential access to US AI technologies.
AI defense collaboration with US intelligence agencies.
A strategic advantage over EU-style AI ethics regulations.

The AI-Silicon Nexus: Geopolitical and Commercial Implications

AI is Not Just About Software—It is a Hardware War

Control over AI infrastructure is increasingly centered around semiconductor dominance. Three companies dictate the global AI silicon supply chain:

TSMC (Taiwan) – Produces 90% of the world’s most advanced AI chips, making Taiwan a major geopolitical flashpoint (Economist, 2024).
Nvidia (United States) – Leads in designing AI GPUs, used for AI training and autonomous systems, but is now restricted from exporting to China (Barron’s, 2024).
ARM Holdings (United Kingdom) – Develops chip architectures that power AI models, yet remain aligned with Western tech and security alliances.

By controlling AI chips, the US and UK seek to slow China’s AI growth, while China accelerates efforts to achieve AI chip independence (Financial Times, 2025).

This AI-Silicon Nexus is now shaping AI governance, turning AI into a national security asset rather than a shared technology.

Lessons from History: The League of Nations and AI’s Fragmented Future

The US’s refusal to join the League of Nations after World War I weakened global security efforts, paving the way for World War II. Today, the US and UK’s reluctance to commit to AI governance could lead to an AI arms race—one that might spiral out of control.

Without a unified AI regulatory framework, adversarial nations can exploit gaps in governance, just as rogue states exploited international diplomacy failures in the 1930s.

The Risks of Fragmented AI Governance

Without global AI governance, the world faces serious risks:

Cybersecurity Vulnerabilities – Unregulated AI could fuel cyberwarfare, misinformation, and deepfake propaganda.
Economic Disruptions – Fragmented AI regulations will slow global AI adoption and cross-border investments.
AI Militarization – The absence of AI arms control policies could lead to autonomous warfare and digital conflicts.
Loss of Trust in AI – The lack of standardized AI safety frameworks could create regulatory chaos and ethical concerns.

Conclusion: A Call for Responsible AI Leadership

The Paris AI Summit has exposed deep divisions in AI governance, with the US and UK prioritizing AI dominance over global cooperation. Meanwhile, China, France, and other key players are using AI governance as a tool to shape global influence.

The world is at a critical crossroads—either nations cooperate to regulate AI responsibly, or they allow AI to become a fragmented, unpredictable force.

If history has taught us anything, isolationism in global security leads to arms races, geopolitical instability, and economic fractures. The US and UK must act before AI governance becomes an uncontrollable force—just as the failure of the League of Nations paved the way for war.

References

Global Disunity, Energy Concerns, and the Shadow of Musk: Key Takeaways from the Paris AI Summit
The Guardian, 14 February 2025.
https://www.theguardian.com/technology/2025/feb/14/global-disunity-energy-concerns-and-the-shadow-of-musk-key-takeaways-from-the-paris-ai-summit
Paris AI Summit: Why Did US, UK Not Sign Global Pact?
Anadolu Agency, 14 February 2025.
https://www.aa.com.tr/en/americas/paris-ai-summit-why-did-us-uk-not-sign-global-pact/3482520
Keir Starmer Chooses AI Security Over ‘Woke’ Safety Concerns to Align with Donald Trump
Financial Times, 15 February 2025.
https://www.ft.com/content/2fef46bf-b924-4636-890e-a1caae147e40
Transcript: Making Money from AI – After DeepSeek
Financial Times, 17 February 2025.
https://www.ft.com/content/b1e6d069-001f-4b7f-b69b-84b073157c77
US and UK Refuse to Sign Paris Summit Declaration on ‘Inclusive’ AI
The Guardian, 11 February 2025.
https://www.theguardian.com/technology/2025/feb/11/us-uk-paris-ai-summit-artificial-intelligence-declaration
Vance Tells Europeans That Heavy Regulation Could Kill AI
Reuters, 11 February 2025.
[https://www.reuters.com/technology/artificial-intelligence/europe-looks-embrace-ai

Disbanding the CSRB: A Mistake for National Security

By Ramkumar Sundarakalatharan | January 25, 2025 | Comments 0 Comment

Why Ending the CSRB Puts America at Risk

Imagine dismantling your fire department just because you haven’t had a major fire recently. That’s effectively what the Trump administration has done by disbanding the Cyber Safety Review Board (CSRB), a critical entity within the Cybersecurity and Infrastructure Security Agency (CISA). In an era of escalating cyber threats—ranging from ransomware targeting hospitals to sophisticated state-sponsored attacks—this decision is a catastrophic misstep for national security.

While countries across the globe are doubling down on cybersecurity investments, the United States has chosen to retreat from a proactive posture. The CSRB’s closure sends a dangerous message: that short-term political optics can override the long-term need for resilience in the face of digital threats.

The Role of the CSRB: A Beacon of Cybersecurity Leadership

Established to investigate and recommend strategies following major cyber incidents, the CSRB functioned as a hybrid think tank and task force, capable of cutting through red tape to deliver actionable insights. Its role extended beyond the public-facing reports; the board was deeply involved in guiding responses to sensitive, behind-the-scenes threats, ensuring that risks were mitigated before they escalated into crises.

The CSRB’s disbandment leaves a dangerous void in this ecosystem, weakening not only national defenses but also the trust between public and private entities.

CSRB: Championing Accountability and Reform

One of the CSRB’s most significant contributions was its ability to hold even the most powerful corporations accountable, driving reforms that prioritized security over profit. Its achievements are best understood through the lens of its high-profile investigations:

Key Milestones

Why the CSRB’s Work Mattered

The CSRB’s ability to compel change from tech giants like Microsoft underscored its importance. Without such mechanisms, corporations are less likely to prioritise cybersecurity, leaving critical infrastructure vulnerable to attack. As cyber threats grow in complexity, dismantling accountability structures like the CSRB risks fostering an environment where profits take precedence over security—a dangerous proposition for national resilience.

Cybersecurity as Strategic Deterrence

To truly grasp the implications of the CSRB’s dissolution, one must consider the broader strategic value of cybersecurity. The European Leadership Network aptly draws parallels between cyber capabilities and nuclear deterrence. Both serve as powerful tools for preventing conflict, not through their use but through the strength of their existence.

By dismantling the CSRB, the U.S. has not only weakened its ability to deter cyber adversaries but also signalled a lack of commitment to proactive defence. This retreat emboldens adversaries, from state-sponsored actors like China’s STORM-0558 to decentralized hacking groups, and undermines the nation’s strategic posture.

Global Trends: A Stark Contrast

While the U.S. retreats, the rest of the world is surging ahead. Nations in the Indo-Pacific, as highlighted by the Royal United Services Institute, are investing heavily in cybersecurity to counter growing threats. India, Japan, and Australia are fostering regional collaborations to strengthen their collective resilience.

Similarly, the UK and continental Europe are prioritising cyber capabilities. The UK, for instance, is shifting its focus from traditional nuclear deterrence to building robust cyber defences, a move advocated by the European Leadership Network. The EU’s Cybersecurity Strategy exemplifies the importance of unified, cross-border approaches to digital security.

The U.S.’s decision to disband the CSRB stands in stark contrast to these efforts, risking not only its national security but also its leadership in global cybersecurity.

Isolationism’s Dangerous Consequences

This decision reflects a broader trend of isolationism within the Trump administration. Whether it’s withdrawing from the World Health Organization or sidelining international climate agreements, the U.S. has increasingly disengaged from global efforts. In cybersecurity, this isolationist approach is particularly perilous.

Global threats demand global solutions. Initiatives like the Five Eyes’ Secure Innovation program (Infosecurity Magazine) demonstrate the value of collaborative defence strategies. By withdrawing from structures like the CSRB, the U.S. not only risks alienating allies but also forfeits its role as a global leader in cybersecurity.

The Cost of Complacency

Cybersecurity is not a field that rewards complacency. As CSO Online warns, short-term thinking in this domain can lead to long-term vulnerabilities. The absence of the CSRB means fewer opportunities to learn from incidents, fewer recommendations for systemic improvements, and a diminished ability to adapt to evolving threats.

The cost of this decision will likely manifest in increased cyber incidents, weakened critical infrastructure, and a growing divide between the U.S. and its allies in terms of cybersecurity capabilities.

Conclusion

The disbanding of the CSRB is not just a bureaucratic reshuffle—it is a strategic blunder with far-reaching implications for national and global security. In an age where digital threats are as consequential as conventional warfare, dismantling a key pillar of cybersecurity leaves the United States exposed and isolated.

The CSRB’s legacy of transparency, accountability, and reform serves as a stark reminder of what’s at stake. Its dissolution not only weakens national defences but also risks emboldening adversaries and eroding trust among international partners. To safeguard its digital future, the U.S. must urgently rebuild mechanisms like the CSRB, reestablish its leadership in cybersecurity, and recommit to collaborative defence strategies.

References & Further Reading

TechCrunch. (2025). Trump administration fires members of cybersecurity review board in horribly shortsighted decision. Available at: TechCrunch
The Conversation. (2025). Trump has fired a major cybersecurity investigations body – it’s a risky move. Available at: The Conversation
TechDirt. (2025). Trump disbands cybersecurity board investigating massive Chinese phone system hack. Available at: TechDirt
European Leadership Network. (2024). Nuclear vs Cyber Deterrence: Why the UK Should Invest More in Its Cyber Capabilities and Less in Nuclear Deterrence. Available at: ELN
Royal United Services Institute. (2024). Cyber Capabilities in the Indo-Pacific: Shared Ambitions, Different Means. Available at: RUSI
Infosecurity Magazine. (2024). Five Eyes Agencies Launch Startup Security Initiative. Available at: Infosecurity Magazine
CSO Online. (2024). Project 2025 Could Escalate US Cybersecurity Risks, Endanger More Americans. Available at: CSO Online