Is Trump making the US more cyber vulnerable? - Click Here

Summary5 min read

Click Here Podcast: Is Trump Making the US More Cyber Vulnerable?

Hosted by Recorded Future News Release Date: March 18, 2025

In this episode of Click Here, Recorded Future News delves into the critical question: Is Trump making the US more cyber vulnerable? Host Dina Temple-Raston navigates through complex discussions surrounding a significant pause in offensive cyber operations against Russia, exploring its implications, reactions, and underlying threats to the United States' cybersecurity landscape.

1. The Pause in Offensive Cyber Operations

The episode opens with the intriguing announcement that Defense Secretary Pete Hegseth has directed U.S. Cyber Command (Cybercom) to halt offensive operations against Russia.

Dina Temple-Raston [00:02]: "Cyber Command is the military's invisible force...their weapons are lines of code...focused on our four biggest adversaries in China, Russia, North Korea, and Iran."

This move quickly garnered international attention, sparking debates about its significance and potential underlying motives.

2. Immediate Reactions and Concerns

Experts and commentators expressed immediate concern over the pause, interpreting it as a possible sign of the Trump administration softening its stance against Russia.

Jake Williams [00:55]: "Some breaking news. U.S. cyber Command has been ordered to stop offensive operations against Russia."

Jacqueline Schneider [01:00]: "And that's fueled concerns that the Trump administration is going soft on Vladimir Putin."

Williams, a former NSA cyber operator and VP at Hunter Strategy, vehemently opposes the decision.

Jake Williams [01:37]: "That's Russia. So the idea that we would stop pre-positioning against a country that has a history of that is, frankly, lunacy."

These reactions underscore the alarm within the cybersecurity community about the potential increase in vulnerability to Russian cyber threats.

3. Contextualizing the Pause: Policy Shifts and Operational Realities

Dina Temple-Raston provides context, highlighting that this pause might indicate a broader shift in U.S. cyber policy under the Trump administration, which has been notably aggressive towards adversaries in cyberspace.

Dina Temple-Raston [01:06]: "The Trump administration's open armed approach to a longtime adversary...one who happens to have been particularly aggressive in cyberspace."

Despite the headline-making pause, officials inside and outside the administration suggest the situation may not be as dire as it appears.

Dina Temple-Raston [04:04]: "The directive doesn't seem to touch intelligence gathering or the Russian focused work of the NSA, CISA or the CIA."

Moreover, the number of offensive operations against Russia had been declining due to Russia's preoccupation with cyberattacks in Ukraine and Europe.

4. Alternative Explanations for the Pause

The episode explores the possibility that the pause is a strategic move rather than a sign of weakness. It might serve as an olive branch ahead of sensitive negotiations or state visits.

Dina Temple-Raston [07:34]: "A short stand down has been used in the past as a sort of olive branch to an adversary."

This perspective suggests that the pause could facilitate diplomatic engagements without necessarily compromising the U.S.'s cyber defense posture.

5. The Implications of a Prolonged Pause

Experts caution that the duration of the pause is crucial. A short-term halt might be manageable, but an extended pause could hinder the rapid resumption of cyber operations.

Jake Williams [08:56]: "It's potentially double digit months... that's what cyber works."

Dena Temple-Raston [09:03]: "Cyber campaigns... take months, sometimes years to plan."

A prolonged pause could erode the readiness and effectiveness of Cybercom, making it challenging to counteract emerging threats swiftly.

6. The Hidden Threat: Elon Musk's Doge Team in Government Systems

Beyond the public pause on operations, the podcast reveals a lesser-known but potentially more damaging development: Elon Musk's team, referred to as Doge, infiltrating U.S. government IT systems. This infiltration bypasses established security protocols, raising alarms about the introduction of vulnerabilities.

Dena Temple-Raston [10:01]: "Sources confirming that Elon Musk has been given access to the U.S. Treasury Department's vast pay."

The concern is that unvetted changes by Doge could create exploitable gaps in critical infrastructure.

7. The Importance of Change Control in Cybersecurity

The discussion emphasizes the necessity of rigorous change control processes in maintaining the integrity of complex IT systems.

Jake Williams [12:15]: "Another name for red tape is security controls. Those controls exist for a reason."

Williams highlights the risks associated with bypassing these protocols, citing a real-world example where a minor flaw in a Crowdstrike update led to widespread outages.

Jake Williams [16:16]: "There's just no way that all of that is following a normal process."

The episode underscores that the lack of proper oversight in making changes to government systems can lead to significant security breaches.

8. Broader Cybersecurity Challenges: CISA's Struggles

The podcast also touches upon the challenges faced by the Cybersecurity and Infrastructure Security Agency (CISA), including workforce reductions and weakened international partnerships.

Jake Williams [19:01]: "I was let go on that Friday night at 7:28pm and now I am scrambling to find a job."

These internal struggles within CISA further exacerbate the nation's cybersecurity vulnerabilities, limiting its ability to effectively counteract threats.

9. Positive Developments: New Cyber and AI Education at USF

Amidst the challenges, there are strides being made in cybersecurity education. The University of South Florida, supported by a $40 million donation from tech entrepreneur Arnie Bellini, is establishing the USF Bellini College of Artists, focusing on cyber and AI education.

Jacqueline Schneider [20:35]: "Bellini said China's growing prowess in cyber and AI inspired him to establish a university program that could become ground zero for cybersecurity in the United States."

This initiative aims to cultivate the next generation of cybersecurity experts, addressing the talent gap in maintaining and securing critical infrastructure.

10. Conclusion: Balancing Speed and Safety in Cyber Operations

Click Here concludes by highlighting the delicate balance between rapid innovation and the meticulous safeguarding required in cybersecurity. The episode cautions against the "Silicon Valley sentiment" of fixing issues later, emphasizing that delays can lead to exploited vulnerabilities.

Dena Temple-Raston [16:50]: "Later is when vulnerabilities become breaches. Later is when adversaries exploit the gaps."

The overarching message underscores the imperative of maintaining robust cybersecurity practices to protect the nation's digital infrastructure against evolving threats.

Notable Quotes:

Jake Williams [01:37]: "That's Russia. So the idea that we would stop pre-positioning against a country that has a history of that is, frankly, lunacy."
Jake Williams [08:56]: "It's potentially double digit months... that's what cyber works."
Jake Williams [12:15]: "Another name for red tape is security controls. Those controls exist for a reason."
Dena Temple-Raston [16:50]: "Later is when vulnerabilities become breaches. Later is when adversaries exploit the gaps."

This episode of Click Here provides a comprehensive exploration of the multifaceted issues surrounding U.S. cyber policy under the Trump administration, shedding light on both overt and covert factors that may influence the nation's cybersecurity posture.

Loading summary

Transcript36 lines

[00:03]
Dena Temple Rastin
From Recorded Future News and prx, this is Click here. Cyber Command is the military's invisible force operating from deep inside the NSA's glass bunker in Fort Meade, Maryland. And its mission is the same as any other military force, except their battlefield is everywhere and their weapons are lines of code. And for the most part, they're focused on our four biggest adversaries in China, Russia, North Korea, and Iran. So when news broke that Defense Secretary Pete Hegseth had told cybercom to hit pause on offensive operations against Russia, it made headlines around the world.
[00:55]
Jake Williams
Some breaking news. U.S. cyber Command has been ordered to stop offensive operations against Russia.
[01:01]
Jacqueline Schneider
And that's fueled concerns that the Trump administration is going soft on Vladimir Putin.
[01:06]
Dena Temple Rastin
Another signal, it seemed, of a bigger shift in US Policy. The Trump administration's open armed approach to a longtime adversary, one who happens to have been particularly aggressive in cyberspace, whether through state sanctioned attacks or the ones Moscow conveniently ignores.
[01:25]
Jake Williams
Like, we can just go down the list of stuff that we can attribute back to Russia.
[01:30]
Dena Temple Rastin
This is Jake Williams, a former NSA cyber operator and now vice president at the cybersecurity firm Hunter Strategy.
[01:37]
Jake Williams
Not Petya. That was a destructive cyber attack. That's Russia. Olympic destroyer. That's Russia. Viasat. That's Russia. So the idea that we would stop pre positioning against a country that has a history of that is, frankly, lunacy.
[01:51]
Dena Temple Rastin
Jake's not the only person who took the news this way. Headlines and talking heads were full of alarm.
[01:57]
Jake Williams
It's very, very concerning because the reality is Russia's not stopping their offensive operations. The pause in operations does have a.
[02:05]
Dena Temple Rastin
Lot of US Officials concerned about what could come next if we stop planning operations. That'll really put us. But something interesting happened when we reached out to officials inside and outside the administration to try to understand this pause a little better. They told us something that surprised us. While they understand why people are worried about whether the Trump administration is making the US More vulnerable in cyberspace, they're less concerned about the pause than something else entirely. Something Trump's team is doing more behind the scenes. Something they fear could do a lot more harm than a short break in offensive cyber operations. From recorded Future News. I'm Dena Templreston, and this is Click Here, a podcast about all things cyber and intelligence. We tell true stories about the people making and breaking our digital world. And when Trump roared into office a few months ago, it was amid a flurry of executive orders, and it seemed to cue chaos. Then he let Doge Elon Musk's Department of Government efficiency take a chainsaw to the federal workforce and it only added to the din. But with so many alarm bells ringing, which ones signal real danger and which are just noise? Today we try to sort the signal from the static. Stay with us. Click Here is brought to you by Progressive Insurance. Do you ever find yourself playing the budgeting game? Well, with the name your price tool from Progressive, you can find options that fit your budget and potentially lower your bills. Try it@progressive.com Progressive Casualty Insurance Company and affiliates Price and coverage match limited by state law not available in all states. This is Click Here. It still isn't clear what exactly the order from Defense Secretary Pete Hegseth actually said. Was Cybercom supposed to stop current Russian offensive operations or the planning of future ones? And how long would the pause last? As a general matter, cybercom officials are very tight lipped about their operations, understandably so. But a few missions have found their way into the public eye, like this joint operation with Israel in which cyber operators compromised industrial control systems at the Nataz enrichment facility in Iran, and another I reported on when I was at npr. NPR has exclusive access to nearly a dozen people involved in this classified operation, and NPR's Dina Temple rest and is in our studios with the in that operation, the US attacked ISIS's media arm and made it really hard for them to disseminate their propaganda. That's a sampling of our offensive operations, the ones Secretary Hegseth reportedly asked Cybercom to put on hold against Russia. Days after our sister publication the Record broke the story about the Cybercom pause, the Pentagon posted a response on X. It claimed that the Secretary of Defense had neither canceled nor delayed any cyber operations directed against malicious Russian targets. Which doesn't exactly say a pause in operations against Russian government networks never happened. Malicious Russian targets could be, say, ransomware gangs or cyber criminals. We spoke to four people both inside and outside the current administration and they told us in fact that the pause order did occur. But they were quick to add that the order may not be as alarming as it appears at first blush, for a few reasons. For one, the directive doesn't seem to touch intelligence gathering or the Russian focused work of the nsa, CISA or the CIA. So this isn't a full scale cyber standout? Not even close. And inside Cyber Command, there may not have been all that much to pause in the first place. Three sources who are in a position to know, but declined to go on the record told us that the number of Cybercom offensive cyber operations against Russia have sort of dropped in recent years. Why because, frankly, there hasn't been as much of a need. Russia's cyber attacks against the US have slowed, not because they had a change of heart, but because they've been busy launching cyber attacks in Ukraine and sabotage missions across Europe. And even when operations are needed, cybercom isn't always the one doing the job anymore. And in the case of Russia, well, cybercom certainly isn't alone in targeting their systems. The hacktivist community has gone insane against Russia. Right. This is John Clay, vice president of Threat Intelligence at Trend Micro. Last I saw, there was like 60 plus hacktivist groups that were targeting Russian infrastructure, Russian, you know, organizations. So you, you basically have this de facto group that is doing that job, right?
[07:35]
Jake Williams
Unaffiliated hackers around the world now putting Russia in the crosshairs, taking down Russian.
[07:40]
Dena Temple Rastin
News site rt, which many decry as a propaganda outlet for Vladimir Putin. This is a message to Vladimir Putin.
[07:48]
Jake Williams
Members of Anonymous have declared cyber war.
[07:50]
Dena Temple Rastin
Against your aggressive regime. Activists are messing with railway systems in Russia, cracking into Russian government websites, basically making Moscow's life miserable. And then there's this other piece of this. It's not totally unheard of to order this kind of pause, a short stand down has been used in the past as a sort of olive branch to an adversary. And it sometimes happens before state visits or during sensitive negotiations like the ones to end the war in Ukraine. It's rare, but it happens. And it wouldn't be out of the ordinary as Trump seeks to get Russian negotiators to the table. So for all these reasons, officials told us this pause may not be as alarming as it first seemed. But there are some caveats. For one, they said it depends how long the Hegseth pause actually lasts, because there's a big difference between a pause of days and a pause of months. The longer it drags on, the harder it is to restart. Because cyber operations don't just get fired back up with the flip of a switch.
[08:57]
Jake Williams
It's potentially double digit months, right, to get stuff in the right positions.
[09:01]
Dena Temple Rastin
Jake Williams, again, it's not like go.
[09:04]
Jake Williams
Project force anywhere in the world in 12 hours kind of thing. That's not how cyber works.
[09:11]
Dena Temple Rastin
Cyber campaigns like the one that crippled ISIS's media arm or the one that hit Iran's uranium plant, they take months, sometimes years to plan. And if operators stand down too long, the conditions they relied on, the unpatched network, the hidden back door, they could just disappear, meaning months of work, maybe years of it, is just wiped out. And that some of the people we spoke with said is a distinction Defense Secretary Hegseth may not fully appreciate. Because standing down a conventional military operation is really different from standing down a cyber one.
[09:50]
Jacqueline Schneider
It's not as simple as how we plan a conventional campaign. So my thought was, oh, maybe they didn't realize that, like, that would have such a large effect on cyber.
[10:02]
Dena Temple Rastin
That's Jacqueline Schneider. She's a fellow at the Hoover Institution and runs their wargaming and crisis simulation center. But the problem is, while people focus on this pause, some experts warn that they might be missing something much bigger, something much closer to home. The army of coders Elon Musk is embedded across agencies in Washington. And the way they're digging into the country's IT systems overnight. Sources confirming that Elon Musk has been given access to the U.S. treasury Department's vast pay. And the concern is a process they seem to be skipping. A very nerdy process, but one that, if ignored, could have very real consequences for all of us. That's when we come back. Stay with us. There's a lot going on right now. Mounting economic inequality, threats to democracy, environmental disaster, the sour stone stench of chaos in the air. I'm Brooke Gladstone, host of WNYC's on the Media. Want to understand the reasons and the meanings of the narratives that led us here and maybe how to head them off at the pass that's on the media specialty. Take a listen wherever you get your podcasts. If there's one thing most people agree on, it's this Bureaucracy is the worst. The meetings that should have been emails, the endless procedural hoops, the reports no one reads. And in some cases, excessive bureaucracy can create space for fraud, waste, and abuse. That much isn't very controversial. What is controversial is how Doge is going about fixing it. Critics worry that in its effort to streamline government, it may be undermining something really essential, the very integrity of the nation's IT systems.
[12:16]
Jake Williams
Yeah, I wrote a piece a couple of weeks ago where a lot of folks were talking about, oh, look at Doge cutting through all of this red tape. And I said, look, you know, another name for red tape is security controls. Those controls exist for a reason.
[12:29]
Dena Temple Rastin
Jake Williams from Hunter Strategy again. And he worries about the Doge staffers poking around in government networks. Change one line of code in the wrong place, and it's not like canceling a meeting or scrapping a redundant report. In massive, complex systems like the irs or the U.S. treasury, even the smallest tweak can ripple outward in ways no one expected. It's the digital Butterfly effect. The idea that a butterfly flapping its wings in Africa might trigger a hurricane in Florida. Change a single line of code without proper testing and. Well, just ask. Crowdstrike, the cybersecurity firm pushed out a routine update last year with one small logic flaw buried deep in the code, and it brought down networks across the country. You are coming on the air right now with breaking news. A massive global technical outage has knocked critical computer infrastructure offline. Hundreds of flights have already been impacted.
[13:38]
Jake Williams
We're seeing stock exchanges, grocery stores, even where people can't check out. Airlines, hospitals, businesses around the world, banks as well, reeling from a massive tech.
[13:48]
Dena Temple Rastin
Outage, and that was only to do with Windows machines. A lot of the government runs on much older Systems. Take the IRS. Its core infrastructure dates back to the late 1960s, which makes it Beatles on the radio, NASA racing to the moon. Old. Some of these systems actually run on cobol, a programming language that is so antiquated, the pool of coders who can maintain it is actually drying up. So the butterfly effect of even minor tweaks to those kinds of systems are even more unpredictable. This is why there are very specific steps to go through to manage almost any change to these systems. Something literally called a change control process. Change control ensures new code is scrutinized, tested, and safely integrated. Every proposed change, whether it's a bug fix, a feature update, or a sweeping architectural shift, moves through a kind of pipeline of scrutiny. Right now, DOGE coders are reported to be rooting around in IT systems across several agencies. Wired magazine reported that a DOGE coder had write access to treasury code controlling trillions in federal spending. And earlier this month, DOGE requested sweeping access to IRS systems aiming to crosscheck federal benefits payments with tax records. It's unclear exactly what DOGE is doing, actually. In fact, a D.C. judge recently ruled that the agency needs to be more transparent and has to abide by open records rules. But Jake Williams says even without FOIA requests, he's pretty sure these DOGE teams are blowing right past change control safeguards.
[15:32]
Jake Williams
DOGE obviously is not following normal change control processes. There's no way that, that they came in and, you know, did normal investigation of, you know, and test and all of that to get to the point that they can, you know, safely make changes. One of the things that, you know, typically happens with, you know, with change control is that security reviews the changes and typically is doing some testing in a staging environment prior to pushing those changes. And again, just the speed with which all of this is being done. There's just no way that all of that is following a normal process. And I think that alone is something that a lot of folks don't realize is such a big cybersecurity concern.
[16:16]
Dena Temple Rastin
We reached out to DOGE to ask about their change control systems, and they didn't get back to us. You can imagine that adversaries understand that all these new people in US Government systems, even if they have the best intentions, may accidentally insert vulnerabilities into US Networks. And it stands to reason they'll be looking for exactly that to see if there's something they can somehow use to their advantage.
[16:44]
Jake Williams
Totally. Conceivably, we could be, you know, increasing the risk of threat actors being able to penetrate those systems.
[16:50]
Dena Temple Rastin
And that's the tension. The world is littered with examples of hasty changes leading to disaster, many of which could have been avoided if there'd just been one more set of eyes and change control does slow things down, but it's not about bureaucracy. It's almost like an agreement, a balance between speed and safety, innovation and stability, a process that, when done right, doesn't stifle creativity, it actually protects it. There's a prevailing sense in these early months of the Trump administration that if something breaks, whether it's the pause on offensive cyber operations or the haphazard tinkering with complex code, that they'll just fix it later. It's a very Silicon Valley sentiment. But later is a dangerous word in cybersecurity. Later is when vulnerabilities become breaches. Later is when adversaries exploit the gaps. Later is when the theoretical risks become real world consequences. Later is too late. This is. Click Here.
[18:03]
Brooke Gladstone
Looking for more of the cybersecurity and intelligence coverage you get on Click Here. Then check out our sister publication the Record from Recorded Future News. You'll get breaking cyber news from reporters in New York, Washington, London, and Kyiv, among others, and you'll see for yourself why it attracts hundreds of thousands of page views every month. Just go to TheRecord Media today is.
[18:28]
Dena Temple Rastin
Tuesday, March 18, and here are some of the top cyber and intelligence stories of the past week. Wired magazine reported last week that workers at the Cybersecurity and Infrastructure Security Agency, or cisa, are struggling to protect the US Amid mass layoffs and weak leadership. They said that vital support staff have left, international partnerships are fraying, and employees are afraid to discuss threats to democracy, which they're not supposed to counter anymore. The agency is part of the Department of Homeland Security, and for years now it's been providing cities and businesses with support against cyber attacks. CISA is thought to have lost some 10% of its 3200 person workforce. A lot of people got emails on February 14th that said their services would just no longer be required.
[19:23]
Jake Williams
I was let go on that Friday night at 7:28pm and now I am scrambling to find a job. For the first time in 15 years.
[19:37]
Dena Temple Rastin
People inside and outside government are sounding the alarm about the CISA brain drainage. Some new CISA leadership might be on the way, though. Last week, President Donald Trump nominated Sean Planki for the top job there. Planky worked cyber issues at the Department of Energy and in the National Security Council during the first Trump presidency. He's a Coast Guard veteran and earned a Bronze Star for his work on offensive cyber operations while deployed to Afghanistan in 2013. In a recent interview with Recorded Future News, Planky said that the Trump administration will likely focus on getting more from our partners and on supply chain vulnerabilities. Cybersecurity experts on both sides of the aisle are praising the nomination and finally interested in cybersecurity and AI There's a new school for you.
[20:28]
Jacqueline Schneider
USF revealed some details about their brand new college that's going to be opening its doors, the USF Bellini College of Artists.
[20:35]
Dena Temple Rastin
Artificial intelligence, cybersecurity and computing tech entrepreneur Arnie Bellini and his wife Lauren, donated $40 million to the university of South Florida to open the first school of cyber and AI education in the US Bellini is the former chief executive and co founder of the tech service company Connectwise, which sold for $1.5 billion in 2019. Bellini said China's growing prowess in cyber and AI inspired him to establish a university program that could become ground zero for cybersecurity in the United States. More generally, the Tampa area has seen a rise in private cybersecurity companies and is home to the MacDill Air Force Base, which is where the U.S. central Command and Special Operations Command work out of now. The new college, opening next fall, will take in approximately 3,000 students specializing in cyber and AI related courses.
[21:40]
Jacqueline Schneider
Today's episode was produced by Zach Hirsch, Megan Dietrich, Erica Gaeda, Sean Powers and Dina Temple Rastin. It was edited by Karen Duffin, Fact Checked by Darren Ankrum and contains original music by Ben Levingston with some other music from Blue Dot Sessions. Our staff writer is Lucas Riley and our illustrator is Megan Gough. Martin Peralta is our sound designer and engineer. Click Here is a production of Recorded Future News and prx. Tune in on Friday for Mic Drop, which features our favorite interview of the week. We'll have a new episode of Click Here on Tuesday. We'll see you then.
[22:22]
Brooke Gladstone
Looking for more of the cybersecurity and intelligence coverage you get on Click Here? Then check out our sister publication, the Record from Recorded Future News. You'll get breaking cyber news from reporters in New York, Washington, London and Kiev, among others. And you'll see for yourself why it attracts hundreds of thousands of page views every month. Just go to the Record Media.