The nation that brought us election meddling, ransomware galore, and a treasure trove of hacked emails is now, apparently, as harmless as a kitten and no longer needs to be monitered.

The first sign of this retreat came when the State Department's deputy assistant secretary for international cybersecurity, Liesyl Franz recently graced a United Nations working group with her insights. She expressed concerns about cyber threats from China and Iran but conspicuously omitted any mention of Russia.

This is akin to discussing global coffee production without mentioning Brazil. One can only assume she forgot about that minor detail.

However, there are other signs that this has become policy. The Cybersecurity and Infrastructure Security Agency (CISA), a memo outlining new priorities also failed to mention Russia.

Analysts were instructed to ignore Russian threats altogether – effectively ignoring the bear in the room.

Unsurprisingly, experts are baffled by this approach. A seasoned cyber expert, James Lewis remarked: "It's incomprehensible to give a speech about threats in cyberspace and not mention Russia, and it's delusional to think this will turn Russia and the FSB into our friends."

An anonymous source familiar with the inner workings of CISA told the Guardian that work on anything "Russia-related" was effectively "nixed."

They added, "People are saying Russia is winning. Putin is on the inside now. Russia and China are our biggest adversaries. With all the cuts being made to different agencies, a lot of cybersecurity personnel have been fired. Our systems are not going to be protected and our adversaries know this,” the person said.

Just in case the Trump administration has forgotten what his chum Tsar Putin’s teams have done over the last five years, here is a short, incomplete list:

SolarWinds Supply Chain Attack (2020): Russian intelligence operatives compromised the SolarWinds Orion software, affecting approximately 18,000 clients, including US government agencies such as the Treasury and Commerce departments. This breach allowed unauthorised access to these networks for espionage purposes.

Colonial Pipeline Ransomware Attack (2021): The Russian-linked cybercriminal group DarkSide executed a ransomware attack on Colonial Pipeline, temporarily shutting down a major fuel distribution network. This incident disrupted the supply of petrol, diesel, and jet fuel to the US East Coast, marking one of the most severe cyberattacks on US infrastructure.

Targeting of US Electric Utilities (2021): The Russian cyber espionage group known as Sandworm reportedly breached US electric utilities, oil and gas companies, and other industrial firms since at least 2017, with successful intrusions occurring a "handful" of times by 2021.

Ongoing Cyber Espionage Campaigns (2023): Russian military cyber actors, particularly Unit 29155, have been in continuous cyber operations targeting US and global critical infrastructure since 2020. These activities include espionage and potential sabotage efforts.

Disruption of Russian Cyber Efforts (2024): In October 2024, the US Justice Department seized 41 internet domains used by Russian intelligence agents and proxies to hack government agencies, including the Pentagon and State Department. This action disrupted ongoing Russian cyber-espionage campaigns targeting US entities.