Cyberattacks by the nation’s adversaries have increasingly targeted broader swaths of American communications and public infrastructure.
But even as more sophisticated threats emerge, the Trump administration’s cuts to federal programs have eroded U.S. cyberspace defenses, according to a senator and a nonprofit organization that advocates improved security.
“I would call it almost an across-the-board retreat from the national security defenses that we built up over the past five years, at the same time that the threat is only increasing and accelerating,” said Senator Angus King, a Maine independent who caucuses with Democrats.
Mr. King helped lead the Cyberspace Solarium Commission, which was established by Congress in 2019 to recommend ways to strengthen defenses against hacking attacks. Many of its recommendations were signed into law.
After the commission’s mandate ended, a nonprofit called the Cyberspace Solarium Commission 2.0 began tracking how many of the original recommendations had been put into practice.
Last year, 80 percent of the original recommendations were carried out or nearing enactment. But this year, for the first time, only 70 percent of the recommendations had been nearly or completely fulfilled, according to a new report from the nonprofit group.
Mr. King said the Trump administration had slashed the size of the Cyberspace and Infrastructure Security Agency by a third, from 3,300 people to 2,200. Those cuts came as the cyberspace security agency continued to warn about significant network breaches, including a hack of a prominent provider of virtual private networks, F5, and vulnerabilities in Microsoft products.
President Trump also fired the head of U.S. Cyber Command, Gen. Timothy D. Haugh, after a far-right activist pushed for his ouster. His replacement, who is serving in an acting capacity, is not expected to be nominated for the job, creating uncertainty at the command that conducts cyberoperations overseas.
A White House official did not respond to a request for comment.
Even though Mr. Trump appointed Sean Cairncross to serve as a national cyber director — one of the positions the Solarium Commission pushed for — the State Department erased the role of cyber ambassador, which the commission had recommended and Congress had written into law.
Mr. King said that at the very time the United States was disarming and weakening its defenses, China was emerging as an even more powerful threat. The country has penetrated the networks that control infrastructure systems in the United States, and has hacked major telecommunications companies.
The Solarium Commission argued that the kinds of recommendations it was pushing for, including a more aggressive American defense of its computer networks, would eventually create a “layered cyber deterrence” that would reduce attacks.
Stronger partnerships between the United States and its allies have helped build up deterrence, the new report said. But continued attacks showed that adversaries were not being forced “to bear sufficient costs for their malign activities.”
“The United States faces a pivotal decision point,” the report said. “It is up to the administration and Congress to seize this opportunity to secure the gains of the past five years; reinforce its cyber-deterrence posture; and send a clear signal of capability, intent and continuity to its adversaries.”
To reverse the erosion of defenses, the report calls on the Trump administration to enhance Mr. Cairncross’s authorities, restore funding for “cyber diplomacy” at the State Department and rebuild the cybersecurity agency, among other steps.
The weakening of the defenses has multiple causes. Mr. Trump has been hostile to the cybersecurity agency ever since its former director, Chris Krebs, said the 2020 election, which Mr. Trump lost, was secure.
Other cuts have come as part of the broader effort to shrink the federal government.
Some of the actions of the Trump administration appear to be motivated by a suspicion of former President Joseph R. Biden Jr. For example, the Biden administration was making progress on a Solarium recommendation to create a voluntary seal of approval for devices that connect to the internet and meet certain safety and security standards.
The Trump administration scrapped the effort, Mr. King said.
“I am at a loss to understand a lot of these actions that they have taken, because they have no rationale. But they have a very definite detriment to the country,” Mr. King said.
Julian E. Barnes covers the U.S. intelligence agencies and international security matters for The Times. He has written about security issues for more than two decades.
The post Trump Administration Cuts Cyberdefense Even as Threats Grow appeared first on New York Times.
