Allies are left hanging on cyber initiatives and funding. It leaves a vacuum for adversaries, officials warn.
The return of Donald Trump to the White House has cybersecurity officials across the West scrambling to keep their counteroffensives against Moscow and Beijing on the rails.
Since Joe Biden told allies in 2021 that « America is back » on the international stage, his White House led efforts to gather international partners to push back on cyber threats ranging from ransomware gangs pillaging critical industries to governments’ misuse of spyware and hackers targeting developing countries.
As Trump now touts his « America First » foreign policy, those efforts now risk being dead in the water.
In the days leading up to Trump’s inauguration, top-level cybersecurity officials left their positions. The new administration’s actions to scrap foreign aid budgets have already impacted key cybersecurity programs in countries across the world.
“It’s a rough period of time for international support,” said Phil Stupak, the former assistant national cyber director for the U.S. White House’s Office of the National Cyber Director.
Diplomats travel to Germany this week for the three-day Munich Security Conference — nicknamed « Davos with guns.” The gathering is a traditional highlight for cybersecurity diplomacy efforts.
“The rest of the world, at least our allies and partners, do look to the U.S. for leadership,” said Chris Painter, a top cybersecurity diplomat who served under the Obama and first Trump administration.
U.S. international cyber support reached new levels during the past four years, which saw the Biden administration give cyber funds to Costa Rica and Albania after each faced cyberattacks on government networks, and saw coordinated international enforcement against ransomware gangs across the world and joint attribution campaigns to call out adversaries’ cyberespionage and hybrid attacks on allied countries.
Security officials have warned Moscow has substantially dialed up its attacks against Western countries since invading Ukraine, including through cyberattacks aimed at critical infrastructure in European nations and hybrid attacks such as the cutting of undersea cables.
And the U.S. and allies were also reminded of Beijing’s cyber craftsmanship last year, when security services revealed that a state-linked group dubbed Salt Typhoon conducted a major hack of telecom operators across the globe.
Empty seats, talks on hold
The new U.S. administration is still in its first 100 days, and in the meantime there is no Senate-confirmed cyber leader in any of the key agencies with cyber jurisdiction, such as the Pentagon, the Cybersecurity and Infrastructure Security Agency and the White House. There is also still no nominee for taking on the cyber ambassador position at the helm of the State Department’s Bureau of Cyberspace and Digital Policy.
“Everything’s kind of a holding pattern,” Painter said.
Meanwhile, The Intercept reported spyware firms such as Israel’s NSO Group were already lobbying key Republican senators to reverse its blacklisting in the U.S. in October 2024.
The Trump administration’s pause on new foreign aid obligations for 90 days includes funding from the government’s Bureau of Cyberspace and Digital Policy, less than three years after it was launched. The agency under the Biden administration prioritized efforts to counter the use of Chinese-made technology by adversaries.
With the pause in aid and support, critics warn the door is left open to Beijing.
“Then the nations who have not decided what sympathy they have on tech — whether they align themselves with the West or a more Chinese controlled internet — they might think that the authoritarian model of cyber governance is better,” Heli Tiirmaa-Klaar, a fellow with the German Marshall Fund, told POLITICO.
The Trump administration is sending a hefty delegation to the Munich security gathering itself, including Vice President JD Vance. But a cyber-focused pre-event called the Munich Cyber Security Conference — which in past years featured lots of senior Washington cyber officials — now only features Liesyl Franz, deputy assistant secretary at the State Department’s cyber bureau, on the speaking list.
The programs launched by Biden’s administration include the establishment of the Counter Ransomware Initiative that sought to end the scourge of ransomware attacks on critical sectors like grid operators and hospitals. The group of more than 60 nations most recently met in Washington in October.
Biden also launched a Joint Statement on Efforts to Counter the Proliferation and Misuse of Commercial Spyware, to which more than 20 countries sign on, which aimed to limit the use of spyware by governments globally.
But the future of both is in doubt under the Trump administration, which has not addressed next steps for either.
“No matter what … you still need the U.S. behind it,” Painter said of the ransomware initiative, adding that, under Trump, “that’s at least unclear right now.”
Losing control of technology
Key U.S. Democrats on Capitol Hill are also sounding the alarm about the opening that moving away from engaging internationally gives to China, specifically, in the cyber and tech policy spaces.
“It would be a grave mistake to reduce our engagement on cyber as technology moves at a rapid pace,” Sen. Chris Coons (D-Del.), ranking member of the Senate Foreign Relations Committee’s Subcommittee on East Asia, the Pacific and International Cyber Policy, told POLITICO.
Officials from the State Department’s Bureau of Cyberspace previously made a point to travel to countries using Chinese-made equipment to convince them to move away from these systems, citing national security risks.
Still, amid a freeze in U.S. foreign aid, Costa Rican Foreign Minister Arnoldo André told POLITICO that Secretary of State Marco Rubio last week signed off on a waiver allowing cyber support to continue for the Costa Rican government. The State Department gave $25 million to the Central American nation in cyber funds in 2023 after massive cyberattacks on government systems.
Proponents of an active cyber diplomacy pointed out that it is in the U.S.’s own interest to do so.
« Whatever happens in one country is going to happen to [the United States], » said Stupak. « Look at Wannacry: these targeted attacks that do not stay where they are intended because we all use the same systems. »
« When we are supporting Albania, we are not just throwing money away because we are good doers,” Stupad said. “We are doing it because it’s in our best interest.”
Maggie Miller reported from Washington. Antoaneta Roussi reported from Brussels.