Trump’s cyber shake-up sparks alarm as US dismantles key defences amid rising threats from China and Russia

In his first term, Trump expanded US cyber capabilities, creating the CISA and authorising counterstrikes on Russian hackers before the 2018 elections.

US President Donald Trump’s sudden firing of NSA and Cyber Command chief Gen. Timothy D. Haugh has deepened concerns among cybersecurity experts, lawmakers, and election officials that the US is unravelling critical digital defences at a moment of unprecedented vulnerability to foreign cyberattacks and election interference, the New York Times reported.

Haugh, a key architect of countermeasures against Russian and Chinese cyber operations, was removed under pressure from far-right Trump adviser Laura Loomer. His firing follows weeks of sweeping cuts across federal cybersecurity programmes, including the dismantling of initiatives meant to secure elections, protect infrastructure, and share intelligence between agencies and private tech firms.

In his first term, Trump expanded US cyber capabilities, creating the Cybersecurity and Infrastructure Security Agency (CISA) and authorising counterstrikes on Russian hackers before the 2018 elections. But since returning to office in January, Trump has reversed course—targeting CISA and slashing over $10 million in funding for programs that identified threats to election systems and critical infrastructure. Local officials in Arizona and Pennsylvania, who had relied on CISA support, now fear a “drawbridge has been lowered” with no guards remaining.

National Security Advisor Michael Waltz has emphasized the need to go on cyber offense, arguing that the US must deter adversaries like China by demonstrating its own capabilities. But experts warn that America’s vulnerability—especially its dependency on private infrastructure and open networks—makes retaliation likely and costly. “We live in the glassiest house,” one former US Defense Department official warned.

Senator Mark Warner cited a recent Chinese cyberattack—“Salt Typhoon”—that breached US telecom networks and allegedly gave Beijing access to DOJ interception tools and even Trump’s own campaign communications. Meanwhile, ransomware incidents and foreign malware activity are on the rise, and with fewer federal defenders in place, the threat to power grids, pipelines, and voting systems is growing.

Election officials from both parties are urging the administration to reverse course. Al Schmidt, Pennsylvania’s Republican Secretary of State, warned that CISA had prevented serious cyber incidents in 2023, including a fake voter registration phishing attempt and a mail threat traced to Russia. Colorado’s Jena Griswold said the federal pullback could have a “huge impact” as elections loom, especially with many states now banning private funding for election infrastructure.

Among the casualties of the cyber retrenchment are “Red Teams” of contracted experts who ran penetration tests and helped prevent attacks. The Biden-era Cyber Safety Review Board—created to study breaches and share findings across agencies—was also dismantled shortly after Trump took office. Though administration officials say cuts eliminate redundancies, critics argue the cost in preparedness could be steep.

While Waltz has not yet outlined a new national cyber strategy, many fear the administration’s dismantle-first approach will leave the country exposed. With China embedding malware across US infrastructure and Russia escalating election interference, the decision to gut defences and remove seasoned leaders like Haugh could set the stage for devastating attacks.