Trump Administration Turning to Private Firms in Cyber Offensive
ManuelSummary:
The administration is expected to provide more information after the release of the strategy, as well as an executive order that could outline private firms’ roles and provide them with more legal protections.
President Donald Trump’s administration is preparing to turn to private businesses to help mount offensive cyberattacks against foreign adversaries, according to people familiar with the matter, potentially expanding a shadowy electronic conflict typically conducted by secretive intelligence agencies.
The White House plans to make public its intention to enlist private companies in more aggressive efforts to go after criminal and state-sponsored hackers in a new national cyber strategy, a draft of which has been viewed by industry officials and experts. The strategy is expected to be released by the Office of the National Cyber Director in the coming weeks.
The draft, described to Bloomberg News by multiple people, says the federal government should unleash private businesses as it moves to impose consequences on foreign adversaries who breach critical infrastructure and telecommunications networks, or who cripple businesses with ransomware attacks. The draft didn’t provide many details on how the administration would use the companies.
A spokesperson for the Office of the National Cyber Director would not comment on the draft because it is not finalized but said the administration is committed to cybsecurity for Americans and US infrastructure, networks and information.
The administration is expected to provide more information after the release of the strategy, as well as an executive order that could outline private firms’ roles and provide them with more legal protections, the people said. Legislation might also be required.
The push to include industry would open lucrative new business opportunities to firms that have traditionally contracted with the government on defensive strategies rather than offensive measures. But it comes with risks.
There is currently no legal basis for private firms to conduct their own offensive cyber operations. Additionally, any operations to take down adversary infrastructure could put private firms in the crosshairs of foreign government entities, whose intelligence services often use affiliates to carry out their cyberattacks.
But the drive to enlist private companies reflects a growing view within the intelligence community and the administration that the US needs more capacity to fight hostile hacking groups that often work with abundant foreign state support. Adding those firms would both expand the government’s cyber warfare resources and free up intelligence agencies and the military to focus on work only they can handle.
Discussions on contracting out offensive cyber operations were already underway in Joe Biden’s White House, though his administration didn’t settle on a policy, said people familiar with those deliberations.
The cyber strategy draft, some five pages long, also calls for streamlining data security and cyber regulations, the modernization of federal systems, securing critical infrastructure and promoting adoption of post-quantum cryptography and secure quantum computing. The White House has invited industry officials to give feedback on the draft, which could still change, the people said.
Trump administration officials have for months made clear they intend to take more aggressive action against criminal and state-sponsored hackers. Alexei Bulazel, the National Security Council’s senior director for cyber, declared at a security conference in September that the administration is “unapologetic, unafraid to do offensive cyber.”
And tucked inside Trump’s multi-trillion-dollar tax and spending law is a little-noticed provision designating a $1 billion boost for offensive cyber operations, which have typically been conducted by the military’s Cyber Command or intelligence agencies. The law does not prescribe how the money be spent, but its inclusion in Trump’s cornerstone bill is a signal of offensive cyber’s importance to the administration.
Many cybersecurity firms known for defensive operations could easily apply their expertise and their technology to launch attacks, but offensive work would be financially and legally risky, potentially turning off customers and investors alike, said Michael Janke, co-founder of Datatribe, a tech foundry for cyber startups. Legislation, however, could hinder companies that want to remain discreet regarding the use of their tools.
“That gray area provides a lot for both government and commercial to flow within,” he said. “Once you shrink that to legislation, you may not have that gray area.”
Source: Bloomberg
Copyright © 2025 FastBull Ltd
News, historical chart data, and fundamental company data are provided by FastBull Ltd.
Risk Warnings and Disclaimers
You understand and acknowledge that there is a high degree of risk involved in trading. Following any strategies or investment methods may lead to potential losses. The content on the site is provided by our contributors and analysts for information purposes only. You are solely responsible for determining whether any trading assets, securities, strategy, or any other product is suitable for investing based on your own investment objectives and financial situation.
