Similarly, the campaign against the Russian ransomware group REvil in 2021 significantly reduced the group’s ability to launch disruptive attacks on US businesses. Each of these actions imposed real costs on Russian cyber actors, forcing them to rebuild infrastructure, rethink strategies, and hesitate before launching new operations. Ongoing operations in Ukraine by US and aligned hunt-forward teams extend this effect.
Halting offensive planning removes this critical pressure. It gives Russian cyber units and affiliated criminals a breathing room they have not had in years, allowing them to refine techniques, develop new attack vectors, and prepare more aggressive campaigns. This is not speculation—it is how adversaries operate. Cyber campaigns are iterative, and when defenses weaken, attacks increase.
How Russia will exploit US inaction
Moscow has never viewed cyberspace as a domain of restraint in the way multiple US administrations have. It has consistently used cyber operations to disrupt elections, cripple infrastructure, steal sensitive data, and wage influence campaigns designed to destabilize Western institutions for more than four decades. In this moment, where the US is showing every sign of easing its cyber pushback against such activities, we should expect an acceleration of three key threat areas.
