Mark Montgomery, senior director at the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies, thinks that if the administration is trying to entice Russia to the negotiating table, “it violates fundamental principles of both international relations and cybersecurity. This is a bad negotiating tactic.”
He explains, “You should negotiate with adversaries from a position of strength, not weakness. By effectively unilaterally disarming in the digital domain, we sacrifice our leverage and invite further aggression, not concessions. The administration appears to believe that it will be rewarded with reciprocal restraint. I think Putin’s previous performances call this theory into question.”
In addition, all indications suggest that Russian malign activity in cyberspace against the US has continued through at least the end of January. For example, researchers at Volexity issued a report on Feb. 13 saying that starting in mid-January, they had observed the Russian nation-state threat group they call CozyLarch, which overlaps with other Russian APT groups known as DarkHalo, APT29, Midnight Blizzard, and CozyDuke, targeting sensitive Microsoft 365 accounts by impersonating individuals from US government departments, including the US Department of State.
