Insurers will help define the threshold for cyberwar
Read more 
Hooked! #1: Will they, won’t they? US offensive cyber against Russia
Reports earlier this month that US Defence Secretary Pete Hegseth had ordered the US Cyber Command to halt all Russia-related planning, including offensive cyber operations, sent alarm bells ringing across international relations and cybersecurity spheres.
A member of the US Air Force conducts cyber operations during a March 2025 exercise, hosted by the US Cyber Command. Photo: Skyler Wilson/US Cyber Command
Hello and welcome to Hooked!, our new monthly current events newsletter. In Hooked!, we draw on Binding Hook’s latest publications and growing archive of expert research, analysis, and commentary to reflect on a recent security and technology event.
Reports earlier this month that US Defence Secretary Pete Hegseth had ordered the US Cyber Command to halt all Russia-related planning, including offensive cyber operations, sent alarm bells ringing across international relations and cybersecurity spheres.
The Donald Trump administration had apparently decided that Russia is not the cyber threat it has long been understood to be. This is a jarring policy shift, and one that administration officials later denied. Department of Defence officials have also denied that Hegseth had cancelled or delayed cyber operations against ‘malicious Russian targets’.
Despite the pushback, the Washington Post has stood by its reporting of a pause in offensive cyber and information operations against Russia. Their sources say the pause is a standard negotiation tactic, related to Trump’s attempts to end the war in Ukraine. A former senior military official told WP that such a ‘pause’ doesn’t work well for a cybersecurity approach defined by ‘persistent engagement’ – the lack of persistence leaves openings for adversaries to get ahead.
Investigative journalist Kim Zetter has a closer look at what has and hasn’t happened with regards to US cyber operations against Russia in her newsletter, Zero Day.
While Russia has welcomed the Trump administration’s new foreign policy stance, it seems unlikely that the country will end cyber intelligence or military operations against Ukraine or the US, or that it will begin cracking down on widespread cybercrime and ransomware operations. Instead, the US is sending mixed signals to malicious actors worldwide, pressing pause while filling the White House with proponents of offensive cyber (including Binding Hook author Emily Goldman).
This all makes Neil Ashdown and Jeremy Henty’s latest Binding Hook article, on how private sector actors can use deception and psychological impacts for cyber defense, exceptionally timely. Ashdown and Henty present a new spin on the perennial debate around ‘active defence’ by combining it with the UK’s doctrine of cognitive effects: how can private actors deter and disrupt potential hackers in new and more effective ways?
To understand more about the background and context to this debate, check out Binding Hook’s analysis of media coverage of cyber operations, the threshold for ‘cyber war’ (according to insurers), and how to understand ‘persistent engagement’ – by the original authors of the term.
Binding Hook has also contemplated other cyber implications of the Trump administration, including where Europe and the US might be able to find unity in cybersecurity and Trump’s potential impact on UK cyber ambitions.
The key question remains one asked by an anonymous European intelligence official on Binding Hook last year: can lawyers lose wars by stifling cyber capabilities?
Still hungry for more? Our book reviews of Offensive Cyber Operations and Rethinking Cyber Warfare both cover excellent longer interventions in this debate.
Until next month,
Katharine Khamhaengwong
Binding Hook Editor
