ANALYSIS: Cybersecurity as a Bargaining Chip in Ukraine Talks – US Backs Off Russian Threats, Part 2

As the US scales back its efforts to counter Russian sabotage and hybrid warfare, a new concern has emerged: the role of cybersecurity and intelligence-sharing in US-Russia diplomacy. 

With NATO allies already alarmed by the rollback of counter-sabotage operations intelligence officials now warn that US disengagement from cyber defense could have even more severe consequences. 

As detailed in Part I of this analysis, the US has halted counter-sabotage operations, raising fears that Washington is stepping back from countering Kremlin threats. Now, cybersecurity and intelligence-sharing have emerged as a new flashpoint – one that could shape both US-Russia relations and the security of Ukraine and NATO.

In Part II, we explore how cybersecurity has become a bargaining chip in US foreign policy, potentially exposing Ukraine and Europe to increased Russian digital warfare.

Security experts warn of growing cyber threats

The administration of former US President Joe Biden had responded by bolstering intelligence-sharing, but under President Donald Trump, the US role in countering these threats has diminished. Many analysts argue that Trump’s policy shifts have emboldened the Kremlin, weakening Western deterrence efforts.

Over the past three years, Russian intelligence agencies have expanded their covert operations across Europe, hiring criminals to carry out sabotage missions, arson, and cyberattacks. These hybrid tactics have been used to erode Western support for Ukraine, Western intelligence officials told Reuters.

Other Topics of Interest

Trump Aims for Golden Dome Missile Defense, but Cost and Nuclear Risks Loom Large

While Israel’s defense system covers a small area, the Trump administration is working to deploy a Golden Dome that could protect the entire US territory from ballistic and hypersonic missile strikes.

By late 2024, intelligence reports confirmed that Moscow was directly supporting sabotage operations in Europe, including assassination attempts and strikes on infrastructure. The National Security Council under Biden established regular meetings with European allies to coordinate intelligence-sharing and sabotage prevention strategies during the same period. The former head of Ukraine’s intelligence service confirmed to Kyiv Post last year that the CIA had been working closely with HUR for years to root out Russian cybercriminals. 

Cooperation between US and European intelligence services has resulted in the foiling of several Russian-linked sabotage attempts across the EU. Examples of recent Russian sabotage operations include:

• In early 2024, US intelligence helped prevent an alleged Russian plot to assassinate the CEO of Rheinmetall, a German defense manufacturer supplying Ukraine, according to former US officials speaking to Reuters. German authorities intervened just in time.
• This month, a Belarusian national was charged in Poland with espionage and sabotage on behalf of Russia after an arson attack on a Warsaw hardware store in April 2024, according to The Financial Times. 
• Also this month, Lithuanian authorities charged Russian military intelligence with orchestrating an arson attack on an IKEA store in Vilnius in May 2024, targeting economic infrastructure as a means of spreading fear, according to the AP.

A gradual decline in intel-sharing

Ukrainian security officials said they began observing a decline in US engagement in Russian disinformation and cyber threats starting in February. The growing lack of coordination between allies raised concerns in Kyiv that the US might have already begun retreating from its role as a key player in countering Russian aggression beyond the battlefield.

At the same time, Ukrainian intelligence also identified an increase in Russian-backed cyberattacks on government and media institutions, suggesting that Moscow was testing the limits of the West’s newly stripped-down response mechanisms. These assaults primarily targeted critical infrastructure sectors, including energy, government services, security agencies, and telecommunications, with the intent to steal sensitive information and disrupt operations. 

Ukrainian intelligence has reported a significant escalation in Russian-backed cyberattacks targeting government and media institutions in recent months. According to the State Service of Special Communications and Information Protection of Ukraine, 2024 saw a 70% increase in cyber incidents compared to the previous year, totaling 4,315 attacks, according to Ukrainska Pravda. 

The number of Russian hacker attacks increased by 19% in 2024, per Wired. Security analysts suggest that these intrusions have become more targeted and persistent, focusing on compromising Ukrainian government systems and critical infrastructure. This marks a shift from previous large-scale attacks to more covert operations aimed at long-term disruption.   

A notable incident occurred in Dec. 2024, when Russian hackers launched a massive cyberattack on Ukraine’s state registries, leading to a temporary suspension of services. Deputy Prime Minister Olha Stefanishyna described it as “the largest external cyberattack in recent times,” affecting vital records such as births, deaths, marriages, and property ownership.

And in February 2025, Russian-affiliated cyber groups carried out disinformation-driven hacking attacks on Ukraine’s central bank, targeting financial transactions and attempting to spread panic in the financial sector.

European officials now fear that Western intelligence-sharing on cyber threats may soon resemble the fragmented landscape of pre-2014, when EU states were left to manage Russian hacking threats on their own with little centralized coordination.

In light of recent developments, European nations are reassessing their defense strategies. The European Union is planning a €150 billion defense fund focused on rearmament, excluding US, UK, and Turkish arms companies unless their countries sign defense and security treaties with the EU, according to the Financial Times. The move supports a “Buy European” initiative, mainly led by France, due to concerns about the reliability of the US as a defense ally. 

This shift raises concerns about potential fragmentation within NATO, as differing defense policies among member states could create gaps that adversaries might exploit. Analysts have drawn parallels to the period before 2014, when Western nations underestimated Russian hybrid warfare tactics, leading to Moscow’s annexation of Crimea with minimal resistance. 

Ukrainian cybersecurity experts warn that Russia is testing the limits of the West’s response capabilities, knowing that the Trump administration has deprioritized countering Russian cyber operations. The US Cybersecurity and Infrastructure Security Agency (CISA), which previously coordinated with European partners on Russian cyber threats, has not hosted a major intelligence-sharing meeting since early January, according to Wired.

Higher stakes for Ukraine and its allies 

The suspension of US counter-sabotage efforts marks a turning point in the country’s Russia policy. The decision has already had ripple effects across Europe, where officials are now weighing whether they need to develop their own counter-hybrid warfare strategies without Washington’s leadership.

At the same time, the European Union is increasing investments in its cybersecurity infrastructure, aiming to compensate for gaps left by US disengagement.

For Ukraine, the implications are profound. With the US reducing its engagement in countering Russian influence campaigns, Kyiv faces heightened challenges in securing international support, especially as Trump advocates for a swift resolution to the ongoing war.

Zelensky has continuously expressed concerns that diminished US involvement could embolden Russia’s hybrid warfare tactics, further destabilizing the region. He emphasized the critical need for continued American military aid in an address on Wednesday, stating that any reduction in support could jeopardize Ukraine’s overall defense capabilities. 

“We need to increase support for Ukraine because it signals that we are ready for any surprises from Russia,” he said. He added that he planned to talk to Trump later in the day to discuss his recent call with Putin.

Simultaneously, European allies are reassessing their own counter-hybrid warfare strategies in response to Washington’s shifting priorities. Estonian Prime Minister Kaja Kallas has criticized US actions and called for stronger European unity and security measures, arguing that appeasing Russia would encourage further aggression, deeper into Europe.

As Moscow continues its shadow war across Europe, the question remains: Is the US retreating from its leadership role in countering Russian hybrid warfare, or is this part of a broader strategy yet to be fully revealed?

For Ukraine, this is more than a diplomatic shift – it is a direct threat. Without the US coordinating counter-sabotage and cyber defenses, Kyiv risks not only military isolation but an escalation of Russian hybrid warfare on its territory. The longer Washington deprioritizes counter-Russian intelligence, the greater the risk that Ukraine’s battlefield and digital defenses will be overwhelmed.

As international allies adjust to Washington’s shifting approach, Ukrainian officials are bracing for whatever comes next. The longer the US deprioritizes cyber defense, the greater the risk that Ukraine and its allies will face an unchecked escalation of Russian digital warfare – without the intelligence-sharing framework needed to fight back.