Already, there are ominous signs that Trump and Musk intend to bring America to its knees on behalf of the Russian dictator and to destroy our defenses against a possible Russian attack, should Trump lose Putin’s love or the next American president directly challenge Russia.

Yesterday I wrote:

Defense Secretary Hegseth ordered our federal operations to detect and stop Vladimir Putin‘s infiltration of American cyber security — from our nuclear facilities and dams to our news and social media spaces — to cease. As Senate minority leader Chuck Schumer noted yesterday afternoon:

“Donald Trump is so desperate to earn the affection of a thug like Vladimir Putin he appears to be giving him a free pass as Russia continues to launch cyber operations and ransomware attacks against critical American infrastructure, threatening our economic and national security. It is a critical strategic mistake for Donald Trump to unilaterally disarm against Putin.“

As an intelligence insider told the media: “Putin is on the inside now.” As in, “Inside our government and inside our most sensitive computer systems that defend America.”

So, how could this play out? Is it possible Russia could win a war against the United States without ever firing a shot?

New York Times reporter Nicole Perlroth, in her vital and brilliant book This Is How They Tell Me The World Ends: The Cyberweapons Arms Race, wrote that from 2012 to 2014:

“Russian hackers made their way inside more than a thousand companies, in more than eighty-four countries, the vast majority of them American.”

While the Chinese have hacked American companies for decades and stolen what Perlroth documents as trillions of dollars’ worth of intellectual property, product designs, manufacturing techniques, and drug formulas, this Russian hack seemed to have a different purpose.

They “made their way into hundreds of industrial control systems across the country,” Perlroth wrote, using systems and strategies similar to the way Stuxnet had penetrated Iranian nuclear enrichment facilities.

“It wasn’t just US oil and gas companies anymore,” she said. “Russian hackers infected the software updates that reached the industrial controllers inside hydroelectric dams, nuclear power plants, pipelines, and the grid, and were now inside the very computers that could unleash the locks at the dams, trigger an explosion, or shut down power to the grid.”
This action “was not Chinese-style industrial espionage,” Perlroth wrote. “Moscow was preparing the battlefield.”
She quotes cybersecurity expert John Hultquist, who told her, “This was the first stage in long-term preparation for an attack. There’s no other plausible explanation.”

While a handful of nations with nuclear weapons have spent much of the past 70 years both preparing for and trying to avoid a nuclear war, cyberwar has emerged as a far more likely way the next major international conflict will go down.

And Trump just forced America to abandon that battlefield.

A few decades ago, neutron bombs were all the rage in the press — weapons that would kill all the people through a massive radiation pulse but leave the infrastructure standing and waiting to be occupied and used or looted by victorious foreign troops.

Cyberwar is sort of the opposite of neutron bombs. Instead of killing the people, it takes out the infrastructure with the goal being to disrupt society so severely as to bring down governments (the ultimate goal of most warfare).

Like a previously unknown and still largely invisible fourth dimension, digital cyberspace has gone from being nonexistent when I was born to having interpenetrated almost every home, business, and government agency in the developed world and most of the developing world.

Today everything from our water/power/sewer utilities to our cellular telephone systems to our home information and entertainment systems to our nuclear weaponry and military services runs on digital ones and zeros that flow through cyberspace.

Rather than the next war starting with a flash from a nuclear explosion over New York or Moscow or Beijing, it’s more likely that today the first step would be multiple major cities browning out as the electrical grid is fried the way the United States and Israel took out Iran’s centrifuges a decade ago with the Stuxnet worm.

Electronically force open a few big dams to kill millions with flooding, melt down a dozen nuclear reactors creating mass panic and death, and shut down communications systems for first responders: The country would be thrown into a chaos not unlike the firebombing of Dresden or Tokyo in 1944, but without the expense, hassle, or waste of building, fueling, and flying bombers or missiles.

With no power, no telecommunications, and no water, American cities would descend into chaos in days and become unlivable hellscapes within a week; drain the big banks and vanish their depositors’ records, and Putin has hit our nation at all levels from the top government/corporate to infrastructure to the individual and personal.

The risk/reward calculation for cyberwar is so much better than for nuclear war that it’s probable nuclear warfare has become an anachronism and cyberwar is the real new military frontier.

And Trump and Hegseth just eliminated most of our defenses against Russia doing this to us.

If Russia was to digitally infiltrate them, America’s own nuclear arsenal could even be used against us by Russians programming nuclear bombs and missiles to explode in place. And Trump just dropped our defenses against this scenario.

For the second time.

Right after taking office in 2009, President Obama gave a speech revealing that both his and Senator John McCain’s campaigns had been hacked by the Russians, as was his personal credit card.

In response, he kicked off a robust new agency within the White House to coordinate cybersecurity across federal agencies so that America wouldn’t get caught flat-footed like we were on 9/11.

J. Michael Daniel was Obama’s head of the office of the Cybersecurity Coordinator and special assistant to the president, working with a substantial team out of the Eisenhower Executive Office Building next door to the White House.

All the bells and alarms from more than 20 US security agencies, from those associated with the military to the FBI, CIA, NSA, and parts of the government that don’t even have public names, coordinated in this operation.

And then Russia attacked via cyberspace, although not here…yet.

Obama and his team watched from the Situation Room with horror as the day before Christmas Eve, the busiest shopping day of 2015, Russia took down Ukraine.

It was an explicit act of war, a punishment a year after voters in that country had expelled a Russian-friendly oligarch, Viktor Yanukovych, and replaced him with a Western-friendly president.

And by “take down,” I mean it literally. Kim Zetter told the story of a supervisor at one of Ukraine’s main power substations in Wired:

“All he could do was stare helplessly at his screen while the ghosts in the machine clicked open one breaker after another, eventually taking about 30 substations offline.
“The attackers didn’t stop there, however. They also struck two other power distribution centers at the same time, nearly doubling the number of substations taken offline and leaving more than 230,000 residents in the dark.
“And as if that weren’t enough, they also disabled backup power supplies to two of the three distribution centers, leaving operators themselves stumbling in the dark.”

It was the second consequential cyberattack (the first being Stuxnet) of one nation-state against another.

Prior hacks, mostly by Iran, North Korea, and China, were designed to extort money via ransomware, steal money directly from people’s bank accounts or credit cards, or steal product designs and other intellectual properties that could be converted to profit.

But there was no profit motive here, nor in the Stuxnet attack. Both were acts of war that presaged Russia’s invasion of Ukraine, and demonstrated what they could do to us if we lower our defenses.

This wasn’t the first time Russia had attacked another nation via cyberspace. Back in 2007 when the Estonians (a former Soviet state) removed an old Soviet-era statue from a public square, Russia invaded that country’s computer systems and pulled the internet plug on the entire nation; for a brief while, no traffic got in or out of the country.

And then the Russians went after America’s most powerful weapons to use in their cyberwar against Ukraine.

In 2016, the US cyberwarfare equivalents of our nuclear arsenal were hacked/stolen from our intelligence agencies (particularly the NSA) and put up for sale on the dark web. One of those cybernukes, named by the NSA EternalBlue, was integrated into a new Russian cyberweapon now known as NotPetya and used a year later, June 27, 2017, against Ukraine.

While few Americans know the story — it was largely ignored by the mainstream media — officials in the agency Obama had set up worried that it could be a dress rehearsal for an attack on America.

As Andy Greenberg wrote for Wired:

“On a national scale, NotPetya was eating Ukraine’s computers alive. It would hit at least four hospitals in Kiev alone, six power companies, two airports, more than 22 Ukrainian banks, ATMs and card payment systems in retailers and transport, and practically every federal agency. ‘The government was dead,’ summarizes Ukrainian minister of infrastructure Volodymyr Omelyan.”

About 10 percent of all the computers in Ukraine were “bricked” — permanently destroyed — and more than 300 companies were shut down and lost everything on their computer systems.

Checkout systems in stores died; gas stations couldn’t process payments, so their pumps stopped working; banks went down, and not only were people unable to access their balances, but some banking information (and thus money in the banks) was simply lost, forever.

The Russian cyberweapon even took down the monitoring systems at Chernobyl, provoking mass panic among the scientists working remotely on the cleanup who didn’t know for hours if the site had exploded, been attacked, or had just been hacked with devastating consequences.

The response of the Trump administration took a few months but was decisive: In early 2018, presumably following one of his many secret phone conversations with Putin, Trump shut down Obama’s White House Office of the Cybersecurity Coordinator and ended the job of its then-director, Rob Joyce.

In the understatement of the year, Senator Mark Warner of Virginia tweeted:

“Mr. President, if you really want to put America first, don’t cut the White House Cybersecurity Coordinator, the only person in the federal government tasked with delivering a coordinated, whole-of-government response to the growing cyber threats facing our nation.... I don’t see how getting rid of the top cyber official in the White House does anything to make our country safer from cyber threats.”

An aide to Trump’s National Security Adviser explained, using language lifted from Alexander Hamilton’s 1788 Federalist 70, that they killed off the Cybersecurity Czar’s office because “eliminating another layer of bureaucracy delivers greater ‘decision, activity, secrecy and despatch [sic].’”

It was a quote worthy of Elon Musk.

After the two years during which Trump forbade America a cybersecurity coordinator, the incoming Biden administration discovered that Russian hackers had used that time to embed themselves deeply into the computer systems of the Treasury and Commerce departments, and nobody is sure how far or how deep the Russian hackers went into other government agencies, including our military and intelligence agencies.

They were inside US government computers for almost a year during Trump’s first administration: Instead of the Trump administration, it was an outside company, FireEye, which discovered the hack and alerted both the government and the media. And there’s every indication that they’re still there.

When the Russians’ penetration deep into the US government’s computers hit the papers, Trump had, a month earlier, also fired Christopher Krebs, head of the Department of Homeland Security’s Cybersecurity Agency (because he’d publicly said there was no fraud in the 2020 election), so that agency was also in a bind when the news came out.

FireEye, SolarWinds, and several of America’s intelligence agencies unequivocally said the attack was launched from Russia, and Secretary of State Mike Pompeo declared:

“This was a very significant effort, and I think it’s the case that now we can say pretty clearly that it was the Russians that engaged in this activity.”

But President Donald Trump, having now lost the office that Putin had first helped him win in 2016, and a month away from having to vacate the White House, had a different story.

The AP reported on December 19, 2020:

“Contradicting his secretary of state and other top officials, President Donald Trump on Saturday suggested without evidence that China — not Russia — may be behind the cyber espionage operation against the United States and tried to minimize its impact.”

Trump then tweeted:

“The Cyber Hack is far greater in the Fake News Media than in actuality. I have been fully briefed and everything is well under control.”

He accused the media of being “petrified” of discussing “the possibility that it may be China (it may!)”

The headline at Business Insider neatly summarized the day:

“The White House was set to accuse Russia of the devastating cyberattack on the US government’s computer systems but was told at the last minute to stand down.”

The order apparently came directly from Trump.

The incoming Biden administration began the difficult, expensive, and time-consuming task of rebuilding our cybersecurity infrastructure, but Trump had left behind massive damage and what apparently ended up facilitating a years-long Russian presence inside our systems.

So this week Trump, Musk, and Defense Secretary Pete Hegseth shut down our operations that were designed to prevent Russia’s intrusions into America’s cyber infrastructure.

Presumably Pam Bondi is doing something similar to this, just like she shut down the FBI’s efforts to uncover and defeat Russian social media and fake news influence operations within the United States.

As a result of Trump’s efforts, World War III will probably not start with a nuclear exchange.

First, a dozen American cities will go dark as major dams burst and flood millions, killing them in their homes. Multiple nuclear power plants will melt down, and dozens of major businesses across America will lose all access to payment processing and inventory. Trillions will vanish from the banks.

Then, Russia will threaten to finish the job with nuclear weapons and America will surrender. Democracy will be dead, a 250-year experiment ended, and the president will declare himself dictator for life.

Think it couldn’t happen here? It already has, on a very small scale, after America and Israel destroyed Iran’s nuclear program with the Stuxnet worm in 2010.

On August 15, 2012, Iran used their cyber warfare system to disable the world’s wealthiest oil company, Saudi Aramco, irretrievably destroying 30,000 computers, leaving only an image of a burning American flag on every monitor’s screen.

Then they went after a 245-foot-tall, 800-foot-long dam in Oregon, the Arthur R. Bowman Dam, which backs up the Crooked River. Had they opened its floodgates fast enough, it would have wiped out the downriver town of Pineville, killing thousands.

Fortunately for Oregonians, Iran‘s cyber warriors got the wrong dam; instead of the Oregon dam, they successfully infiltrated and took control of the Bowman Avenue Dam in New York State, which reroutes a relatively small stream. And, to add insult to injury for the Iranians, when they hit that dam (as the CIA was just then discovering), the sluice gates had been separated from the computer system for maintenance.

In an article about the attack, Wall Street Journal reporter Danny Yadron wrote, “America’s power grid, factories, pipelines, bridges and dams—all prime targets for digital armies—are sitting largely unprotected on the Internet.” It was just a fluke that they got the wrong dam and that it was down for repairs.

The late Las Vegas billionaire Sheldon Adelson, then a close friend of Benjamin Netanyahu and a major donor to both Israeli and GOP causes, was the next victim of Iran after telling an audience at Yeshiva University in New York that the United States should drop an atomic bomb in Iran’s desert, implicitly threatening the capital, Tehran.

“You want to be wiped out? Go ahead and take a tough position,” Adelson said.

Iran’s Supreme Leader Ayatollah Ali Khamenei replied that somebody “should slap these prating people in the mouth.”

Weeks later, all the computers at the Sands, Adelson’s hotel/casino, died. Totally. Every hard drive wiped, every screen showing a photo of Adelson and Netanyahu with the inscription, “Don’t let your tongue cut your throat”; the computers may as well have been boat anchors. Bricked is the word that hackers use.

Two years earlier, the Obama administration had put forward legislation to require all privately owned “essential infrastructure” in the United States to harden their cyber capabilities.

While it passed the House of Representatives, as the New York Times reported:

“Senate Republicans . . . argued that the minimum standards were too burdensome for businesses, and by late July had managed to change the legislation to make them optional. In early August, the bill essentially died when it was blocked by a [Republican] filibuster.”

Failing at getting Congress to force the American companies that controlled our infrastructure to harden their systems, President Obama signed an executive order “that promotes increased information sharing about cyberthreats between the government and private companies that oversee the country’s critical infrastructure” and “put together recommendations that companies should follow to prevent attacks.”

The order was ignored, and continues to be ignored, by American industry.

Cybersecurity for our privately owned dams, bridges, electrical generating stations, nuclear power plants, gas and oil pipelines, and water and sewage systems is now optional, and few companies—at least until ransomware attacks began in earnest in 2020—invested anything close to the necessary funds to protect against an internet-based attack.

Is it possible that Russia might be planning something like this? Is it possible that Trump could be setting us up? We may well get a clue in his speech tonight.

Russia’s cyber attack on Ukraine and subsequent invasion, it turns out, may just have been a dress rehearsal…

By Thom Hartmann

March 04, 2025