America’s capacity to detect and counter foreign disinformation campaigns appears to be eroding, cybersecurity experts warn, just as hostile actors step up their efforts. Recent weeks have seen a pro-Russian network target the F-35 fighter program, attempting to undermine confidence in the critical defense platform, according to The New York Times.
This campaign, attributed by analysts at Alethea to the group “Portal Kombat,” surfaced amidst a broader trend: the systematic dismantling of U.S. government bodies once dedicated to combating such threats.
Under President Trump’s second administration, units and task forces specifically designed as national security guardrails against foreign influence have been curtailed or eliminated. The FBI’s foreign influence task force is shuttered.
The Cybersecurity and Infrastructure Security Agency (CISA), once pivotal in exposing disinformation, saw its role in this area ended following significant budget cuts and staffing reductions earlier this year, including the removal of staff dedicated to election security. Most recently, the State Department placed employees tracking global disinformation on leave, effectively halting the work of its Global Engagement Center which had previously publicized Chinese and Russian propaganda efforts.
The White House defended the State Department closure, claiming the unit’s functions were redundant and better handled by intelligence agencies as reported by Associated Press. Adding to the uncertainty, General Timothy D. Haugh, the experienced four-star general leading both the National Security Agency and U.S. Cyber Command, was dismissed this month, reportedly influenced by activist Laura Loomer.
A Deliberate Shift: Loyalty Over Process
Administration officials frame these changes as necessary corrections. National Security Council spokesman Brian Hughes stated that “members of the national security team of the first term actively attempted to undermine President Trump including General Milley calling his then-Chinese counterpart behind the president’s back.” He asserted the team’s job is to “carry out the elected commander in chief’s agenda, not weaken it.” This reflects a determination to avoid the internal policy friction Trump encountered previously.
However, critics like former National Security Advisor John R. Bolton question the implications: “When somebody with no knowledge can come in and level accusations at the N.S.C. senior directors, and Waltz can’t defend them, what does that say?” Lawmakers have also expressed bipartisan concern about the nation’s ability to respond to threats like the recent F-35 disinformation campaign. With government counter-efforts diminished, private companies facing such campaigns “are increasingly on their own,” warned Alethea CEO Lisa Kaplan.
DOGE’s Rise and Technical Troubles
Concurrent with the weakening of CISA and other agencies, Elon Musk’s Department of Government Efficiency (DOGE) has seen its influence grow, taking on cybersecurity responsibilities. Yet DOGE itself has faced scrutiny over its operational readiness and security practices. Its public website, DOGE.gov, built on WordPress, was found to have basic security flaws, including an openly accessible database that allowed public edits for hours, marked by a banner reading: “THESE ‘EXPERTS’ LEFT THEIR DATABASE OPEN.”
Furthermore, DOGE hired individuals with controversial backgrounds, such as a 19-year-old linked to “The Com” online harassment network (Edward Coristine, grandson of a KGB double agent) and another (Christopher Stanley) who previously leaked a DDoS-for-hire database, raising concerns about vetting standards. These hires occurred even as DOGE gained access to sensitive systems like CISA’s emails.
Cybersecurity experts expressed alarm early on. Bruce Schneier described the situation as “a National cyberattack,” highlighting not just access but “the systematic dismantling of security measures that would detect and prevent misuse.”
Former NSA hacker Jacob Williams warned that DOGE personnel were reportedly introducing code changes into federal systems without following standard vetting processes, stating: “I know this because government IT doesn’t move at this pace with production systems.” While some agencies like the IRS implemented restrictions on DOGE’s access to sensitive data like requiring taxpayer information be anonymized, the full extent of DOGE’s reach and adherence to protocols remains a concern among experts and lawmakers.
Protocols Sidestepped in High-Stakes Decisions
The erosion of standard procedures extends to sensitive operational planning. Top administration officials, including National Security Advisor Michael Waltz, CIA Director John Ratcliffe, and Secretary of State Marco Rubio, used the commercial messaging app Signal to coordinate military strikes in Yemen.
While Signal offers strong end-to-end encryption for message content, security analysts stress it inherently lacks the robust audit trails, identity verification, and access controls mandated for handling classified government communications. This deviation from secure protocols, which resulted in a journalist being accidentally added to the chat, occurred without the apparent involvement of the acting chairman of the Joint Chiefs of Staff at the time. Former CIA Director Leon Panetta called it “a very serious mistake that could violate espionage laws.”
Other instances point to expertise being bypassed. The Pentagon’s attempt to brief Elon Musk on classified China war plans required White House intervention to stop. In Ukraine policy, adviser Keith Kellogg’s cautious approach was reportedly overridden before a contentious meeting with President Zelensky, while real estate developer Steve Witkoff appears to be playing a central role in negotiations.
A New National Security Landscape
The cumulative effect of these changes is raising alarms. The traditional advisory roles envisioned by the National Security Act of 1947, meant to provide presidents with expert counsel, seem to be morphing into structures prioritizing compliance.
While some, like Representative Mark Green, defend the CISA changes, arguing the agency should focus solely on infrastructure protection and avoid adjudicating speech, the rapid removal of established national security checks and balances marks a significant departure. The diminished capacity to publicly identify and counter sophisticated disinformation campaigns, combined with a willingness to bypass established security protocols for sensitive communications, potentially leaves the U.S. more exposed in an increasingly complex global information environment.
