The US appears to be acting on its promise to aggressively respond to cyberwarfare threats. New York Times sources say Cyber Command has planted offensive malware in Russia's electrical grid, not just reconnaissance as has been the case since "at least" 2012. It's not certain just how deep the infiltration goes or what malware is capable of doing. The intention, however, is clear -- this is meant both to serve as a deterrent as well as a weapon in case the US and Russia trade blows.
The military branch is reportedly taking advantage of measures in a 2018 defense authorization bill permitting secret online campaigns to "deter, safeguard or defend against" cyberattacks without requiring explicit presidential approval. President Trump, who claimed that Russia had stopped cyberattacks, isn't believed to have been briefed on the malware plants.
Officials have declined to comment on the report, but national security advisor John Bolton said just this week that the US was expanding its potential online targets to warn Russia and others of the potential for retaliation.
The approach could draw mixed reactions. While the US has been accused of going soft on Russia while it plants offensive malware in American infrastructure, there are concerns that this could lead to further digital aggression from Russia, such as using that malware for cyberattacks or making further attempts at election interference. The US is effectively betting that this creates a stalemate, rather than exacerbating an already tense situation.