Listen to the article
The Trump administration’s new counterterrorism strategy formally integrates offensive cyber operations into the United States’ broader campaign against terrorist groups, cartels, and hostile state actors, marking one of the clearest public acknowledgements yet that cyber capabilities are now considered a core pillar of modern counter-terror operations.
The strategy states that counter-terror activities against hostile states “include offensive cyber operations against those planning to kill Americans or who support those plotting to do so”, alongside kinetic, intelligence, diplomatic and covert measures.
The document expands the range of actors Washington now considers legitimate counter-terror targets. In addition to ISIS and al Qaeda, the strategy identifies narcotrafficking cartels, transnational gangs, Iranian-backed proxy groups, and “violent left-wing radicals” as threats to US national security.
A major shift in the strategy is the proposed designation of certain cartels and transnational gangs as Foreign Terrorist Organisations (FTOs), a move designed to unlock additional intelligence authorities and expand the government’s ability to disrupt financial networks, travel, communications and logistical support structures tied to those groups.
The White House says it will use “diplomatic, financial, cyber, and covert actions” to deter or undermine states accused of supporting terrorist organisations or criminal proxies. The strategy specifically highlights efforts to sever covert support pipelines linking adversarial regimes to cartels and Islamist groups, including sanctions enforcement, disruption of shadow fleet oil shipments, and operations targeting access to dual-use technologies such as drones, advanced weapons systems, and precursor chemicals used in narcotics production.
Cyber operations appear to sit alongside these measures as part of a broader pressure campaign aimed at increasing the cost of state sponsorship for hostile actors.
The strategy also states that the US will continue “kinetic, intelligence, and cyber operations” against Iranian-backed proxy groups accused of plotting attacks against Americans. It further warns of “decisive action” against regime-linked actors alleged to be targeting Americans, Israeli citizens, or Iranian dissidents on US soil.
While the document openly references offensive cyber capabilities, it provides few operational details about what those activities would involve in practice. However, the inclusion of cyber operations in a formal counter-terror doctrine reflects the growing role of digital capabilities in modern national security planning and the increasing willingness of US administrations to publicly acknowledge offensive cyber activity.
The policy also arrives amid wider debate inside Washington over the expanding use of private-sector cyber capabilities. The US government has helped drive the growth of the offensive cyber industry through defence contracts and intelligence partnerships, but legal and policy questions remain over where defensive activity ends and offensive action begins — particularly when private companies are involved in cyber operations linked to national security objectives.
