DOJ indictment of three Russians highlights preventive gaps as CISA faces deep cuts
The DOJ indicted three Russian nationals for a cybercrime scheme that stole more than $63 million from victims in 21 states, but the action is after-the-fact enforcement that does not address the underlying vulnerabilities. Meanwhile, the Trump administration’s FY2026 budget proposes cutting CISA by approximately $495 million, undermining preventive cybersecurity efforts even as prosecutors pursue perpetrators.
The DOJ’s indictment of three Russian nationals for a cybercrime scheme that bilked American victims—hospitals, schools, and banks in 21 states—out of $61 to $62 million is a classic after-the-fact enforcement action. Charges are filed, but the victims absorb the losses. Multiple local news outlets (WKBN/WJW and LocalNews8/CNN) report the loss at $61-$62 million, aligning more closely with the indictment itself than the $63 million figure cited in some outlets. The action underscores a fundamental imbalance: the administration prioritizes prosecution over prevention, leaving critical infrastructure and consumers exposed.
While the DOJ touts the indictment, the Trump administration’s FY2026 budget proposal cuts funding for the Cybersecurity and Infrastructure Security Agency (CISA) by approximately $495 million, according to verified reports from Cybersecurity Dive, Infosecurity Magazine, and Defense One. This is nowhere near “over $1 billion” as sometimes claimed, but it is still a significant reduction that limits CISA’s ability to help vulnerable entities—like the hospitals and schools hit in this scheme—patch systems and block attacks before they occur. The most recent Congressional action proposed a roughly $135 million cut, and a January 2026 DHS spending agreement set the reduction at about $300 million. In any case, the trajectory is clear: the federal government is gutting the very agency tasked with preventive cybersecurity.
The indictment is a hollow victory when the underlying vulnerabilities remain unaddressed. The administration’s broader program integrity push focuses on cutting benefits rather than shoring up defenses. If the goal is to protect Americans from cyber threats, the DOJ must pair enforcement with robust funding for CISA, not starve the agency that could have stopped the attacks before they happened.
The humanitarian alternative
Congress should restore and increase CISA's budget for proactive threat hunting, free vulnerability assessments for small and mid-size organizations, and a centralized cyber incident response fund to compensate victims. The DOJ should also push for international agreements to extradite cybercriminals and seize their assets, returning those funds to affected communities rather than merely touting indictments.
Falsifiable predictions
What this entry claims will happen, and what data would prove it wrong. The Reckoner revisits these against current reality.
- No new federal funding will be allocated for cyber incident response or victim compensation from this case within the next 12 months.
- The three Russian defendants will remain beyond U.S. jurisdiction, and no extradition will occur within 2 years.
Grounded in
- EU and Britain impose sanctions on Russians and entities accused of cyberspying | AP News
- US indicts Russians alleged to be at center of major cybercrime network - LocalNews8.com - KIFI
- Office of Public Affairs | Five Russian GRU Officers and One Civilian Charged for Conspiring to Hack Ukrainian Government | United States Department of Justice
- Office of Public Affairs | Justice Department Announces Actions to Combat Two Russian State-Sponsored Cyber Criminal Hacking Groups | United States Department of Justice
- Central District of California | Russian National and Leader of Qakbot Malware Conspiracy Indicted in Long-Running Global Ransomware Scheme | United States Department of Justice
Original source — excerpted
news DOJ charges 3 Russians in alleged $63M cybercrime scheme targeting Americans"NEW You can now listen to Fox News articles! Three Russian nationals allegedly scammed Americans in 21 states out of more than $63 million, according to a Dece..."