Generated by Codex with GPT-5

What this article is about

This summary covers The Economist’s March 28th, 2026 United States article on pages 20-21, listed in the contents as Going on cyber-offence under the Cyber-security heading.

The article argues that America’s new cyber-strategy marks a real shift in emphasis. Washington still talks about strengthening digital defences, but it is now much more explicit about disrupting threats before they hit American networks. The piece treats that as a consequential change in posture, while warning that offensive ambition may be outrunning the state’s ability to defend its own systems well.

The simple version

The administration wants to treat cyberspace less like a shield and more like a battlefield where America should strike first.

  • It wants agencies to disable threats before they breach American networks
  • it is putting more weight on offensive cyber-tools in military and intelligence operations
  • it is nudging private firms towards a more active disruption role
  • but the institutions responsible for domestic cyber-defence are unsettled and politicised
  • and the article doubts that offensive swagger can substitute for defensive competence

Why the strategy looks like a turn

The article notes that America already had a defend forward doctrine, so the new strategy is not a clean break with the past. What is different is the tone. The document is short, blunt and pre-emptive. It suggests that the government should not wait for hostile actors to land a blow before acting against them. In that sense, the article sees the strategy as a reflection of the broader political mood: more confrontation, less patience and more faith in visible retaliation.

It also points to a subtle but important shift in the boundary between public and private action. Officials say they are not endorsing illegal corporate “hacking back”, yet they clearly want companies to play a bigger role in disrupting foreign threats. That implies a future in which firms do more than harden systems and report breaches. They may also be expected to help interfere with hostile cyber-operations before those operations mature.

Why the approach is appealing

The article does not deny that the threats are real. Iranian hacking groups have a record of retaliating against American targets when conflict in the Middle East escalates, and the war with Iran gives them fresh motive. Cyber-operations also look attractive to policymakers because they are flexible, deniable and relatively quick to deploy. A government can use them to create confusion, shut systems down or gather intelligence without the visibility or cost of conventional military force.

The piece points to recent examples that help explain the administration’s enthusiasm. It cites an operation in Venezuela in which cyber-tools reportedly helped blind government forces during a raid, and it notes reports that Israel used hacked traffic cameras in Tehran to help track Ayatollah Ali Khamenei. For officials who want to show strength and seize initiative, those cases make offensive cyber-power look modern, efficient and politically useful.

Why the article stays sceptical

The article’s main reservation is that offence and defence are different crafts. Disrupting an adversary’s systems is not the same task as protecting domestic infrastructure, and skill in one does not guarantee competence in the other. America’s cyber institutions, the piece argues, are not in ideal condition. The NSA and Cyber Command went without stable Senate-confirmed leadership for a long stretch, the new commander lacks direct cyber-operations experience, and the Cybersecurity and Infrastructure Security Agency has been weakened by turmoil and politicisation.

The strategy is also strikingly vague about the main adversaries America faces. It glances at China, but says little about the scale of Chinese cyber-espionage, Russia’s sabotage campaigns or North Korea’s cyber-crime. That omission makes the document feel less like a fully worked strategy than a statement of attitude. The article therefore suggests that the administration may be projecting toughness while leaving unresolved questions about priorities, capacity and basic resilience.

The takeaway

The article sees America’s new cyber-strategy as a sign of a more aggressive era, not as proof that the country has solved its cyber weaknesses.

Its core point is that pre-emption may sometimes be necessary, but it cannot replace the slow institutional work of securing pipelines, utilities, hospitals and other critical systems at home. A government that becomes more eager to throw punches than to repair its guard may look formidable right up until it gets hit.