It’s a step up from previous efforts that focused more on reconnaissance than attack.

The news: The US has deployed code inside Russia’s power grid and other targets as part of its work to push back against hacking and disinformation from Moscow, the New York Times reports. The revelation comes just three days after the news that a Russia-linked group called Xenotime has started laying the early groundwork for potential attacks on US power companies.

The details: Inevitably, there are few specifics given the sensitivity of the topic. However, the work is being led by the US Cyber Command, an arm of the Pentagon. It’s permitted by a new law passed last summer, which approves "clandestine military activity" in cyberspace to “deter, safeguard or defend" against attacks.

A warning: The US hopes that these revelations will act as a deterrent against any future attacks by Russia on its systems. But there’s always the risk that it could fuel an escalation instead.

This story first appeared in our daily newsletter The Download. Sign up here to get your dose of the latest must-read news from the world of emerging tech.