By Melanie Vujovich, Vice President, Pickering Energy Partners
The views expressed by the author are their own and do not represent the views of Energy Workforce & Technology Council.
The global energy sector is experiencing one of the most turbulent periods in recent history. Geopolitical conflicts such as the war in Ukraine, instability in the Middle East, and competition between the United States and China over critical minerals are reshaping supply and demand dynamics. These pressures are creating volatility in pricing and global trade flows while companies try to balance reliability, affordability, and decarbonization. The industry is not only grappling with price swings and shifting capital flows but also with the reality that global markets can be disrupted overnight by political and security shocks.
At the same time, the energy sector is undergoing a digital transformation at a rapid pace. Artificial intelligence is being used to optimize drilling and production, improve data collection and quality, or forecast demand. Companies continue to adopt cloud systems, digital controls, and connected infrastructure to improve efficiency across pipelines, refineries, and generation facilities. While companies continue to integrate these advances, there are also vulnerabilities that come with the updates. Cybersecurity risks are escalating as attackers exploit both information technology and operational systems, with the potential to disrupt physical operations and markets. As adversaries grow more sophisticated, cybersecurity remains a boardroom priority and essential as the intersection of digital transformation and geopolitical tension leaves energy infrastructure more exposed to disruption.
Recent events show how cyberattacks are becoming a weapon in global energy conflicts. In April 2025, Norwegian officials reported that Russian-linked hackers sabotaged a hydropower dam in the town of Bremanger by forcing its floodgates open. Water poured out at roughly 500 liters per second for several hours before the problem was detected. Luckily, low water levels meant there was no damage or loss of life, but the incident was meant to spread fear and expose weaknesses in the systems that run critical infrastructure. The attack hit especially hard because Norway has become Europe’s largest supplier of natural gas, providing as much as a quarter of the European Union’s demand through a vast pipeline network under the North Sea. That role makes its energy systems a prime target for those seeking to undermine European security[1]. In addition, tensions in the Middle East have also spilled into the digital realm. After U.S. strikes on Iranian nuclear sites, hackers tied to Iran attempted to disrupt American energy companies. The wave of attacks, which included attempts to overwhelm and knock company systems offline, did not cause major damage but prompted warnings from the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency. Officials urged operators of critical infrastructure to remain on high alert. These cases highlight that cyberattacks on energy systems are not always about causing immediate destruction[2].
These kinds of incidents are not only operational threats but also legal and financial ones. The challenges for energy companies are made worse by how quickly cyber threats are evolving. CrowdStrike’s 2025 Global Threat Report[3] found that most attacks today do not even use traditional malware. Instead, hackers often steal passwords or abuse identities to slip into networks unnoticed. Once inside, they move incredibly fast, sometimes spreading through systems in less than a minute. The report also shows that attacks on cloud systems have more than doubled, and voice-based scams that trick employees over the phone grew by more than 400% in 2024. Against this backdrop of rising threat sophistication, insurers are sounding the alarm. According to Chubb’s Cyber Claims Report[4], both the frequency and severity of cyber claims in the U.S. have increased, particularly for large companies with revenues above $1 billion. Events that impact multiple companies at once rose to 5.3% of total claims in 2024, up from 4% in 2023. These trends are stretching insurance carriers thin and driving up costs, especially for critical infrastructure providers like energy companies operating in a high-risk geopolitical environment.
Cybersecurity has become a core element of enterprise risk management and corporate strategy. Rising geopolitical tensions are intensifying pressure on energy systems and making them attractive targets for sophisticated criminal hackers. Relatively new SEC disclosure rules require that material cyber incidents be reported within four business days, placing these events under the same scrutiny as financial misstatements or safety failures[5]. Boards are expected to demonstrate oversight of cyber risk, while investors increasingly view strong cyber governance as a measure of operational resilience. At the same time, insurers are tightening coverage, and regulators in both the U.S. and Europe are raising standards for critical infrastructure. The challenge now is not only defending against evolving threats, but also building transparency, resilience, and trust in a world where cyberattacks are a key lever in broader geopolitical conflicts.
[1] Norway spy chief blames Russian hackers for dam sabotage in April | Reuters
[2] Iranian-backed hackers go to work after US strikes | AP News
[3] https://www.crowdstrike.com/en-us/global-threat-report/
[4] https://www.chubb.com/content/dam/chubb-sites/chubb-com/us-en/business-insurance/products/cyber/documents/chubb-cyberclaimsreport-final.pdf
[5] SEC.gov | Disclosure of Cybersecurity Incidents Determined To Be Material and Other Cybersecurity Incidents
Energy Workforce partner Pickering Energy Partners provides insights on ESG due diligence, disclosures and reporting. Melanie Vujovich, Vice President, Pickering Energy Partners.
