A Global Analysis of Cyber Threats to the Energy Sector: "Currents of Conflict" from a Geopolitical Perspective
It addresses cybersecurity challenges for the energy sector, providing actionable information to researchers, policymakers, and professionals, but is incremental as it applies existing methods to new data.
This paper tackles the problem of understanding cyber threats to the energy sector by analyzing geopolitical dynamics and evaluating cybersecurity tools, resulting in new insights into threat actor origins and detection effectiveness for energy-targeted attacks.
The escalating frequency and sophistication of cyber threats increased the need for their comprehensive understanding. This paper explores the intersection of geopolitical dynamics, cyber threat intelligence analysis, and advanced detection technologies, with a focus on the energy domain. We leverage generative artificial intelligence to extract and structure information from raw cyber threat descriptions, enabling enhanced analysis. By conducting a geopolitical comparison of threat actor origins and target regions across multiple databases, we provide insights into trends within the general threat landscape. Additionally, we evaluate the effectiveness of cybersecurity tools -- with particular emphasis on learning-based techniques -- in detecting indicators of compromise for energy-targeted attacks. This analysis yields new insights, providing actionable information to researchers, policy makers, and cybersecurity professionals.