Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Director’s note: Critical infrastructure resilience under multiple stressors 

(Dimitry B / Unsplash)

By Frank Cilluffo

Dear readers,

Extreme weather may be the immediate stressor, but resilience is ultimately tested by the convergence of risks. As record heat pushes electricity demand toward its limits, emergency grid measures, strained infrastructure and heightened cyber risks serve as another reminder that the nation’s critical systems rarely face one challenge at a time.

Many areas have already been hit by power outages and the Energy Department issued two emergency orders this week aimed at reducing blackout risks in the mid-Atlantic as the intense heat makes electricity demand soar, Emilee Speck reported at AccuWeather. Data centers may have to use backup diesel generators to relieve some pressure on the grid, Ariel Wittenberg and Benjamin Storrow reported at E&E News. And there are more threats on top of nature’s impacts: As Bridget Johnson reported this week at Threat Beat, threat actors can take advantage of these moments when resources are strained and infrastructure is more vulnerable to tamper with the ability of people to receive emergency alerts or weather information.

In its annual report, Communications Security Establishment Canada issued another sobering reminder that authoritarian adversaries continue to probe, preposition within and, when possible, commandeer the critical systems modern societies depend upon. Russian hacking group NoName breached a Quebec water treatment plant and claimed it achieved the “ability to covertly control pumps, chlorine dosing, pressure settings and monitoring/alerts systems,” Christopher Nardi reported at the National Post. This week brought welcome action to help critical infrastructure owners and operators gird against these threats, with NIST releasing OT remote-access guidance for water utilities and the FCC issuing new cybersecurity requirements for emergency alert systems and security rules for undersea cables.

Taken together, the week’s developments reinforce a reality we’ve discussed often: The challenge is no longer preparing for one crisis at a time, but for crises that reinforce one another. Whether the stressor is extreme weather, malicious cyber activity or geopolitical competition, resilience is ultimately measured by whether essential services continue operating when Americans need them most.

National resilience also depends on military readiness. This holiday week we’re revisiting an important recent episode of Cyber Focus that’s especially timely as the NDAA winds its way through Congress. Army Principal Cyber Advisor Brandon Pugh joined me to discuss the service’s “no fail” mission securing the digital backbone that allows tanks, troops and equipment to move during a conflict, and how the Army is aggressively merging cyber with electronic warfare and cutting bureaucratic red tape to field new technology in days rather than years.

CIA Director John Ratcliffe told the AWS Summit this week that his agency has been reimagining how intelligence agencies adopt, operationalize and scale emerging technologies, Martin Matishak reported at The Record. I recently sat down with Chris Jones, a 26-year veteran of the CIA who served as associate deputy director for science and technology and is now the chief technology officer at Nightwing. We had a great conversation about the agency’s work in the digital domain. Stay tuned for that episode next week on Cyber Focus. 

Rapid-fire developments in the frontier AI sprint continued this week as Robert McMillan, Raffaele Huang and Amrith Ramkumar reported at The Wall Street Journal that Chinese AI systems have matched the performance of Anthropic’s powerful model Mythos in some cybersecurity scenarios, a development poised to further accelerate the global AI competition and shape the White House’s overhaul of U.S. AI policy.

The pace of China’s AI progress continues to narrow the technological advantage long enjoyed by the United States, reinforcing the need to move with greater urgency on innovation, infrastructure resilience and national security.

These AI developments are raising alarm not just in the halls of power but across critical infrastructure sectors. An Operational Technology Cybersecurity Coalition meeting this week, as Anna Ribeiro reported at Industrial Cyber, underscored an increasingly urgent question: Can critical operations continue safely and recover rapidly when AI accelerates both the speed and sophistication of cyberattacks?

New reports on China’s activities outside of the AI realm also give us reason to steel our resilience against low-tech and orbital threats. John Feng reported at Newsweek on flash drives that were delivered to Japan’s Ground Self-Defense Force during disaster relief operations in March 2024 that spread malware inside a secure network for nearly a year. The incident is another reminder that strategic competition doesn’t always depend on exquisite means or technology. Sometimes the most effective intrusion begins with something as ordinary as a USB drive handed to the wrong person. China also has been abandoning used launcher rocket stages in low-Earth orbit at an ever-increasing pace, putting both military and commercial satellites in that crowded orbital regime at greater risk of dangerous space-junk collisions, Theresa Hitchens reported at Breaking Defense.

With a declaration that “all soldiers should be able to use drones like a second personal firearm,” South Korea is embarking on a plan to train 500,000 military personnel to become “drone warriors” in a sweeping overhaul of the nation’s defense strategy, Raphael Rashid reported at The Guardian. The rapid democratization of drone technology continues to reshape military thinking, not only by creating new opportunities for modern armed forces but by enabling non-state actors to challenge even the world’s most capable militaries. John Haltiwanger reported at Foreign Policy on the FPV drones that have proven to be a “gold mine” for Hezbollah and now have the Israeli military scrambling to find an effective response.

This week by the numbers:

  • In an Artificial Intelligence Policy Institute poll, 68% of respondents said they would be in favor of the government making “a formal review process for the most advanced AI models before they can be widely released” while 20% said that they were in favor of the government leaning “mostly on companies to test their own AI models,” intervening “mainly after problems occur.” (The Hill)
  • The Dubai Electricity and Water Authority said it is successfully blocking around 3,000 cyberattacks every day targeting its electricity and water systems. (ITP.NET)
  • Researchers from Black Kite tracked 684 publicly known ransomware attacks across Europe through the first four months of 2026. That’s 55% more than the 441 recorded in the first four months of 2025, even more than the 643 recorded through the first half of 2025. (Dark Reading)
  • Some reviews that once took four years to complete are now being done in nine months, Nuclear Regulatory Commission Chief Data Officer and Deputy Chief AI Officer Basia Sall said. (Nextgov/FCW)
  • Researchers spotted 212 new domains registered after Venezuela’s earthquake, warning donors of scam risks and urging them to verify relief sites first. (HackRead)

One of the more thought-provoking pieces I read this week examined something oftenoverlooked: how Iran continues to acquire sanctioned technology despite years of international pressure. Tuvia Gering at the Jamestown Foundation details how Iran’s network of state-run “innovation houses” and trade platforms act as a primary channel for acquiring sanctioned dual-use technology from China. Like the oil trade, the effort is steered from the top on both sides and shielded by mutual deniability, with recent events hardening the network into a durable procurement pipeline.

The Cyber Briefing will return to your inbox on Monday.

As we celebrate Independence Day and 250 years of our nation’s history, it’s worth remembering that America’s security has always depended on people willing to stand watch – whether in uniform, in government, in industry or behind the scenes protecting the systems the rest of us rely upon every day.

Thank you for what you do, and happy Independence Day!

War Eagle,

Frank Cilluffo

Click to listen highlighted text!