Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Director’s note: Rewriting the rules of cyber defense

As displayed in this August 2012 photo, Sophia is a cybersecurity software tool that helps protect energy sector networks and control systems. (Idaho National Laboratory)
By Frank Cilluffo

Dear readers,

With so much hanging in the balance, it was good to see POLITICO’s report by Aaron Mak, Dana Nickel and John Sakellariadis that tech companies are quietly meeting with the White House to discuss cybersecurity and artificial intelligence, particularly Anthropic’s supercharged Claude Mythos model. Citing the national security implications of AI tools capable of identifying and exploiting software vulnerabilities, the administration has, for now, taken a cautious approach to expanding access, Robert McMillan and Amrith Ramkumar reported at The Wall Street Journal. That restraint reflects the stakes – but it is unlikely to hold indefinitely as similar capabilities proliferate.

Encouragingly, the Office of the National Cyber Director is engaging a broader set of stakeholders, especially critical infrastructure owners and operators, to better understand how these tools should be responsibly deployed. On the Hill, OpenAI and Anthropic briefed House Homeland Security Committee staff on their new cyber-capable AI models and their implications for cybersecurity, Sam Sabin and Ashley Gold reported at Axios. And AI development extended to the Pentagon this week as Google signed a deal to provide its models for classified work, Sheera Frenkel, Tripp Mickle and Julian E. Barnes reported at The New York Times. Fascinating to watch this play out as the rules of cyber defense, and who holds the keys, are being rewritten in real time.

This week on Cyber Focus, we delved deeper into the valuable contributions of the nation’s premier testbed for critical infrastructure security as I sat down with Idaho National Laboratory Associate Lab Director Zach Tudor, a longtime OT security advocate who leads INL’s national and homeland security portfolio and takes our audience inside a facility where researchers don’t just “admire the problem” but stress-test it at scale under real-world conditions. Our conversation included INL’s role in tackling critical infrastructure threats, the unique challenges of OT security, AI risks in control systems, accelerating cybersecurity and innovation, securing next-generation nuclear and building the future workforce to get ahead of threats to energy. “I think we’re getting to the point where, if you are delivering power to the nation, then you are a risk professional as well as a power engineer,” he said.

Protecting the infrastructure underpinning AI, especially energy-intensive data centers, has taken on new urgency as facilities in the Middle East have been damaged in Iranian strikes – prompting some investors and tech companies to rethink a trillion-dollar plan to build more AI and cloud data centers in Gulf countries, Jeremy Hsu reported at Ars Technica. At a House Homeland Security subcommittee hearing this week, lawmakers heard that a stronger security posture might be achieved here by data centers getting their own standalone designation as a critical infrastructure sector, Tim Starks reported at CyberScoop. McCrary Institute Senior Fellow Mark Montgomery reinforced that point in his testimony, underscoring both the growing strategic importance and vulnerability of these facilities. As AI scales, so too does the attack surface and the strategic importance of getting this right.

In the upper chamber, Sen. Tom Cotton has proposed giving certain private-sector operators the ability to detect, track and mitigate unauthorized drones posing a “credible threat” to critical infrastructure. “Our hospitals, power plants, water treatment facilities and other critical infrastructure sites can’t remain sitting ducks,” he told CBS News, as Nicole Sganga reported. At The War Zone, Howard Altman reported that Israel appears to be pitching soccer-style nets over military vehicles in an attempt to blunt the toll of Hezbollah’s drone attacks. From low-tech solutions to high-tech deployments, Ukraine is accelerating its unmanned trailblazing even more with a plan to field a whopping 25,000 ground robots intended to replace soldiers for frontline logistics, Katie Livingstone reported at Defense News.

On the battlefront of innovation, the White House accused Chinese entities of waging “industrial-scale campaigns” to rip off U.S. AI systems and vowed to explore ways to hold them accountable, Kevin Breuninger reported at CNBCAt War on the Rocks, Cheryl Yu writes that Beijing’s united front – a system of political influence, co-optation and mobilization – may look benign in its day-to-day activities but is directly used as a tool by the Chinese Communist Party for military-linked cooperation and illicit technology transfer. This is not just about theft; it’s about strategic advantage in a domain that will define economic and national security power.

Russia’s evolving blend of cyber operations and information warfare underscores the need for a coordinated, systemic response across national, regional and international levels, combining technological edge with stronger public awareness, Agnieszka Rogozińska writes at Defence 24. A Moscow Times report on an investigation by Vot Tak and RKS.Global underscores the evolving dynamics of the threat: A pro-Russian hacker group accused by European authorities of carrying out cyberattacks against governments, banks and infrastructure across the West has turned participation in cybercrime into what it calls a “patriotic online game,” recruiting volunteers through Telegram and rewarding them with cryptocurrency.

This week by the numbers:

  • Research firm IDC predicts 75% of G2000 companies will “prioritize pursuits of AI sovereignty, using a blend of non-public hosting, open technologies, and regional partners to support mission-critical AI uses” by 2027. (IT Brew)
  • The number of state CISOs who described themselves as “extremely” or “very” confident in their ability to secure the government’s data has plummeted from 48% in 2022 to 22% this year. (StateScoop)
  • 24% of 551 healthcare organizations surveyed experienced cyberattacks impacting medical devices over the past year. In 80% of cases, these attacks had a “moderate” or “significant” impact on patients. (Infosecurity Magazine)
  • An AI-powered analysis of the OpenEMR codebase uncovered 38 previously undisclosed vulnerabilities in the open-source electronic health record (EHR) platform used by more than 100,000 healthcare providers worldwide. (Dark Reading)
  • The cost of building new U.S. gas-fired power plants increased 66% from 2023 to 2025, underscoring the pressure on the power sector as data centers increase electricity demand. The time required to bring natural gas power online also increased 23%. (E&E News)

Good reports to dig into this weekend: A Citizen Lab investigation uncovered two sophisticated telecom surveillance campaigns and, for the first time, links real-world attack traffic to mobile operator signaling infrastructure, exposing how suspected commercial surveillance vendors exploit the global telecom interconnect ecosystem. Europol’s new Internet Organised Crime Threat Assessment (IOCTA) 2026 assesses the evolving threat landscape and how encryption, proxies and AI are expanding cybercrime. And GAO put space-based data centers in their S&T spotlight: Could a solution to the increasing pushback against land-based data centers be in orbit, or are challenges with cost, crowded satellite fields and space radiation going to send this idea crashing to Earth?

Bottom line: the landscape is shifting faster than our playbooks. Adapting in real time is no longer optional.

War Eagle,

Frank Cilluffo

READ TODAY’S FULL CYBER BRIEFING HERE

Read More

Click to listen highlighted text!