Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

Cyber threats to military logistics spark urgency, former Navy cyber official says

(McCrary Institute)

By Don Kauffman

An adversary doesn’t need to strike military assets directly to disrupt U.S. power projection. Slowing the movement of fuel may be enough.

That’s the warning from Chris Cleary, former principal cyber advisor to the Secretary of the Navy, who joined the Cyber Focus podcast to explain how civilian infrastructure vulnerabilities could cripple military readiness – and why Congress is beginning to take action.

“I could degrade the Navy’s ability to run around in the Pacific by just limiting the ability to move fuel on the west coast of the United States,” Cleary said. With the Red Hill fuel facility in Hawaii decommissioned, “I now have to get [fuel] another 5,000 miles into theater.”

Cleary’s remarks come as the National Defense Authorization Act (NDAA) takes up a series of provisions designed to address cyber risks to operational technology (OT), particularly the infrastructure DoD depends on but does not control. These include water, power and transportation systems often owned and operated by the private sector or state and local governments.

Civilian systems, military stakes

“We’ve gotten really good at traditional enterprise IT security,” Cleary noted. “But when you start opening the aperture to things with ones and zeros – weapon systems, critical infrastructure – there wasn’t as much attention being brought to those things.”

That gap, he argued, is where adversaries like China are focusing their efforts. He pointed to recent reports of Chinese prepositioning in U.S. water systems, including a public example in Littleton, Mass., as evidence of intent. “If they’re in Littleton, Massachusetts, they’re everywhere,” he said.

The NDAA calls on U.S. Cyber Command to consider not only how to defend against such threats but how to respond – including potential offensive cyber capabilities. It also pushes for a comprehensive look at DoD’s infrastructure dependencies and the need for greater resilience across systems that were never designed for contested environments.

While encouraged by Congress’ growing attention, Cleary warned that awareness alone won’t solve the problem. “There are no shortages of companies or technologies or resources to apply to this problem,” he said. “The question is … why has the problem not elevated to such a point that the resources are applied?” Cleary said more coordination and prioritization are needed to close the gap between recognition and response.

Logistics is now a frontline

The bigger shift, according to Cleary, is recognizing that critical infrastructure is no longer a support function – it’s a battlespace.

He argues for treating logistics systems as strategic assets that adversaries can and will target with minimal effort. Disrupting fuel movement, tripping up civilian ports or denying power to military facilities could delay or degrade U.S. response times – especially in a contested Pacific theater.

With military operations increasingly dependent on infrastructure outside DoD control, the stakes for action are growing. As Cleary put it, “Logistics in the environment … are very targetable.” The NDAA may offer new tools, but success will depend on whether the U.S. can move beyond recognition and start reinforcing the digital foundations of military power.

The full episode of the Cyber Focus podcast can be found here.

Click to listen highlighted text!