This report examines the increasing intensity and complexity of cybersecurity threats targeting the energy sector. The analysis is based on
open-source intelligence (OSINT) data gathered from underground forums, communication channels of threat actors, and platforms utilized by
ransomware groups. The research was conducted using entirely passive
intelligence techniques, with no direct interaction established with threat
actors or related online entities. Within this context, the nature, scope, and
potential impacts of cybersecurity attacks on the energy sector have been
comprehensively analyzed.
The energy sector, with its critical infrastructure and strategic significance,
remains a prime target for cybercriminals, ransomware groups, and statesponsored actors. Notably, in the final quarter of 2024 and the early months
of 2025, a marked rise in data breaches, ransomware attacks, unauthorized
access sales, and threats to operational systems has been observed within
the energy sector. This report aims to elucidate the impacts of these threats
and provide a framework for developing proactive defense strategies to
mitigate them.
