United States: Cyber attacks on energy infrastructure on the rise

Cyberattacks on US energy infrastructure rose sharply in 2024. New studies reveal an upsurge in ransomware and data breaches, highlighting the growing vulnerability of these critical systems.

Share:

Power grid control center in Pennsylvania

Comprehensive energy news coverage, updated nonstop

Annual subscription

8.25$/month*

*billed annually at 99$/year for the first year then 149,00$/year ​

Unlimited access • Archives included • Professional invoice

OTHER ACCESS OPTIONS

Monthly subscription

Unlimited access • Archives included

5.2$/month*
then 14.90$ per month thereafter

FREE ACCOUNT

3 articles offered per month

FREE

*Prices are excluding VAT, which may vary depending on your location or professional status

Since 2021: 35,000 articles • 150+ analyses per week

U.S. energy infrastructures face intensifying cyber threats in 2024, marked by a series of targeted attacks.
According to Thales’ “Data Threat” 2024 report, 42% of critical infrastructure companies, including those in the energy sector, suffered data breaches this year.
These attacks, often orchestrated by state actors or organized criminal groups, highlight the increased vulnerability of systems using increasingly interconnected technologies and obsolete equipment.

Growing threats to critical infrastructures

The data shows a sharp rise in ransomware attacks against energy infrastructure, with a quarter of organizations reporting this type of attack in the last 12 months.
The motivation behind these attacks is clear: malicious actors know that companies in the energy sector are more likely to pay ransoms to avoid costly disruptions to their operations.
Furthermore, the complexity and diversity of the technologies used in this sector create a wide range of risks, from human error to the exploitation of known vulnerabilities, to the lack of multi-factor authentication.
The Thales report also highlights the growing threat of insider threats, with 30% of companies reporting incidents linked to employees or contractors.
This highlights the need to improve access management and strengthen security awareness programs within organizations.

Coordinated attacks and vulnerabilities in industrial control systems

Between November 2023 and April 2024, 29 cyberattacks specifically targeting the industrial control systems of US energy infrastructures were reported.
These attacks, including ransomware and intrusions, were aimed at compromising critical security systems.
Rapid digitization and the growing integration of new technologies into energy infrastructures are increasing the number of potential entry points for cyber attacks, exposing more systems to the risk of intrusion.
Experts stress that securing industrial control systems, often built on old, interconnected technologies, has become a priority.
The challenge is made all the more complex by the fact that the sector struggles to find and retain qualified cybersecurity professionals, which weakens its ability to respond.

New guidelines and greater resilience

In response to these growing threats, the U.S. Department of Energy (DOE) issued new cybersecurity guidelines for electric distribution systems and distributed energy resources (DER) in 2024.
These guidelines, developed in collaboration with the National Association of Regulatory Utility Commissioners (NARUC), aim to provide a common framework for reducing risk and improving the cyber resilience of critical infrastructure.
The aim is to encourage the voluntary adoption of uniform cybersecurity practices, and to strengthen defense against sophisticated threats from state actors or criminal groups.
Industry players are called upon to strengthen their cybersecurity strategy by focusing on improving cyber resilience, reducing human error, and effectively managing internal threats.
By adopting a more proactive and coordinated approach, the energy sector can hope to mitigate the risk of future attacks, while protecting America’s critical infrastructure from potentially devastating disruptions.

Noble Corporation reported a net loss in the third quarter of 2025 while strengthening its order backlog to $7.0bn through several major contracts, amid a transitioning offshore market.
SLB, Halliburton and Baker Hughes invest in artificial intelligence infrastructure to offset declining drilling demand in North America.
The French energy group announced the early repayment of medium-term bank debt, made possible by strengthened net liquidity and the success of recent bond issuances.
Large load commitments in the PJM region now far exceed planned generation capacity, raising concerns about supply-demand balance and the stability of the US power grid.
The termination of a strategic contract with Dutch grid operator TenneT triggered the administration of Petrofac’s holding company, reigniting tensions with creditors.
Algeria has removed Rachid Hachichi from the leadership of Sonatrach, two years after his appointment, replacing him with Noureddine Daoudi, former head of the National Agency for the Valorisation of Hydrocarbon Resources.
Portugal’s Galp Energia reported an adjusted net profit of €407 million in Q3, driven by higher refining margins and strong contribution from liquefied natural gas.
Air Liquide signs agreement to acquire NovaAir, strengthening its presence in India’s industrial gas market by expanding its national footprint.
Voltalia's Q3 2025 revenue rises to €164.7mn, fuelled by a sharp increase in services activity, while energy sales decline due to currency effects and lower prices.
Altano Energy secured €81mn ($85.7mn) to construct two onshore wind farms and three photovoltaic plants in southern Spain, reinforcing its multi-technology generation strategy.
Baker Hughes recorded a 23% increase in orders in Q3 2025, driven by its gas segment, while net income fell 20% year-on-year to $609mn.
Colombian company Ecopetrol has secured authorisation to borrow COP700 000 million ($171mn) from Banco Davivienda to bolster its liquidity over a five-year period.
Eni's net profit rose to €803mn in the third quarter, supported by a 6% increase in production despite falling crude prices.
French group Vinci posted revenue growth in the third quarter, supported by all its divisions, and reaffirmed its ambitions for 2025 despite a more restrictive tax environment.
T1 Energy secured $72mn via a direct offering of over 22 million common shares, aiming to strengthen its cash position and fund energy technology and infrastructure projects.
The American university unveils a new institute focused on the future of energy, funded by a $50mn gift from Robert Zorich, managing partner of EnCap Investments, to support applied research and training of new experts.
Sintana Energy has initiated legal proceedings in the Isle of Man to secure approval for its all-share acquisition of Challenger Energy, with support from over one-third of the target company’s shareholders.
TotalEnergies has signed an agreement to sell its subsidiary GreenFlex to engineering group Oteis, marking a step in its strategy to concentrate on energy production and supply.
VoltaGrid and Halliburton launch a strategic collaboration to deploy distributed power systems for data centres, with an initial rollout planned in the Middle East.
Japan's power futures market is poised for rapid expansion, backed by a government reform requiring supply contracts up to three years in advance.

All the latest energy news, all the time

Annual subscription

8.25$/month*

*billed annually at 99$/year for the first year then 149,00$/year ​

Unlimited access - Archives included - Pro invoice

Monthly subscription

Unlimited access • Archives included

5.2$/month*
then 14.90$ per month thereafter

*Prices shown are exclusive of VAT, which may vary according to your location or professional status.

Since 2021: 30,000 articles - +150 analyses/week.