- Browse/Search the Program
Search
Browse By Day
Browse By Time
Browse By Person
Browse By Policy Area
Browse By Session Type
Browse By Keyword
Program Calendar
- Navigation and Settings Menu
Personal Schedule
Sign In
- Information Menu
Search Tips
A Case Study Presentation: The Evolution of U.S. Critical Digital Infrastructure & Cybersecurity Policy
Saturday, November 15, 10:15 to 11:45am, Property: Hyatt Regency Seattle, Floor: 7th Floor, Room: 708 - Sol DucAbstract
This paper examines three high-impact cyberattacks—Colonial Pipeline (2021), Shamoon (2012), and Stuxnet (2010) to explore how digital threats to energy infrastructure are transforming national security priorities and foreign policy strategy. These case studies span criminal ransomware, data-wiping malware, and a state-engineered cyberweapon, illustrating the wide spectrum of actors, methods, and motivations shaping today’s cyber threat landscape. Despite their differences, each attack underscores the growing strategic importance of energy infrastructure as both a target and a domain of geopolitical conflict. From Colonial Pipeline’s disruption of fuel supply chains in the United States, to Saudi Aramco’s Shamoon incident, to Stuxnet’s unprecedented physical damage to Iran’s nuclear centrifuges, these case studies are precedent-setting cyberattacks with cascading effects on national security, global markets, and diplomatic relations ever since.
This research underscores a growing digital divide between government institutions and the rapidly advancing sophistication of modern cyber threats. While attackers exploit cutting-edge technologies, national critical infrastructure often rely on outdated systems and fragmented coordination, leaving national security at risk and government decision-making process reactive instead of proactive. To address this, it proposes policy reforms focused on strategies, and a reassessment of cyber operations within defense and diplomatic planning. As digital infrastructure becomes increasingly intertwined with physical security, understanding the lessons from the energy infrastructure breaches is critical to building more resilient and adaptive national and technological strategies. Importantly, the study goes beyond technical analysis to propose actionable policy recommendations. It emphasizes the need for stronger coordination between governments and private industry, better preparedness for incident response, and a more coherent integration of cyber capabilities into foreign policy and defense planning. As governments grapple with how to deter, defend against, and recover from these threats, this research offers practical strategies for making critical infrastructure more resilient in a new era of digital conflict.