Physical warfare is one thing. Cyber attacks is another.
getty
The burning of Gazprom Neft’s Kapotnya Oil Refinery in Moscow made it impossible for the Kremlin to ignore Ukraine’s drone campaign. By knocking out a critical facility that supplies roughly 40% of the Russian capital’s gasoline, the massive explosive drone strikes brought a direct war of economic attrition straight to Moscow’s doorstep. Yet, thousands of miles away from the billowing black smoke, a second, invisible energy front is operating: cyber intrusions. Because Russia cannot drop physical bombs on Western allies without triggering an all-out global conflict, Moscow is retaliating through this quiet, coordinated campaign aimed at the automated software running Western power systems.
This multi-front energy war exposes a glaring national security paradox: the West’s rush to build a digitized green grid—coupled with the insatiable power demands of AI—is creating a massive, highly vulnerable digital target for foreign adversaries.
“Because the European continent is now serious about phasing out Russian oil and gas, every energy object becomes a geopolitical target of Russia,” Oleksiy Ryabchyn, chief international officer, Naftogaz Group, told me.
Having managed energy resilience on the front lines, Ryabchyn warns that the nature of hybrid warfare has fundamentally shifted. “Twenty years ago, the attacks on our infrastructure involved spreading viruses. Now, this is a normality that the corporate world must deal with. The same type of IT unit should be in every energy company worldwide—to understand how to withstand attacks and what the most strategic equipment can do.”
To fully grasp why Western grids have suddenly become high-value geopolitical targets, one must look at the sheer scale of the infrastructure shift. To break away from Russian fossil fuels, European nations like Poland and Italy rapidly decentralized their power structures. They replaced large, traditional, analog coal and gas plants with thousands of wind, solar, and battery storage sites. Because these green assets are geographically scattered, they require internet-connected automated digital controls to instantly balance supply and demand.
At the exact same time, the global AI race has collided with this fragile transition. Advanced AI models require an unprecedented, around-the-clock volume of stable electricity. This double pressure is pushing aging electric grids to their absolute operational limits.
Nowhere is this tension more visible than in America’s energy capital: Texas. The ERCOT grid leads the United States in integrating decentralized renewable energy while simultaneously rushing to build the massive data center clusters needed to train next-generation AI models. According to ERCOT, the grid operator’s preliminary projections indicate peak electricity demand could skyrocket to a staggering 367,790 megawatts by 2032.
That is a near-quadrupling of the state’s current peak record of roughly 85,500 megawatts, a surge driven almost entirely by data centers, industrial growth, and AI expansion. To meet this demand, Texas is rapidly building a hyper-complex, software-dependent web of generation assets.
This is the exact structural vulnerability that state-sponsored bad actors are actively learning to exploit. As Jen Easterly, Director of the U.S. Cybersecurity and Infrastructure Security Agency, warned in a critical infrastructure threat brief, state-sponsored hackers are actively seeking “staged access” inside utility networks. They aren’t trying to copy files or steal trade secrets; they are working to embed themselves within automated software systems so that they can disrupt services during a future geopolitical crisis.
The Danger Of Micro-Disruptions
KHARKIV, UKRAINE – DECEMBER 23: (——EDITORIAL USE ONLY MANDATORY CREDIT – ‘RUSSIAN DEFENSE MINISTRY / HANDOUT’ – NO MARKETING NO ADVERTISING CAMPAIGNS – DISTRIBUTED AS A SERVICE TO CLIENTS——) A screen grab from a video shows Russian strikes which were carried out using long-range, high-precision weapons and unmanned aerial vehicles launched from land and air, including hypersonic ‘Kinjal’missiles in settlement of Vilcha in the Kharkiv region, Ukraine on December 23, 2025. (Photo by The Russian Ministry of Defense/Anadolu via Getty Images)
Anadolu via Getty Images
But standard commentary completely misses the risk. Cyber attackers do not need to trigger a massive, movie-style total blackout to paralyze a modern economy.
“The biggest hidden risk in the green + AI transition is not insufficient generation—it is unstable grid behavior caused by the interaction of intermittent supply and hyperscale, fast-acting digital loads,” Dmytro Osyka, chief information officer of DTEK Group and CEO of MODUS X, told me. “You no longer need to physically reach a substation to cause damage; adversaries target the code that keeps the grid stable. Every digital control you add to integrate renewables, and every megawatt you add to feed AI, is also a new dependency an attacker can reach.”
For an advanced AI data center running thousands of high-performance chips, power quality is just as critical as power quantity. The electrical grid operates on a strict, alternating rhythm. If a cyberattacker subtly alters a grid’s digital control software, they can create microscopic delays in automated utility switches or cause a tiny wobble in the grid’s electrical rhythm.
Osyka warns that this kind of subtle manipulation is, in many ways, far more dangerous than a visible, dramatic physical attack—precisely because it is so difficult to attribute.
“You don’t need to black out a region to do harm,” Osyka explains. “A small, deliberate change to frequency-regulation or automated-switching logic can push a system just outside the tolerances that sensitive loads depend on. AI data centers need near-perfect power quality; even sub-second deviations in frequency or voltage can trip protection, corrupt workloads, or damage hardware.”
By engineering this kind of friction, a state actor doesn’t have to cause a blackout to win. Instead, they can erode public and market confidence in grid stability. “And the ambiguity itself—was that a technical fault or a hostile attack?—becomes a weapon,” Osyka notes.
While traditional military strategists will argue that cyberattacks lack the real, long-term teeth of physical destruction, that view is becoming dangerously outdated. An oil refinery can eventually be rebuilt, and fuel can be shipped in by sea to mitigate local shortages. However, a compromised grid creates a systemic, psychological paralysis. It breaks the institutional public trust required to run a high-tech society.
Russia is fighting an old-school war of physical destruction at home, but it is trying to force a high-tech war of reliability on the West.
Ukraine’s grueling front-line experience over the last few years proves exactly how aggressively Russia utilizes this multi-layered playbook. While Ukraine has successfully hit Russia’s oil economy—proving Moscow’s massive infrastructure is deeply vulnerable to physical attrition—Russia has consistently used a mix of physical and digital operations to systematically dismantle Ukraine’s domestic grid.
“They are trying to cut off our gas supplies and literally freeze us out,” Ryabchyn notes. “We shouldn’t underestimate Russia. We are fighting against a big empire that wants to destroy Ukraine and our democracy. This is the enemy we are fighting. We need support to restore the energy infrastructure and build concrete bunkers, but we also have unique managerial experience to share with the whole civilized world on how to survive.”
True national security can no longer be divided into neat, isolated boxes. Military strategy, climate policy, and technological innovation are now plugged into the same socket. As the smoke clears over Moscow’s burning oil infrastructure, the real battlefield of the future remains silently embedded inside the utility software.
The future of Western strength will not be decided solely by who builds the fastest AI models or the cleanest energy grids, but by who has the systemic resilience to keep them turned on.