Jeff Le on Cybersecurity Risks to Energy and Maritime Infrastructure Amid Global Tensions
Author(s): Scott Douglas Jacobsen
Publication (Outlet/Website): A Further Inquiry
Publication Date (yyyy/mm/dd): 2025/10/08
Jeff Le is Managing Principal at 100 Mile Strategies, a public sector navigation, communications, and policy consultancy, and a Fellow at George Mason University’s National Security Institute. He previously served as Deputy Cabinet Secretary for California under Governor Jerry Brown, leading portfolios in cyber, AI, emerging technologies, homeland and disaster response, economic development, and federal affairs. Le coordinated California’s disaster recovery and resilience efforts and represented the state to the Trump Administration and global governments. With extensive experience in technology, policy, and security, he now advises on global energy supply chains, maritime cybersecurity, and critical infrastructure protection.
In this interview with Scott Douglas Jacobsen, Le warns of mounting cyber threats to energy and maritime infrastructure, especially with Tehran-backed attacks and AI-powered offensive tools. He highlights vulnerabilities in operational technology, outdated maritime systems, and weak state and local defenses. Le stresses that coordinated private-public defense, global partnerships, and resilience investments are critical as adversaries exploit supply chains, ports, and energy markets in increasingly complex ways.
Scott Douglas Jacobsen: How might a closure of the Strait of Hormuz exacerbate existing cyber vulnerabilities?
Jeff Le: While the Iranian Government and its Parliament has not officially closed the Strait of Hormuz, there have been signals to suggest cooperation disruptions for trade and the looming threat of closure is still possible given U.S. estimates of the Iran’s ability to deploy 5-6 thousand naval mines, submarines and vessels. Such action would halt commercial traffic and have a considerable impact on the U.S. military presence. That’s the physical concerns.
But the cyber space has seen a rapid increase in malicious activities. The Iran’s are outgunned compared to the combined firepower of the United States and Israel. But Iran’s cyber prowess does give them an advantage to leverage and target American companies, supply chains, and entities that are woefully behind in its cyber infrastructure and resilience.
Jacobsen: What risks do Tehran-backed cyberattacks pose to U.S. energy infrastructure?
Le: U.S. energy infrastructure – especially in the traditional extractive industries – while have more mature resources and a history of compliance with regulatory and security requirements are still a logical and effective target. These companies are giant and have sprawling partnerships, subcontractors, vendors, and partners, some of which perform administrative duties separate from the main company functions. The suppliers and third-party vendors are a natural incursion space and opportunity to infiltrate. As a result, the broader U.S. energy infrastructure and linkages are more vulnerable. With the growing adoption of AI-powered offensive tools, more attack opportunities are in play.
The other area of vulnerability falls not just in IT but in OT – operational technology – that is the physical touchpoints to IT. The OT aspects are woefully out of date and represent a serious weakness, despite policymakers speaking more about OT cybersecurity.
Tehran-backed cyberattacks are one problem. But such attacks could also have the backing of other Tehran-aligned allies, ideological kindred spirits, and hired cyber criminal syndicates who have taken advantage of the wave, as evidenced by the FBI’s 2024 Internet Crime Report that spells out losses to the tune of over $16 billion and growing in 2025. Criminal groups and additional state-sponsored resources can accelerate vulnerability not just in the Strait itself but in the U.S. homeland directly on critical infrastructure, some of which could be pre-positioned like the PRC’s Salt Typhoon campaign.
Jacobsen: How prepared is the U.S. and its allies to defend maritime cybersecurity?
Le: The Biden administration charged the U.S. Coast Guard with the duties to defend the marine transportation system, to include cyber with its existing authorities. Unfortunately, the duties did not come with additional capacities or resources. The U.S. maritime space is almost 100,000 miles of coastline and impacts over $3.5 trillion in economic activity.
However, the maritime infrastructure is out of date and have gaping security holes. Some of these issues are on the private sector who have not taken seriously the need to invest in cyber and digital infrastructure. At American ports, much of the technology are still on end-of-life operating systems and some are utilizing Chinese supply chain that could have a direct connection to Beijing.
Both the Trump administration and Congress – to their credit – have priorities the maritime sector. Some of these efforts have included proposed resources to expand shipbuilding, modernizing ports, and to empower the Coast Guard and reimagine its capabilities through its Force Design 2028 and $30 billion to do so. This would meaningfully strengthen coordination, capacity, and engagement between the Coast Guard and operators. Its allies have not made these types of investments, a major challenge as there are growing hostilities in global seas, to include sabotage of undersea cables and expanded threats in the Arctic over potential energy deposits.
Jacobsen: With AI-powered cyberattack tools emerging, how could energy sector targets become more vulnerable?
Le: All organizations are facing increased incoming attacks from AI-powered cybertools. The barriers and costs have been sharply reduced, and defenders are seeing exponential volume. Only one needs to be successful. Volume has created mayhem but the quality and sophistication of these attacks are also improving and increasing at an alarming rate.
The emphasis on social engineering and privileged access infiltration is directed at the biggest weakness of any organization – people. One can have the best tools and resources to defend, but people are still needlessly clicking and falling for these digital traps.
Some of these attacks are now utilizing cloned voices of loved ones, bosses, and other colleagues to hand over sensitive information. The barrage of spam via email, social media, and texts are getting more convincing, resulting in more breaches.
While the energy sector has significant resources and a history of technological leadership, more must be done to train, educate, and prioritize cyber beyond just a techie problem. With potential reputational damage, sensitive data breaches, business operation disruptions, and shareholder devaluation from a massive cyberattack, like Halliburton in 2024, there is clear reason to emphasize a culture of resilience and invest accordingly.
Jacobsen: What role should private sector companies play in coordinated defense against cyber threats?
Le: The private sector, its partners, the Federal Government, and subnational governments must be coordinated and communicate with openness and shared intelligence. There are many intelligence signals on trends for cyber-attacks. The private sector has a litany of open-source resources and signals collection that can augment and accelerate real-time analysis beyond the Government’s classified resources.
However, the Trump administration has made budget cuts to CISA, reducing some defensive capabilities. Some of the information sharing and analysis centers, including MS-ISAC, has seen reductions in resources and challenging resilience capacity.
The Trump Administration has emphasized more interest in companies playing offense rather than defense. It remains to be seen what private sector offensive rules of engagement or standards look like but such posture is an important consideration as adversaries become more emboldened with little deterrence.
Congress has been active in reauthorizing the Cybersecurity and Information Sharing Act of 2015, which allows companies to share cyber information with safe harbor with the government. This coordination is essential for maximizing visibililty. The House Homeland Security Committee recently passed its successor legislation with wide bipartisan support but it remains to be seen if there is appetite in the Senate from Senator Paul (R-KY), the Chairman of the Senate Homeland Security and Governmental Affairs Committee and CISA skeptic, will move forward similar legislation.
Jacobsen: Could offensive U.S. cyber capabilities realistically deter Iran?
Le: U.S. cyber capabilities could deter Iran, but the cost of attacking for Iran with cybertools is low and is more financially effective than traditional war resources. Some of these capacities are playing out in the clandestine space but Israeli cyber capabilities also add further complexities for Tehran.
Jacobsen: How do state and local governments fit into broader defense strategies?
Le: State and local governments – to include tribal and territorial governments – lack capacity, financial resources, and have seen significant challenges in recruiting and retaining technical talent all while facing fiscal headwinds and requirements to balance budgets.
Information sharing and analysis centers as well as other coordination with industry, law enforcement, and the Federal Government, are critical for hardening cybersecurity posture. But these very governments have been themselves regular targets, including the recent attack on the State of Nevada, now in the second week of outages with no end in sight.
One area of broader opportunity for state and local governments has been the support of the National Guard who have cyber capacities in response and recovery. This could be further area of exploration for the Federal Government and states could strengthen their cyber backbone.
Jacobsen: What long-term systemic risks could cyber-enabled disruptions create for global maritime markets?
Le: Major U.S., Asian, and European companies, especially those in the shipping industry, and other import-export players, represent long-term risk with growing cyber threats and increased cybercrime. Publicly traded companies that get hit could significant impact the stock market depending on the length of disruption and stoppage on global trade and supplies. This trend will only accelerate up as AI-powered tools are regularly deployed for financial and political motive.
Jacobsen: Thank you for the opportunity and your time, Jeff.
Last updated May 3, 2025. These terms govern all In-Sight Publishing content—past, present, and future—and supersede any prior notices. In-Sight Publishing by Scott Douglas Jacobsen is licensed under a Creative Commons BY‑NC‑ND 4.0; © In-Sight Publishing by Scott Douglas Jacobsen 2012–Present. All trademarks, performances, databases & branding are owned by their rights holders; no use without permission. Unauthorized copying, modification, framing or public communication is prohibited. External links are not endorsed. Cookies & tracking require consent, and data processing complies with PIPEDA & GDPR; no data from children < 13 (COPPA). Content meets WCAG 2.1 AA under the Accessible Canada Act & is preserved in open archival formats with backups. Excerpts & links require full credit & hyperlink; limited quoting under fair-dealing & fair-use. All content is informational; no liability for errors or omissions: Feedback welcome, and verified errors corrected promptly. For permissions or DMCA notices, email: scott.jacobsen2025@gmail.com. Site use is governed by BC laws; content is “as‑is,” liability limited, users indemnify us; moral, performers’ & database sui generis rights reserved.
In-Sight Publishing 