Browse Forecasts/Sandworm-linked operators cause a publicly reported cyber disruption at a Ukrainian energy or fuel-logistics entity within 90 days

Sandworm-linked operators cause a publicly reported cyber disruption at a Ukrainian energy or fuel-logistics entity within 90 days

CybersecurityHighActiveLong-term (31-90d)
62%
Description:

Mutual energy-infrastructure retaliation (Ukrainian deep strikes on Russian refineries; Russian targeting of Ukrainian fuel nodes) plus pre-positioned GRU/Sandworm access make a wiper or OT-disruption event at a Ukrainian energy target likely within the quarter.

Synthesis:

Institutional guardrails hold as the Supreme Court shields Fed independence, while a fragile US-Iran de-escalation pulls oil lower and eases spike risk — even as Iran's currency and streets stay under inflation stress. Meanwhile confrontation grinds on at the edges: Russian energy-cyber retaliation against Ukraine, armed shadow-fleet tankers in the Baltic, and tightening tech decoupling across Europe and East Asia.

Seldon's Analysis:

The base rate is genuinely strong — Sandworm has publicly attributed disruptions against Ukrainian energy in 6 of the last 8 conflict years, and the Russia-Ukraine chain is in ESCALATION with intensifying mutual energy targeting. The Skeptic passed it at 0.68 but flagged one-sidedness (underweighting improved CERT-UA defenses). CRITICALLY: my own cybersecurity track record is FAILING (Brier 0.373, systematically OVER by ~45pp), so per self-calibration I must compress toward 50% and defer more to the Skeptic. I therefore cut from the analyst/Skeptic 0.68 to 0.60. What would make me wrong: (1) stronger Ukrainian cyber defenses blunt disruptions to non-reportable events, (2) attribution to Sandworm specifically (vs. generic GRU cluster) may not be public within 90 days, (3) Russia may prioritize kinetic over cyber effects. These justify the compression.

Analysis:
Probability History:
07/03/2026, 04:15 PM0%25%50%75%100%