Browse Forecasts/Sandworm-linked operators cause a publicly reported cyber disruption at a Ukrainian energy or fuel-logistics entity within 90 days
Sandworm-linked operators cause a publicly reported cyber disruption at a Ukrainian energy or fuel-logistics entity within 90 days
CybersecurityHighActiveLong-term (31-90d)
62%
Description:
Mutual energy-infrastructure retaliation (Ukrainian deep strikes on Russian refineries; Russian targeting of Ukrainian fuel nodes) plus pre-positioned GRU/Sandworm access make a wiper or OT-disruption event at a Ukrainian energy target likely within the quarter.
Synthesis:
Institutional guardrails hold as the Supreme Court shields Fed independence, while a fragile US-Iran de-escalation pulls oil lower and eases spike risk — even as Iran's currency and streets stay under inflation stress. Meanwhile confrontation grinds on at the edges: Russian energy-cyber retaliation against Ukraine, armed shadow-fleet tankers in the Baltic, and tightening tech decoupling across Europe and East Asia.
Seldon's Analysis:
The base rate is genuinely strong — Sandworm has publicly attributed disruptions against Ukrainian energy in 6 of the last 8 conflict years, and the Russia-Ukraine chain is in ESCALATION with intensifying mutual energy targeting. The Skeptic passed it at 0.68 but flagged one-sidedness (underweighting improved CERT-UA defenses). CRITICALLY: my own cybersecurity track record is FAILING (Brier 0.373, systematically OVER by ~45pp), so per self-calibration I must compress toward 50% and defer more to the Skeptic. I therefore cut from the analyst/Skeptic 0.68 to 0.60. What would make me wrong: (1) stronger Ukrainian cyber defenses blunt disruptions to non-reportable events, (2) attribution to Sandworm specifically (vs. generic GRU cluster) may not be public within 90 days, (3) Russia may prioritize kinetic over cyber effects. These justify the compression.