A cyber attack on Venezuela’s state-run oil company. along with a blockade on ships moving oil to or from Venezuela, adds to worsening US-Venezuela ties.
The tensions between the United States and Venezuela have become a recurrence in news headlines. In October 2025, the Central Intelligence Agency (CIA) admitted that it quietly sent out a cyberattack against the Venezuelan government in the last year of President Donald Trump’s first term, 2020. The conflict with Venezuelan President Nicolás Maduro developed as the ruler did not step down after a widely-contested election in 2017, which prevented the US-backed candidate (Juan Guaido) from coming into power. More recently, Maduro and Trump have been butting heads over at least 26 strikes on alleged “narcoterrorists” boats from Venezuela - just as cybersecurity concerns are coming back into the spotlight.
On December 15, 2025, Venezuela’s federally run oil company, Petróleos de Venezuela, S.A. (PDVSA) reported a cyberattack that they claimed did not affect their operations, though others have said that this is a misrepresentation of the damage, with Reuters specifically sharing that “four sources said systems remained down and oil cargo deliveries were suspended.” According to one of their sources on the PDVSA hack, this disruption to the administrative system was due to the use of antivirus software following an initial ransomware attack.
In a translation of the official statement shared on X, formerly Twitter, PDVSA maintained that the attack was not impactful: “The operational continuity of the industry is maintained through the implementation of secure protocols that allow its regular activities in the supply of products in the national market, as well as for the fulfillment of all its export commitments. This attempted aggression adds to the U.S. government's public strategy of seizing Venezuelan oil by way of force and piracy. The working class of the hydrocarbon industry has already faced attacks of this nature in the past. It was precisely their commitment, expertise and loyalty that made it possible to detect and neutralize this new attack.”
Though PDVSA’s statement minimizing the effect of the attack is at odds with other accounts, it’s true that sectors in critical infrastructure are increasingly common targets of cyberattacks. For the US, China, Russia, Iran, and North Korea are known to be the biggest threats against cybersecurity in critical infrastructure, as international conflict can serve as a motivation for intrusions. The Russia-Ukraine war specifically caused a rash of disruptions across Europe, with one hack even taking control of a dam to release 132 gallons (500 liters) of water each second, for a total of 475,200 gallons or over 1,660 tons of water. This recent attack on PDVSA is not even the first time that the company has weathered a cyberattack - in 2002, a cyberattack cut the country’s oil output from 3 million barrels a day to just 370 thousand barrels a day.
Venezuela has been combatting an increase in cyberattacks since the reelection of Maduro in 2024, with the country’s Minister of Science and Technology, Gabriela Jiménez, reporting that federal cyber systems are a large target of attacks: “65% have been Distributed Denial of Service (DDoS), and have affected servers of State institutions and international links that serve the country’s internet.” The barrage of attacks led to some suspicion about the US backing these intrusions, which was likely not assuaged by the CIA’s confession earlier this year.
The cyberattack on PDVSA may draw even more suspicion, considering the latest developments around US involvement with Venezuelan oil. The nation “holds the world’s largest proven oil reserves,” and has especially cheap gas prices, making the resource significant domestically and internationally. The US placed sanctions on people operating in the nation’s oil sector in 2019, including PDVSA. This week, Trump ordered a blockade of all sanctioned oil tankers coming into or leaving Venezuela.
Trump alleges that the “stolen” oil was used by Maduro’s administration to “finance themselves, Drug Terrorism, Human Trafficking, Murder, and Kidnapping”. The move caused Mexico’s president, Claudia Sheinbaum, and Brazil’s president, Luiz Inacio Lula da Silva, to call for peace, with China (Venezuela’s chief oil importer) being more vocal about their criticism of the policy change. Wang Yi, China's foreign minister, pushed against the policy, saying “China believes the international community understands and supports Venezuela's position in defending its legitimate rights and interests.”
This discourse does not seem likely to end any time soon, meaning that more cyber activity around critical infrastructure may be expected in the near future. Hopefully, the US starts to shore up its cyber defenses in the meantime, even if the Cybersecurity and Infrastructure Security Agency (CISA) is still operating without a permanent director at the helm as Congress starts holiday recess.