The U.S. House Committee on Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection will hold a hearing next Tuesday to examine the evolution of threats to critical infrastructure following the discovery of Stuxnet 15 years ago. Witnesses listed for the hearing include Tatyana Bolton, executive director of the Operational Technology Cybersecurity Coalition (OTCC); Kim Zetter, cybersecurity journalist and author of ‘Countdown to Zero Day’; Robert Lee, CEO and co-founder of industrial cybersecurity firm Dragos; and Nate Gleason, program leader at the Lawrence Livermore National Laboratory, according to a copy of the notice.
“Stuxnet signaled a new age in the targeting of operational technology, an attack vector that has increased in complexity over the past 15 years,” Andrew Garbarino, a New York Republican and chairman of the Subcommittee on Cybersecurity and Infrastructure Protection, said in a Wednesday media statement. “This moment showed how malware can be used to target and potentially cripple critical infrastructure operations, which has raised the stakes for critical infrastructure resilience for sectors across the globe.”
He added that “Today, bad actors will not hesitate to use malware to gain a foothold in the services Americans rely on every day and wreak havoc on our way of life.”
Garbarino noted that given increasing threats to critical infrastructure from actors such as Volt Typhoon, it is important to examine the legacy of Stuxnet, the world’s first cyber weapon. “I look forward to hearing valuable insight from industry leaders and experts regarding how Stuxnet has impacted the cybersecurity landscape and U.S. cybersecurity posture.”
Stuxnet wasn’t just another piece of malware. It was a digital weapon with a physical impact. Uncovered in 2010, it secretly targeted Iran’s nuclear centrifuges, causing them to malfunction while pretending everything was normal. Believed to be a joint U.S. and Israeli operation, it was the first time code was used to cause real-world damage. Stuxnet changed the game and showed how far cyberattacks could reach into the physical world.
In the 15 years since Stuxnet, U.S. critical infrastructure has itself been pilloried by cybercriminals, ransomware groups, and nation-states alike. Policymakers are revisiting Stuxnet in the hopes that it can help them learn to better defend their domestic industries.
A committee aide told CyberScoop that Stuxnet “is part of the story of OT cybersecurity.”
“It marked a pivotal moment in critical infrastructure resilience and the way we think about both offensive and defensive cyber operations,” the aide said. “Now that we are at the 15-year mark since the discovery of Stuxnet, it is timely to review how the cyber threat landscape has evolved to ensure our OT is resilient, especially as DHS warns about heightened threats from Iran against critical infrastructure.”
The aide added that the lessons could be valuable to legislators, with Congress set to tackle a pair of important cybersecurity laws that are set to expire this year.
Recent Dragos data revealed that ransomware groups and their affiliates intensified operations in the first quarter of 2025, combining emerging and long-standing tactics, techniques, and procedures. Established operators such as Cl0p, Akira, and RansomHub maintained high levels of activity, while emerging threats, including FunkSec, Sarcoma, and Lynx, introduced advanced techniques like AI-driven malware and sophisticated EDR (endpoint detection and response) evasion strategies.
