Frequent cyber threats targeting critical energy infrastructure—increasingly driven by geopolitical motives—necessitate advanced analytical frameworks for threat intelligence synthesis and strategic response. Method: This paper proposes a novel threat research framework integrating geopolitical analysis with generative artificial intelligence (GenAI). It pioneers the application of GenAI to automatically extract and structure multi-source cyber threat intelligence (CTI), enabling cross-database correlation analysis to systematically map the geopolitical origins of adversaries and their regional targeting patterns. Concurrently, it evaluates the detection efficacy of machine learning–based tools against energy-sector–specific indicators of compromise (IoCs). Contribution/Results: The study uncovers statistically significant geopolitical drivers underlying energy cyberattacks, empirically validates the effectiveness of learning-based detection methods in this domain, and delivers actionable policy recommendations and defensive optimization strategies—thereby substantially enhancing the accuracy and foresight of threat assessment.

The escalating frequency and sophistication of cyber threats increased the need for their comprehensive understanding. This paper explores the intersection of geopolitical dynamics, cyber threat intelligence analysis, and advanced detection technologies, with a focus on the energy domain. We leverage generative artificial intelligence to extract and structure information from raw cyber threat descriptions, enabling enhanced analysis. By conducting a geopolitical comparison of threat actor origins and target regions across multiple databases, we provide insights into trends within the general threat landscape. Additionally, we evaluate the effectiveness of cybersecurity tools -- with particular emphasis on learning-based techniques -- in detecting indicators of compromise for energy-targeted attacks. This analysis yields new insights, providing actionable information to researchers, policy makers, and cybersecurity professionals.