The US Grid Attack Looming on the Horizon

When the lights went out across the Iberian Peninsula in April, everything ground to a halt. Scores of people were trapped in Madrid’s underground metro system. Hospitals in Lisbon had to switch to emergency generators. Internet service as far away as Greenland and Morocco went down.

While the cause remains unclear, the actual damage to the Iberian power grid—and the people it serves—was relatively minor. Less than 24 hours after the outage began, the region’s electricity operators managed to get the grid back online.

Even if things could have been much worse, the outage was both an unnerving reminder of how suddenly things can go offline.

For years, cybersecurity professionals, watchdogs, and government agencies have warned that a malicious cyberattack on the US power grid could be devastating. With ample evidence that state-sponsored hacking groups are eyeing the decentralized and deeply vulnerable power grid, the risk is more acute than ever.

Case in point: Hackers, believed to be linked to the Chinese government, spent years exploiting vulnerabilities in critical infrastructure across the mainland United States and Guam to obtain access to their systems. The operations, dubbed Volt Typhoon, could have used this access to shut down or disconnect parts of the American power grid—throwing millions into the dark. The effort was, luckily, disrupted and the vulnerabilities patched. Still, it is an unnerving illustration of just how vulnerable the electric system truly is.

We know what such a hack could look like. In 2015, Ukraine experienced the world’s first large-scale cyberattack on an electrical grid. A Russian military intelligence unit known as Sandworm disconnected various substations from the central grid and knocked hundreds of thousands of people offline.

The attack on Ukraine was repaired quickly, but cybersecurity experts have been warning for years that the next one might be more devastating.

Unlike Ukraine, America does not have a single power grid—it has three large interconnections, broken down into a network of smaller regional systems, some of which stretch into Canada. Most of the East is on one grid, most of the West is on another, while Texas and Alaska run their own interconnections. Keeping these networks running is a wildly complicated effort: There are thousands of utility operations, tens of thousands of substations, and hundreds of thousands of miles of high-voltage transmission lines.