The US Grid Attack Looming on the Horizon
Credit to Author: Justin Ling| Date: Wed, 04 Jun 2025 10:00:00 +0000
When the lights went out across the Iberian Peninsula in April, everything ground to a halt. Scores of people were trapped in Madrid’s underground metro system. Hospitals in Lisbon had to switch to emergency generators. Internet service as far away as Greenland and Morocco went down.
While the cause remains unclear, the actual damage to the Iberian power grid—and the people it serves—was relatively minor. Less than 24 hours after the outage began, the region’s electricity operators managed to get the grid back online.
Even if things could have been much worse, the outage was both an unnerving reminder of how suddenly things can go offline.
For years, cybersecurity professionals, watchdogs, and government agencies have warned that a malicious cyberattack on the US power grid could be devastating. With ample evidence that state-sponsored hacking groups are eyeing the decentralized and deeply vulnerable power grid, the risk is more acute than ever.
Case in point: Hackers, believed to be linked to the Chinese government, spent years exploiting vulnerabilities in critical infrastructure across the mainland United States and Guam to obtain access to their systems. The operations, dubbed Volt Typhoon, could have used this access to shut down or disconnect parts of the American power grid—throwing millions into the dark. The effort was, luckily, disrupted and the vulnerabilities patched. Still, it is an unnerving illustration of just how vulnerable the electric system truly is.
We know what such a hack could look like. In 2015, Ukraine experienced the world’s first large-scale cyberattack on an electrical grid. A Russian military intelligence unit known as Sandworm disconnected various substations from the central grid and knocked hundreds of thousands of people offline.
The attack on Ukraine was repaired quickly, but cybersecurity experts have been warning for years that the next one might be more devastating.
Unlike Ukraine, America does not have a single power grid—it has three large interconnections, broken down into a network of smaller regional systems, some of which stretch into Canada. Most of the East is on one grid, most of the West is on another, while Texas and Alaska run their own interconnections. Keeping these networks running is a wildly complicated effort: There are thousands of utility operations, tens of thousands of substations, and hundreds of thousands of miles of high-voltage transmission lines.
To some degree, this decentralized network is an asset, as it means there is no core vulnerability that risks knocking the entire country offline. But the interconnections mean that a failure in one corner of the grid could cause a cascade that takes down the entire system.
In 2018, researchers from Northwestern University ran large-scale models, gaming out what would happen if parts of the grid failed. They found that, generally, the American power grid was resilient. However, they found that about 10 percent of power lines in the US were susceptible to the kind of failure that could trigger this domino effect under some conditions. A 2022 study that looked at possible disruptions to the Texas grid also found that, in some cases, a relatively small disruption could cause a series of downstream outages “rapidly in succession.”
This means that even if malicious actors manage to take only a small number of nodes in the network offline, it has the potential to do enormous downstream damage.
Insurance underwriter Lloyd’s of London has looked at the effects of such an outage. In this hypothetical, first drafted in 2015 but updated in the years since, Lloyd’s estimates that a Trojan virus that manages to infect just 50 generators—removing 10 percent of the grid’s total power—can trigger this cascade effect and knock out power for most of the East Coast, including New York City and Washington, DC. The Lloyd’s report states that this is an “extreme” but “not unrealistic scenario.”
Eastern Interconnection
Over 120 million people across 36 US states and parts of Canada.
Western Interconnection
14 US states, two Canadian provinces, and a portion of Baja California in Mexico. Approximately 80 million people.
Texas Interconnection (ERCOT)
Most of Texas, operating largely independently from the other interconnections. Over 26 million people.
Quebec Interconnection
Around 8.5 million people.
Alaska Interconnection
Approximately 730,000 people.
“Images of a dark New York City make front pages worldwide,” they write, “accompanied by photographs of citizens stuck underground for hours on stranded subway cars and in elevators in the summer heat.”
These rolling blackouts would stretch through 36 states over the course of a day, throwing some 93 million people into the dark. It could take up to three days for half of those people to get back online—while hardware damage and other problems could require up to three weeks to fix.
As the outages continue, more difficulties arise. The analysts warn that an information campaign running parallel to the cyberattack could prompt strikes, protests, or general unrest.
In 2016, then Federal Emergency Management Agency administrator Craig Fugate was summoned to Congress to testify on the possible impacts of a cyberattack on the US electric grid. Water and wastewater systems are some of the first things to go down, he noted. “There is not really a good way to manage that if those systems go offline for extensive periods of time,” Fugate said.
He explained that the emergency response will become a game of triage: distributing enough power, gas, and generators to emergency services and utilities, while also trying to keep consumer-facing supply chains operating.
“Can you get enough life support and infrastructure going to keep the major supply lines up?” Fugate continued. “You are not going to have everything. You are not going to have what the normal consumption rates are.”
Lloyd’s estimates that the total economic costs and losses could hit $1 trillion.