Article

Attacking the grid

Domestic terrorism targeting the U.S. electric grid is exposing dangerous vulnerabilities. Here’s everything you need to know:

Why is the grid at risk?

Domestic terrorists and vandals have found it to be alarmingly easy to trigger blackouts in the vast, decentralized network of 55,000 power substations and millions of miles of transmission wires that provide America’s electricity. There were more than 100 attacks on U.S. electrical infrastructure last year — a 72 percent increase over 2021. The end of 2022 saw a spate of attacks in the Carolinas, Washington state, and Oregon. In Moore County, North Carolina, three attackers (who remain at large) shot up a pair of substations, causing 45,000 residents to lose power for up to five days. Watching life grind to a halt as people sat in the darkness was like “something out of a horror movie,” state Rep. Ben Moss Jr. (R) said. White supremacists are believed to be behind many of the latest attacks. Recently, two neo-Nazis connected to a group called the Atomwaffen Division allegedly plotted to destroy five substations around Baltimore, hoping to cause “cascading failure” in the electric system serving the majority-Black city. This type of sabotage, along with the growing risk of grid cyberattacks, creates real peril as Americans become increasingly dependent on electricity.

How are the attacks carried out?

Substations convert electricity from power plants to higher and lower voltages so it can be distributed to consumers. The giant transformers that do this work are cooled with circulating oil, and recently, some attackers have simply driven up to a substation and blasted holes in these metal boxes with rifles, springing oil leaks that cause the transformers to overheat. Vital regional substations usually are protected by armed guards and bullet-resistant barriers, but thousands of other substations across the country — plus wind turbines and solar plants — are in remote rural areas, secured by little more than chain-link fences. Some don’t even have surveillance cameras.

What about cyberattacks?

Security experts have warned for years that the grid is vulnerable to hackers. Those fears were realized in 2021, when a ransomware cyberattack caused the temporary shutdown of the Colonial Pipeline, which provides nearly half of the East Coast’s oil. The pipeline reopened only after the anonymous hackers received a $4.4 million bribe. Globally, the energy industry was the third-most-targeted sector for cyberattacks in 2020, after finance and manufacturing — up from ninth place a year earlier, according to IBM. For more than a decade, Russia and the U.S. reportedly have each sought to make digital incursions in the other’s electric grid, planting probes that could disable power plants and trigger blackouts if a conflict escalated.

Why are attacks on the rise?

On far-right internet forums, commenters gloat about how attacking the grid “cracked the code on lone wolf attacks,” with one user writing, “Law enforcement appears powerless (no pun intended) to stop them.” Disabling a single transformer usually causes a localized blackout, but if several substations fail at once it can trigger cascading outages. A federal report published in 2014 found that strategically disabling just nine substations across the country — combined with an attack on a transformer manufacturer — could cause a nationwide blackout lasting 18 months. In modern society, a blackout doesn’t just cause the lights to go out, of course; it can also cripple wastewater treatment, heating and cooling, personal banking, home security, the charging of electric vehicles, and so much else. The Department of Homeland Security warns that violent extremists view attacks on electrical systems as “a means to create chaos and advance ideological goals.”

What are their goals?

White supremacists believe modern American society is in terminal decline, and seek to hasten its collapse so a fascist government can rise from the ashes — a movement they call “accelerationism.” A neo-Nazi group recently published a 250-page manual online for attacking the grid, with a swastika and lightning bolts on the cover. The guide details vulnerabilities at cell towers, power grids, and other infrastructure. “When the lights don’t come back on … all hell will break [loose],” it reads, “making conditions desirable for our race to once again take back what is ours.” In 2020, the FBI foiled a plot called “Lights Out,” created by three members of the Atomwaffen Division. They allegedly planned to simultaneously attack substations across the country, hoping months of blackouts would lead to a race war and economic collapse.

Why is security so weak?

No single authority is in charge of setting security standards for the grid. Instead, that responsibility falls on a collection of regional public and private utilities, many of which balk at the cost of paying for 24/7 armed guards or tall concrete walls at every substation. Responding to recent attacks, legislators in North Carolina, South Carolina, Arizona, and Georgia proposed bills that would require round-the-clock substation guards, and impose tougher penalties on attackers. Brian Harrell, a former Homeland Security assistant secretary for infrastructure protection, predicts this year will be “the most catastrophic” on record for violent extremists targeting U.S. electricity infrastructure. “There’s no doubt in my mind,” he said.

The attack that inspired copycats

The recent surge of assaults on the grid was set in motion on the night of April 16, 2013, when attackers targeted a substation in Metcalf, California, near San Jose. The saboteurs cut fiber optic cables at the site in an apparent attempt to knock out communications, then spent 20 minutes firing more than 100 rounds from sniper rifles at high-voltage transformers. The bullet holes let more than 50,000 gallons of cooling oil drain out, which caused 17 of the substation’s 21 transformers to overheat. Jon Wellinghoff, then-chairman of the Federal Energy Regulatory Commission, surveyed the $15 million in damage, calling the attack “extremely sophisticated” and saying it nearly caused Silicon Valley to lose power, potentially for several weeks. The perpetrators didn’t leave fingerprints and were never caught, despite a $250,000 reward offered for information. Although the substation’s operator, PG&E, pledged $100 million to harden its facilities, a year later someone managed to cut through the fence at Metcalf and steal some of its construction equipment.