Microsoft recently exposed a state-sponsored Chinese hacking group called “Volt Typhoon” that infiltrated critical infrastructure in the United States with the goal of disrupting critical communications infrastructure between the U.S. and Asia in times of future crises. Volt Typhoon, operating since mid-2021, focused on intelligence gathering and espionage rather than immediate disruption. By exploiting vulnerabilities in the FortiGuard cybersecurity platform, the group gained access to various sectors, including communications, manufacturing, utilities, transportation, construction, maritime, government, information technology, and education.

These attacks highlight the ongoing threat of cyberterrorism on power grids and other essential systems. In 2022 alone, over 100 reported incidents were recorded, with an additional 18 attacks or potential attacks reported in various states such as Florida, North Carolina, Oregon, South Carolina, and Washington. These incidents involved intrusions, firearms, and sabotage, causing significant damage and power outages affecting thousands of people.

China vehemently denies the allegations made by Microsoft, claiming the US lacks evidence. The difficulty in attributing cyberattacks to specific nation-states adds complexity to addressing the issue effectively. The examples of past attacks, such as the Ukraine power grid attack, Stuxnet worm, and Metcalf sniper attack, underline the need for robust cybersecurity measures and proactive defense strategies. Governments and organizations must collaborate, share information, and prioritize the protection of vital infrastructure to mitigate the risks posed by terrorist attacks on power grids.

Other Examples of Terrorist Attacks on Power Grids:

Ukraine Power Grid Attack (2015): Russian hackers targeted Ukraine’s power grid, causing widespread blackouts and impacting over 225,000 people. The attack demonstrated the vulnerability of critical infrastructure to cyberterrorism.
Stuxnet Worm (2010): Widely attributed to the US and Israel, the Stuxnet worm targeted Iran’s nuclear facilities, including its power grid. The attack caused physical damage to centrifuges, disrupting Iran’s nuclear program.

Metcalf Sniper Attack (2013): In California, a group of gunmen attacked a power substation, firing more than 100 rounds and disabling 17 transformers. This incident highlighted the potential vulnerability of physical infrastructure to terrorist attacks.

The U.S. power grid, comprising of numerous power plants, transmission substations, and extensive power lines, presents an attractive target due to its inherent vulnerabilities. A report by the Federal Energy Regulatory Commission (FERC) highlighted that just nine simultaneous attacks on critical substations could lead to a nationwide blackout lasting week or even months, demonstrating the significant interconnectivity and potential cascading effects of disruptions. The federal government has expressed concern about the lack of information on the culprits behind these attacks. While it is unclear if the attacks are motivated by extremist ideologies, extremist social media platforms have widely shared violent conspiracies and manifestos focused on targeting energy infrastructure.

Exergy, your Concierge Utility, provides U.S. citizens the comfort of knowing we will mitigate risks and potential disruptions caused by weather, a weak power grid and now, unpredictable terrorist attacks for you!