Reviews Reviews
Photo Credit: Tony Webster/Flickr

An Attack That Would Cripple the United States

America is ignoring a potentially catastrophic event, and it’s a work of fiction that is sounding the alarm. Author Kyle Mills provides an urgent warning that U.S. policymakers and everyday Americans should heed in his new thriller, Total Power.

In Total Power, Mills shows how vulnerable the U.S. electrical grid is to attack. The story isn’t just well-written fiction, either. While the U.S. government is concerned with COVID-19, China, Russia, and Iran, lawmakers on Capitol Hill should take the threat of an attack on the electrical grid as serious as other major national security threats.

In August 2019, the Government Accountability Office released a report to Congress about the need to secure critical infrastructure in the U.S. The report details how the U.S. electrical grid is becoming more vulnerable.

“The grid is becoming more vulnerable to cyberattacks—particularly those involving industrial control systems that support grid operations. (The figure below is a high-level depiction of ways in which an attacker could compromise industrial control systems.) The increasing adoption of high-wattage consumer Internet of Things devices—”smart” devices connected to the internet—and the use of the global positioning system to synchronize grid operations are also vulnerabilities.”

A review of recent cyber-attacks against U.S. Infrastructure shows a pattern of the growing threat:

  • In January 2020, Dragos, a cybersecurity and intelligence firm, reported that a group of Iranian cyber hackers targeted U.S. electrical utilities.
  • In June 2019, according to information from the Center for International and Strategic Studies, a Russian hacking group was conducting reconnaissance into the networks of electrical utilities.
  • In March 2019, the U.S. Department of Energy filed a report about how a cyber-event disrupted California and Utah’s electrical systems. 
  • Also, In March 2019, an Iranian cyber group targeted digital infrastructure in the U.S.
  • In March 2018, the Cybersecurity and Infrastructure Agency put out an alert about Russian hackers having targeted U.S. critical infrastructure, including energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors since 2016.

However, that doesn’t account for all the cyber-attacks on infrastructure outside of the United States.

In December 2015, Russian hackers hit Ukraine’s electrical grid, cutting off the power of 225,000 people in the country. While the outage only lasted an hour, it is the first time an electrical grid got shut down from a cyber-based attack.

In March 2015, former NSA Director Admiral Michael Rogers said of the attack. “Seven weeks ago, it was the Ukraine. That isn’t the last we are going to see of this. That worries me.”

On October 19, 2020, the U.S. Department of Justice charged six Russian intelligence officers for several major cyber incidents, including the 2015 attack on Ukraine’s electrical grid.

In, Total Power, the attack is terrifying compared to what happened in Ukraine. With Mills’ book, the bad guy successfully shuts down the U.S. grid, and Americans are far from prepared for what comes next. Further, if an attack happened in the U.S., data suggests many Americans wouldn’t be ready for the fallout.

A June 2020 National Domestic Preparedness Survey from Healthcare Ready found that 50% of Americans do not have an emergency plan in place and that 30% of Americans do not believe that their community has the resources to help if an emergency comes. In the event of a successful attack on the grid, the United States’ economy would come to a grinding halt, and after resources and supply chains ran dry, there would be riots, violence, and death in the streets. This scenario unfolds in vivid detail in Mills’ book, Total Power.

Currently, Russia and China remain the only nations with the ability to impact critical infrastructure in the United States significantly. The pattern of behavior from countries like Russia suggests that it is actively looking for ways to exploit and target our energy grid.

While China doesn’t have a history of launching cyber-attacks against U.S. critical infrastructure, tensions between the United States and the world’s most populous nation remain high. In May 2020, the U.S. Department of Energy announced its intentions to remove and replace China-made equipment from the power grid, amid concerns that hardware or software could have backdoor malware.

Securing America’s electrical grid should be a top priority for lawmakers. The U.S. government wasn’t prepared to mitigate the COVID-19 pandemic because it didn’t heed the warning signs. The cyber activity pattern on U.S. infrastructure indicates that foreign actors are escalating their attacks on the energy grid. Washington needs to pay close attention before Total Power becomes more than fiction.