War-Gaming the Grid's Worst Day

Every two years, North America's electricity sector stages GridEx — a simulation exercise hosted by the Electricity Information Sharing and Analysis Center that puts utilities, grid operators, and government agencies through scenarios designed to stress-test their ability to respond to coordinated attacks on power infrastructure. GridEx VIII, held in November 2025, presented participants with a scenario built around a fictional international sporting event, a heat wave, and a sophisticated adversary conducting simultaneous drone, ballistic, and vandalism attacks on physical grid assets.

The scenario, inspired by the upcoming 2026 World Cup and 2028 Los Angeles Olympics, assumed that a nation-state adversary targeted the power grid of a fictional host nation during a period of maximum grid stress. A heat wave combined with high demand from visitors would have already stretched the grid near its limits when coordinated physical attacks began. The simulation tested whether utilities could maintain or restore service under those compounded conditions.

Why Physical Attacks on Power Grids Are Getting More Attention

For most of the history of grid security planning, the primary concern was cyberattacks — intrusions into control systems that could allow adversaries to remotely manipulate grid equipment. The 2015 Ukraine power grid attack demonstrated that sophisticated adversaries combine both cyber intrusion and physical actions at substations. More recent incidents have shifted attention toward purely physical attacks.

In the United States, a series of attacks on electrical substations in 2022 — including a significant incident in Moore County, North Carolina that left tens of thousands of customers without power for days — demonstrated how vulnerable unguarded infrastructure can be to relatively unsophisticated physical attacks. Attackers used rifles to disable transformers, which are expensive, long-lead-time components that cannot be quickly replaced.

The proliferation of commercial drones has added a new threat vector. Drones can carry incendiary or explosive payloads, fly over perimeter fencing, and target components that are difficult to protect physically — including high-voltage transmission lines, insulator strings, and equipment on transmission towers. The use of drones to attack power infrastructure has been observed in multiple conflict zones, and there is concern that domestic adversaries could adopt similar tactics.

These tiny fish have a clever strategy to hide in plain sight – thanks to their food
More in Innovation

Golden sweeper fish steals its bioluminescence from prey

Researchers say the Pacific golden sweeper cannot make its own luciferase and instead acquires the light-producing protein from tiny crustaceans it eats.

Read article

What GridEx Revealed About Drone Threats

The GridEx VIII scenario specifically incorporated drone attacks as a component of the simulated adversary's toolkit, alongside ballistic attacks and conventional vandalism. This reflects a recognition within the electricity security community that drone threats to grid infrastructure have moved from theoretical concern to active planning requirement.

Grid operators had to work through how their situational awareness systems would detect incoming drone threats, what authority they have to respond — the legal framework for counter-drone measures is complicated in the US, with most counter-UAS authorities reserved for federal agencies — and how to coordinate with law enforcement and military assets if drone attacks were ongoing.

The responses available to civilian utilities in the event of a drone attack are more limited than those available to military installations. Jamming or disabling drones can interfere with other radio frequency users and is generally restricted. Physical intercept measures require proximity and create collateral risks. This gap between threat and available countermeasure is a genuine policy challenge that the exercise helped illuminate.

Improving Resilience Through Design and Redundancy

GridEx exercises are as much about identifying systemic vulnerabilities as they are about testing response procedures. One consistent finding from multiple GridEx iterations is that grid architecture decisions made decades ago — including the concentration of critical infrastructure in easily accessible locations — create attack surfaces that are difficult to retrofit.

The electricity sector has been investing in resilience measures including distributed energy resources, microgrids that can island from the main grid during an outage, and undergrounding of critical transmission assets in high-risk locations. These measures are expensive and take years to implement, but each GridEx exercise helps utilities and regulators prioritize which vulnerabilities pose the greatest risk.

The sporting event scenario was chosen deliberately. Major events like the World Cup and Olympics concentrate global attention on host countries, raising both the symbolic value of an attack and the pressure for rapid service restoration. Grid operators in cities hosting international sporting events in the coming years now have a structured exercise experience to draw on as they evaluate their own vulnerability profiles.

This article is based on reporting by IEEE Spectrum. Read the original article.

Are we at the dawn of a new Space Age?
More in Innovation

SpaceX Nears a Historic Orbital Payload Milestone

SpaceX is approaching a milestone few space companies or governments could have imagined two decades ago: nearly matching the rest of the world combined in total orbital payload launches since Sputnik.

Read article

Originally published on spectrum.ieee.org