Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Sarah Grillo/Axios

In news stories, TV shows and at least one bestselling non-fiction book, you'll see warnings that hackers are coming to take out the U.S. electric grid, plunging the nation into democracy-ending darkness. An attack on that scale was even raised by leading intelligence officials in an Axios deep dive on global security threats.

Reality check: The people tasked with protecting U.S. electrical infrastructure say the scenario where hackers take down the entire grid — the one that's also the plot of the "Die Hard" movie where Bruce Willis blows up a helicopter by launching a car at it — is not a realistic threat. And focusing on the wrong problem means we’re not focusing on the right ones.

So, why can't you hack the grid? Here's one big reason: "The thing called the grid does not exist," said a Department of Homeland Security official involved in securing the U.S. power structure.

Think of the grid like the internet. We refer to the collective mess of servers, software, users and equipment that routes internet traffic as "the internet." The internet is a singular noun, but it’s not a singular thing.

  • You can’t hack the entire internet. There’s so much stuff running independently that all you can hack is individual pieces of the internet.
  • Similarly, the North American electric grid is actually five interconnected grids that can borrow electricity from each other. And the mini-grids aren't singular things either. Taking down "the grid" would be more like collapsing the thousands of companies that provide and distribute power accross the country.
  • "When someone talks about 'the grid,' it's usually a red flag they aren't going to know what they are talking about," says Sergio Caltagirone, director of threat intelligence at Dragos, a firm that specializes in industrial cybersecurity including the energy sector.

Redundancy and resilience: Every aspect of the electric system, from the machines in power plants to the grid as a whole, is designed with redundancy in mind. You can’t just break a thing or 10 and expect a prolonged blackout.

  • On some level, most people already know this. Everyone has lived through blackouts, but no one has lived through a blackout so big it caused the Purge.
  • 'The power system is the most complex machine ever made by humans," said Chris Sistrunk, principle consultant at FireEye in energy cybersecurity. "Setting it up, or hacking it, is more complicated than putting a man on the moon."
  • An attack that took out power to New York using cyber means would require a nearly prohibitive amount of effort to coordinate, said Lesley Carhart of Dragos. Such a failure would also tip off other regions that there was an attack afoot. Causing a power outage in New York would likely prevent a power outage in Chicago.

There are two real problems with getting this issue wrong:

  • Unnecessarily scaring people about the threat of terrorism is harmful in itself.
  • Setting the expectations too high for what an attack looks like can divert attention from more realistic and still pretty devastating attacks on the electric system and blunt the need to prepare for smaller attacks. "You run the risk of desensitizing people of the issue," said Mark Orlando, CTO of Raytheon's cybersecurity practice.

The real threat:

  • National attacks are unlikely. Small attacks matter more than you'd think.
  • "People can relate to their freezer stopping working. It's tough to relate to what would happen if oil refineries stopped working," said Mike Spear, global operations director for industrial cyber security at Honeywell.
  • An industrial plant that lost power by hacking nearby plants and onsight generators, for example, could lose as much as $50,000 a minute. Spears' oil refinery example would not only lose more money, but also impact anyone who drove a car.
  • Harming Cleveland's economy is less exciting than a nationwide blackout, but it still matters.

What about Russia? Periodically, news stories will cover the Russian malware implanted in industrial networks. One story cautioned that Russia had its "fingers on the switch."

  • It's no small task to get into industrial networks — most attacks at plants are limited to business networks.
  • But Russia's aim in hacking electric networks does not appear to be an imminent attack. Rather, experts agree, it's likely a reconnaissance mission for potential future actions.
  • While the threat here is real, an actual attack is more speculative than is sometimes portrayed.
  • Russia is the likely culprit behind the only two cyber-related blackouts in history, both launched against the Ukraine. But cybersecurity experts see no evidence that Russia is capable of more than localized attacks.

Go deeper

Updated 54 mins ago - World

Mexican President López Obrador tests positive for coronavirus

Mexico's President Andrés Manuel López Obrador during a press conference at National Palace in Mexico City, Mexico, on Wednesday. Photo: Ismael Rosas/Eyepix Group/Barcroft Media via Getty Images

Mexican President Andrés Manuel López Obrador announced Sunday evening that he's tested positive for COVID-19.

Driving the news: López Obrador tweeted that he has mild symptoms and is receiving medical treatment. "As always, I am optimistic," he added. "We will all move forward."

Sarah Huckabee Sanders to run for governor of Arkansas

Sarah Huckabee Sanders at FOX News' studios in New York City in 2019. Photo: Steven Ferdman/Getty Images

Former White House press secretary Sarah Huckabee Sanders will announce Monday that she's running for governor of Arkansas.

The big picture: Sanders was touted as a contender after it was announced she was leaving the Trump administration in June 2019. Then-President Trump tweeted he hoped she would run for governor, adding "she would be fantastic." Sanders is "seen as leader in the polls" in the Republican state, notes the Washington Post's Josh Dawsey, who first reported the news.

Coronavirus has inflamed global inequality

Illustration: Aïda Amer/Axios

History will likely remember the pandemic as the "first time since records began that inequality rose in virtually every country on earth at the same time." That's the verdict from Oxfam's inequality report covering the year 2020 — a terrible year that hit the poorest, hardest across the planet.

Why it matters: The world's poorest were already in a race against time, facing down an existential risk in the form of global climate change. The coronavirus pandemic could set global poverty reduction back as much as a full decade, according to the World Bank.