Cyberattacks on U.S. utilities have surged nearly 70 percent this year compared to the same period in 2023, according to data from Check Point Research.
As the national power grid rapidly expands to meet growing energy demand and incorporates more digital assets, vulnerabilities have also increased, making utilities a key target, Reuters news report said.
The industry, particularly reliant on outdated software, is seen as a “low-hanging fruit” for cyberattacks, according to Douglas McKee from cybersecurity firm SonicWall. Despite the significant uptick in attacks, none have yet crippled a U.S. utility. However, experts warn that a coordinated attack could cause widespread disruptions to essential services, with potentially severe financial consequences.
Through August this year, the average number of cyberattacks stood at 1,162, compared to 689 in the same period of 2023. The energy sector remains especially vulnerable, as evidenced by the 2021 Colonial Pipeline ransomware attack, which forced the shutdown of a major U.S. fuel pipeline.
As the grid expands, particularly with the integration of new connections like Gen-AI data centers, the risk intensifies. The North American Electric Reliability Corp (NERC) has reported an increase of 60 new potential points of attack daily on U.S. electrical networks. Despite regulatory protections such as NERC’s Critical Infrastructure Protection standards, experts say these safeguards only provide a minimum level of defense.
