The UK’s power supply system is built with resilience in mind. But as society becomes ever more reliant on electricity, the threats to our power continuity grow too. Let’s take a look at what could cause a UK-wide blackout…
According to National Grid statistics, Britain’s electricity supply is available for 99.98% of the time.
Both the power generation and distribution sides of the network are designed with redundancy in mind to minimise the risk of widespread failure.
That’s a key reason why the country has never experienced a nationwide power outage. But there are several threats that mean we have no room for complacency.
There’s natural hazards such as extreme weather, geomagnetic disturbances or global pandemics.
Human error or systems failure could trigger a terrible accident.
While in an increasingly volatile and divided world, we’re confronted by countless man-made threats.
These could see terrorists target attacks on vital infrastructure.
Or it could involve sophisticated networks of cybercriminals trying to hack into and shut down our essential energy supplies.
There are also a whole host of weird and wonderful things that have the potential to cause a power cut.
In no specific order, here’s our rundown of the top 5 threats to our electricity…
Climate Change & Extreme Weather
With the Extinction Rebellion protests rarely out of the headlines in recent months, climate change and environmental issues have never had a higher profile.
The basic facts highlight the challenge our planet faces. Average temperatures increased steadily throughout the 20th century and continue to do so. In fact, 2016 was the hottest year on record, more than 1oC warmer than the pre-industrial average.
While here in the UK, the 10 hottest ever years have all happened since 1990. February 2019 was the warmest ever with temperatures topping 20oC, the first time the UK has hit those heights during a winter.
Rewind 12 months and the nation was battling the ‘Beast from the East’, a cold snap incorporating the coldest spring day since Met Office records started in 1910.
The underlying trend suggests we’ll see warmer winters and hotter summers, with sea levels around Britain’s coast rising by roughly 3mm per year as the polar ice caps melt and warmer water expands.
Everything points to us experiencing more weather at the extreme ends of the spectrum – scorching temperatures, torrential rainfall, icy cold snaps and ferocious winds.
Such scenarios inevitably raise the risk of serious disruption to the electricity grid. This can be on a small, localised scale or at wider regional and even national levels.
High winds and build-ups of snow bring down trees, potentially knocking out vital power transmission lines. Flooding damages infrastructure like substations, not to mention hindering engineer efforts to fix faults.
Then extreme temperatures lead to spikes in demand as the public depends on either energy-guzzling air con to keep cool or heaters to warm up.
The floods caused by Storm Desmond during winter 2015-16 offer an insight into the devastating disruption severe weather can cause. Sadly, it wasn’t an isolated incident:
- The ‘Great Storm’ of October 1987 brought 15 million trees across the south-east of England crashing down, causing dozens of deaths.
- The Burns’ Day Storm in January 1990 saw gusts of 107 mph which killed 47 people across the British Isles. While the St Jude Storm in autumn 2013 left more than 850,000 homes without power.
- In the three months between November 2015 and January 2016 alone, seven named storms caused wind damage and flooding across the UK and Ireland (Abigail, Barney, Clodagh, Desmond, Eva, Frank, and Gertrude).
- The winter of 2009-10 resulted in widespread snow building up to 20-30cm in many parts, while night-time temperatures regularly fell to -5oC or -10oC, even plummeting to -15oC in the Scottish Highlands.
- Summer 2018 was the joint-hottest on record for the UK and the warmest ever for England. A similar heatwave in August 2003 lasted for 10 days and was said to have caused 2,000 deaths. It included the country’s hottest ever day, when the mercury hit a sizzling 38.5oC in Faversham, Kent.
Space Weather
Space weather is the collective term to describe a series of phenomena originating from the Sun, including asteroids, meteors, and magnetic fields.
There are three main categories:
- Solar flares which can reach Earth in a matter of minutes and can cause radio blackouts
- Slower travelling solar energetic particles that can produce radiation storms
- Coronal mass ejections (CME) which are explosive eruptions of the sun that build up over four days and can lead to huge geomagnetic storms.
Our awareness of space weather dates back hundreds of years, but modern society’s growing interest in the phenomenon over the last few decades coincides with our increasing dependence on signals from GPS (Global Positioning System) satellites.
Low-level space weather events happen on a regular basis, but barring a few specific industries, for example aviation, they have little impact on our day-to-day lives – apart from offering us the rare chance of catching a glimpse of the spectacular Aurora Borealis (‘the Northern Lights’).
However, while severe space weather events are rare, the potential impact is devastating:
- Power grid outages
- Disruption and damage to GPS and other satellite systems
- High-frequency radio communication outages
- Increased radiation at high altitude
Even a relatively weak solar flare could knock a satellite out of action. Magnetic storms can induce geoelectric fields into the Earth’s lithosphere, which in turn leads to damaging voltage differentials finding their way into electricity grids through ground connections.
Historically, the biggest ever recorded space weather incident seen on Earth took place back in 1859.
‘The Carrington Event’ – named after astronomer Richard Carrington – was a huge magnetic storm seen as far south as Mexico, Sub-Saharan Africa and the Caribbean. It caused huge disruption to global telegraph systems and electrical equipment.
Scientists state there’s a 1% annual probability we’ll see a reoccurrence of the Carrington Event. Such an incident taking place in modern society would have even bigger consequences.
There’ve already been near misses. In July 2012 a coronal mass ejection of a similar scale to the Carrington Event was picked up by the Stereo-A satellite. The path it took from the sun narrowly missed hitting Earth by approximately 9 days.
While in March 1989, a smaller magnetic storm caused the complete collapse of the Hydro-Québec electricity network in Canada, leaving 9 million people without power for up to 9 hours.
A similar incident during Halloween 2003 resulted in the UK aviation industry losing GPS functionality and radars for a day.
Systems Failures & Large-Scale Accidents
Systems failure covers a broad category of risks from utilities malfunctions (gas, electricity, fuel, water, sewerage) through to the banking or telecoms networks crashing.
In many cases, the impact of such incidents would be restricted to a specific location or service and be dealt with locally. That’s not to say there won’t be knock-on effects that cause disruption to sizeable numbers of people, however.
Any widespread loss of electricity could obviously result in major disruption to most other critical systems too.
In June 2012, a faulty software update led to a massive failure at the Royal Bank of Scotland.
Nearly seven million customers were unable to access phone and online banking, make cash withdrawals, or process debit card payments – proof how our society almost instantaneously grinds to a halt without simple services we’ve come to take for granted.
While a component fault at a wastewater treatment plant in Edinburgh left thousands of homes without access to clean water and temporarily pumped untreated sewage into the Firth of Forth at the rate of 1,000 litres a second.
Similar to systems failures, industrial accidents are another broad category of risk, including:
- Fires or explosions (i.e. residential and commercial buildings, power plants, refineries)
- Chemicals and biological contamination (i.e. food contamination or oil spills)
- Radiation contamination (i.e. from accidents in nuclear power stations)
- Dam breaches (i.e. flooding caused by emptying of reservoirs)
Again, the impacts of such events are most often felt – and dealt with – at a local level, although there can be wider consequences for essential services and environmental contamination, depending on the severity of the accident.
Malicious Attacks
The threat of terrorism isn’t anything new here in the UK. But compared to previous incarnations, the dangers we face are evolving in both origin (spanning domestic and international) and methodology (the available ‘weapons’ at a terrorist’s disposal).
Countless extremist groups plot attacks on Britain and the wider western world. Home-grown terrorists radicalised by fanatical ideologies present an additional ‘enemy within’.
While even though far-right and nationalist extremism in the UK is rare compared to many other European nations, it has seen something of an upsurge in recent years.
With reference to our electricity supplies, malicious attacks fall into two categories. There are the conventional attacks on physical infrastructure i.e. blowing up buildings, equipment and networks.
Then there’s modern cyber warfare, where vulnerabilities in society’s tech-based systems are exploited for financial gain or other dishonourable motive.
- Infrastructure Attacks
Deliberately targeting buildings, systems, and infrastructure such as substations or transmission lines with explosives or physical weapons can lead to a crippling loss of essential services such as electricity or telecommunications.
The 1990s saw several attempts to blow-up electricity substations. The IRA also targeted Bishopsgate in the City of London (1993) and London’s Docklands (1996) amongst others.
Looking further afield, terrorists have conducted several attacks on energy infrastructure in numerous countries, including Algeria and Yemen.
In spring 2019, Venezuela suffered a crippling power outage after one of the country’s main hydroelectric plants was taken out, allegedly by anti-government forces.
This resulted in 18 of 23 states experiencing a blackout, with the capital city Caracas’s metro system and international airport having to be closed.
- Cyber-Attacks
Research by Kaspersky Labs reveals there were more than 30 million cyber-attacks conducted across the UK in the final quarter of 2018 alone.
While an inquiry by the House of Commons Public Accounts Committee states that the country is more vulnerable to cyber-attacks than it has ever been.
Thanks to a combination of high-grade malware and system vulnerabilities, cyber-attacks on critical infrastructure aren’t just the remit of a small band of elite, well-funded, state-backed hackers anymore.
Today, anyone armed with just a laptop and rudimentary technical knowledge has the capability to launch a potentially devastating attack.
Turning our attention to the energy grid in particular, there are recurring fears over how cyber-prepared the country is.
The National Cyber Security Centre (NSCS) has raised concerns on numerous occasions, with its CEO Ciaran Martin admitting “…it is a matter of when, not if, the UK faces a serious cyber-attack”.
Similarly, the former CEO of National Grid Steve Holliday told the Guardian newspaper: “Nowhere else is as worried as the UK about cyber threats. We are just off the scale on our energy system concerns on cyber”.
As it happens, these concerns don’t appear to be exaggerated. Leaked memos from intelligence agency GCHQ claim that hackers – believed to be the Russian-backed Dragonfly group – already successfully compromised the UK’s electricity network on 8 June 2017, the day the country voted in the General Election.
The breach didn’t cause any disruption to power supplies, but as a warning shot across the bows it proved just what was possible.
Power generation in the UK has been concentrated in a relatively small number of large-scale power plants with strong physical security and strict protocols. They don’t tend to be connected to many outside networks, so are difficult for even experienced and skilful hackers to exploit.
Inevitably, this means any attempt to penetrate the grid’s defences must take place further down the supply chain where defences – theoretically – might be easier to breach.
Combine the ongoing transition towards renewables-led, decentralised power grids with an increasingly internet-enabled way of life, and there’s undoubtedly more opportunities for cybercriminals to try and capitalise on.
Many of the ‘smart’ devices used in energy technology have serious security concerns. There are fears about the robustness of smart meters that energy companies are duty-bound to install in every home by the end of 2020.
Similar cybersecurity weaknesses are identified in everything from voice-based virtual assistants through to connected kettles, TVs and fridges.
Smart energy grids depend on real-time data and predictive modelling to balance demand with supply and maintain a stable grid frequency. So as more and potentially insecure IoT devices join the network, the openings for attacks continue to grow.
Do you realise that something as trivial as not updating the default password on a connected device could leave an easy way in for villains aiming to disrupt the energy grid?
At face value, hacking into a smart TV and switching it on might not have much of an impact. But multiply that by thousands or even millions of appliances powering up at the same time. This could happen in the middle of the night when the grid isn’t capable of handling such a surge in demand.
There’s the possibility of compromised devices feeding false information, deliberately exaggerating or underestimating the true demand for electricity.
The highest-profile cyber-attack on a country’s energy grid took place in December 2015. At the height of Russia-Ukraine tensions, ‘BlackEnergy’ malware shut down 30 electric substations across Ukraine, leaving nearly 250,000 people without power for around 6 hours.
Another major breach saw a leading Middle Eastern oil and gas company’s safety instrumentation system infected by malware called ‘Trisis’, which gave hackers the power to force a plant shutdown.
While spring 2019 saw the USA’s Department of Energy admit a cyber event had impacted power grids in California and Wyoming. The incident didn’t cause any widespread disruption, but it was reported to have seriously compromised security and control devices across the network.