Protecting the Power Grid: How Utilities Are Combatting Rising Physical Attacks and Drone Threats

In the fictional nation of Beryllia, the 2026 World Chalice Games were set to begin under the oppressive weight of an unrelenting heat wave. As the power grid strained to meet the soaring demand, a coordinated strike by an adversary known as Crimsonia—utilizing a mix of vandalism, drones, and ballistic attacks—crippled the nation’s physical infrastructure. While the setting was imaginary, the objective was starkly real: preparing the energy sector for the worst-case scenario.

This simulation was the centerpiece of GridEx, a massive exercise designed to study how utilities can prevent and mitigate physical attacks on power grids. Hosted by the Electricity Information Sharing and Analysis Center (E-ISAC) from November 18 to 20, 2025, the exercise focused on the vulnerabilities of critical infrastructure during high-stress events. The Beryllia scenario was specifically inspired by the upcoming 2026 World Cup and the 2028 Olympic Games in Los Angeles, reflecting a growing concern that threat actors seek to exploit high-profile global events to maximize disruption.

The urgency of the exercise is mirrored in the data. Physical security breaches are on the rise, and utilities are increasingly grappling with how to protect sprawling networks of substations and transmission lines. According to a report released on March 2, participation in the most recent GridEx reached its highest level since 2019, with an estimated 28,000 individual players, including government partners and utility workers, marking an all-time high for the program since its inception in 2011.

As the industry moves toward the next exercise in 2027, the focus has shifted from mere simulation to operational readiness. For the utilities managing the lights and heat for millions, the goal is no longer just to participate in a drill, but to integrate these hard-won lessons into the daily defense of the grid.

The Escalating Threat to Physical Infrastructure

While cyberattacks often dominate the headlines, the physical vulnerability of the power grid is a pressing crisis. In the United States and Canada, grids are facing a surge in security issues ranging from opportunistic theft to targeted sabotage. Common threats include the theft of copper wiring, unauthorized property intrusion, vandalism, and direct assaults on utility workers.

From Instagram — related to Power Grid, Sabotage

The scale of these incidents is documented in NERC’s 2025 E-ISAC end-of-year report, which cited more than 3,500 physical security breaches during that calendar year. Approximately 3 percent of these breaches resulted in actual electricity disruptions. This represents a significant increase from the 2023 report, which recorded 2,800 events, though the disruption rate remained steady at 3 percent.

Michael Coe, vice president of physical and cyber security programs at the American Public Power Association, notes that the trend is long-term and consistent. Since E-ISAC began publishing data in 2016, there has been a steady climb in reported incidents. Coe suggests that there has been a “tenfold” increase in reported physical attacks on the grid over the past decade.

A Global Pattern of Sabotage

The vulnerability of energy infrastructure is not limited to North America. Danielle Russo, executive director of the Center for Grid Security at Securing America’s Future Energy, emphasizes that these attacks are a global phenomenon. While high-intensity attacks are common in conflict zones like Ukraine, non-conflict nations are also seeing a rise in sabotage.

Germany has recently faced significant disruptions attributed to domestic and foreign threats. On January 3, 2026, an arson attack carried out by left-wing activists in Berlin caused a five-day blackout that affected 45,000 households. This followed a suspected arson attack on two pylons in September 2025 that left 50,000 Berlin households without power. German officials have pointed to a combination of domestic extremism and the potential for Russian sabotage as drivers for these heightened security concerns.

Case Studies in Grid Sabotage

In the United States, the uptick in rising attacks on power grids has been characterized by a variety of actors, from disgruntled professionals to extremist groups. These incidents highlight how easily a single individual or a small group can cause widespread damage to critical components like transformers.

The Drone Dilemma: Detection and Defense

The use of drones in the Beryllia scenario underscored a critical security gap. As drones become more accessible and capable, utilities face a dual challenge: detecting an incoming threat and distinguishing between a malicious actor and a hobbyist. Erika Willis, program manager for the substations team at the Electric Power Research Institute (EPRI), notes that identifying whether a drone is operated by a “poor actor” or a child is a frequent and difficult question for security teams.

What Are the Main Threats to the Power Grid? – Your Utilities Hub

To combat this, EPRI is testing a strategy known as “sensor fusion.” This system combines a 360-degree pan-tilt-zoom camera with four installed radars. The synergy between the two allows utilities to track drones even when they are obscured by obstacles, such as trees, which would typically blind a camera-only system. This technology is currently undergoing testing at EPRI laboratories in Lenox, Massachusetts, and Charlotte, North Carolina.

AI and Robotics in Perimeter Security

Beyond drones, utilities are looking toward AI and robotics to replace manual surveillance. Traditional security often requires human operators to review hundreds of images of fencing and perimeters to find a breach. EPRI is exploring the integration of AI analysis into robotic surveillance, allowing robots to perform repetitive inspections and automatically alert operators only when an anomaly is detected.

AI and Robotics in Perimeter Security
North America North America

Another cutting-edge defense is fiber-sensing technology, developed by Tel Aviv-based Prisma Photonics. This system utilizes existing fiber optic cables as a massive sensor network. A unit plugged into a substation sends light pulses down the cables for up to 30 miles in either direction. By analyzing the reflected light, an AI model can detect and classify perturbations—such as a vehicle approaching or a fence being cut—based on the optical signal patterns.

Tiffany Menhorn, Prisma Photonics’ vice president of North America, explains that the system learns over time. If an unclassified event is reported as a car crash by a customer, the AI can incorporate that feedback to refine its classification model, improving the accuracy of future alerts.

From Simulation to Operation

While the GridEx exercises provide a vital framework for cooperation between the private sector and government, the ultimate goal is practical application. Michael Ball, CEO of E-ISAC, argues that participation statistics are less key than the actual implementation of security upgrades. He emphasizes that the growth in the exercise’s popularity must translate directly into the readiness and capability of the industry.

The energy sector now faces a reality where physical threats are as persistent as cyber threats. Whether through the deployment of sensor fusion, the adoption of AI-driven robotics, or the implementation of fiber-sensing networks, the priority is to move from a reactive posture to a proactive defense of the grid.

The next major checkpoint for the industry will be the ninth GridEx exercise, scheduled for 2027, where utilities will once again test their defenses against evolving threat landscapes.

Do you suppose the current focus on physical security is enough to protect our energy future, or should there be more government mandates for infrastructure hardening? Share your thoughts in the comments below.

Leave a Comment