On August 14, 2003, the biggest electrical outage in North American history occurred in the northeastern and Great Lakes areas of the United States and Ontario, Canada. The blackout of 2003 started in facilities owned and operated by FirstEnergy Corporation, a large utility with headquarters in Akron, Ohio.
At about 2:00 p.m., one of FirstEnergy’s power plants began to behave strangely, forcing administrators to take it offline. An hour later, one of the company’s major transmission lines failed. Unfortunately, the alarm system designed to warn the utility of such problems did not operate properly, so the company did not give regional regulators and organizations in adjacent states any warning of the mishap. Within the next hour, three more transmission lines failed: two lines owned by FirstEnergy and the other line owned by American Electric Power in Columbus, Ohio. By 4:30 p.m., most homes, businesses, and medical facilities were without power in Ohio, Michigan, New York, New Jersey, Connecticut, and Ontario, Canada. Some areas remained without power for days.
Utility experts said that the U.S. power grid system is 30 years behind the state-of-the-art systems and warned that other serious blackouts could occur if the system is not updated. Some cyber-security experts believe that during the August 2003 power blackout, the Blaster computer worm may have reduced the performance of the communications lines connecting critical data centers used by firms to manage the power grid. Although the blackout was not directly attributed to an act of cyberterrorism, this event served as a wake-up call. A future combined conventional/cyber attack might target the electrical grid and the communication lines at the same time to slow down the repair actions and cripple the economy.
Wilson, C. CRS Report for Congress: Computer Attack and Cyberterrorism: Vulnerabilities and Policy Issues for Congress. [Online, October 17, 2003.] CRS Report Website. http://www.fas.org/irp/crs/RL32114.pdf.