Quantum Computer Attack Could Lead to Long-term Power Failures across the U.S., according to Researchers

A new study from the Hudson Institute assesses the economic and national security impacts resulting from a quantum computer attack on the U.S. power grid. The study predicts that a quantum computer attack, launched by a nation-state actor, could leave the entire contiguous United States without power for almost a month. The societal impact would be catastrophic, since virtually every sector relies on electricity to operate. This would of course be a blended attack, wherein hostilities commence in the cyber domain but quickly cascade into the physical world. Moreover, critical infrastructure services, including the water and wastewater sector, would likely be unable to continue operating without an adequate backup supply of electricity. Altogether, this event could potentially lead to a Black Sky power outage.

Quantum computers are different from classical computers, in that they store and process data at the subatomic level using “qubits” instead of the digital bits that conventional computers employ. Quantum computers are also able to process data much faster than classical computers. Lastly, quantum computers, due to their unprecedented processing power, can easily decrypt existing encryption systems to compromise a device or network. Thus, they make virtually all modern cybersecurity defenses obsolete.

In the study’s scenario, the researchers assume that a quantum intruder has “introduced cyber-kinetic malware into the IT system of nine individual high-voltage transformers (HVTs) housed within high-voltage substations across the three principal interconnections within the contiguous forty-eight states. These HVTs are assumed to have simultaneously been taken offline from suffering intermediate physical damage, resulting in cascading power-distribution failures across the contiguous US . . . The resulting power distribution failure is assumed to have caused a total blackout for the contiguous forty-eight states.” Accounting for both the direct and indirect cost of a total U.S. blackout, the researchers estimate the total cost would of quantum computer attack would be over $12.8 trillion in damages to the U.S. economy.

The researchers offer three recommendations for policymakers to help mitigate against this potential threat. First, introduce cryptographical defenses into our cyber defenses, such as post-quantum cryptography and quantum cryptography. Second, the U.S. government should maintain a strategic reserve of large power transformers. And third, the U.S. and Canada should increase their cooperation in the energy sector. Ultimately, the threat of a quantum computer attack as well as other threats to our nation’s power grid, such as an EMP attack or a traditional cyber-attack, demonstrate the critical urgency in improving the resilience of the power grid in the face of emerging and possibly unknown threats. These threats also highlight the importance of other sectors, including the water and wastewater sector, improving their own resilience given the potentially debilitating impacts they would experience. Read the full report at the Hudson Institute.