top of page
  • X
  • Facebook
  • Linkedin
  • Instagram
Search

When the Lights Go Out: Physical Security Lessons from the Iberian Blackout

On the morning of April 28, 2025, a widespread power outage swept across Spain, Portugal, and parts of southern France, leaving tens of millions without electricity. The disruption brought daily life to a sudden halt—airport terminals went dark, commuter railways stopped mid-route, and hospitals shifted into emergency response mode.


While the root cause is still under investigation, early indications suggest the possibility of a targeted cyberattack. Regardless of the final attribution, one truth is already clear: the physical consequences were immediate, widespread, and deeply disruptive.


This event highlights something every security professional understands but rarely experiences at this scale: when infrastructure fails—whether due to a hostile cyber operation, a natural disaster, or a chain reaction of technical failures—your response doesn’t start with a firewall. It starts with doors that still lock, backup lights that actually work, and a comms plan that doesn’t rely on the public grid. When systems collapse, your physical resilience is the last line of defense.


Let’s unpack what went wrong on the ground—not from a digital standpoint, but in terms of operational impact. Then we’ll break down what needs to be in place to prevent these kinds of failures from escalating into uncontrollable events.


When Everything Stops - Operational Impacts in a Power-Down Environment


Transportation Systems Lock Up


When the grid goes down, transit infrastructure is among the first to fail. On April 28, airports across Iberia suspended operations, leaving passengers grounded and logistics delayed. Urban rail systems and intercity trains were brought to a halt, not because of damaged hardware—but because modern transit systems are entirely reliant on real-time digital control networks powered by the grid. With no fallback, traffic lights go dark, signaling systems fail, and there's no centralized coordination. From a physical security standpoint, this creates critical vulnerabilities: uncontrolled crowd movement, stranded personnel, blocked evacuation routes, and disrupted movement of security or emergency assets.


Communications Go Silent


The outage quickly spread beyond just power. Telecommunications infrastructure—cell towers, routers, and switching stations—relies on stable electricity. When those systems lose power, or the backup battery time expires, the comms go down. This is where many organizations discover too late that their emergency communication plans are built on the same infrastructure that's just gone dark. During the blackout, mobile coverage and internet access dropped sharply across affected regions. Security teams relying on real-time updates, cloud-based monitoring, or mobile coordination tools were essentially flying blind.


Hospitals on Emergency Power


While hospitals generally have backup generators, they’re often designed to support essential systems—not full-scale operations. During this outage, reports indicate many facilities were forced to triage operations and shut down non-critical services. For physical security teams protecting healthcare infrastructure, this introduces dual challenges: keeping the facility secure during heightened tension, and ensuring critical systems—like access control, CCTV, and physical barriers—stay functional under limited power conditions.


Public Safety Compromised


When the lights go out, the opportunity window opens—for theft, intrusion, and even targeted violence. Street lighting, perimeter floodlights, motion sensors, and alarm systems can all go offline in one sweep. In urban areas, local law enforcement capacity was stretched as responders tried to navigate traffic chaos and prioritize calls. For security professionals overseeing corporate campuses, retail centers, or residential facilities, a power outage instantly shifts the threat profile—from digital to opportunistic physical threats.


Supply Chains Stall


Power outages bring logistics to a halt. Warehouses can’t operate forklifts or access inventory systems. Refrigerated goods spoil. Traffic disruptions slow deliveries and reroute trucks. For any organization that depends on just-in-time delivery or has tightly timed facility movements, the operational cost stacks up fast. From a security standpoint, stalled shipments can trigger everything from stock hoarding to site trespassing—especially in regions where fuel, food, or water access is constrained.


Population Behavior Shifts


One under-discussed effect of mass outages is the shift in public behavior. Panic buying, misinformation, and rumor-fueled unrest are common byproducts. When communication systems fail and official messaging can’t reach the public, people fill in the blanks themselves. That uncertainty alone can cause mass movement—people flooding gas stations, trying to reach hospitals, or even attempting to leave cities. From a facility protection standpoint, this creates a rapidly evolving security environment that requires real-time adaptation and a strong understanding of human behavior under stress.


Practical Lessons in Physical Security Preparedness


Backup Power Isn’t Optional—It’s Foundational


Every critical facility—whether it's a corporate HQ, datacenter, hospital, or secure compound—needs tested, load-capable backup power. This doesn’t just mean a generator on paper. It means units that are properly maintained, tested under real load conditions, and integrated into your facility’s power architecture. Security systems like access control panels, CCTV, intrusion detection, and building automation must be on dedicated emergency circuits. Also consider fuel strategy—how long can you sustain operations before resupply? If your fuel plan relies on public infrastructure that also lost power, you don’t have a plan.


Comms Contingency Requires Infrastructure Independence


If your comms plan starts and ends with cell phones and Wi-Fi, you’re building on sand. Redundant comms should include handheld radios (with encrypted channels if possible), satellite phones for wide-area coverage, and even analog landlines if they’re still operational in your environment. Every site and team should have a clear comms protocol for degraded conditions: who talks to whom, on what channel, at what interval. Conduct drills where the scenario assumes zero digital connectivity—it’s the only way to find the gaps before you’re in the middle of a crisis.


Physical Access Controls Need Manual Fallbacks


Modern access control systems are often fully dependent on networked power. But when those systems fail, facilities can become either locked down or wide open—neither of which is acceptable. Critical doors should be equipped with mechanical overrides or keyed access. Your team must know where those overrides are and how to deploy them under stress. Also consider where biometric or badge systems interface with elevator or room access—if those go offline, can your staff still navigate the building? Redundancy isn’t just power—it’s procedural.


Security Lighting and Surveillance Need Power-Free Options


Security doesn’t end when the lights go out. Exterior areas should have motion-activated battery lighting and solar-powered systems wherever feasible. For mobile units or checkpoints, keep battery-powered portable floodlights in inventory. Surveillance systems should include IP cameras with onboard storage (so they still record even if the network is down) and backup power sources that allow at least partial visibility during outages. In sensitive zones, even temporary measures like infrared scopes or night-vision devices can be deployed in a pinch.


Drill Realistically, Not Conveniently


Tabletop exercises are a start, but real operational resilience comes from scenario-based drills that mimic real-world conditions. Include power failure simulations in your emergency planning—especially those that include long-duration outages and cascading system failures. What happens when the main generator fails? When radios go dead? When you can’t reach local authorities? Train your teams on fallback protocols, not just primary systems. The goal isn’t perfect execution—it’s controlled improvisation under pressure.


Know the Local Grid—and Your Role in It


Too often, security teams overlook the bigger picture of infrastructure interdependencies. If your facility sits near a high-load area or draws from a fragile section of the grid, your outage risk is higher than average. Engage with local utilities to understand where your site fits in the power ecosystem. Can you get priority for restoration? What critical services are co-located nearby? That intelligence shapes everything from fuel planning to communications strategy.


Reassess Your Site Hardening for Low-Tech Threats


Power outages reduce everything to fundamentals. You need to know how well your facility stands up when technology is stripped away. Are perimeter defenses still viable without sensors or alarms? Do your guards have line-of-sight or patrol capability in key areas? Can you lock down a site manually, and how long can you hold it without resupply? Go back to the basics—locks, lights, lines of sight—and pressure-test them under blackout conditions.


Operational Readiness: What to Test Before the Lights Go Out


It’s one thing to plan—it’s another to validate that your plans actually work under stress. Too often, emergency procedures look solid in a PDF but collapse the moment they’re put into practice. Here’s what you should be testing now, before you’re facing a grid-down scenario.


Conduct Live-Switch Power Tests (Quarterly, Minimum)


Don’t just test backup systems in isolation—test them in live conditions. Simulate a real power loss during low-traffic hours and observe what fails. How quickly do generators kick in? What systems come back online—and which don’t? Which ones require manual intervention?


Run Communications Drills With No Power or Network Access


Assign your teams to operate under the assumption that there’s no mobile signal, no email, no internal Wi-Fi. Can they establish comms using radio or pre-set satellite protocols? Can leadership still coordinate, and can field teams report in? Run this at least twice a year, rotating locations and shifts.


Tabletop Scenarios: “72-Hour Blackout” With Real-Time Variables


Build a tabletop exercise around a full regional outage. Inject real-time events (e.g., generator failure, protest at front gate, comms loss) and track decision-making. Include cross-functional staff—security, operations, IT, HR. Your goal is to identify where plans fail, not just recite protocols.


Site Walks: Low-Tech Intrusion and Manual Lockdown Challenges


Have teams walk the site and identify vulnerabilities assuming all tech is down—no cameras, no card readers, no alerts. How do you secure the building manually? Where are the choke points? What would it take to secure perimeters for 24+ hours using only human resources?


Test Supply and Fuel Resilience


Simulate a logistics freeze. How long can your facility function without fresh deliveries? Are your generator fuel stores sufficient? If you had to prioritize critical systems (lighting vs HVAC vs IT), do your people know how to do that?


Evaluate Off-Site Staff Readiness


Most business continuity plans ignore the fact that key staff may be working remotely—or completely cut off. Run a drill assuming your core leadership can’t access central systems or respond in real time. Who makes decisions on-site? How are those decisions validated?


Final Thoughts: Physical Security Is the Last Line of Defense


The April 28 blackout wasn’t just an inconvenience—it was a proof of concept for how quickly modern infrastructure can fail and how deeply physical vulnerabilities get exposed when it does. Whether this event was the result of a cyberattack, cascading failure, or systemic grid instability, the effect on the ground was the same: lights out, systems down, and people caught unprepared.


For those of us in the security field, the takeaway is clear: digital defense is only half the equation. When the power goes, it's the strength of your physical readiness—your backup power, your comms plans, your manual overrides, your trained people—that determines how well you weather the storm.


This isn’t about building a fortress. It’s about ensuring operational continuity under duress. You don’t have to predict the cause of the next outage. But you do have to be ready for what comes after.


If your organization hasn’t run a blackout-focused security assessment or needs help hardening critical facilities for sustained outages, let’s talk. Red Cell Security offers targeted evaluations and contingency planning built for real-world threats—cyber or otherwise.


Keith Pachulski

Red Cell Security, LLC


 
 
 

Comments


© 2025 by Red Cell Security, LLC.

bottom of page