On August 14, 2003, a software glitch in Ohio caused a massive blackout, leaving over 50 million people in the northeastern United States and Ontario without power. The outage lasted several days, disrupting subways, water plants, and communications, while food spoiled. Ten million Canadians lost electricity, and many were stranded in elevators or had to walk long distances home due to halted transit services. Despite the chaos, communities came together, sharing food and resources. However, this incident highlighted a significant vulnerability in our infrastructure.

The blackout occurred in summer, not winter, and was due to a technical error rather than a cyberattack. At that time, over 60% of Canadians used cash, and more than 90% had landline phones, which were unaffected. The 911 systems were primarily operator-directed, providing a buffer against the outage. Today, the situation has changed dramatically. Less than 10% of Canadians regularly use cash, and fewer than 40% have landlines. Our reliance on technology has increased, and the integration of our systems has deepened.

The Canadian electricity grid is closely linked with the American grid, and our financial systems are interconnected. An attack on one part of these systems could have widespread repercussions. Adversaries such as Russia, China, Iran, and North Korea have already demonstrated their capabilities. For instance, Russia successfully shut down Ukraine's grid in 2015 and 2016 and launched cyberattacks on government systems before its invasion in 2022.

Recent events have further exposed vulnerabilities. The Rogers outage in 2022 left 12 million Canadians without internet or cell service, affecting hospitals and emergency services. Cyberattacks and ransomware incidents are now commonplace, impacting all levels of government and critical infrastructure. Reports of espionage linked to China at a Canadian electricity provider have raised alarms about our security.

Canada is at a crossroads, facing a future where cash and landlines are disappearing, and critical data is stored on foreign cloud platforms. This reliance on technology is eroding the redundancies that once provided resilience. To address these challenges, Canada must prioritize its cyber defense as a matter of national security. The government has committed to spending 5% of GDP on defense and national security by 2035, with a focus on cyber capabilities.

To enhance resilience, Canada should consider maintaining cash in the economy, protecting critical services, and ensuring they have analog backups. Investments in electricity grid resilience, sovereign cloud infrastructure, and artificial intelligence capabilities are essential. A smart and resilient electricity grid is necessary for decarbonization while ensuring energy security across the country.

Moreover, public awareness and preparedness are crucial. In 2003, people adapted to the blackout because they had alternatives. Today, many Canadians would find themselves without options in a similar situation. Civic preparedness is not alarmism; it is a necessary aspect of civil defense planning.

The Northeast Blackout of 2003 serves as a warning about the fragility of our systems. As we face sharper risks and higher stakes, the next blackout may not stem from a technical error but could be an act of aggression. When that time comes, we must be ready. The first blackout was an unexpected event; the next one will be a choice about our preparedness.