What the Metcalf Attack and Modern Cyber Campaigns Against our Nations Critical Infrastructure Reveal About the Need for Integrated Physical and Cyber Defense
In a recent 60 Minutes Interview , Retired four-star Gen. Tim Haugh, former head of both the National Security Agency and U.S. Cyber Command, warned that China is waging an expansive cyber campaign targeting not only the U.S. military and industrial sectors but also critical infrastructure and even ordinary Americans. According to Haugh, Chinese operatives have infiltrated domestic networks for years—often lying dormant rather than triggering alarms—and are probing utilities such as water treatment plants, electric power grids, telecommunications systems, and transportation. He cites incidents like the breach of a small-town utility in Littleton, Massachusetts, where hackers gained access to water and power systems and could have manipulated chemical controls if left undetected. Haugh emphasizes that these efforts are not about espionage or economic theft, but rather about “prepositioning”—establishing access points that could give China strategic leverage in a future conflict by forcing the U.S. to turn its attention inward to protect its own systems. You can watch the full 60 Minutes segment, “China is Hacking America’s Critical Infrastructure,” here on CBS News.
While China’s cyber intrusions represent a new frontier in infrastructure warfare, digital threats are only part of the picture. These attacks highlight the sophistication of modern adversaries in cyberspace—but what’s often overlooked is the vulnerability of the physical network layer itself. Long before these cyber campaigns made headlines, the U.S. witnessed how physical sabotage could cripple essential systems. Over a decade ago, a coordinated assault on a Pacific Gas and Electric substation near San Jose, California—known as the Metcalf Incident—nearly brought down power to a vast region. The attackers began by entering an underground communications vault containing AT&T fiber optic cables serving the substation. Once inside, they cut the optical lines, effectively isolating the facility from outside communication. After waiting roughly 30 minutes with no response, they advanced and opened fire on the transformers, causing millions in damage during a 15-minute barrage. Police were alerted only when automated systems detected transformer overheating. The Metcalf attack, which caused more than $15 million in damage and exposed major gaps in grid security, remains one of the clearest demonstrations that critical infrastructure can be compromised not only through cyberspace, but also through the physical networks that support it. (Utility Dive, 2014)
The lesson from the Metcalf attack, subsequent similar incidents, and today’s escalating cyber campaigns is clear: defending critical infrastructure requires more than firewalls and software monitoring—it demands an integrated defense that bridges the physical and digital domains. Modern adversaries exploit every layer of vulnerability, from hidden code to buried cable, and the only effective countermeasure is a system that can detect, assess, and respond in real time.
Modern threats demand modern defenses. NIS' Integrated Physical & Cyber Security Solutions provide continuous 24/7/365 monitoring across both SCADA and IP networks, as well as physical assets such as fence lines, rooftops, manholes, and equipment cabinets. Deployed for more than a decade by the DoD, DHS, and leading defense contractors, these field-proven systems combine advanced fiber optic sensing with automated response capabilities to deliver unmatched situational awareness and protection. When a threat emerges, alerts reach security teams instantly, giving operators the critical seconds they need to prevent damage, theft, or disruption.
When these measures are in place, authorities have time to intercept attackers—by detecting movement at the perimeter, access into the manholes and tampering of the cables within.
To see how these capabilities work together to safeguard the systems our nation depends on, click here to explore our Solutions Landscape or here to download our Use Case: Power Grid Vulnerability, Addressing Physical and Cyber Threats to Critical Infrastructure.
.png?width=760&height=760&name=Proud%20FOSA%20Member%20(1).png)