Fortress at Risk: Critical Infrastructure and Violent Extremism

The plan was to lay waste to the city of Baltimore and trigger the wholesale collapse of society. Over a four-month period in late 2022, Brandon Russell, the founder of the neo-Nazi extremist group Atomwaffen Division plotted to take down the Baltimore regional power grid by shooting up several electrical substations. Working with a partner, Russell conspired to target multiple substations simultaneously to maximize impact anPed potentially create a cascading failure within the grid. Russell’s motivation for the attack was tied to accelerationism, an ideology that posits that society is beyond repair and requires a violent collapse to be replaced with a white ethno-state. This aligns with the Atomwaffen Division’s principal goal of “ushering in the collapse of civilization.”

Neo-Nazis are not the only threat to infrastructure on American soil, and substations are only one of many targets. The time to plan for an extremist attack is before the next threat. As Sun Tzu counsels, “[p]lan for what is difficult while it is easy, do what is great while it is small.”

Different Targets, Different Motives

Press covering recent neo-Nazi plots targeting electrical infrastructure obscure important features of the threat landscape—diverse target sets and differing motives. In addition to energy, the Cybersecurity and Infrastructure Security Agency (CISA) recognizes 15 additional critical infrastructure sectors in the United States. Some key examples of these sectors include water and waste systems, transportation systems, food and agriculture, healthcare and public health, communications, financial services, emergency services, information technology, and critical manufacturing. Each of these sectors, in turn, contains specific systems, networks, and services.

The energy sector, for example, includes not only the electrical grid, but systems involved in the distribution of natural gas and oil. Likewise, the transportation sector covers aviation and highways as well as rail and pipeline systems. As recent plots and attacks attest, none of these sectors is immune to the threat of violent extremism.

Violent extremism is a multifaceted threat, with an array of individuals, groups, and networks, all seeking to commit violence in support of varying ideologies, philosophies, and beliefs. Many of these malign actors, some animated by ideologies very different from neo-Nazi accelerationism, view critical infrastructure as a particularly appealing target. In December 2017, Akayed Ullah attempted to detonate a bomb in a subway station near the New York Port Authority Bus Terminal on behalf of the Islamic State group. A few years earlier, the Federal Bureau of Investigation (FBI) arrested five anarchist extremists for attempting to destroy a bridge near Cleveland, Ohio. In November 2020, two environmental extremists were arrested on federal charges for placing a shunt—a device that interferes with train signals—along the Burlington Northern Santa Fe railroad tracks with the intention of disrupting oncoming tanker cars loaded with crude oil. Their stated goal was to “impede the fossil fuel industry.” Similarly, two other environmental extremists were convicted of federal charges in 2017 in connection with an attack on the Dakota Access pipeline. Subway stations, bridges, railyards, and pipelines are critical elements of infrastructure that are in the crosshairs of anarchist, environmental, and other violent extremists.

Untangling the Chain of Command: Making “Shared Responsibility” Work

The structure for defending U.S. critical infrastructure can look deceptively tidy on an organizational chart in day-to-day practice, but apportioning responsibility among local, state, and federal authorities can be anything but straightforward. Responsibility is technically “shared” under Presidential Policy Directive-21 and the National Infrastructure Protection Plan—yet those documents translate into a maze of sector advisors, coordination councils, joint task forces, and overlapping regulations that owners and operators must navigate before, during, and after an incident.

At the federal level, the U.S. Department of Homeland Security (DHS)—through CISA—acts as the nation’s risk advisor and quarterback for readiness, supplying threat intelligence, vulnerability assessments, and voluntary standards to the 16 designated sectors. When potential terrorism or cyber-sabotage is suspected, the FBI steps in as the lead investigative agency, drawing on field-office cyber-squads and the National Cyber Investigative Joint Task Force to pursue perpetrators and coordinate evidence gathering.

States, meanwhile, serve as regional “clearinghouses,” synchronizing preparedness plans, allocating homeland-security grants, and escalating mutual-aid requests when localized resources are overwhelmed. Local governments remain the true frontline: Police and fire crews who own or operate critical lifelines such as water treatment plants are often first to spot anomalies, first to isolate damaged equipment, and first to brief state fusion centers.

Getting all three tiers to pull in the same direction is tricky. Recovery from Hurricane Sandy in 2012 exposed how mismatched terminology, parallel permitting requirements, and uneven data-sharing can stall rebuilding projects if agencies have not rehearsed together beforehand. The Colonial Pipeline ransomware attack in 2021 similarly underscored how confusion over reporting thresholds and sector-specific rules slowed the early flow of information from a private operator to government responders, prompting calls for tougher—but clearer—federal standards.

The net lesson is that effective protection hinges less on any single statute and more on sustained pre-incident coordination: joint exercises, agreed-upon playbooks, and clear “baton-passing” protocols that let local alerts funnel quickly to state hubs and, when warranted, to DHS or the FBI. Without that groundwork, the elegant theory of a shared-responsibility model risks buckling under the real-world pressure of a cascading outage.

Reinforcing the Ramparts

Few things are harder to untangle in a crisis than the web of agencies charged with keeping America’s lifelines running. Even so, a network of grants, tools, and public-private alliances already exists to help local water districts, state fusion centers, and federal risk advisors rehearse for—and withstand—the next big hit.

• Downloadable Training

Start with the DHS’s CISA, whose no-cost “Shields Ready” campaign pairs threat intelligence with tabletop exercise packages that any jurisdiction can download and run before disaster strikes.

• Continuity Planning

For deeper continuity planning, the Federal Emergency Management Agency’s (FEMA) Continuity Resource Toolkit and its non-federal Continuity Plan Template walk state and local offices through succession orders, communications backups, and family-support plans—handy when tornadoes, malware, or both knock out headquarters operations.

• Funding

Money remains the lubricant: the Homeland Security Grant Program funnels more than $1 billion annually through the State Homeland Security Program and Urban Area Security Initiative, underwriting everything from vulnerability assessments to generator purchases in high-risk regions.

• Cyber Defense

Cyber defenses get an extra security layer through the Multi-State Information Sharing and Analysis Center. The Center’s 24×7 monitoring, incident-response team, and weekly malicious-domain feeds are free to every state, local, tribal, and territorial entity that signs up.

• Intelligence

For owners and operators who straddle public and private lines, the FBI’s InfraGard network offers vetted members access to unclassified threat briefings, a secure portal for real-time intelligence, and a direct conduit to field-office investigators when pipes burst or servers blink.

None of the programs mentioned above will flip a breaker back on by themselves. Their power lies in the muscle memory they build across jurisdictions. When an accelerationist plot tests the grid or when environmental extremists disrupt a crucial pipeline, the agencies that rehearsed together—armed with CISA playbooks, FEMA continuity maps, grant-funded equipment, CISA analysis center alerts, and InfraGard hotlines—will trade confusion for choreography. In Sun Tzu’s calculus, victory is secured not on the battlefield but in the quiet hours of preparation.