Executive Summary

• The Berlin power outage is a wake-up call for Europe’s power grids to address increasing vulnerabilities in critical infrastructure to prevent cyber and physical attacks such as the one Berlin experienced this month.
• Berlin endures a five-day power outage when high-voltage cables were burned in an arson attack, which led to a city blackout, with 45,400 households and 2,200 businesses out of power in sub-zero temperatures.
• Data centre industry leaders need to look at the rising cyber and physical attacks on infrastructure and start strengthening their critical infrastructure in anticipation of any future attacks.

Not everyone has had a happy start to the new year, especially those in Berlin on January 3rd, when an arson attack on a cable bridge carrying high-voltage lines in Lichterfelde caused a blackout with disastrous consequences. It was the longest blackout Berlin’s had since World War 2.

More than 45,400 households and 2,200 businesses – including hospitals, schools and care homes – in South West Berlin were without power for days, just as temperatures dropped.

Officials said the attack affected around 100,000 people, leaving them to fend for themselves for five days in freezing conditions.

News reports recount numerous stories from those devastated by the outage—from elderly residents struggling to stay warm to hospital patients forced to delay surgery or treatment because of the blackout.

A far-left activist group called “Vulkangruppe” claimed responsibility for the attack in a letter published online.

Why did it take so long for the power to come back on?

Experts and engineers worked to repair the damaged wires and infrastructure, gradually restoring power to buildings, with full restoration taking five days. While residents were becoming understandably irate, there were fake AI videos and news spreading, blaming the lack of generators, which is why people were without power for days. However, this is not true.

Herbert Saurugg, an expert on blackouts and crisis preparedness, told The Cube that emergency generators have only a limited role during major grid failure.

It took five days to restore power because of the scale and complexity of the wires damaged in the arson attack and the systems it affected as a result. The attack badly damaged five high-voltage cables that linked different systems and designs, forcing crews to carry out repairs that would normally take weeks. However, they managed to pull it off in just four days in sub-zero temperature conditions.

What’s this got to do with data centres?

The Berlin Power attack exposed vulnerabilities in the city’s critical infrastructure and has reignited debates on resilience and risk within the power grid, at a time when security, both online and physical, is becoming an increasing concern for modern data centre infrastructure. Experts are calling for more regulations and innovative solutions to strengthen the weaknesses in their power networks, to avoid attacks of this scale.

Once again, this highlights the need to conduct resilience testing, establish regulations and processes, and maintain backup systems so teams can restore power quickly in the event of major incidents.

In Germany, there have been calls for lawmakers to ensure they can turn the power back on within 24 hours in future major incidents with their power and grid infrastructure.

EU officials also warn that as power networks become more decentralised and digital—particularly with the expansion of renewables—they create more cyber vulnerabilities, increasing the risk of attacks and blurring the line between cyber and physical threats. It also means that there doesn’t need to be physical damage to the power networks for there to be loss of power to buildings, including homes, hospitals, schools and other critical infrastructure.

What can we learn from this?

So, in the first month of 2026, not only has the Eurostar power outage taught us the importance of a working, tested backup power system, but the Berlin power outage has made industry leaders address the increasing vulnerabilities in their critical infrastructure and start taking action to strengthen them against cyber and physical attacks.

It’s imperative that the data centre industry, particularly Europe’s power grids, be more proactive and less reactive to security and resilience to prevent or reduce attacks, or lessen the consequences of attacks such as these and to ensure that there are no life-threatening consequences to downtime or outages.