Cyber squirrels and the principle of parsimony

< Blog

1 April 2025

The second in a series of articles from Capgemini and RenewableUK examining cyber security and the techniques that the renewables sector can adopt from other forms of critical infrastructure, as well as how squirrels (yes, squirrels) can inform our approach to dealing with new realities and building operational resilience throughout the grid and wider industry.

Occam’s razor

Occam’s razor, also known as the ‘principle of parsimony’, states that the simplest explanation, or rather the hypothesis that requires the fewest assumptions, is often the correct one. By ‘shaving away’ unnecessary theoretical clutter when distinguishing between two theories, it provides a helpful and effective rule of thumb. However, many of us have a tendency to ignore it, instead preferring to go down complex rabbit holes based on preconceptions, psychological biases, and over-analysis.

Take the Challenger space shuttle, for example, which initially baffled investigators after it broke apart 73 seconds into its flight on an unusually cold day in January 1986, killing all seven crew members onboard. In the aftermath, frustrated at the slow pace and perceived overthinking of NASA’s investigative team, physicist Richard Feynman applied Occam's razor, as well as his own scientific principles, to identify the cause of the explosion. He believed that the disaster occurred when a rubber O-ring seal failed during launch, resulting in hot pressurised gas leaking from the rocket booster into the external propellant tank, altering the shuttle’s direction to such an extent that it was torn apart by aerodynamic forces.

By dipping a sample of the rubber used in a glass of ice water, he was able to show how the O-ring stiffened in cold temperatures, to the point that it was ultimately unable to form a seal. This simple demonstration highlighted a design flaw that had been previously raised within NASA, although the concerns were not acted upon. It also demonstrated that if it walks and talks like a duck, it’s a duck. Or rather a squirrel, as in the case of power grid outages. 

Apex predators

Like space shuttles, electricity networks are extremely complicated. There are means to mitigate this, such as by modelling their complexity through digital twins, simulating cyber and military attack scenarios on the grid, and quantifying and managing risk at a highly granular level. But are we always applying Occam’s razor when we do so?

Analysis by Cris Thomas, a notable cyber security researcher, shows that squirrels have been responsible for 1,252 (49%) of the 2,524 animal-caused disruptions to global power grids between 1987 and 2019, whilst humans have accounted for three, in the guise of attacks by ‘state-sponsored agents’. This analysis has led senior officials within the National Security Agency (NSA) to state that squirrels are “the number one threat” to the US electrical grid.

But does this mean we should focus solely on squirrels or cyber security when analysing risks to our energy networks? No, we must instead employ the holistic and multidimensional approach to realise operational resilience, or we may find we again miss the all-important squirrel for the largely inconsequential state-sponsored rabbit hole. Only when the razor is aptly applied can we be proactive in addressing the root cause of outages and issues.

The Squirrel of Wall Street

Traditionally, organisations have implemented Business Continuity (BC) and Disaster Recovery (DR) processes. However, this approach is not foolproof, as illustrated by the CrowdStrike outage in 2024 when a faulty update to security software caused issues with Microsoft Windows. This resulted in around 8.5 million systems crashing and being unable to restart for several hours, affecting airports, hospitals, manufacturers, and banks, amongst many others, to the tune of over $10 billion in financial damage.

So how should businesses in the renewables sector approach management of the risks, both to themselves and to the grid at large? A good starting point would be observing the progress made on resilience across the financial services sector.

Much like the grid, financial services is a critical sector on which we all depend, one that is both complex and increasingly reliant on digital technology. The importance of a robust and resilient financial system has been recognised at national and international levels, and improvements have been mandated through resilience regulations such as the European Digital Operational Resilience Act (DORA) and corresponding regulations in the UK from the Financial Conduct Authority. These legislative vehicles drive a new approach to resilience in our financial institutions, one that takes an overarching view of threats but also zooms in on the hidden complexity behind simple and routine acts, such as being able to use an ATM to withdraw funds from one’s account.

How can we apply this to renewables?

Whilst digital and operational resilience (OpRes) has been concentrated on the financial services sector, its principles are universal and can be applied to any industry or organisation as a means to instil enterprise-wide management of disruption. Its objectives include:

1. Preventing disruption to an enterprise from occurring in the first place.


2. Being robust and minimising impact if a disruption does occur.


3. Recovering from impact as quickly as possible.


4. Adapting to changes in the operational environment.


5. Learning from disruption to become more resilient to future events.

Whether in financial services or across the renewables sector at large, the rationale and overall approach is the same:

• Identify ‘important business functions’.


• Gauge the customer and business tolerance for an outage of this function.


• Break down the function into its component parts across people, process and technology.


• Simulate scenarios which could result in failure of the function and identify where they failed and why - be it cyber, force majeure, or physical damage (squirrel or otherwise).


• Fix the issues in the correct order.


• Ensure this process is ongoing, by implementing resilience culture, organisation, governance and processes to continuously manage and improve.

In other words, OpRes is a holistic enterprise-wide strategy to manage disruption, building on and going further than traditional BC and DR approaches.

Isn’t this just common sense?

You might be thinking the above hardly constitutes an innovation, and that it is simply the application of common sense to deal with new realities and risks. This is partly true, but it is important to remember that conventional wisdom uses a probabilistic approach, which frequently underestimates or completely omits what it perceives to be unlikely or rare events, as well as ‘black swans’.

Black swan events are defined as ‘high-impact events that are difficult to predict under normal circumstances, but that appear to have been inevitable in retrospect’, and are explained by a combination of their small probability of occurrence, which limits our ability to compute them, as well as a range of psychological biases that cloud our ability to anticipate them. Recent examples include the COVID-19 pandemic and the 2008 financial crisis, both of which appear relatively unsurprising in retrospect, yet were largely unanticipated and so caused immense disruption to our economies, health, and daily lives.

Conventional legacy approaches also fail to take into account or model the enormous complexity involved in modern digital systems, as well as the intricate dependencies between different subsystems. In our modern world of enormous numbers, big data and vast amounts of internet traffic, one in a million events can be observed on a daily and even minute-by-minute basis. We see the evidence of this all around us, in the regular headlines that contradict our gut feelings and common sense, demonstrating that black swan events occur with depressing regularity.

The innovation of OpRes derives from changing our mindset and approach to better reflect modern reality, building resilience into every aspect of our business and organisations whilst utilising the latest tools and technology to more accurately model and assess risks.

Trouble in Hillingdon

Last month saw a poignant example of a black swan close to home, when Heathrow Airport experienced a significant power outage caused by a fire at the nearby North Hyde substation. The incident led to the airport's closure and operations halting for almost 18 hours, resulting in widespread chaos and flight cancellations, as well as a renewed debate on the resilience of major infrastructure in the UK.

Heathrow was forced to safely power down and reboot critical systems, which took considerable time. Over 1,300 flights were affected, impacting around 200,000 passengers and resulting in many flights being diverted to other airports such as Amsterdam, Frankfurt, and Paris. Although it has now safely resumed operations, the disruption had a global impact, affecting flights and schedules at other airports worldwide, and highlighting the need for robust improvements to operational resilience.

Theories regarding the cause of the outage range from the reasonable - such as a transformer fire, ageing infrastructure or a botched theft - to the conspiratorial involving state-sponsored sabotage and cyber-attacks. Investigations are ongoing, but regardless of the outcome there are lessons to be learned and demonstrable ways in which Heathrow and its supply chain can become more operationally resilient, thereby reducing disruption and minimising the impact of both likely and unforeseen future incidents.

Such events further demonstrate how traditional approaches to business continuity and recovery are not fit for purpose. By following the principals of OpRes across its entire business, the Heathrow of the future will find it is capable of rolling with the punches, remaining operational and withstanding similarly disruptive events.

In a world where squirrels can outperform state-sponsored hackers, perhaps the simplest truth is this: OpRes, not just continuity planning, is what will keep the lights on. Especially when the next threat isn’t a rodent, but a well-meaning employee as we’ll explore in our next article looking at the human factors in the cyber security equation.