Analysis of Power Outage at Heathrow Airport: Implications for Critical Infrastructure
23. marca 2025
On March 20, 2025, a widespread power outage occurred at London's Heathrow Airport due to a fire in the North Hyde electrical substation. This incident, which led to the closure of Europe's busiest airport and affected more than 1,300 flights, represents a significant case of critical infrastructure failure with pan-European consequences.
Technical Aspects of the Incident
A fire in a transformer at the 275kV North Hyde substation caused a power supply interruption for Heathrow Airport and surrounding areas. According to available information, approximately 67,000 households and businesses were without electricity. Despite the airport having backup power sources, these systems were unable to ensure full operational capacity.
The North Hyde substation represents a critical point in West London's electrical grid, which experts say is significantly overloaded. The region is experiencing a sharp increase in new applications for connection to the electrical grid due to new housing projects, commercial investments, and data centers.
Systemic Deficiencies The incident revealed several serious deficiencies in critical infrastructure security. First, insufficient power redundancy was evident. Critical facilities like Heathrow Airport should be powered from multiple independent points of the electrical grid. Although some parts of the airport (such as Terminal 5) maintained power, overall operations were significantly disrupted.
Another problem is outdated infrastructure. The British electrical grid, similar to many developed countries, is generally outdated, with many components at the end of their expected lifespan and in urgent need of modernization.
The response to the outage also revealed gaps in coordination between the airport operator, airlines, and energy service providers. Restoring full operations took an unreasonably long time, suggesting deficiencies in disaster recovery plans.
Implications for Slovak Critical Infrastructure "This incident emphasizes the importance of a comprehensive approach to critical infrastructure protection," says Ing. Tibor Straka, President of the Slovak Critical Infrastructure Association. "The new Act No. 367/2024 Coll. on Critical Infrastructure, which came into effect on January 1, 2025, introduces a systematic approach to identifying, protecting, and increasing the resilience of critical infrastructure elements in Slovakia." The law defines 11 key sectors of critical infrastructure including energy, transportation, finance, and digital infrastructure. For each sector, it establishes responsible central state administration bodies and introduces a new system of risk assessment and obligations for critical entities.
Preventive Measures and Recommendations Based on the analysis of the Heathrow Airport incident, AKI recommends several measures for critical infrastructure operators in Slovakia. Key is strengthening power redundancy by ensuring multiple independent power sources for critical systems and regularly testing backup sources under full load.
Equally important is the systematic modernization of outdated components of the electrical grid with emphasis on critical nodes. Operators should implement advanced early warning monitoring and predictive maintenance systems to identify potential failures before they occur.
Given the growing interconnection of physical and digital systems, it is essential to ensure adequate protection against cyber threats. Organizations should regularly conduct crisis management exercises simulating various critical infrastructure outage scenarios.
Information sharing and best practices through enhanced cooperation between critical infrastructure operators, regulatory bodies, and security forces are also of fundamental importance.
Conclusion The incident at Heathrow Airport presents a significant lesson for critical infrastructure operators in Slovakia and throughout Europe. It emphasizes the need for a systematic approach to protecting critical systems, which includes not only technical measures but also organizational and procedural aspects.
AKI will continue to monitor the development of the investigation of this incident and implement the lessons learned into its recommendations and educational activities. It also calls on all critical infrastructure operators in Slovakia to reassess their business continuity plans and resilience to similar incidents.
Only through a comprehensive approach to critical infrastructure protection can we ensure the stability and security of key systems essential for the functioning of modern society.
The North Hyde substation represents a critical point in West London's electrical grid, which experts say is significantly overloaded. The region is experiencing a sharp increase in new applications for connection to the electrical grid due to new housing projects, commercial investments, and data centers.
Systemic Deficiencies The incident revealed several serious deficiencies in critical infrastructure security. First, insufficient power redundancy was evident. Critical facilities like Heathrow Airport should be powered from multiple independent points of the electrical grid. Although some parts of the airport (such as Terminal 5) maintained power, overall operations were significantly disrupted.
Another problem is outdated infrastructure. The British electrical grid, similar to many developed countries, is generally outdated, with many components at the end of their expected lifespan and in urgent need of modernization.
The response to the outage also revealed gaps in coordination between the airport operator, airlines, and energy service providers. Restoring full operations took an unreasonably long time, suggesting deficiencies in disaster recovery plans.
Implications for Slovak Critical Infrastructure "This incident emphasizes the importance of a comprehensive approach to critical infrastructure protection," says Ing. Tibor Straka, President of the Slovak Critical Infrastructure Association. "The new Act No. 367/2024 Coll. on Critical Infrastructure, which came into effect on January 1, 2025, introduces a systematic approach to identifying, protecting, and increasing the resilience of critical infrastructure elements in Slovakia." The law defines 11 key sectors of critical infrastructure including energy, transportation, finance, and digital infrastructure. For each sector, it establishes responsible central state administration bodies and introduces a new system of risk assessment and obligations for critical entities.
Preventive Measures and Recommendations Based on the analysis of the Heathrow Airport incident, AKI recommends several measures for critical infrastructure operators in Slovakia. Key is strengthening power redundancy by ensuring multiple independent power sources for critical systems and regularly testing backup sources under full load.
Equally important is the systematic modernization of outdated components of the electrical grid with emphasis on critical nodes. Operators should implement advanced early warning monitoring and predictive maintenance systems to identify potential failures before they occur.
Given the growing interconnection of physical and digital systems, it is essential to ensure adequate protection against cyber threats. Organizations should regularly conduct crisis management exercises simulating various critical infrastructure outage scenarios.
Information sharing and best practices through enhanced cooperation between critical infrastructure operators, regulatory bodies, and security forces are also of fundamental importance.
Conclusion The incident at Heathrow Airport presents a significant lesson for critical infrastructure operators in Slovakia and throughout Europe. It emphasizes the need for a systematic approach to protecting critical systems, which includes not only technical measures but also organizational and procedural aspects.
AKI will continue to monitor the development of the investigation of this incident and implement the lessons learned into its recommendations and educational activities. It also calls on all critical infrastructure operators in Slovakia to reassess their business continuity plans and resilience to similar incidents.
Only through a comprehensive approach to critical infrastructure protection can we ensure the stability and security of key systems essential for the functioning of modern society.
On July 3, 2025, a memorandum of cooperation was concluded in Bratislava between the National Security Authority (NBÚ) and the Critical Infrastructure Association of the Slovak Republic (AKI SR). The document was officially signed by JUDr. Roman Konečný, Director of the National Security Authority, and Ing. Tibor Straka, President of the Critical Infrastructure Association of the Slovak Republic. The cooperation will be implemented at the level of professional discussions, knowledge exchange, and presentation of the most suitable approaches in the field of information and cybersecurity. Both parties have also committed to supporting education in the field of information security and contributing to the prevention of cybercrime. This memorandum is the first of a series of memoranda that the AKI SR will conclude with other state administration bodies exercising competence in the field of critical infrastructure.
Dňa 3. júla 2025 bolo v Bratislave uzatvorené memorandum o spolupráci medzi Národným bezpečnostným úradom (NBÚ) a Asociáciou kritickej infraštruktúry Slovenskej republiky (AKI SR). Dokument oficiálne podpísali JUDr. Roman Konečný, riaditeľ Národného bezpečnostného úradu, a Ing. Tibor Straka, prezident Asociácie kritickej infraštruktúry Slovenskej republiky. Spolupráca bude realizovaná na úrovni odborných diskusií, výmeny poznatkov a prezentácie najvhodnejších prístupov v oblasti informačnej a kybernetickej bezpečnosti. Obe strany sa zároveň zaviazali podporovať osvetu v oblasti informačnej bezpečnosti a prispievať k prevencii kybernetickej kriminality. Toto memorandum je prvým z radu memoránd, ktoré bude Asociácia kritickej infraštruktúry Slovenskej republiky uzatvárať s ďalšími orgánmi štátnej správy vykonávajúcimi pôsobnosť na úseku kritickej infraštruktúry.
On June 26, 2025, another working meeting of the presidium of the Critical Infrastructure Association of the Slovak Republic (AKI SR) took place at the premises of the Council of Slovak Exporters, which was also attended by the chairman of the supervisory board of AKI SR.
Dňa 26. júna 2025 sa v priestoroch Rady slovenských exportérov uskutočnilo ďalšie pracovné rokovanie prezídia Asociácie kritickej infraštruktúry Slovenskej republiky (AKI SR), na ktorom sa zúčastnil aj predseda dozornej rady AKI SR.
In recent days, State Secretary of the Ministry of Interior of the Slovak Republic Patrik Krauspe received a delegation of the Critical Infrastructure Association of the Slovak Republic (AKI SR), which was led by AKI SR President Tibor Straka. The goal of the working meeting was to officially present the association as a professional and independent platform connecting state and private entities in the field of critical infrastructure and to discuss cooperation opportunities between the Ministry of Interior of the SR and AKI SR.
V uplynulých dňoch prijal štátny tajomník Ministerstva vnútra SR Patrik Krauspe delegáciu Asociácie kritickej infraštruktúry Slovenskej republiky (AKI SR), ktorú viedol prezident AKI SR Tibor Straka. Cieľom pracovného stretnutia bolo oficiálne predstavenie asociácie ako odbornej a nezávislej platformy prepájajúcej štátne aj súkromné subjekty v oblasti kritickej infraštruktúry a prerokovanie možností spolupráce medzi Ministerstvom vnútra SR a AKI SR.
The Slovak Chamber of Commerce and Industry (SOPK) organized its traditional semi-annual press conference on June 18, 2025. The discussion focused on how Slovakia is managing current economic challenges, while also presenting proposals for fundamental changes in the areas of innovation, artificial intelligence, and security.
Slovenská obchodná a priemyselná komora (SOPK) usporiadala 18. júna 2025 svoju tradičnú polročnú tlačovú konferenciu. Diskusia sa sústredila na to, ako Slovensko zvláda aktuálne hospodárske výzvy, a zároveň predstavila návrhy na zásadné zmeny v oblasti inovácií, umelej inteligencie a bezpečnosti.
New executive order from Trump cancels key cybersecurity initiatives from the Biden era, while the approach to cybersecurity on the other side of the Atlantic is markedly different – Europe is accelerating its digital security program.
Nové výkonné nariadenie od Trumpa ruší hlavné iniciatívy v oblasti kybernetickej bezpečnosti z éry Bidena, pričom postoj ku kybernetickej bezpečnosti je na druhej strane Atlantiku výrazne odlišný – Európa zrýchľuje svoj digitálny bezpečnostný program.