A huge swatch of the north-east US lost power for a couple days, not all that long ago, because of a tree branch. And efforts to contain the problem were hampered by an obscure bug in the management software.
If a freak accident can expose a cascade of unexpected fail-over behavior, do you really think the grid is hardened against deliberate malfeasance? Particularly when we consider that the vulnerabilities from which voltage irregularities could be created, could quite likely attack or destroy the management software itself.
Mix in the likelihood of attackers having access to several nodes on the grid at once and regional blackouts seem quite plausible.
In which case a country-wide blackout is merely a question of whether attackers could compromise enough stations across enough of America to effect several concurrent regional blackouts.
Why is control of the electrical grid accessible to the
internet?
There are people asking that question, it just doesn't get press. Because the reality is quite likely that there are solid business reasons for some access and the real problem is piss-poor security on that access [1].
So you either report on computer security details or alarmist disaster scenarios [2]. And one of those lines of reporting will sell more copies than the other.
[1] If there was no business value in access, they wouldn't have paid to install data lines. I'd imagine remote administration, monitoring and centralized reporting are quite useful, particularly when observing large swaths of the grid.
[2] Which means, yes, people tend to get caught up in infeasible scenarios like hackers causing nuclear meltdowns. But the unlikelihood of those types of catastrophes does not mean that there are no catastrophes that can be caused by compromised infrastructure control machines.