Problems like this have existed for decades or more and we know how to prevent it.
It's a business decision whether to invest in prevention, mitigation, both, or neither.
The "foreign government cyber-warfare" problem is less well-understood and is ever-evolving.
For what it's worth, most "mother nature" problems can be handled by having adequate redundancy and/or backup systems and, for most users, having an expected service level that allows for the grid (or internet, or other utility) to be offline for several seconds at a time while backup systems kick in. A state-level attacker is likely to be aware of the backup systems and attack both simultaneously.