Government officials sometimes describe a kind of Hieronymus Bosch landscape when warning of the possibility of a cyber attack on the electric grid. Imagine, if you will, that the United States is blindsided by an epic hack that interrupts power for much of the Midwest and mid-Atlantic for more than a week, switching off the lights, traffic signals, computers, water pumps, and air conditioners in millions of homes, businesses, and government offices. Americans swelter in the dark. Chaos reigns!
another nightmare scenario: An electric grid that serves two-thirds of a billion people suddenly fails in a developing,
nuclear-armed country with a rich history of ethnic and religious conflict. Rail transportation is shut down,
cutting off travel to large swathes of the country, while many miners are
Blackouts on this scale conjure images of civil unrest, overwhelmed police, crippled hospitals, darkened military bases, the gravely injured in the back of ambulances stuck in traffic jams.
The specter of what Defense Secretary Leon Panetta has called a "digital Pearl Harbor" led to the creation of U.S. Cyber Command, which is tasked with developing both offensive and defensive cyber warfare capabilities, and prompted FBI Director Robert Mueller to warn in March that cyber attacks would soon be "the number one threat to our country." Similar concerns inspired both the Democrats and Republicans to sound the alarm about the cyber threat in their party platforms.
But are cyber attacks really a clear and present danger to society's critical life support systems, capable of inflicting thousands of casualties? Or has fear of full-blown cybergeddon at the hands of America's enemies become just another feverish national obsession -- another of the long, dark shadows of the 9/11 attacks?
Worries about a large-scale, devastating cyber attack on the United States date back several decades, but escalated following attacks on Estonian government and media websites during a diplomatic conflict with Russia in 2007. That digital ambush was followed by a cyber attack on Georgian websites a year later in the run-up to the brief shooting war between Tbilisi and Moscow, as well as allegations of a colossal, ongoing cyber espionage campaign against the United States by hackers linked to the Chinese army.
Much of the concern has focused on potential attacks on the U.S. electrical grid. "If I were an attacker and I wanted to do strategic damage to the United States...I probably would sack electric power on the U.S. East Coast, maybe the West Coast, and attempt to cause a cascading effect," retired Admiral Mike McConnell said in a 2010 interview with CBS's 60 Minutes.
But the scenarios sketched out above are not solely the realm of fantasy. This summer, the United States and India were hit by two massive electrical outages -- caused not by ninja cyber assault teams but by force majeure. And, for most people anyway, the results were less terrifying than imagined.
First, the freak "derecho" storm that barreled across a heavily-populated swath of the eastern United States on the afternoon of June 29 knocked down trees that crushed cars, bashed holes in roofs, blocked roads, and sliced through power lines.