Lights Out

A newly declassified report shows how vulnerable America's electric grid is.

BY DOUGLAS BIRCH | NOVEMBER 14, 2012

In a foreword to the study, Research Council chairman Ralph Cicerone and vice chairman Charles Vest wrote expressed "regret" for the delay in publication. "We understand the need to safeguard security information that may need to remain classified," they wrote. "But openness is also required to ... better protect the nation from terrorism and other threats."

Steven Aftergood, director of the Federation of American Scientists' Project on Government Secrecy, called the government's initial decision to block publication of the report "a good example of how indiscriminate classification can undermine national security."

"If this report had been released five years ago, its insights and recommendations might have been acted on -- or at least debated -- years ago," Aftergood wrote in an email. "Instead, the passage of time was wasted for no good reason. This kind of secrecy makes us stupid."

Despite the report's age, Cicerone and Vest wrote, its findings remain "highly relevant."

"Major cascading blackouts in the U.S. southwest in 2011, and in India in 2012, underscore the need for the measures discussed in this report. The nation's power grid is in urgent need of expansion and upgrading."

Experts have long worried about the threat of a terrorist strike on the electric grid, especially in the wake of major attacks or regional power outages like those triggered by Hurricane Sandy.

The report notes that severe storms can knock out power for millions, but normally fail to produce the kind of chaos and bloodshed associated with terrorism, because they are less focused. "Unlike hurricanes, terrorists may strike with no warning and selectively destroy the most important facilities, such as major substations."

It found that bringing down the electric grid for months "could lead to turmoil, widespread public fear, and an image of (government) helplessness that would play directly into the hands of terrorists."

In bad weather, the report said, extended power outages could "result in hundreds or even thousands of deaths due to heat stress or extended exposure to extreme cold."

The report discusses the threat to the many computer control systems used by electric utilities, including the supervisory control and data acquisition system (SCADA) targeted by Stuxnet.

U.S. cyber experts in March 2007 used a SCADA system to force a large diesel motor to self-destruct in a cloud of smoke in a test at the Idaho National Laboratory. The more such systems are linked to the Web, experts say, the more vulnerable they become to hackers.

Morgan said in general cyber attacks were less likely to do major damage than physical ones. "You could probably cause a fairly widespread outage," he said. "What you can't do very easily with cyber is destroy large transformers or take down power lines and that sort of thing."

The report found that "Cyber attacks are unlikely to cause extended outages, but if well coordinated they could magnify the damage of a physical attack."

Justin Sullivan/Getty Images

 

Douglas Birch is a science journalist and former Moscow correspondent for The Baltimore Sun and Associated Press who has written extensively about nuclear and other weapons of mass destruction programs.