Access to electricity is something we often take for granted in America, but it has become a critical part of our daily lives. The first thing we do in the morning is flip a light switch, and our use of electronic devices is near non-stop from that moment on — you wouldn't even be reading this article without electricity. However, the power grid that supports our lights, computers, cell phones, point-of-sale terminals, hospitals, and transportation infrastructure (along with countless other services) may not be as bulletproof as many Americans assume. And if a purposeful attack was directed at the grid, it could leave our nation in a state of chaos.
Ted Koppel, the author of the NY Times Bestselling book Lights Out, studied the power grid and analyzed the consequences a targeted cyberattack could have on it. Penguin Random House provided the following Q&A with Koppel, where he discusses the grid's vulnerability, potential avenues of attack, and his thoughts on how each of us can be prepared for a power grid disaster.
How likely is an attack on our power grid?
Ted Koppel: Very. When I posed that question to former Secretary of Homeland Security Janet Napolitano, she put the likelihood at 80 or 90 percent. General Lloyd Austin, who currently heads up the U.S. military’s Central Command, told me that it’s not a question of “if, but of when.” Former Defense Secretary Leon Panetta has warned of a cyber Pearl Harbor, and President Obama highlighted the threat to our power grid in his 2013 State of the Union address. In short, government and military leaders think it’s likely, and I found no compelling evidence to the contrary.
What could happen if our power grid was attacked?
TK: Depending on the sophistication of the attack it could take out all or part of a grid, of which there are only three in the entire United States. Under a worst case scenario, tens of millions of Americans could be without a normal supply of electric power for weeks or even months. The resulting shortages would, inevitably, lead to civil unrest, with the likelihood that large numbers of people would flee affected cities. The wealthy (assuming they could access their money) could relocate to unaffected parts of the country. Those without means would very likely be urged to keep moving.
You say the Internet should be viewed not only as an incredible tool, but also a potential weapon of mass destruction. That phrase has a lot of immediate connotations, specifically to nuclear weapons. Why use it here?
TK: Weapons of mass destruction are not limited to nuclear. There are biological and chemical weapons that are categorized as weapons of mass destruction. The definition depends on the number of people who could be affected. Using that as a measure, denying an urban population electric power (other than that produced by emergency generators) over an extended period of time would result in significant casualties: patients needing life support systems powered by electricity; the most vulnerable elderly, dependent on electric heating in the winter, cooling in the summer; and the unpredictable casualties that would result from civil unrest when food, water, and medicine are in short supply.
Why is our power grid so vulnerable?
TK: The electric power industry is made up of more than 3,000 companies, many of them using old and difficult-to-repair equipment. The large power transformers, for example, which are crucial to the transmission of electricity across the country, are almost 40 years old on average. They are enormous, so they are not easily moved or replaced. They tend to be custom made, so they are not easily interchangeable. They are very expensive, so small companies don’t keep backups on hand, and most of them are built overseas and it takes more than a year to get a new one. The largest, most profitable companies have taken elaborate precautions against cyberattack; but they are interconnected with the smaller, less protected companies. Like any chain, the power grids are only as strong as their weakest link.
Who is most likely to mount a cyberattack?
TK: The Chinese and Russians are the most capable of launching an attack against one of our power grids, but because of their many interlocking interests with the United States they are less likely to do so. (As we’ve seen, of course, these ties haven’t stopped the Chinese from launching the biggest cyberespionage attack in history, vacuuming more than 21 million personnel files out of the U.S. government’s computers). The great danger of a catastrophic cyberattack comes from entities that have fewer common interests with the United States: countries like North Korea or terrorist groups like ISIS. There is a growing belief among U.S. intelligence specialists that independent groups already have, or will soon have, that capability.
What kind of plans are in place if the power does go out? What agencies would be responsible in that event?
TK: The only plans our government has in place are those created to deal with natural disasters, such as hurricanes or blizzards. A cyberattack on one of our power grids would be vastly different—its impact would be spread over a far wider area and the outage could last weeks or even months. FEMA and the Department of Homeland Security are the two agencies that have the greatest responsibility to prepare, but they disagree over the likelihood of such an attack and over how to respond.
Couldn’t people just evacuate?
TK: One area of disagreement is over the option of evacuating our urban centers. The deputy administrator (the number two man) at FEMA thinks evacuation is the right option. His boss, the
administrator, disagrees. He thinks there would be too many people involved, not enough time and not enough willing host destinations. Indeed, I found that in one small rural state, the governor has developed plans to keep refugees moving: give them a sandwich, a bottle of water, and a map indicating the nearest gas stations.
Who, if anybody, is best prepared for this kind of scenario?
TK: The Church of Jesus Christ of Latter-day Saints, the Mormons, have been conditioned throughout their history to prepare for one form of disaster or another. I devote three chapters to the Mormons and their extraordinary level of organization. It would be difficult for any other institution to duplicate, but there are measures Mormon families take from which the rest of us can learn.
Is there anything ordinary citizens can or should do to prepare for such a possibility?
TK: Preparing for the unexpected is always a tricky proposition. I spent my earliest childhood years in London during World War II. The British had gone to great lengths preparing for poison gas attacks, which never materialized. They evacuated well over a million people from their cities in anticipation of German attacks, but hundreds of thousands of those evacuees, as it turned out, preferred taking their chances at home to being refugees in someone else’s home. Past experience in preparing for the unexpected teaches us that, more often than not, we get it wrong. It also teaches that there is value in the act of searching for answers. Acknowledging ignorance is often the first step toward finding a solution.
The poster below summarizes some of the points Koppel covers in Lights Out. For more information on the book, go to TedKoppelLightsOut.com.