Tuesday, November 10, 2015

Ted Koppel's "Lights Out" warns that we are not prepared for possibly a sudden change in our way-of-life forced on us by enemies or even nature: cyberattack, EMP, or solar storms wrecking the power grids


Author: Ted Koppel (or Edward J. Koppel)

Title: “Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath

Publication: New York: 2015, Crown Publishers.  ISBN 978-0-553-41997-9, hardcover (also eBook), 280 pages, Three parts, 20 chapters with epilogue;  endnotes, and indexed.

Last Sunday morning, while waiting for a cab to start a quick two-day electric Amtrak train trip to New York, the power cut out suddenly.  I wondered what was up, as the weather was calm. My generator kicked on.  My computer and router are tied into uninterruptible power supply, so they were unaffected. In about five minutes, the generator shut off, and power returned before the cab arrived.  Had there been more time, I might have double-checked that my new car would start.



Before getting into the book, I’ll note a few other little incidents. Hurricane Isabel struck the DC area in September 2003, shortly after I had returned from Minnesota to look after mother, and our power was out “only” about 14 hours.  Cable came back after about 20 hours. But a friend, who used our freezer, and lived three miles away was without power for nine days.  They (an elderly couple) were told it was taking a long time for Dominion Power to get a new transformer from Richmond.

The DC area had not been affected by the major power outage in the northeast in August 14 2003, but some areas were without power for over a week (Wikipedia) .  I can remember a 24 hour power outage in New York City in the summer of 1977, and a six-week landline telephone outage in Greenwich Village in (as I recall) 1975 because of a building fire.

After the derecho on June 29, 2012, my own generator (installed in August 2011) ran for close to three days, but some people were out more than a week. I had no significant outages for either Irene or Sandy, which was not as severe as expected right here.

About five weeks ago, an escalator at a local shopping mall went out.  The Mall put up signs promising repair by October 30.  The day came, and the repairs still are not done because the supplier sent wrong-sized parts.  Upstairs businesses are furious.  This little incident shows how difficult it is for some companies to maintain infrastructure important to customers and businesses.

In the spring of 2015, a non-severe thunderstorm in southern Maryland damaged a tower belonging to an electric cooperative, indirectly causing a several-hour outage in Washington DC around Capitol Hill.  Later a transformer fire in the DC Metro caused partial rush hour service reductions near RFK Stadium for several weeks.  And once, in 2012, I wasn’t allowed back into a hotel room in New York City after a nearby manhole fire related to an auto accident. In fact, one month before 9/11, there was a day-long major power outage in the Dupont Circle area of Washington DC because of a manhole fire.

Ted Koppel was well known as the anchor for ABC Nightline for years, often reporting on overseas issues, especially South Africa, and recently a series on China.  But I think he is the first mainstream journalist (not from what we think of as “the right”) to report seriously on a potentially grave national security hazard and our way of life.

The three parts of the book are “A Cyberattack”. “A Nation Unprepared”, and “Surviving the Aftermath”.

There are really two big issues in the book.  One of them is the nature of any of several ways enemies (terrorists) or possibly natural events could cause many sections of the US to lose electric service for long periods.  This begs the question as to whether better security and technology policy can practically eliminate the risk. The other issue is that there is, in a sense, an unprecedented risk to our society, now that it has become technologically dependent, that we lose it all, and go back to the nineteenth century (like in the notorious NBC series “Revolution”).   Another aspect of this paradigm, though, has historical precedent.  Prosperous civilian civilizations have been suddenly destroyed before, like Pompeii.  And modern civilian populations, like Britain in 1940, have endured enemy attacks that might have come to be viewed as unthinkable.  This is a more disturbing question, one which bears on individual morality and whether notions or human rights really are subject to external forces beyond the control of most civilians, augmenting socially conservative, communistic, or religious philosophies about individual expectations.  Certainly individualism as we understand it would change as society tries to survive in a suddenly radically different world, after a “purification”.  Preparedness evokes moral questions, and crosses a number of issues ranging from gun ownership and possession, to hospitality and family values.

On this blog, I’ve already reviewed a number of books on threats to the grid, as one can see by following the blogger labels “cyber security”, “electromagnetic pulse” and “solar environmental effects”.  I’ve reviewed some publications from the National Academy of Science and from Oak Ridge (which I visited in 2013) indicating that the solar storm risk in particular could be quite serious.

Personally, I have tended (at least until now) to believe that the biggest threats come from EMP attacks or huge Carrington-sized solar storms and coronal mass ejections (we may have just missed a big one by a week in July 2012).  Koppel discusses a rifle attack on a substation in California in April 2013;  there have been a few other similar attacks around the country (mostly in the South) with few long-term effects.  However Byron Dorgan’s novel “Gridlock” (Sept. 5, 2013) describes a cyberattack, introduced by thumb drives, but starting with a surreptitious shooting of power company employees making repairs.

Koppel notes that the Pentagon has given Raytheon a contract to strengthen the communications under Cheyenne Mountain in Colorado from damage from EMP, and recently Raytheon has advertised heavily in the Washington DC Metro, a rather chilling coincidence. All of that suggests that the Pentagon is worried that an enemy really could lob a scud-like missile from a boat 100 miles off the coast, leading a relatively high-altitude nuclear explosion and creating EMP for much of the country. That’s what happens in Forstchen’s novel “One Second After” (July 20, 2012).  However, shouldn’t NORAD (or the Coast Guard or Navy) intercept such a missile before it goes off? Other writers, like Maloof (as well as The Washington Times), have suggested that more amateurish terrorists could make microwave pulse generators with local EMP effects (and idea circulated mysteriously in 2001 just before 9/11 not talked about much). In any case, Koppel’s own narrative makes the EMP threat sound more likely than he says it is.

Koppel then moves to the cyberthreat itself, which more or less follows Dorgan’s novel as to how it might happen.  There is some issue as to whether an amateur can bring down a power company from a laptop or cell phone.  Koppel suggests this is possible, but it probably isn’t.  You can’t normally log on to a server that manages power loads.  Finland’s Linux inventor Linus Torvalds himself says power grids and other essential infrastructure should never be made directly accessible from the public Internet.  There is a difference between taking down a power grid and taking down the server of an entertainment company (Sony). But even many US government Internet systems are poorly shielded, as we know from many hacks.

But inside jobs from poorly screened employees or contractors are possible, as is the idea of introducing malware from an external thumb drive, which seems to be how the US itself has tried to infect Iran, and how Saudi Arabia’s oil company was brought down.  The main risk seems, according to Koppel, to come from compromise of a smaller power utility, which overloads transformers of larger companies and causes cascading failures (as happened with the software failure in 2003).  Koppel explains well how the continental US is divided into three topologically connected grids, and his book cover shows the Eastern grid blacked out!  The black book cover, by the way, attracts attention in public places, as recently from a teenager on the Metro in Washington.  Sometimes it's good to have the physical book rather than just an e-copy.

I could ask, could power company firmware be designed to prevent such transformer-eating overloads?  Could power generation be more decentralized when necessary?  Koppel discusses the idea of installing small fission reactors for backup, an idea suggested by young inventor Taylor Wilson who, with the help of financiers like libertarian Peter Thiel (who had helped Zuckerberg with Facebook), wants to develop and patent these systems.  Wilson says the small mini—plants could be underground, which could protect them further from other kinds of attacks (like EMP).

Koppel discusses the issue of NSA and other law enforcement surveillance of power company systems, and notes that there are serious legal impediments, from the Electronic Communications Privacy Act, which would interfere with monitoring for criminal attacks that the public would support, despite the constant presentation of government and military as villains (even by Electronic Frontier Foundation) because of unrelated problems of unwarranted watching of individuals.

Koppel correctly points out most large transformers are manufactured overseas (there are two holding companies involved in Virginia, in Lynchburg and Roanoke, and several along the Gulf Coast, but it seems that the real work is overseas).  Furthermore it is very difficult to transport them on highways or rails in the US (I recall seeing a picture of one in a “Trains” magazine on a Schnabel as a kid).

The last third of the book deals with the unpleasant issue of civilian preparedness.  Koppel goes on the road to investigate, in a way similar to what I sometimes did for my own DADT books.  He visits ranch owners in Wyoming and talks about the possibility of offering “radical hospitality” to domestic refugees.  He talks about gun ownership, and notes that rural states where most people own guns out of legitimate interest in hunting or reasonable need for self-defense have much lower rates of gun violence than large cities with strict control.  He then does a detailed debriefing of the Church of Jesus Christ of Latter Days Saints, where disaster preparedness (and neighborliness) is part of their personal moral code, partly because of their history of being persecuted as a group and having to back each other up. (One could make an incomplete comparison to Israel.)

Koppel says that frank discussion of how this issue could change our lives personally could help stimulate the policy changes (and bipartisan cooperation) that would make actual disaster more preventable.  He uses the Cold War and even Cuban Missile Crisis with the Soviet Union (after the “duck and cover” of the 1950s) as a comparison.  He notes the lessons of civilian preparedness from history like the Battle of Britain in 1941.  He also treads on personal values, noting that more communal lifestyles, even Marxist in thought, could become necessary if a prolonged catastrophe really happens.  I could rant on here and say that at 72, I would be of no use in the world of NBC’s “Revolution”.  But this is an issue or personal morality – how it interacts with the common good of the community you live in – that we don’t like to talk about today than that earlier generations (when we had, for example, a military draft) may better understand.

It's unnerving that Koppel reports (in post-publication interviews, like in Time) that some former public officials see a major attack as unavoidable.  We're not prepared for a total change in our way of life, so we'd better prevent this.  Maybe Taylor Wilson does have the best idea on the table.

No comments: