Power Utilities: Infrastructure Nightmares
By Federal Mandate, Attack Scenarios Keep Company Officials Up at Night
It did not take many days after Sept. 11 for officials at all levels of government to experience the same frightening epiphany: The potential for more attacks — perhaps even deadlier than those perpetrated by the al Qaeda hijackers — was embedded in the vast networks of utility pipes, power lines and other conduits that weave into every aspect of everyday American life.
“What they normally would think was just part of the civilian economic infrastructure suddenly became a target for war,” recalls Joe Lieberman, the independent senator from Connecticut who, a year after the attacks, was a leading force in the creation of the Department of Homeland Security.
As the ruins at Ground Zero smoldered, officials in New York began scrutinizing the city’s public works systems for vulnerabilities. Many of the earliest fears were about the security of the systems that power the nation — the nearly half-million miles of oil and gas pipelines; the electric transmission grid; and the plants that put the juice onto that grid, especially those fueled themselves by nuclear reactors. Attacks on the energy infrastructure held the potential to cause not only catastrophic loss of life, but also comprehensive economic disruption and cataclysmic environmental disaster.
“The biggest concerns were ‘where were the gaps?’ ” recalls Michael Balboni, a senior fellow at George Washington University’s Homeland Security Policy Institute. Early efforts focused on the “gates, guards and gadgets” needed to protect critical infrastructure from infiltration, said Balboni, who helped enact a series of anti-terrorism laws as a Republican state senator in New York, and served two years as the state’s top homeland security official.
Longer-term measures followed. The decision to consolidate the sprawling collection of offices and agencies assigned to protect the homefront into one Cabinet department marked the largest government reorganization since World War II. Executive orders and security directives attempted to harmonize the work of the many agencies whose efforts overlapped. Through legislation, Congress ordered various agencies to work with utilities and other businesses to protect the energy infrastructure — more than 80 percent of which is privately owned.
The merit in those herculean efforts has so far been borne out by the absence of a successful terrorist strike, although the numerous plots that have been thwarted demonstrate that the threat remains alive. Last month, the Homeland Security Department alerted authorities across the nation to intelligence reports that terrorists might plan attacks on power plants in the weeks leading up to the 10th anniversary.
The potential for new attacks grows with increased use of new technology. Efforts to upgrade electric transmission networks into an efficient “smart grid” run by computers has industry and government officials fretting, especially about the vulnerability of their software. Guarding against such cyberattacks has displaced the emphasis on preventing physical assaults that predominated right after Sept. 11. Yet fatal pipeline accidents caused by equipment failures, and Japan’s nuclear crisis this year — the result of an earthquake-induced tsunami that overwhelmed backup safety systems — highlight the continuing risks of physical attacks on energy systems.
Lieberman said the United States has made major progress in securing its utilities in the past 10 years, but he sees equally large challenges remaining. “I think it’s a lot better, but you know, it’s a big country with a lot of energy infrastructure so it’s hard to secure it all,” he said.
Higher Tech, Higher Risk
According to the Congressional Research Service, the average power plant in the United States is more than three decades old, most of the transformers that help distribute electricity are at least 40 years old, and 70 percent of the transmission lines are at least a quarter-century old. Spurred by new federal reliability mandates enacted in 2005 and 2007, the nation’s electric grid is undergoing a transformation from a patchwork network intended to serve individual power plants to an interconnected smart grid capable of transferring power across regions.
The smart grid is a work in progress, but the reliance of much of the technology on broadband communications exposes the system to a host of cybersecurity vulnerabilities. Similar technologies also hold promise and peril for other infrastructure, including water systems, pipelines and telecommunications networks.
To highlight the vulnerability of cyberattacks, four years ago the government conducted a test in which it remotely accessed and partially destroyed a $1 million diesel-electric generator at a federal laboratory in Idaho. Cyberattacks have also disabled energy equipment outside the United States, and intrusions into U.S. networks by foreign hackers have been detected for years.
While the electric grid is the sole critical infrastructure network that has mandatory cybersecurity regulations in place, some lawmakers question whether the existing framework is sufficient. Congress in 2005 handed the Federal Energy Regulatory Commission responsibility for ensuring the reliability of bulk power systems. To comply with congressional instructions, the agency in turn made the North American Electric Reliability Corporation (NERC) responsible for establishing standards. A 2007 law added requirements for reliability of smart-grid development, which received more than $11 billion in the 2009 economic stimulus law.
Some critics charge that NERC — a not-for-profit corporation whose members include private and public utilities, large consumers of electricity, transmission operators and government entities — allows industry essentially to write its own regulations. “This fundamentally distinguishes the electric sector from virtually all other critical infrastructure sectors,” Jeff Bingaman, the New Mexico Democrat who chairs the Senate Energy and Natural Resources committee, noted at a hearing on cybersecurity in May.
Last month that panel approved legislation to provide both the Federal Energy Regulatory Commission and the Energy Department new authority over the process used to develop reliability standards. But the Obama administration and Lieberman, the chairman of the Senate Homeland Security committee, prefer a more comprehensive approach overseen by the Homeland Security Department. Further complicating matters is the proliferation of cybersecurity bills by the many congressional committees that assert a share of jurisdiction over the issue.
While cyber-threats of late have received the most scrutiny, physical attacks on energy infrastructure continue to alarm security officials.
Of particular concern is the threat of sabotage by insiders — utility employees with an understanding of how systems operate and might be exploited. For example, in 2000, a disgruntled employee in Australia released 200,000 gallons of sewage from a water-treatment plant.
Last month’s Homeland Department warning emphasized the potential for such an insider attack. The department says the alert was not based on any specific threat, but press reports at the time say the memo referred to last year’s arrest in Yemen of a U.S. citizen who apparently worked for a contractor performing non-sensitive maintenance at five U.S. nuclear plants over a six-year period.
Even though it resulted from a natural disaster, Japan’s nuclear accident is also prompting government officials to rethink safety and security protocols. A Nuclear Regulatory Commission report last month noted that — just as security precautions taken after Sept. 11 resulted from insights gained from potential security breeches, not specific threats — the Japan situation “similarly provides new insights regarding low-likelihood, high-consequence events.”
Fears also linger over the security of the nearly half-million high-volume pipelines that carry oil, gas and other hazardous liquids across the United States. Such lines have been frequent targets in Colombia, Nigeria and even Canada, where unknown perpetrators bombed natural-gas pipes in British Columbia six times in 2008 and 2009. In 2007, the Justice Department arrested members of a terrorist group that allegedly was plotting to attack jet-fuel pipelines and storage tanks at New York’s John F. Kennedy International Airport.
And yet the Transportation Security Administration had a pipeline-security team of just 13 people this year, according to the Congressional Research Service, while at the same time 225 people were working in the Transportation Department’s pipeline-safety operation.
Frank R. Lautenberg, the New Jersey Democrat who chairs a Senate Commerce subcommittee with jurisdiction over infrastructure safety and security, said he’s troubled by recent pipeline accidents, including last month’s ExxonMobil pipeline leak into Montana’s Yellowstone River, and last year’s explosion of a California natural-gas pipeline that killed eight. Neither resulted from an act of terror, but Lautenberg says both demonstrate the potential for damage from a terrorist attack on a pipeline, and the need for constant vigilance by industry and government.
“Can you ever say that situations that have volatility attached to them — can you ever say that everything’s perfect?” he asks. “You can’t. That doesn’t mean you shouldn’t work toward that objective.”