Lights Out

A well-planned attack by terrorists could cut electric power to large regions of the country for weeks or months, cost hundreds of billions of dollars, and cause thousands of deaths during heat waves and cold snaps, says a newly-declassified report by the National Research Council.

The authoritative 2007 study, released today after a five-year delay, focused most of its concern on physical attacks on transmission lines and transformers and concluded that another major concern, cyber sabotage, by itself was "unlikely to cause extended outages" and inflict major damage.

Officials and engineers have long worried about the potential vulnerability of the U.S. transportation, banking, and electrical systems to malicious hackers. Those concerns intensified following the disclosure in 2010 that the Stuxnet computer worm had crippled hundreds of uranium-enrichment centrifuges in Iran.

But the formerly secret report to the Department of Homeland Security focuses more on the U.S. electric power system’s older technology and lack of spare capacity, saying the "physical capabilities of much of the transmission network have not kept pace with the increasing burden that is being placed on it." As a result, it found, sophisticated physical assaults against key facilities could damage difficult-to-replace hardware and cause multiple cascading failures with catastrophic results.

M. Granger Morgan, chairman of the National Research Council panel and a professor at Carnegie Mellon University, said that bolstering the nation’s electric grid could help maintain critical social services during natural disasters as well as terror attacks. With the number of extreme weather events apparently on the increase, he said, upgrading the electric infrastructure is increasingly important.

The report noted that due to government-supported efforts to create a competitive energy market, the rickety power grid is being used for something the authors say it was never designed to do — move power between regions. The new energy market "hasn’t made us more physically vulnerable," Morgan said. But it has "complicated" the question of who is responsible for maintaining the system, he said, and "we’re stressing the system more."

The DHS classified the entire document after a lengthy review ended in 2008 — even though the experts who wrote it believed that it contained no restricted information. "We were very careful in writing this not to say anything that wasn’t in the open literature, chiefly because we didn’t want to write a cookbook on how to attack the electric power system," Morgan said.

After an appeal by the council, the department reversed itself in August and declassified all but several pages. DHS officials did not immediately respond to a request for comment.

In a foreword to the study, Research Council chairman Ralph Cicerone and vice chairman Charles Vest wrote expressed "regret" for the delay in publication. "We understand the need to safeguard security information that may need to remain classified," they wrote. "But openness is also required to … better protect the nation from terrorism and other threats."

Steven Aftergood, director of the Federation of American Scientists’ Project on Government Secrecy, called the government’s initial decision to block publication of the report "a good example of how indiscriminate classification can undermine national security."

"If this report had been released five years ago, its insights and recommendations might have been acted on — or at least debated — years ago," Aftergood wrote in an email. "Instead, the passage of time was wasted for no good reason. This kind of secrecy makes us stupid."

Despite the report’s age, Cicerone and Vest wrote, its findings remain "highly relevant."

"Major cascading blackouts in the U.S. southwest in 2011, and in India in 2012, underscore the need for the measures discussed in this report. The nation’s power grid is in urgent need of expansion and upgrading."

Experts have long worried about the threat of a terrorist strike on the electric grid, especially in the wake of major attacks or regional power outages like those triggered by Hurricane Sandy.

The report notes that severe storms can knock out power for millions, but normally fail to produce the kind of chaos and bloodshed associated with terrorism, because they are less focused. "Unlike hurricanes, terrorists may strike with no warning and selectively destroy the most important facilities, such as major substations."

It found that bringing down the electric grid for months "could lead to turmoil, widespread public fear, and an image of (government) helplessness that would play directly into the hands of terrorists."

In bad weather, the report said, extended power outages could "result in hundreds or even thousands of deaths due to heat stress or extended exposure to extreme cold."

The report discusses the threat to the many computer control systems used by electric utilities, including the supervisory control and data acquisition system (SCADA) targeted by Stuxnet.

U.S. cyber experts in March 2007 used a SCADA system to force a large diesel motor to self-destruct in a cloud of smoke in a test at the Idaho National Laboratory. The more such systems are linked to the Web, experts say, the more vulnerable they become to hackers.

Morgan said in general cyber attacks were less likely to do major damage than physical ones. "You could probably cause a fairly widespread outage," he said. "What you can’t do very easily with cyber is destroy large transformers or take down power lines and that sort of thing."

The report found that "Cyber attacks are unlikely to cause extended outages, but if well coordinated they could magnify the damage of a physical attack."