Terrorism and infrastructure

Terrorist Attack Left All of Yemen In Darkness Last Week: Another Wake-Up Call

Forbes,

19 June, 2014

The rapid advance of jihadists throughout Iraq unnerves us. The goal of establishing a radical Islamist caliphate – providing a haven to thousands of violent individuals with a hatred of the West - should unnerve us. Because it’s the unknown next step that follows that keeps us awake at night, and reminds us of our vulnerability.

News from Yemen last week further underscores that sense, as we learned that an attack on the power lines left the entire nation of Yemen (with its 23 million people) without power for a day.

The country’s energy minister indicated that power lines were taken out, cutting power to all provinces. A ministry spokesman was quoted as saying “The act of sabotage at Kilometre 78 suspended the entire national power and energy grid, including at Marib’s gas plant, and cut power in all provinces.”

Apparently, the lines were attacked twice on June 9. Shortly after the damage from the first attack was repaired, militants reappeared for a second round, which led to the national power outage. The military responded with an operation that killed two attackers while wounding another six.

Nobody much likes to think about these things, but the threats are indeed real in Yemen and elsewhere. Last October, the Knights Templar – a breakaway group from Mexico’s Michoacan drug cartel – took out the power grid in Michoacan state, attacking nine substations and leaving over 400,000 without electricity.

And then we had the attack last year on the substation in San jose, where assailants came in through manholes, cut the communications lines, and shot up transformers that subsequently failed.

The Federal Energy Regulatory Commission (FERC) has been aware of this type of threat to the U.S, power grid for some time, and commissioned a report to investigate these issues. In its analysis, the FERC used software to model the grid’s performance subsequent to loss of critical substations. The Wall Street Journal followed with a story based on the leaked FERC report, indicating that an attack on nine of the country’s 30 most vital substations (which were not identified) could potentially induce a lengthy and life-threatening coast-to-coast blackout.

In March, the FERC directed the North American Reliability Corporation (NERC) to develop reliability standards requiring owners and operators of the Bulk-Power System to address risks due to physical security threats and vulnerabilities.

NERC came out in May with proposed standards for transmission stations, transmission substations and associated primary control centers. They are a good start, but they are all about prevention. They look at the issue in an isolated fashion; they do not incorporate the necessary systems-thinking approach, and thus do not go far enough in addressing the problem.

Dr. Jason Black, Research Leader at Battelle Memorial Institute thinks we need to do more, and offers the following recommendations in a white paper highlighted by Smart Grid News:

1) Evaluate risks across regional interconnections, rather than a single utility area and adjacent areas.

2) Incorporate an all hazards threat assessment approach into the vulnerability assessments (for example, it’s not just physical, the cyber threat is real as well).

3) Create plans for prevention, response, and recovery. (Prevention alone is not enough – what’s the rapid response plan IF something does happen)?

4) Create a benefit-cost approach to compare investments in operational procedures or alternative sites to investments in physical grid security.

5) Facilitate a more tailored and customized response on a site-by-site basis.

6) Implement security measures to avoid disclosure of information to the wrong people who would do us harm.

The attack on Yemen’s grid was brought to my attention by Dr. Peter Pry, a former CIA Intelligence Officer who has written and lectured extensively on the topic of threats to the U.S. power grid. He is an expert in the space, has served on numerous congressional advisory groups concerning national security issues, (and will be speaking at the upcoming Power Grid Resilience Summit in September). Pry had this to say on the matter.

I think that this attack in Yemen proves that attacking electric power grids, including national electric power grids, is definitely part of the terrorist game plan, including the Al Quaeda game plan. If terrorists or the Knights Templar – a relatively unsophisticated organization – can figure this out, imagine what more sophisticated groups or nations such as Al Quaeda, Russia, China, and North Korea could do. The bad guys have an integrated plan to take out everything at same time. It’s in their doctrine. That’s something our doctrine does not understand.

In such a world, leaving these critical security issues to the NERC and the individual – and relatively isolated efforts – of each transmission line owner simply doesn’t cut it. A more comprehensive, sophisticated, and – dare I say – serious, approach would seem to be needed.

Correction: the article as originally posted erroneously characterized the attack on the U.S. substation as taking place in San Diego, when it in fact occurred in San Jose