We aren’t ready for the lights to go out

This is a great article published in USAToday by Glenn Reynolds

Could it be lights out for America? That’s something that people are starting to worry about, and these worries aren’t coming solely from the usual crowd of survivalists and preppers. Shut down the computers that run the power plants and distribution systems and you shut down America. That’s looking more possible, lately.

One of those worrying is former ABC News anchor Ted Koppel, whose new book, Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath, looks at the danger of losing electrical power due to a cyberattack. The picture Koppel paints isn’t a pretty one: Cities, unpowered for weeks and months, could become largely uninhabitable.

But, says Koppel, nobody is thinking about this very clearly: “It would be comforting to report that those agencies charged with responding to disaster are adequately prepared to deal with the consequences of a cyberattack on the grid. They are not.”

In fact, he writes, they can’t even agree on what’s involved: “The deputy administrator of the Federal Emergency Management Agency (FEMA) believes that a major urban center would have to be evacuated. His boss, the administrator, does not. The administrator believes that a successful cyberattack on a power grid is possible, even likely. His deputy does not. The current secretary of homeland security is sure that a plan to deal with the aftermath of a cyberattack on the grid exists, but he doesn’t know any details of the plan. As of this writing, there is no specific plan.”

Well, that’s comforting, though not especially surprising: If the government flubs its response to natural disasters like Katrina or Sandy, when storms are a regular occurrence, how likely is it to deal well with something that hasn’t happened to the United States before?

Nor is a cyber-attack on the power grid just a fantasy. In fact, in Ukraine (which I fear is a laboratory for new warfare techniques the way Spain was in the 1930s), it’s already happened.

But will we take it as one? We should. Though the American power grid is reliable and well-designed, it wasn’t constructed with cyberattacks in mind.

We could protect against cyberattacks completely, of course, by simply taking computers out of the grid and controlling things manually. This is undoubtedly possible since we ran electrical networks before computers existed, but it would be costly and inefficient. And while that approach would protect against cyber attacks, it wouldn’t do much to insulate the grid from other threats, like electromagnetic pulse (EMP) attacks and solar flares that are also causes of concern.

Apparently, the White House is finally beginning to address the problem, but we’re years behind the curve. At the very least, we should have backup plans for restoring power if things go wrong. And beyond that, we should be designing networks that are more resistant to cyber sabotage. Because the world is unlikely to become a safer place anytime soon.

Glenn Harlan Reynolds, a University of Tennessee law professor, is the author of The New School: How the Information Age Will Save American Education from Itself, and a member of USA TODAY’s Board of Contributors.