Book Club: Lights Out
Posted: Sat Jan 02, 2016 1:21 pm
Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath, by Ted Koppel
“Electricity is what keeps our society tethered to modern times.”
I was eager to read this book. I’ve read and edited many, many writings by my prepper crowd, and most are based on second-hand information or military experience. I had heard that Koppel had access to the top players in the field and knew he would get the best first-hand information he could and deliver it in an intelligent and unbiased way. Editing lapses and personal indulgences aside, he did. He interviewed the current and all former heads of DHS. He interviewed Craig Fugate of FEMA, George Cotter from the NSA, and several experts from the military and the power industry. He didn’t have to guess at whether there were plans in place and he didn’t have to make assumptions like my tinfoil hat friends because he could ask the officials who would know. I still think there were some shenanigans going on, but I’ll explain that at the end.
The book is broken into three, parts so I used that structure. The first section deals with the problem of cyberattacks and the peculiar and potentially devastating effects one might have on the electric power grid. The second deals with the technical issues of repairing the grid and the enormous issues the government would face and how woefully unprepared our government is. The third part discusses groups that might be prepared and what can be learned from them. I’m going to quote heavily from the book for those who haven’t read it so they can participate. In the resources section at the bottom there are a few videos of Koppel discussing the book. If you haven’t read the book, you could view a couple of those now before reading the review. The book is heavy in details, but the gist is pretty straightforward and easy to pick up in the interviews with Koppel.
Koppel discusses cyberattacks in general and how “As the ranks of capable actors grow, the bar for cyber aggression is lowered. … This book is about dealing with the consequences of losing power in more than one sense of the word. Without ready access to electricity, we are thrust back into another age— an age in which many of us would lack both the experience and the resources to survive.” He is very critical of the government for the lack of preparation to deal with a widespread power outage, which he restates several times in the book. I’m going to skip talking about cyberattacks in general because that discussion is better suited for the Future Crimes book review. A brief quote on cyberattacks in general: “It is difficult to retaliate against an aggressor with no return address.” This is a key difference with cyberattacks. It adds an element of randomness, and it’s impossible to fight an aggressor if you can’t identify them. Koppel continues … “We literally have no count of how many groups or even individuals are capable of launching truly damaging attacks on our electric power grids— some, perhaps even most of them, uninhibited by the threat of retaliation.”
Part I: A Cyberattack
As I said, I'll focus on cyberattacks targeting infrastructure, and leave the general topic of cyberattacks for the next book. In chapter one, Koppel points out the difference between larceny and something more sinister that could be considered terrorism or an act of war. He concedes that massive data collections are disturbing and, sadly, that we’ve already learned to absorb such occurrences without much fanfare, but “Our attention needs to be focused on those who intend widespread destruction.”
He goes on to say “The Internet provides instant, often anonymous access to the operations that enable our critical infrastructure systems to function safely and efficiently. In early March 2015 the Government Accountability Office issued a report warning that the air traffic control system is vulnerable to cyberattack. This, the report concluded with commendable understatement, “could disrupt air traffic control operations.” Our rail system, our communications networks, and our healthcare system are similarly vulnerable. If, however, an adversary of this country has as its goal inflicting maximum damage and pain on the largest number of Americans, there may not be a more productive target than one of our electric power grids.”
The grid is particularly vulnerable because of its structure. The first sentence of chapter four ... “It is not easy to convey how and why the electric power grid is so surpassingly vulnerable to cyberattack.” pretty much sums it up. In the US, there are three distinct grids that generate and distribute electricity. Those systems depend on computerized systems that must maintain a perfect balance between supply and demand to function properly. Because of the precarious balance required, a cyberattack that took down any part of those grids could potentially have a domino effect that would dismantle the rest of the grid. The SCADA system that runs all of the software is the same almost everywhere. Worse yet to my mind was how un-computerized it all was. "When he [Major General Brett Williams, former director of operations for U.S. Cyber Command] left Cyber Command in the spring of 2014, threat information was still being communicated between U.S. intelligence agencies and the electric power industry the “old-fashioned” way, via phone calls and emails. … Cyber defense demands speed. “I would argue we just don’t have time to go through the same process that we go through with legacy types of intelligence. Obviously, we can’t defend against everything; but right now we’re vulnerable to almost everything.”
Chapter two discusses an attack on PG&E’s Metcalf Transmission Substation near San Jose, California in April of 2013. If you have a WSJ subscription, you can read a good account of the attack here. If not, here’s an excerpt from the book … “We know that there were several saboteurs, but not how many. At least two members of the unit lifted a metal vault cover (too heavy for a single individual) leading to an underground vault containing AT&T’s fiber-optic telecommunications cables. With the cutting of those cables, the attack began. Slightly more than half an hour after cutting communications, the saboteurs attacked the actual substation, knocking out seventeen giant transformers over the course of nineteen minutes. Based on shell casings found at the scene, investigators believe that the gunmen used AK-47 assault rifles. In a remarkable feat of timing or coincidence, the saboteurs left the scene at 1: 50 a.m., just one minute before the police arrived to find the substation locked. … The attack caused significant damage— it took utility workers twenty-seven days to bring the substation back online— but hardly the catastrophic result such a coordinated attack might have produced. These attackers seemed to know what they were doing. As a former vice president of transmission for PG& E told a utility security conference seven months after the attack, “This wasn’t an incident where Billy-Bob and Joe decided, after a few brewskis, to come in and shoot up a substation. This was an event that was well thought out, well planned and they targeted certain components. …
Jon Wellinghoff, who was chairman of the Federal Energy Regulatory Commission (FERC) at the time of the attack, remains unconvinced. He thinks the attackers may have been engaging in a rehearsal rather than a comprehensive sabotage operation. While he was still chairman of FERC, Wellinghoff assembled a team of experts from the U.S. Navy’s Dahlgren Surface Warfare Center, which trains Navy SEALs, and took them out to the Metcalf substation. What they found, among other things, was that the shell casings left behind were free of fingerprints. They discovered small piles of rocks at key locations outside the substation and concluded that these might have been placed by advance scouts, establishing the most advantageous shooting locations. The experts concluded, as Wellinghoff told the Wall Street Journal, that “it was a targeting package just like they [SEALs] would put together for an attack.” Wellinghoff’s concern is that the attack on the Metcalf substation may have been a dry run for a far more devastating act of sabotage.”
I’m focusing on this part because I agree with Koppel that it’s a significant incident, and I know for a fact that it’s not an isolated one. I know firsthand of two other incidents like the one at Metcalf where similar attacks were carried out at military installations. Those have not been made public. There are rumors of others, but I can only confirm two. I think it lends credence to the suggestion that these attacks are rehearsals, but for what? Such an attack doesn’t even fall under the heading of cyberattack, but it shows yet another way that the grid is vulnerable and the wrong people know it. The military is taking steps to move its most critical computer systems underground, but if the rest of the country is without power--including military installations--it would serve as no more than a severed head after a widespread outage. Even systems that are thought to be secure and “air-gapped” are occasionally knocked offline because of inadvertent use of thumb drives or cell phone hot spots. The military tracks this and acts immediately when it happens, but it’s a reactive response and does nothing to prevent the intrusion and its effects. [Sidenote: Feel sorry for the poor employee who accidentally crosses the airgap in certain military outfits. The reaction is swift and painful. It reminds me of this scene in Monsters Inc. It’s why some people who know the rules at that level are so critical of Petraeus and Clinton’s homebrew server.]
Koppel cites other officials who confirm the ability of other actors like China, Russia, and soon North Korea to launch an EMP attack on the US. North Korea is significant because as a “rogue state” it doesn’t have a balance of power to maintain like China and Russia.
In chapter three , Koppel discusses the large blackout in the US in 2003. [DH was consulting a little for First Energy at the time, and no one there was surprised by what happened. NO ONE.] The report of the task force convened to study the outage included in their report that the grid was vulnerable to a malicious cyberattack, even though it was completely unrelated to the actual cause of the 2003 outage.
He goes on to discuss the bureaucratic behemoth that is the electric power industry in the US. He touches on the effects of deregulation and the structure of the system, which seems designed to facilitate a crippling attack. The biggest surprise to me was that the federal government does not have the power to impose security or maintenance standards on the industry. Every critical industry in this country – agriculture, health care, water supply, sanitation, transportation – relies on uninterrupted electrical power. To my mind, that raises it to the level of national security and like the military, it should be under tighter federal control. You know me – I’m a small government person. Yet, I can’t help but think that the biggest, most likely SHTF threat to my existence is an extended power outage, whatever the cause. The power supply is the key to all other life-sustaining systems.
Here is a link to the EMP commission’s report online. The executive summary included the following … “Depending on the specific characteristics of the attacks, unprecedented cascading failures of our major infrastructures could result. In that event, a regional or national recovery would be long and difficult and would seriously degrade the safety and overall viability of our Nation. The primary avenues for catastrophic damage to the Nation are through our electric power infrastructure and thence into our telecommunications, energy, and other infrastructures. These, in turn, can seriously impact other important aspects of our Nation’s life, including the financial system; means of getting food, water, and medical care to the citizenry; trade; and production of goods and services. The recovery of any one of the key national infrastructures is dependent on the recovery of others. The longer the outage, the more problematic and uncertain the recovery will be. It is possible 1 for the functional outages to become mutually reinforcing until at some point the degradation of infrastructure could have irreversible effects on the country’s ability to support its population.” It concludes that only 1 in 10 of us would survive an extended outage lasting a year.
Given that an extended outage could result from an EMP, solar storm, cyberattack, or simply through an unimagined series of storms that took down key components leading to a collapse of the system, it seems to me that of all the SHTF scenarios, this one should be at the top. I understand that a climate activist might argue that global warming is a bigger concern because our current trajectory guarantees global destruction, and doesn’t just put us at risk like a power outage. A complete reassessment of our global power structure from production to usage levels might be needed to avoid the devastating effects of both climate change and power failures.
One expert that Koppel obviously likes is George Cotter from the NSA. I listed some resources for him at the end, including a good white paper. Cotter and Koppel discuss Independent Actors, which ties into the idea that nation-states are becoming less relevant overall (something we've discussed on the forum). Giant organizations and corporations are in a better position to prevent such attacks and to instigate such attacks against each other. Cotter also sees a growing level of sophistication among criminal organizations, terrorist groups, and so-called hacktivists (political activists who use the Internet, such as the group Anonymous). “I believe,” said Cotter, “it is literally possible for a hacktivist group, well trained and well motivated, to take down major portions of the grid without the industry being able to stop it.”
What is most dangerous about Pyongyang and its mercurial leadership is not only its unpredictability but also its degree of immunity to cyberattack. North Korea has so much less to lose in a high-stakes cyber war than the cyber-dependent United States; it is neither easy nor particularly effective to isolate a hermit kingdom. The concern that President Obama expressed a few years back to his aides about the vulnerability of the U.S. infrastructure and America’s dependence on computer systems applies inversely to North Korea. As of late 2014, the total number of Internet protocol addresses in North Korea was estimated at 1,024—“ fewer than many city blocks in New York,” the New York Times observed.
Part II: A Nation Unprepared
This section illustrates with sad clarity our disconnected government in all its glory. Koppel has access to, and interviews, many high-ranking officials. Almost to a person, they demonstrate the ineptitude of government agencies. He’s particularly critical of DHS.
Those charged most directly with protecting the nation’s security are ambivalent about the actual danger of an EMP attack. Janet Napolitano, the former secretary of homeland security, all but dismissed the threat. “You know, if I had to rack and stack the most likely risks that we were dealing with,” she told me, “I would not put that [an EMP attack] in the top, certainly not in the top ten threats to our infrastructure.” Meanwhile, as noted, NORAD and the nation’s Northern Command are moving their most sensitive communications equipment to a bunker below Cheyenne Mountain. Conflicting risk assessments among our national leaders and foremost experts will become a recurring theme.
Poor Jeh Johnson looks the least qualified for his position based on his comments. Johnson told Koppel “I’m sure FEMA has the capability to bring in backup transformers,” Johnson said. “If you want an inventory and a number, I couldn’t give you that.” But then Koppel continues … I had spent part of an afternoon at FEMA headquarters only a few weeks earlier talking with the agency’s administrator, Craig Fugate, about the same issue. Contrary to Johnson’s assurances, Fugate had pinpointed the failure of large transformers as one of his greatest areas of concern: “If you cause overloads and you cause significant damage to the very large transformers, that’s probably one of the most difficult things” for us to respond to, “because there [are] very few manufactured in the United States.” Asked what he would say were Jeh Johnson or the president to ask whether FEMA was prepared for such a scenario, Fugate responded bluntly, “No.” He continued, “Most people expect… that somehow we have enough tools in the tool chest to get power turned back on quickly. The answer is no.” Koppel obviously likes Fugate, who had this to say … “We’re not a country that can go without power for a long period of time without loss of life. Our systems, from water treatment to hospitals to traffic control to all these things that we expect every day, our ability to operate without electricity is minimal.” The FEMA administrator expressed a frustration likely common among senior government bureaucrats: “I’ve got to deal with the consequences” despite not “really hav[ing] any say on the front end as to why we got in this situation.”
Further in the interview … So what, I asked FEMA’s administrator, is the plan for a prolonged, widespread power outage? For the first couple of days, he explained, the primary burden would be on state and local governments, but if the electricity remained out for weeks or more, it would be FEMA trying to fill in the gaps. “The plan would be to support the states to keep security, to maximize what power we do have to come back online, to look at what it will take to keep food and other critical systems like water systems up and running with generators and fuel. To prioritize where we’re going to start rebuilding our economy.” Fugate warned that there’s a limit to how much FEMA can do, but he’s confident in prioritizing certain objectives. “Keep the water on,” he said. “That means we need to have enough power to pump, treat, and distribute water through the system. You have to keep the water system up, and you’ve gotta then focus on the water treatment system. Backing up sewage is just about as bad. Those two pieces will buy you enough time to look at what your alternatives are. Basically, people have to drink water, they have to eat, that waste has to go somewhere, they need medical care, they need a safe environment. There has to be order of law there.”
Fugate is not a man to mince words. There is traditional disaster response work, which is about reestablishing normalcy very quickly. Then there is uncharted territory, he acknowledged, “where normalcy [wouldn’t] get established quickly. We [would be] trying to hang on and keep as many people [as possible] from dying until the system comes back.” That’s not the sort of message that would inspire widespread confidence in a concerned public, but it has the ring of authenticity to it.
One thing that stuck with me when reading this section was why is the government so unprepared? You know they’ve considered this possibility. I’ve read some white papers and position papers on the topic that came from FEMA and DoD officials. Why is there no “official” plan? Koppel asks the same question over and over again. Koppel insists that if there is a plan it’s best to share it with the public now instead of waiting for an outage that would make it almost impossible to communicate with large numbers of people. I figure there are two reasons for the government silence regarding a plan to deal with an extended outage.
One reason might be that they’ve concluded that there’s no way to effectively deal with an outage of that magnitude. They’ve prepared for continuity of government and operations (like burying the severed head under NORAD), but they’re prepared to let most people fend for themselves until the crisis has passed. This is a common assumption amongst my tinfoil hat cohort. They believe the plan is to let the population die off until the population numbers are small enough to deal with effectively. I’ve read terrible scenarios about such things. You can imagine it – prison populations starving to death in abandoned prisons, elderly and infirm dying in large numbers in LTC communities, inner-city poor succumbing to violence, fire or starvation—basically all of the communities that are a perceived drain on the government would die in large numbers, leaving behind the healthiest and most able-bodied (but in a weakened state from the conditions so they couldn’t fight back if they didn’t like the direction the new government was taking). It’s straight out of Conspiracy 101, but it makes sense on some level. If you think you can’t save everyone, figure out who and what is worth saving and plan for that instead.
The other reason they might not share the plan is because people wouldn’t like it. Even a plan that’s a lot less draconian than the one I described above might still ruffle some feathers. What if they limited medicine to people between aged 6 and 60? Or closed throughways into and out of major cities to limit crime and disease? The mere suggestion of that kind of plan could start riots. What about relocation plans, or confiscation of food and other supplies so the government could dole them out equitably? It would seem reasonable on paper but would stoke the Tea Party side of the aisle.
What I don’t understand is why they don't at least develop a plan for PREVENTING the problem. Hardening the infrastructure seems like a good first step. How about the next time our dear leaders suggest invading somewhere, let’s not and say we did, and then use the money to shore up our infrastructure instead?
If you want to know specific details about the electric grid and how antiquated the infrastructure really is, read chapter nine. The biggest issue in this section is the decaying population of large power transformers (LPTs). They estimate there are tens of thousands in use. [I found it shocking that the government didn’t actually know the exact number because it’s proprietary. WTF??] LPTs are dinosaurs and very, very hard to replace …
“An LPT is a large, custom-built piece of equipment,” the DOE report explained. “Because LPTs are very expensive [$ 3 million to $ 10 million each] and tailored to customers’ specifications, they are usually neither interchangeable with each other nor produced for extensive spare inventories.” Consider the sum of all those factors. Conservatively, there are thousands of aging transformers, most custom-built, unable to be ordered from a catalogue or mass-produced, each costing somewhere in the neighborhood of $ 3 million to $ 10 million. Add to this that there are only a handful of plants in the United States capable of building an LPT— as of this writing, ten such facilities. The vast majority of large power transformers are built overseas, and more than 75 percent of those purchased by the U.S. energy sector must be procured overseas. The estimated lead time, the time from production through shipping to delivery, is commonly between one and two years, and never less than six months. These transformers are so enormous— anywhere from 400,000 to 600,000 pounds— that they cannot be transported on a standard railroad freight car. It requires the use of a specialized railroad freight car known as a Schnabel. There are only about thirty of these in North America, and as one senior FEMA official conceded, some of the original transformers were delivered so many years ago that the rail lines on which they were transported no longer exist.
The industry claims it has hundreds of back-up transformers as spares, but it won’t give the exact number (again, claiming it’s proprietary), and admits that one size doesn’t fit all. The current wait time for a newly built transformer is over a year. It’s worth noting that only the largest companies can afford to keep backups. If you were factoring in grid resiliency in deciding where to live, pick an area supplied by one of the largest power companies.
Koppel goes on to discuss the aftermath wrt people and again how there is no plan beyond a short-term disruption. One interviewee actually suggested that NYC be evacuated, but moving people out of urban areas en masse—even with the power on—is a pipe dream. Even Koppel finds the suggestion ludicrous. He spoke with Johnson and all former DHS heads. Tom Ridge comes across as the most realistic, but only in recognizing the problem and admitting that the government has no plan and a workable one is probably not forthcoming. Johnson looks clueless in the book, and Napolitano sounds like a typical cavalier politician. I’m not trying to take a political side here. Even Ridge offers no real hope of dealing with this kind of crisis. He says “We are not a preemptive democracy. We are a reactive one.” When pressed, most officials and industry leaders that Koppel spoke with admitted there was no real plan, and further, that no plan would be adequate to deal with the magnitude of a grid-down crisis.
Where, then, might a concerned citizen find advice on how to cope with the aftermath of such an attack? “There is no answer,” said Schmidt. No government agency has guidelines for private citizens because, according to Schmidt, there’s nothing any individual can do to prepare. “We’re so interconnected,” he said, that in terms of disaster preparation “it’s not just me anymore: it’s me and my neighbors and where I get my electricity from. There’s nothing I can do that can protect me if the rest of the system falters.” It’s an answer bordering on the fatalistic: the individual can’t do anything and the government won’t do anything.
One of Koppel’s main points in this section is that the government is approaching this problem like it approaches all emergency management, yet Koppel believes a grid-down scenario is fundamentally different. “On one level, this is understandable and even prudent. Experience is a more compelling instructor than speculation. … A cyberattack may be different from anything FEMA has previously dealt with, but it is not unreasonable for the agency to focus on the experience it has gained from natural disasters. This approach falters, however, when relevant federal agencies fail to provide for (or in some cases even contemplate) the difference in magnitude between the effects on the grid of any recorded natural disaster and the potential effects of a massive cyberattack.” Koppel goes on to compare different disasters, like earthquakes, and show the flaws in applying universally accepted disaster relief models to a large-scale power outage.
When discussing specific areas like NYC with other officials, the outlook was just as grim. “The city, though; how long could that hold up? Without federal assistance, Hauer said, New York City “could probably last for two days.” OTOH, when he addresses what the situation would be in rural areas like Wyoming, he’s more optimistic. The general conclusion is that the less an area relies on government services now, the better off it will be after a significant crisis like a grid-down event.
Koppel doesn’t pull any punches in his assessment of the situation. He singles out the Red Cross for a rather scathing rebuke, and as you've seen, he is very critical of DHS. He sees that organization (DHS) as money wasted that could have been spent on addressing this problem. Same with the wars in Iraq and Afghanistan…
We are inclined, as Tom Ridge observed, to be a reactive society. We apply unimaginable amounts of money toward dealing with the aftermath of crises. The most conservative estimates put the financial cost of the wars in Afghanistan and Iraq at around $ 1.5 trillion. Most estimates are significantly higher. The Transportation Security Administration, which came into being as a direct consequence of the 9/ 11 terror attacks, now employs fifty-five thousand people, with an annual budget in excess of $ 7 billion. Over the course of the past fourteen years TSA has been funded to the tune of somewhere between $ 90 billion and $ 100 billion of protection we didn’t know we needed before 2001. Nor, it seems, has the money been particularly well spent. In early June 2015, the Department of Homeland Security revealed that its teams of undercover investigators were able to smuggle dummy explosives and weapons through TSA checkpoints at airports around the country in 95 percent of cases. We tend to come up with funding after disaster strikes.
Part III: Surviving the Aftermath
This section talks about preppers and Mormons and if there is any way at all to survive such a catastrophe. Koppel is respectful in his assessment of preppers … “There is, in any event, a growing movement around the country based on the assumption that neither government agencies nor private relief organizations can be relied upon in the event of any major disaster. A generation or two ago, they might have been called survivalists, but there was an extreme rightwing aura attached to that term, conjuring images of bunkers built to sustain life against aerial bombardment. While such groups continue to exist, they have been modified and largely displaced by a much larger group for whom ideology is less relevant. “Preppers,” perhaps most easily described as “those who prepare,” can be found across the political spectrum. They are not necessarily prophets of doom, simply those who want to be ready for the worst.”
IMO, the book really veers off course here. I enjoyed this section, but it seemed out of place in the context of the rest of the book. Too much discussion is devoted to the Mormons and their history. The Mormon story is compelling and uniquely American in many respects, but too much detail bogged down the book. I think what Koppel was ultimately getting at is the Mormon focus on prepping and the enormous infrastructure the LDS has developed over the last few decades. They have vertically integrated their preps from the farm to distribution. If an EMPocalypse really happens, the Mormons might be the biggest community to survive intact. Many lessons can be learned from them. I’ve used many of the LDS’s online resources (some are listed in the resources section), and through my prepping contacts I have befriended many Mormons. I have found them to be, IMHO, the perfect blend of preparation and generosity. I know of other criticisms of the LDS lifestyle, particularly in relation to the role of women, but their approach to survival and preparedness seems to be the epitome of ‘prepare for the worse, hope for the best’.
A related point was that the community structure of the Mormons makes their preparations much easier to accomplish. It’s something that’s lacking today in many segments of society, which we’ve touched on before on the forum. Government mandated preps might be useful, but the plans would be more cohesive and meet with less resistance if they were a part of a community-based group instead of a top-down, government-imposed plan. I’m not sure how to accomplish that. Certainly, other civic and church groups could look to the LDS model to see what can be done. I know that Catholic Charities has at least a small infrastructure in place as a starting point. A friend in Alabama says his church has a large network for dealing with disasters with his state, Tennessee, and Mississippi. Maybe what’s needed is for the DHS or FEMA to assist regional and local groups in developing plans for disaster relief? Koppel discusses that in chapter nineteen … The LDS church has established a model that makes good common sense, one that serves to support families in times of illness or unemployment, natural disaster or international crisis. It is designed to cushion families during hard times over an extended period. Certainly most families cannot afford to immediately lay in a six-month supply of food and water. Too many families lack the resources to meet even their daily needs. But if those who can afford it take on the responsibility of longer-term survival, supplies available to emergency management agencies can be reserved for the very neediest. Many urban dwellers, living in small urban apartments, lack space, but when what’s at stake is survival, it’s astonishing how much can be tucked away in small spaces. To establish a foundation with long-lasting, nourishing foods that have sustained needy families for generations— rice, wheat berries (and the grinder to make flour), beans— and large containers of water seems ridiculous in times of plenty, but it can become the difference between survival and starvation during an extended crisis. True, the wheat berries and grinder are not likely to find many converts among city dwellers, but the goal is to build up a supply of nonperishable goods, small amounts at a time. These are measures to be undertaken gradually, over time. Eventually the supplies become part of a natural pattern— rotation of the older food into a pattern of daily consumption, always to be replaced with fresh supplies.
What will, for most people, be the most difficult to replicate in the Mormon experience, however, is the intricately organized community, existing on both the local and national levels. There are well over two thousand Community Emergency Response Teams (CERTs) throughout the country. They are affiliated with FEMA and provide a useful structure for implementing disaster relief, but they don’t have much of a presence in America’s cities. There is, for example, only one CERT in the nation’s capital. Still, it is a place to start, and if you go to the CERT website, you will find the name and contact information for the organization nearest you. Many religious communities already have a structure and sense of connection in place, as do any number of social and civic organizations. Some of these have already made thorough preparations for disaster relief. For those that have not, but where organization and a sense of community are in place, it should be a relatively manageable matter to modify what already exists.
Another point Koppel seems to be making is that even though the people in rural areas, like Mormons, might be willing to help the less fortunate during a prolonged outage, the notion of urbanites fleeing to the countryside for refuge is misguided and ultimately unworkable. I think a better way to look at it is in the context of FEMA and government assistance, which surprisingly Koppel spends little time on in the book. If I were running FEMA and developing a plan, I would first look at a map and mark off all of the areas that could probably get by without government assistance--like those with large LDS populations or prepper mindsets--and focus all planning on the areas that couldn’t possibly survive without a strong government presence (like the megalopolis).
I think this is the biggest takeaway I had from the book. It made me look at location a little differently. I think there are workable plans for many different areas. Obviously, if you can live off-grid now in a remote location, then all you need to worry about are your medical needs and safety. If you live in a suburban area, make sure you live somewhere that’s part of a large electrical network and ‘important’ enough that it would be a priority when they are repairing the grid and distributing emergency supplies. Large urban dwellers, well … you’re still SOL I think. Sorry.
I think Koppel’s ultimate point is that the government should be focused on prevention while individuals should focus on preparation … There is, unfortunately, a whiff of defeatism about preparation. It implies the inevitability of an impending catastrophe when time, effort, and money might more proactively be expended on prevention. The one should not preclude the other; the overall utility of preparing for hard times, with a rotating larder, participation in a social network, and the establishment of a financial safety net, is eminently adaptable and useful even in the absence of catastrophe. On the other hand, defending against a cyberattack is something that only a coalition between government and industry can even attempt. So it is to be expected, perhaps, that government’s primary emphasis remains on prevention. All of the details Koppel includes in the book show that the government isn’t really making any progress on their end, and although prepping has at least made it into the general lexicon, the public is only marginally more prepared than the government for a large-scale grid-down event. He is also firmly on the side of increased government oversight of the internet and wholesale data collection as part of the intelligence community’s attempt to prevent cyberattacks.
Back to my comment about shenanigans … One thing that struck me as a little odd when I first read the book was the timing of its publication and Koppel’s relentless marketing of it. Then DARPA made their big announcement, and I wondered if maybe Koppel was given such incredible access to government personnel and information in exchange for coordinating the timing of the book with the expansion of the DARPA program related to preventing a grid-down event. See here, and here, and here, and here. Convenient timing, yes?
FURTHER RESOURCES:
Google Talk with Koppel https://youtu.be/1dcSyibsF2w
Koppel on Charlie Rose (he’s up first) https://youtu.be/3ZQouyI1giA
Koppel speaking at UChicago Institute of Politics https://youtu.be/klBYGH9qhpM
EMP Commission website (US) http://empcommission.org/index.php
US Department of Energy report from April 2014: Large Power Transformers and the U.S. Electric Grid: Infrastructure Security and Energy
Restoration http://energy.gov/sites/prod/files/2014 ... 040914.pdf
George Cotter White Paper from April 2015, Security in the North American Grid: A Nation at Risk http://pbadupws.nrc.gov/docs/ML1511/ML15114A348.pdf
DARPA http://www.darpa.mil/
Joe Weiss’s blog on industrial security http://www.controlglobal.com/blogs/unfettered/
George Cotter discussing cyberattacks and grid security https://istcolloq.gsfc.nasa.gov/fall201 ... cotter.mp4
He’s really dry. You can skip the beginning unless you’re really into this topic. Jump ahead to 1:03:30 to get to the applicable part. He’s much better in the Q & A. Here’s a PDF of his slides https://istcolloq.gsfc.nasa.gov/fall201 ... cotter.pdf .
DHS guidelines for preparing for a disaster http://www.dhs.gov/how-do-i/prepare-my-family-disaster
LDS guidelines for preparing for a disaster https://www.lds.org/topics/emergency-pr ... s?lang=eng and the LDS Preparedness Manual (free download) https://www.ldsavow.com/PrepManualGeneral.html
Modern Survival Blog’s guide with a to-do list http://modernsurvivalblog.com/preps/lds ... checklist/
Tess Pennington’s 52 Weeks to Preparedness http://readynutrition.com/resources/52- ... _19072011/
QUESTIONS: (Don't feel obligated to answer them if all you want to do is comment on the book!)
1. Do you think governments have planned for such an event, whatever the cause? Or do you think they are just hoping to apply basic disaster preparedness plans to a prolonged outage?
2. Why do you think the government doesn’t share more information about preparing for disasters beyond the recommendation of three days of supplies?
3. Does your local government have a plan in place? Do you know what it is?
4. What would you do? Would you leave? How long would you stay? Where would you go?
5. What do you think the government should do or plan for?
Question #6 is for the Europeans -- Wasn't there talk of a super grid in Europe? Did they complete it? Does it make you more vulnerable to a continent-wide grid-down event?
And if you’ve actually read all the way to the end of this post, here’s a bonus clip of George Carlin on what would happen if we didn’t have electricity https://youtu.be/3ZWA_cw9tss
“Electricity is what keeps our society tethered to modern times.”
I was eager to read this book. I’ve read and edited many, many writings by my prepper crowd, and most are based on second-hand information or military experience. I had heard that Koppel had access to the top players in the field and knew he would get the best first-hand information he could and deliver it in an intelligent and unbiased way. Editing lapses and personal indulgences aside, he did. He interviewed the current and all former heads of DHS. He interviewed Craig Fugate of FEMA, George Cotter from the NSA, and several experts from the military and the power industry. He didn’t have to guess at whether there were plans in place and he didn’t have to make assumptions like my tinfoil hat friends because he could ask the officials who would know. I still think there were some shenanigans going on, but I’ll explain that at the end.
The book is broken into three, parts so I used that structure. The first section deals with the problem of cyberattacks and the peculiar and potentially devastating effects one might have on the electric power grid. The second deals with the technical issues of repairing the grid and the enormous issues the government would face and how woefully unprepared our government is. The third part discusses groups that might be prepared and what can be learned from them. I’m going to quote heavily from the book for those who haven’t read it so they can participate. In the resources section at the bottom there are a few videos of Koppel discussing the book. If you haven’t read the book, you could view a couple of those now before reading the review. The book is heavy in details, but the gist is pretty straightforward and easy to pick up in the interviews with Koppel.
Koppel discusses cyberattacks in general and how “As the ranks of capable actors grow, the bar for cyber aggression is lowered. … This book is about dealing with the consequences of losing power in more than one sense of the word. Without ready access to electricity, we are thrust back into another age— an age in which many of us would lack both the experience and the resources to survive.” He is very critical of the government for the lack of preparation to deal with a widespread power outage, which he restates several times in the book. I’m going to skip talking about cyberattacks in general because that discussion is better suited for the Future Crimes book review. A brief quote on cyberattacks in general: “It is difficult to retaliate against an aggressor with no return address.” This is a key difference with cyberattacks. It adds an element of randomness, and it’s impossible to fight an aggressor if you can’t identify them. Koppel continues … “We literally have no count of how many groups or even individuals are capable of launching truly damaging attacks on our electric power grids— some, perhaps even most of them, uninhibited by the threat of retaliation.”
Part I: A Cyberattack
As I said, I'll focus on cyberattacks targeting infrastructure, and leave the general topic of cyberattacks for the next book. In chapter one, Koppel points out the difference between larceny and something more sinister that could be considered terrorism or an act of war. He concedes that massive data collections are disturbing and, sadly, that we’ve already learned to absorb such occurrences without much fanfare, but “Our attention needs to be focused on those who intend widespread destruction.”
He goes on to say “The Internet provides instant, often anonymous access to the operations that enable our critical infrastructure systems to function safely and efficiently. In early March 2015 the Government Accountability Office issued a report warning that the air traffic control system is vulnerable to cyberattack. This, the report concluded with commendable understatement, “could disrupt air traffic control operations.” Our rail system, our communications networks, and our healthcare system are similarly vulnerable. If, however, an adversary of this country has as its goal inflicting maximum damage and pain on the largest number of Americans, there may not be a more productive target than one of our electric power grids.”
The grid is particularly vulnerable because of its structure. The first sentence of chapter four ... “It is not easy to convey how and why the electric power grid is so surpassingly vulnerable to cyberattack.” pretty much sums it up. In the US, there are three distinct grids that generate and distribute electricity. Those systems depend on computerized systems that must maintain a perfect balance between supply and demand to function properly. Because of the precarious balance required, a cyberattack that took down any part of those grids could potentially have a domino effect that would dismantle the rest of the grid. The SCADA system that runs all of the software is the same almost everywhere. Worse yet to my mind was how un-computerized it all was. "When he [Major General Brett Williams, former director of operations for U.S. Cyber Command] left Cyber Command in the spring of 2014, threat information was still being communicated between U.S. intelligence agencies and the electric power industry the “old-fashioned” way, via phone calls and emails. … Cyber defense demands speed. “I would argue we just don’t have time to go through the same process that we go through with legacy types of intelligence. Obviously, we can’t defend against everything; but right now we’re vulnerable to almost everything.”
Chapter two discusses an attack on PG&E’s Metcalf Transmission Substation near San Jose, California in April of 2013. If you have a WSJ subscription, you can read a good account of the attack here. If not, here’s an excerpt from the book … “We know that there were several saboteurs, but not how many. At least two members of the unit lifted a metal vault cover (too heavy for a single individual) leading to an underground vault containing AT&T’s fiber-optic telecommunications cables. With the cutting of those cables, the attack began. Slightly more than half an hour after cutting communications, the saboteurs attacked the actual substation, knocking out seventeen giant transformers over the course of nineteen minutes. Based on shell casings found at the scene, investigators believe that the gunmen used AK-47 assault rifles. In a remarkable feat of timing or coincidence, the saboteurs left the scene at 1: 50 a.m., just one minute before the police arrived to find the substation locked. … The attack caused significant damage— it took utility workers twenty-seven days to bring the substation back online— but hardly the catastrophic result such a coordinated attack might have produced. These attackers seemed to know what they were doing. As a former vice president of transmission for PG& E told a utility security conference seven months after the attack, “This wasn’t an incident where Billy-Bob and Joe decided, after a few brewskis, to come in and shoot up a substation. This was an event that was well thought out, well planned and they targeted certain components. …
Jon Wellinghoff, who was chairman of the Federal Energy Regulatory Commission (FERC) at the time of the attack, remains unconvinced. He thinks the attackers may have been engaging in a rehearsal rather than a comprehensive sabotage operation. While he was still chairman of FERC, Wellinghoff assembled a team of experts from the U.S. Navy’s Dahlgren Surface Warfare Center, which trains Navy SEALs, and took them out to the Metcalf substation. What they found, among other things, was that the shell casings left behind were free of fingerprints. They discovered small piles of rocks at key locations outside the substation and concluded that these might have been placed by advance scouts, establishing the most advantageous shooting locations. The experts concluded, as Wellinghoff told the Wall Street Journal, that “it was a targeting package just like they [SEALs] would put together for an attack.” Wellinghoff’s concern is that the attack on the Metcalf substation may have been a dry run for a far more devastating act of sabotage.”
I’m focusing on this part because I agree with Koppel that it’s a significant incident, and I know for a fact that it’s not an isolated one. I know firsthand of two other incidents like the one at Metcalf where similar attacks were carried out at military installations. Those have not been made public. There are rumors of others, but I can only confirm two. I think it lends credence to the suggestion that these attacks are rehearsals, but for what? Such an attack doesn’t even fall under the heading of cyberattack, but it shows yet another way that the grid is vulnerable and the wrong people know it. The military is taking steps to move its most critical computer systems underground, but if the rest of the country is without power--including military installations--it would serve as no more than a severed head after a widespread outage. Even systems that are thought to be secure and “air-gapped” are occasionally knocked offline because of inadvertent use of thumb drives or cell phone hot spots. The military tracks this and acts immediately when it happens, but it’s a reactive response and does nothing to prevent the intrusion and its effects. [Sidenote: Feel sorry for the poor employee who accidentally crosses the airgap in certain military outfits. The reaction is swift and painful. It reminds me of this scene in Monsters Inc. It’s why some people who know the rules at that level are so critical of Petraeus and Clinton’s homebrew server.]
Koppel cites other officials who confirm the ability of other actors like China, Russia, and soon North Korea to launch an EMP attack on the US. North Korea is significant because as a “rogue state” it doesn’t have a balance of power to maintain like China and Russia.
In chapter three , Koppel discusses the large blackout in the US in 2003. [DH was consulting a little for First Energy at the time, and no one there was surprised by what happened. NO ONE.] The report of the task force convened to study the outage included in their report that the grid was vulnerable to a malicious cyberattack, even though it was completely unrelated to the actual cause of the 2003 outage.
He goes on to discuss the bureaucratic behemoth that is the electric power industry in the US. He touches on the effects of deregulation and the structure of the system, which seems designed to facilitate a crippling attack. The biggest surprise to me was that the federal government does not have the power to impose security or maintenance standards on the industry. Every critical industry in this country – agriculture, health care, water supply, sanitation, transportation – relies on uninterrupted electrical power. To my mind, that raises it to the level of national security and like the military, it should be under tighter federal control. You know me – I’m a small government person. Yet, I can’t help but think that the biggest, most likely SHTF threat to my existence is an extended power outage, whatever the cause. The power supply is the key to all other life-sustaining systems.
Here is a link to the EMP commission’s report online. The executive summary included the following … “Depending on the specific characteristics of the attacks, unprecedented cascading failures of our major infrastructures could result. In that event, a regional or national recovery would be long and difficult and would seriously degrade the safety and overall viability of our Nation. The primary avenues for catastrophic damage to the Nation are through our electric power infrastructure and thence into our telecommunications, energy, and other infrastructures. These, in turn, can seriously impact other important aspects of our Nation’s life, including the financial system; means of getting food, water, and medical care to the citizenry; trade; and production of goods and services. The recovery of any one of the key national infrastructures is dependent on the recovery of others. The longer the outage, the more problematic and uncertain the recovery will be. It is possible 1 for the functional outages to become mutually reinforcing until at some point the degradation of infrastructure could have irreversible effects on the country’s ability to support its population.” It concludes that only 1 in 10 of us would survive an extended outage lasting a year.
Given that an extended outage could result from an EMP, solar storm, cyberattack, or simply through an unimagined series of storms that took down key components leading to a collapse of the system, it seems to me that of all the SHTF scenarios, this one should be at the top. I understand that a climate activist might argue that global warming is a bigger concern because our current trajectory guarantees global destruction, and doesn’t just put us at risk like a power outage. A complete reassessment of our global power structure from production to usage levels might be needed to avoid the devastating effects of both climate change and power failures.
One expert that Koppel obviously likes is George Cotter from the NSA. I listed some resources for him at the end, including a good white paper. Cotter and Koppel discuss Independent Actors, which ties into the idea that nation-states are becoming less relevant overall (something we've discussed on the forum). Giant organizations and corporations are in a better position to prevent such attacks and to instigate such attacks against each other. Cotter also sees a growing level of sophistication among criminal organizations, terrorist groups, and so-called hacktivists (political activists who use the Internet, such as the group Anonymous). “I believe,” said Cotter, “it is literally possible for a hacktivist group, well trained and well motivated, to take down major portions of the grid without the industry being able to stop it.”
What is most dangerous about Pyongyang and its mercurial leadership is not only its unpredictability but also its degree of immunity to cyberattack. North Korea has so much less to lose in a high-stakes cyber war than the cyber-dependent United States; it is neither easy nor particularly effective to isolate a hermit kingdom. The concern that President Obama expressed a few years back to his aides about the vulnerability of the U.S. infrastructure and America’s dependence on computer systems applies inversely to North Korea. As of late 2014, the total number of Internet protocol addresses in North Korea was estimated at 1,024—“ fewer than many city blocks in New York,” the New York Times observed.
Part II: A Nation Unprepared
This section illustrates with sad clarity our disconnected government in all its glory. Koppel has access to, and interviews, many high-ranking officials. Almost to a person, they demonstrate the ineptitude of government agencies. He’s particularly critical of DHS.
Those charged most directly with protecting the nation’s security are ambivalent about the actual danger of an EMP attack. Janet Napolitano, the former secretary of homeland security, all but dismissed the threat. “You know, if I had to rack and stack the most likely risks that we were dealing with,” she told me, “I would not put that [an EMP attack] in the top, certainly not in the top ten threats to our infrastructure.” Meanwhile, as noted, NORAD and the nation’s Northern Command are moving their most sensitive communications equipment to a bunker below Cheyenne Mountain. Conflicting risk assessments among our national leaders and foremost experts will become a recurring theme.
Poor Jeh Johnson looks the least qualified for his position based on his comments. Johnson told Koppel “I’m sure FEMA has the capability to bring in backup transformers,” Johnson said. “If you want an inventory and a number, I couldn’t give you that.” But then Koppel continues … I had spent part of an afternoon at FEMA headquarters only a few weeks earlier talking with the agency’s administrator, Craig Fugate, about the same issue. Contrary to Johnson’s assurances, Fugate had pinpointed the failure of large transformers as one of his greatest areas of concern: “If you cause overloads and you cause significant damage to the very large transformers, that’s probably one of the most difficult things” for us to respond to, “because there [are] very few manufactured in the United States.” Asked what he would say were Jeh Johnson or the president to ask whether FEMA was prepared for such a scenario, Fugate responded bluntly, “No.” He continued, “Most people expect… that somehow we have enough tools in the tool chest to get power turned back on quickly. The answer is no.” Koppel obviously likes Fugate, who had this to say … “We’re not a country that can go without power for a long period of time without loss of life. Our systems, from water treatment to hospitals to traffic control to all these things that we expect every day, our ability to operate without electricity is minimal.” The FEMA administrator expressed a frustration likely common among senior government bureaucrats: “I’ve got to deal with the consequences” despite not “really hav[ing] any say on the front end as to why we got in this situation.”
Further in the interview … So what, I asked FEMA’s administrator, is the plan for a prolonged, widespread power outage? For the first couple of days, he explained, the primary burden would be on state and local governments, but if the electricity remained out for weeks or more, it would be FEMA trying to fill in the gaps. “The plan would be to support the states to keep security, to maximize what power we do have to come back online, to look at what it will take to keep food and other critical systems like water systems up and running with generators and fuel. To prioritize where we’re going to start rebuilding our economy.” Fugate warned that there’s a limit to how much FEMA can do, but he’s confident in prioritizing certain objectives. “Keep the water on,” he said. “That means we need to have enough power to pump, treat, and distribute water through the system. You have to keep the water system up, and you’ve gotta then focus on the water treatment system. Backing up sewage is just about as bad. Those two pieces will buy you enough time to look at what your alternatives are. Basically, people have to drink water, they have to eat, that waste has to go somewhere, they need medical care, they need a safe environment. There has to be order of law there.”
Fugate is not a man to mince words. There is traditional disaster response work, which is about reestablishing normalcy very quickly. Then there is uncharted territory, he acknowledged, “where normalcy [wouldn’t] get established quickly. We [would be] trying to hang on and keep as many people [as possible] from dying until the system comes back.” That’s not the sort of message that would inspire widespread confidence in a concerned public, but it has the ring of authenticity to it.
One thing that stuck with me when reading this section was why is the government so unprepared? You know they’ve considered this possibility. I’ve read some white papers and position papers on the topic that came from FEMA and DoD officials. Why is there no “official” plan? Koppel asks the same question over and over again. Koppel insists that if there is a plan it’s best to share it with the public now instead of waiting for an outage that would make it almost impossible to communicate with large numbers of people. I figure there are two reasons for the government silence regarding a plan to deal with an extended outage.
One reason might be that they’ve concluded that there’s no way to effectively deal with an outage of that magnitude. They’ve prepared for continuity of government and operations (like burying the severed head under NORAD), but they’re prepared to let most people fend for themselves until the crisis has passed. This is a common assumption amongst my tinfoil hat cohort. They believe the plan is to let the population die off until the population numbers are small enough to deal with effectively. I’ve read terrible scenarios about such things. You can imagine it – prison populations starving to death in abandoned prisons, elderly and infirm dying in large numbers in LTC communities, inner-city poor succumbing to violence, fire or starvation—basically all of the communities that are a perceived drain on the government would die in large numbers, leaving behind the healthiest and most able-bodied (but in a weakened state from the conditions so they couldn’t fight back if they didn’t like the direction the new government was taking). It’s straight out of Conspiracy 101, but it makes sense on some level. If you think you can’t save everyone, figure out who and what is worth saving and plan for that instead.
The other reason they might not share the plan is because people wouldn’t like it. Even a plan that’s a lot less draconian than the one I described above might still ruffle some feathers. What if they limited medicine to people between aged 6 and 60? Or closed throughways into and out of major cities to limit crime and disease? The mere suggestion of that kind of plan could start riots. What about relocation plans, or confiscation of food and other supplies so the government could dole them out equitably? It would seem reasonable on paper but would stoke the Tea Party side of the aisle.
What I don’t understand is why they don't at least develop a plan for PREVENTING the problem. Hardening the infrastructure seems like a good first step. How about the next time our dear leaders suggest invading somewhere, let’s not and say we did, and then use the money to shore up our infrastructure instead?
If you want to know specific details about the electric grid and how antiquated the infrastructure really is, read chapter nine. The biggest issue in this section is the decaying population of large power transformers (LPTs). They estimate there are tens of thousands in use. [I found it shocking that the government didn’t actually know the exact number because it’s proprietary. WTF??] LPTs are dinosaurs and very, very hard to replace …
“An LPT is a large, custom-built piece of equipment,” the DOE report explained. “Because LPTs are very expensive [$ 3 million to $ 10 million each] and tailored to customers’ specifications, they are usually neither interchangeable with each other nor produced for extensive spare inventories.” Consider the sum of all those factors. Conservatively, there are thousands of aging transformers, most custom-built, unable to be ordered from a catalogue or mass-produced, each costing somewhere in the neighborhood of $ 3 million to $ 10 million. Add to this that there are only a handful of plants in the United States capable of building an LPT— as of this writing, ten such facilities. The vast majority of large power transformers are built overseas, and more than 75 percent of those purchased by the U.S. energy sector must be procured overseas. The estimated lead time, the time from production through shipping to delivery, is commonly between one and two years, and never less than six months. These transformers are so enormous— anywhere from 400,000 to 600,000 pounds— that they cannot be transported on a standard railroad freight car. It requires the use of a specialized railroad freight car known as a Schnabel. There are only about thirty of these in North America, and as one senior FEMA official conceded, some of the original transformers were delivered so many years ago that the rail lines on which they were transported no longer exist.
The industry claims it has hundreds of back-up transformers as spares, but it won’t give the exact number (again, claiming it’s proprietary), and admits that one size doesn’t fit all. The current wait time for a newly built transformer is over a year. It’s worth noting that only the largest companies can afford to keep backups. If you were factoring in grid resiliency in deciding where to live, pick an area supplied by one of the largest power companies.
Koppel goes on to discuss the aftermath wrt people and again how there is no plan beyond a short-term disruption. One interviewee actually suggested that NYC be evacuated, but moving people out of urban areas en masse—even with the power on—is a pipe dream. Even Koppel finds the suggestion ludicrous. He spoke with Johnson and all former DHS heads. Tom Ridge comes across as the most realistic, but only in recognizing the problem and admitting that the government has no plan and a workable one is probably not forthcoming. Johnson looks clueless in the book, and Napolitano sounds like a typical cavalier politician. I’m not trying to take a political side here. Even Ridge offers no real hope of dealing with this kind of crisis. He says “We are not a preemptive democracy. We are a reactive one.” When pressed, most officials and industry leaders that Koppel spoke with admitted there was no real plan, and further, that no plan would be adequate to deal with the magnitude of a grid-down crisis.
Where, then, might a concerned citizen find advice on how to cope with the aftermath of such an attack? “There is no answer,” said Schmidt. No government agency has guidelines for private citizens because, according to Schmidt, there’s nothing any individual can do to prepare. “We’re so interconnected,” he said, that in terms of disaster preparation “it’s not just me anymore: it’s me and my neighbors and where I get my electricity from. There’s nothing I can do that can protect me if the rest of the system falters.” It’s an answer bordering on the fatalistic: the individual can’t do anything and the government won’t do anything.
One of Koppel’s main points in this section is that the government is approaching this problem like it approaches all emergency management, yet Koppel believes a grid-down scenario is fundamentally different. “On one level, this is understandable and even prudent. Experience is a more compelling instructor than speculation. … A cyberattack may be different from anything FEMA has previously dealt with, but it is not unreasonable for the agency to focus on the experience it has gained from natural disasters. This approach falters, however, when relevant federal agencies fail to provide for (or in some cases even contemplate) the difference in magnitude between the effects on the grid of any recorded natural disaster and the potential effects of a massive cyberattack.” Koppel goes on to compare different disasters, like earthquakes, and show the flaws in applying universally accepted disaster relief models to a large-scale power outage.
When discussing specific areas like NYC with other officials, the outlook was just as grim. “The city, though; how long could that hold up? Without federal assistance, Hauer said, New York City “could probably last for two days.” OTOH, when he addresses what the situation would be in rural areas like Wyoming, he’s more optimistic. The general conclusion is that the less an area relies on government services now, the better off it will be after a significant crisis like a grid-down event.
Koppel doesn’t pull any punches in his assessment of the situation. He singles out the Red Cross for a rather scathing rebuke, and as you've seen, he is very critical of DHS. He sees that organization (DHS) as money wasted that could have been spent on addressing this problem. Same with the wars in Iraq and Afghanistan…
We are inclined, as Tom Ridge observed, to be a reactive society. We apply unimaginable amounts of money toward dealing with the aftermath of crises. The most conservative estimates put the financial cost of the wars in Afghanistan and Iraq at around $ 1.5 trillion. Most estimates are significantly higher. The Transportation Security Administration, which came into being as a direct consequence of the 9/ 11 terror attacks, now employs fifty-five thousand people, with an annual budget in excess of $ 7 billion. Over the course of the past fourteen years TSA has been funded to the tune of somewhere between $ 90 billion and $ 100 billion of protection we didn’t know we needed before 2001. Nor, it seems, has the money been particularly well spent. In early June 2015, the Department of Homeland Security revealed that its teams of undercover investigators were able to smuggle dummy explosives and weapons through TSA checkpoints at airports around the country in 95 percent of cases. We tend to come up with funding after disaster strikes.
Part III: Surviving the Aftermath
This section talks about preppers and Mormons and if there is any way at all to survive such a catastrophe. Koppel is respectful in his assessment of preppers … “There is, in any event, a growing movement around the country based on the assumption that neither government agencies nor private relief organizations can be relied upon in the event of any major disaster. A generation or two ago, they might have been called survivalists, but there was an extreme rightwing aura attached to that term, conjuring images of bunkers built to sustain life against aerial bombardment. While such groups continue to exist, they have been modified and largely displaced by a much larger group for whom ideology is less relevant. “Preppers,” perhaps most easily described as “those who prepare,” can be found across the political spectrum. They are not necessarily prophets of doom, simply those who want to be ready for the worst.”
IMO, the book really veers off course here. I enjoyed this section, but it seemed out of place in the context of the rest of the book. Too much discussion is devoted to the Mormons and their history. The Mormon story is compelling and uniquely American in many respects, but too much detail bogged down the book. I think what Koppel was ultimately getting at is the Mormon focus on prepping and the enormous infrastructure the LDS has developed over the last few decades. They have vertically integrated their preps from the farm to distribution. If an EMPocalypse really happens, the Mormons might be the biggest community to survive intact. Many lessons can be learned from them. I’ve used many of the LDS’s online resources (some are listed in the resources section), and through my prepping contacts I have befriended many Mormons. I have found them to be, IMHO, the perfect blend of preparation and generosity. I know of other criticisms of the LDS lifestyle, particularly in relation to the role of women, but their approach to survival and preparedness seems to be the epitome of ‘prepare for the worse, hope for the best’.
A related point was that the community structure of the Mormons makes their preparations much easier to accomplish. It’s something that’s lacking today in many segments of society, which we’ve touched on before on the forum. Government mandated preps might be useful, but the plans would be more cohesive and meet with less resistance if they were a part of a community-based group instead of a top-down, government-imposed plan. I’m not sure how to accomplish that. Certainly, other civic and church groups could look to the LDS model to see what can be done. I know that Catholic Charities has at least a small infrastructure in place as a starting point. A friend in Alabama says his church has a large network for dealing with disasters with his state, Tennessee, and Mississippi. Maybe what’s needed is for the DHS or FEMA to assist regional and local groups in developing plans for disaster relief? Koppel discusses that in chapter nineteen … The LDS church has established a model that makes good common sense, one that serves to support families in times of illness or unemployment, natural disaster or international crisis. It is designed to cushion families during hard times over an extended period. Certainly most families cannot afford to immediately lay in a six-month supply of food and water. Too many families lack the resources to meet even their daily needs. But if those who can afford it take on the responsibility of longer-term survival, supplies available to emergency management agencies can be reserved for the very neediest. Many urban dwellers, living in small urban apartments, lack space, but when what’s at stake is survival, it’s astonishing how much can be tucked away in small spaces. To establish a foundation with long-lasting, nourishing foods that have sustained needy families for generations— rice, wheat berries (and the grinder to make flour), beans— and large containers of water seems ridiculous in times of plenty, but it can become the difference between survival and starvation during an extended crisis. True, the wheat berries and grinder are not likely to find many converts among city dwellers, but the goal is to build up a supply of nonperishable goods, small amounts at a time. These are measures to be undertaken gradually, over time. Eventually the supplies become part of a natural pattern— rotation of the older food into a pattern of daily consumption, always to be replaced with fresh supplies.
What will, for most people, be the most difficult to replicate in the Mormon experience, however, is the intricately organized community, existing on both the local and national levels. There are well over two thousand Community Emergency Response Teams (CERTs) throughout the country. They are affiliated with FEMA and provide a useful structure for implementing disaster relief, but they don’t have much of a presence in America’s cities. There is, for example, only one CERT in the nation’s capital. Still, it is a place to start, and if you go to the CERT website, you will find the name and contact information for the organization nearest you. Many religious communities already have a structure and sense of connection in place, as do any number of social and civic organizations. Some of these have already made thorough preparations for disaster relief. For those that have not, but where organization and a sense of community are in place, it should be a relatively manageable matter to modify what already exists.
Another point Koppel seems to be making is that even though the people in rural areas, like Mormons, might be willing to help the less fortunate during a prolonged outage, the notion of urbanites fleeing to the countryside for refuge is misguided and ultimately unworkable. I think a better way to look at it is in the context of FEMA and government assistance, which surprisingly Koppel spends little time on in the book. If I were running FEMA and developing a plan, I would first look at a map and mark off all of the areas that could probably get by without government assistance--like those with large LDS populations or prepper mindsets--and focus all planning on the areas that couldn’t possibly survive without a strong government presence (like the megalopolis).
I think this is the biggest takeaway I had from the book. It made me look at location a little differently. I think there are workable plans for many different areas. Obviously, if you can live off-grid now in a remote location, then all you need to worry about are your medical needs and safety. If you live in a suburban area, make sure you live somewhere that’s part of a large electrical network and ‘important’ enough that it would be a priority when they are repairing the grid and distributing emergency supplies. Large urban dwellers, well … you’re still SOL I think. Sorry.
I think Koppel’s ultimate point is that the government should be focused on prevention while individuals should focus on preparation … There is, unfortunately, a whiff of defeatism about preparation. It implies the inevitability of an impending catastrophe when time, effort, and money might more proactively be expended on prevention. The one should not preclude the other; the overall utility of preparing for hard times, with a rotating larder, participation in a social network, and the establishment of a financial safety net, is eminently adaptable and useful even in the absence of catastrophe. On the other hand, defending against a cyberattack is something that only a coalition between government and industry can even attempt. So it is to be expected, perhaps, that government’s primary emphasis remains on prevention. All of the details Koppel includes in the book show that the government isn’t really making any progress on their end, and although prepping has at least made it into the general lexicon, the public is only marginally more prepared than the government for a large-scale grid-down event. He is also firmly on the side of increased government oversight of the internet and wholesale data collection as part of the intelligence community’s attempt to prevent cyberattacks.
Back to my comment about shenanigans … One thing that struck me as a little odd when I first read the book was the timing of its publication and Koppel’s relentless marketing of it. Then DARPA made their big announcement, and I wondered if maybe Koppel was given such incredible access to government personnel and information in exchange for coordinating the timing of the book with the expansion of the DARPA program related to preventing a grid-down event. See here, and here, and here, and here. Convenient timing, yes?
FURTHER RESOURCES:
Google Talk with Koppel https://youtu.be/1dcSyibsF2w
Koppel on Charlie Rose (he’s up first) https://youtu.be/3ZQouyI1giA
Koppel speaking at UChicago Institute of Politics https://youtu.be/klBYGH9qhpM
EMP Commission website (US) http://empcommission.org/index.php
US Department of Energy report from April 2014: Large Power Transformers and the U.S. Electric Grid: Infrastructure Security and Energy
Restoration http://energy.gov/sites/prod/files/2014 ... 040914.pdf
George Cotter White Paper from April 2015, Security in the North American Grid: A Nation at Risk http://pbadupws.nrc.gov/docs/ML1511/ML15114A348.pdf
DARPA http://www.darpa.mil/
Joe Weiss’s blog on industrial security http://www.controlglobal.com/blogs/unfettered/
George Cotter discussing cyberattacks and grid security https://istcolloq.gsfc.nasa.gov/fall201 ... cotter.mp4
He’s really dry. You can skip the beginning unless you’re really into this topic. Jump ahead to 1:03:30 to get to the applicable part. He’s much better in the Q & A. Here’s a PDF of his slides https://istcolloq.gsfc.nasa.gov/fall201 ... cotter.pdf .
DHS guidelines for preparing for a disaster http://www.dhs.gov/how-do-i/prepare-my-family-disaster
LDS guidelines for preparing for a disaster https://www.lds.org/topics/emergency-pr ... s?lang=eng and the LDS Preparedness Manual (free download) https://www.ldsavow.com/PrepManualGeneral.html
Modern Survival Blog’s guide with a to-do list http://modernsurvivalblog.com/preps/lds ... checklist/
Tess Pennington’s 52 Weeks to Preparedness http://readynutrition.com/resources/52- ... _19072011/
QUESTIONS: (Don't feel obligated to answer them if all you want to do is comment on the book!)
1. Do you think governments have planned for such an event, whatever the cause? Or do you think they are just hoping to apply basic disaster preparedness plans to a prolonged outage?
2. Why do you think the government doesn’t share more information about preparing for disasters beyond the recommendation of three days of supplies?
3. Does your local government have a plan in place? Do you know what it is?
4. What would you do? Would you leave? How long would you stay? Where would you go?
5. What do you think the government should do or plan for?
Question #6 is for the Europeans -- Wasn't there talk of a super grid in Europe? Did they complete it? Does it make you more vulnerable to a continent-wide grid-down event?
And if you’ve actually read all the way to the end of this post, here’s a bonus clip of George Carlin on what would happen if we didn’t have electricity https://youtu.be/3ZWA_cw9tss