In July 2011, the InfraGard National Board and the Federal Bureau of Investigation approved the formation of the InfraGard National Electromagnetic Pulse Special Interest Group (EMP SIG) for the purpose of sharing information about threats that could affect critical infrastructure nationwide for more than a month and encouraging local communities to become more resilient. The threats specifically include manmade electromagnetic pulse (EMP), cyberattacks, coordinated physical attacks, pandemics, and extreme space weather. Many are not aware that the “100-year solar storm” creates ground-induced currents that travel up ground wires and can damage transformers and other large electronic systems that have long repair or replacement times.
High-impact threats are qualitatively different from many other threats for one main reason. Unlike hurricanes Katrina or Sandy, which affected regions and allowed other areas to rally to the aid of local communities, high-impact events have the capability of affecting much of the country simultaneously and limiting resources that are necessary for relief and recovery efforts. Instead of waiting days for help, affected regions could wait months for any meaningful aid. In a “just-in-time” society, the consequences are barely imaginable, but a historical background may help planners appreciate the need to minimize these effects.
Building National Awareness In October 2011, the National Defense University and the EMP SIG co-sponsored the first comprehensive nationwide contingency planning workshops and exercise on extreme space weather that could have a nationwide impact. Until that time, even the U.S. Department of Defense had not planned for a collapse of civilian infrastructure nationwide that would last more than a couple weeks (outside of nuclear or world war). In December 2011, the EMP SIG reported its findings in a seminar at the December 2011 Dupont Summit of the Policy Studies Organization in Washington, D.C. Less than 8 months after the summit, on 23 July 2012, the earth experienced a near miss of a potentially cataclysmic solar storm.
Since then, on the first Friday of December each year, the EMP SIG has gathered top technical and policy experts to discuss such high-impact threats at subsequent Dupont Summit gatherings. Proceedings from the 2012 and 2013 summits are available online. By the second anniversary of the solar near miss, an array of scientific articles provoked attention in the international media.
On 9 July 2013, Space Weather published a study conducted by university and NASA researchers, entitled “A major solar eruptive event in July 2012: Defining extreme space weather scenarios.” A NASA article published on 23 July 2014 quoted one of the Space Weather authors, Daniel Baker from the Laboratory for Atmospheric and Space Physics at the University of Colorado Boulder, “I have come away from our recent studies more convinced than ever that Earth and its inhabitants were incredibly fortunate that the 2012 eruption happened when it did. … If the eruption had occurred only one week earlier, Earth would have been in the line of fire.”
The NASA article cited the often-quoted 2008 National Academy of Sciences report on a FEMA-funded economic impact assessment, which stated that the total economic impact of such an event “could exceed $2 trillion or 20 times greater than the costs of a Hurricane Katrina. Multi-ton transformers damaged by such a storm might take years to repair.” Baker further said, “In my view, the July 2012 storm was in all respects at least as strong as the 1859 Carrington event. … The only difference is, it missed.”
In another July 2014 research article published in Space Weather, entitled “Assessing the Impact of Space Weather on the Electric Power Grid Based on Insurance Claims for Industrial Electrical Equipment,” the authors showed how even small space weather events have been causing damage to the electric power grids. Claim statistics from an examination of over 11,000 insurance claims from 2000 to 2010 revealed that “geomagnetic variability can cause malfunctions and failures in electrical and electronic devices that, in turn, lead to an estimated 500 claims per year within North America.” If small events can have such an effect, it becomes a lot easier to imagine the impact of the storm that just missed Earth in 2012. In addition, this data suggests that, if protection were to be provided for equipment against the larger threat, then money would be saved on a day-to-day basis for even the smaller ones.
Assessments & Studies Raising Awareness Awareness of this storm peaked when The Washington Post editorial board made its recommendation on 9 August 2014, “The world can and should do more to prepare, adapting satellite systems, toughening electric grids and, above all, ensuring that scientists have the tools they need to anticipate space weather…. For a variety of reasons – including the threat of severely inclement space weather – lawmakers must take a wider view.”
Manmade EMP poses even greater problems according to studies publicly released by the congressional EMP Commission between 2004 and 2008 and highlighted in the 14 August 2014 op-ed by R. James Woolsey and Peter Vincent Pry, both formerly with the Central Intelligence Agency. Not only is it possible for small mobile electromagnetic interference devices to be used at relatively close range against vulnerable electronic equipment and systems, but a relatively small-yield nuclear weapon could be placed on a scud missile, launched from an offshore freighter, and detonated in the upper atmosphere (80-300 miles high) to impact multiple regions or an entire continent. The electromagnetic fields emanating from EMP weapons include those that are in the billionths of seconds – much faster than lightening strikes. They travel through the air and across any kind of conductor, particularly long power or communication wires that act as giant welcoming antennae.
A 10 September 2007 economic impact assessment by the Sage Policy Group of Baltimore showed that even a regional EMP incident between Richmond, Virginia, and Baltimore, Maryland, could cause $770 billion of economic damage, even without considering loss of equipment or secondary effects such as lack of water in a large fire. The EMP Commission gave high marks for the study methodology and results, as did the economists who did the work quoted by the Academy of Sciences. In addition, the Sage report determined that protecting even 10 percent of the most critical infrastructure could alleviate up to 60 percent of the economic losses in medium-impact scenarios.
This study shows that it can be relatively inexpensive to protect critical infrastructure and that not all infrastructure may need to be protected to the same degree. However, as in the case of extreme space weather, little has been done until now to protect civilian critical infrastructure. Numerous studies have shown that U.S. lifeline infrastructures are highly interdependent and erected much like a “house of cards.” Subsequent tests by Iran of freighter-launched missiles, North Korean satellite success, and turbulence in places such as the Middle East have increased concerns about the ability of nonstate actors and the likelihood of a high-altitude nuclear EMP event.
Cyberthreats – Big & Small Cyberattacks have affected everyone, even if they have merely been an inconvenience. Fortunately, insurance and other companies have shielded communities and absorbed billions of dollars in costs resulting from effective cybercrime. The largest risks to society are likely to be experienced in the arena of industrial controls, which are largely unprotected by traditional cyberprevention techniques. Numerous reports have shown that foreign cyberattackers have already breached many utilities.
What is most telling is the public release of a Federal Energy Regulatory Commission report on 12 March 2014, which some say was for official use only, showing how the successful attack of only nine electric grid facilities could result in a nationwide power outage. The report published in The Wall Street Journal resulted in a hastily convened U.S. Senate hearing. There was no challenge to the accuracy of the report about the grave vulnerability the country faces, but rather only a challenge because the report was “mishandled” and leaked to the public.
Although the vast majority of cyberattacks are low-impact, high-frequency events, there is a growing concern about their ability to become high-impact, low-frequency events. Like other high-impact threats, they have the ability to cause similar levels of disaster, especially when combined with other threats. However, the right type of mitigation and preparation can reduce both the impact and the temptation for adversaries to try to use them.
What remains uncertain is the willingness to engage these high-level threats. Psychological and political views complicate the discussion – a way to impose more government regulation versus a scare tactic to raise the nation’s defense and homeland security budgets. In reality, there are daily cost savings, economic development, as well as environmental and security benefits when taking a reasonable systems approach to mitigate these threats. This is especially true when local communities are more sustainable and capable of creating and managing a larger percentage of their critical power and food requirements.
Sharing the Right Information With the Right People Similar to concerns that senators have raised at past cyberthreat hearings, some may think it is a challenge to begin an EMP discussion without causing panic or providing too much information to “the bad guys.” One possible solution is to engage the emergency management and contingency planner communities, who are already emotionally and intellectually accustomed to dealing with disaster planning. Another is to make better use of InfraGard. So far, InfraGard is the only federally sponsored program that requires all of its individual members to sign nondisclosure agreements so they can trust each other as they hold confidential conversations and share sensitive law enforcement information. The Federal Bureau of Investigation also provides background checks so an even greater level of trust can be achieved. These trusted and informed conversations can then lead to more-effective engagement with the public – through social media outlets – similar to the EMP SIG conferences.
This year, the EMP SIG will hold its conference on Friday, 5 December 2014. On the day before, it will conduct a by-invitation-only tabletop exercise based on a high-impact incident. For additional information or to attend the conference, visit the event page. The November 2014 issue of the DomPrep Journal will bring together subject matter experts to take a more in-depth look at this topic to further the EMP discussion and determine what actions may be considered to better prepare for and mitigate these threats.
Charles “Chuck” Manto is CEO of Instant Access Networks LLC, a consulting and research and development firm that produces independently tested solutions for EMP-protected microgrids and equipment shelters for telecommunications networks and data centers. He received six patents in telecommunications, in computer mass storage and EMP protection and has another one pending for a smart microgrid controller. He assists other entrepreneurs and investors with their intellectual property strategies and has developed valuation methodology accepted by the U.S. Department of Defense, countries, and companies participating in industrial defense conversion. He is a senior member of the IEEE and founded and leads InfraGard National’s EMP SIG. He can be reached at cmanto@stop-EMP.com