This article by Robinson et al is a very prescient article written back in 1998, long before 9/11 and he also points out how vulnerable U.S. infrastructure is to cyberwar and cyberattacks at a time when our infrastructure wasn’t nearly as dependent on the internet as it is now.
Nor is this likely to change, since 85% of infrastructure is privately owned and doing nothing to protect their companies because it costs them too much. Yet another reason capitalism will fail, among others…
C. Paul Robinson, et al. Critical Infrastructure: Interlinked and Vulnerable. Computers and communications are boosting performance, but interconnection increases the risk of a technological domino effect. Issues in Science & technology. National Academy of Sciences.
The infrastructure of the United States-the foundations on which the nation is built-is a complex system of interrelated elements.
Those elements-transportation, electric power, financial institutions, communications systems, and oil and gas supply-reach into every aspect of society.
Some are so critical that if they were incapacitated or destroyed, an entire region, if not the nation itself, could be debilitated. Continued operation of these systems is vital to the security and well-being of the country.
Once these systems were fairly independent. Today they are increasingly linked and automated, and the advances enabling them to function in this manner have created new vulnerabilities. What in the past would have been an isolated failure caused by human error, malicious deeds, equipment malfunction, or the weather, could today result in widespread disruption.
Among certain elements of the infrastructure (for example, the telecommunications and financial networks), the degree of interdependency is especially strong. But they all depend upon each other to varying degrees. We can no longer regard these complex operating systems as independent entities. Together they form a vast, vital-and vulnerable-system of systems.
The elements of infrastructure themselves are vulnerable to physical and electronic disruptions, and a dysfunction in any one may produce consequences in the others. Some recent examples:
- The western states power outage of 1996. One small predictable accident of nature-a power line shorting after it sagged onto a tree-cascaded into massive unforeseen consequences: a power-grid collapse that persisted for 6 hours and very nearly brought down telecommunications networks as well. The system was unable to respond quickly enough to prevent the regional blackout, and it is not clear whether measures have been taken to prevent another such event.
- The Northridge, California, earthquake of January 1994 affecting Los Angeles. First-response emergency personnel were unable to communicate effectively because private citizens were using cell phones so extensively that they paralyzed emergency communications.
- Two major failures of AT&T communications systems in New York in 1991. The first, in January, created numerous problems, including airline flight delays of several hours, and was caused by a severed high-capacity telephone cable. The second, in September, disrupted long distance calls, caused financial markets to close and planes to be grounded, and was caused by a faulty communications switch.
- The satellite malfunction of May 1998. A communications satellite lost track of Earth and cut off service to nearly 90% of the nation’s approximately 45 million pagers, which not only affected ordinary business transactions but also physicians, law enforcement officials, and others who provide vital services. It took nearly a week to restore the system.
Failures such as these have many harmful consequences. Some are obvious, but others are subtle-for example, the loss of public confidence that results when people are unable to reach a physician, call the police, contact family members in an emergency, or use an ATM to get cash.
The frequency of such incidents and the severity of their impact are increasing, in part because of vulnerabilities that exist in the nation’s information infrastructure. John Deutch, then director of the CIA, told Congress in 1997 that he ranked information warfare as the second most serious threat to U.S. national security, just below weapons of mass destruction in terrorist hands. Accounts of hacking into the Pentagon’s computers and breakdowns of satellite communications have been reported in the press. These incidents suggest wider implications for similar systems.
Energy availability is vital to the operations of other systems. DOE will be studying the vulnerabilities of the nation’s electric, gas, and oil systems and trying to determine the minimum number of systems that must be able to continue operating under all conditions, as well as the actions needed to guarantee their operation.
Achieving public-private cooperation. A major issue in safeguarding the national infrastructure is the need for public-private cooperation. Private industry owns 85 percent of the national infrastructure, and the country’s economic well-being, national defense, and vital functions depend on the reliable operation of these systems. [If you read my book reviews on cyberwar and cyberattack, you’ll discover that private companies aren’t willing to spend the money to take their systems off of the internet or improve security because that would take money away from shareholders, and they believe that ratepayers or the government would be on the hook if something went wrong].
Or as Auerswald puts it: “Although private firms uniquely understand their operations and the hazards they entail, it is clear that they currently do not have adequate commercial incentive to fund vulnerability reduction. For many, the cost of reducing vulnerabilities outweighs the benefit of reduced risk from terrorist attacks as well as from natural and other disasters. If industry itself is not motivated to invest in protection against attack and the federal government does not take the initiative, who will take responsibility for protecting chemical plants, rail lines, and other critical infrastructure? Who will make it harder for terrorists to magnify the damage of an attack by first attacking the infrastructure on which effective response depends? Who will ensure that these and other elements of the infrastructure are not used as weapons to kill or maim thousands of people in our cities?”
Philip Auerswald. 2005. The Challenge of Protecting Critical Infrastructure. Issues in Science & technology. National Academy of Sciences.
National Academies, Making the Nation Safer: The Role of Science and Technology in Countering Terrorism, Committee on Science and Technology for Countering Terrorism, Lewis M. Branscomb and Richard Klausner, co-chairs (Washington, DC: National Academies Press, 2002).