How to Prepare for a Potential Syrian Counterattack on the U.S. Power Grid
CIO - Earlier this week, on Wall Street Journal This Morning, I shared my increasing concern that we aren't taking seriously the Syrian cyberattack and the possibility of a Syrian military warning shot against U.S. infrastructure.
The U.S. power grid is vulnerable, held together by little more than a prayer and bailing wire. Even if Syria doesn't strike, a broad failure is inevitable. It's therefore prudent to begin testing your short- and long-term power outage contingency plans.
Remember, a broad outage doesn't just mean failover, as it could extend to failover sites. This means your current mitigation and disaster recovery planning may be inadequate for what might end up being a near-nationwide outage.
Even if you don't buy into the Syrian cyber counterattack risk, the likelihood of a massive outage is still great enough to test your firm's ability to survive if much of the power and telecom grid suddenly fails and remains down for weeks or even months. Disaster preparedness assessments are a prudent exercise, after all, and the Japanese tsunami of 2011 showed that the U.S. isn't the only wealthy nation with fragile infrastructure issues.
Power Grid Failure Would Be Catastrophic
Massive failures typically result from a massive weather event. You don't just lose power; if the power outage goes on for a day or more, you eventually lose telecommunications, water and even gas supplies (which often fuel emergency generators). A cascading failure would cause many transformers to catastrophically fail, which is a nice way of saying "explode." Recovery time could easily move from days to months; existing transformer reserves would be inadequate, and the in-country manufacture of new transformers would paradoxically need to wait until those factories could be brought back online.
Most generating facilities - especially hydroelectric - would come back relatively quickly. If distribution is catastrophically destroyed, though, getting that power to your primary or backup sights would be problematic. You could find your in-country facilities down for the count.
Related: 10 Disaster Preparedness Questions For Cloud Service ProvidersHow-to: Plan for Disaster Recovery and Business Continuity
Corporate buildings would hardly be the only facilities affected; employees would suddenly face a world where food, water and gas supplies were unavailable for extended periods. Many would have no choice but to relocate, as extended families, to areas that were secure and had sufficient supplies.
While a downed power grid would largely leave homes intact - unlike New Orleans after Hurricane Katrina - contacting employees and their families and coordinating their movement would fail. Yes, most of today's homes use cable modems for phone service, but those must be plugged in and would be unreliable. And yes, wireless phones and cell towers would work in a power outage, offering organizations a way to deliver rally points and other critical information, but cell towers' backup power supplies only last several hours - as do the typical cell phone batteries.
Contingency plans would need to be in place before an event so everyone is more likely to emerge from it safely.
Assess Disaster Preparedness Now - And Don't Count on Help
This isn't a short-term problem. America's electrical infrastructure is in bad shape. Large-scale weather events such as Hurricane Sandy hit cellular networks and the power grid both far and wide. Groups as varied as hostile nations and anarchists are increasingly gaining the skills necessary to do significant damage.
The federal government is not willing to fund needed infrastructure upgrades. Before the U.S. starts shooting missiles at countries with strong cyberattack teams, it should harden U.S. infrastructure, but betting the government will do the smart thing has been a losing proposition of late.
All of this suggests, then, that putting major data centers near large hydroelectric sites to assure power (as Google has done) or focusing on alternative energy sources (as is the case with Apple's planned new headquarters) to assure the sites can remain operational during extended outages. You'll have to think through network transport, though; if these sites can't connect, you're still in trouble. Having failover capability in another country, such as Canada, would be advised.
Thinking strategically, the only approach that may work in countries with vulnerable infrastructure or unstable government may be an arcology. This eventual evolution of self-sustained architecture and ecology blends corporate and personal living structures, assuring that both people and equipment are safe and recognizing that an inability to protect either could result in company failure. Arcology continues to advance worldwide, but clearly they are needed most where there's a broad risk to infrastructure and/or employee safety.
In the meantime, review your disaster preparedness plans to assure they adequately address large regional or national power outages. This often makes the difference between surviving a catastrophe and becoming a statistic. If people have a plan that they know works, they're less likely to panic and do dangerous, stupid things. Don't put this off.
Rob Enderle is president and principal analyst of the Enderle Group. Previously, he was the Senior Research Fellow for Forrester Research and the Giga Information Group. Prior to that he worked for IBM and held positions in Internal Audit, Competitive Analysis, Marketing, Finance and Security. Currently, Enderle writes on emerging technology, security and Linux for a variety of publications and appears on national news TV shows that include CNBC, FOX, Bloomberg and NPR.
Read more about government in CIO's Government Drilldown.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
If you use ‘password,’ one the worst passwords, as your password, fail to keep antivirus protection updated and don’t bother to deploy security patches to close critical vulnerabilities, then maybe you should consider working for the cybersecurity-clueless federal government; you’d fit right in, according to Senator Tom Coburn's cybersecurity and critical infrastructure report.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
- This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Red Hat Enterprise Linux - The Original Cloud Operating System
- Linux adoption is growing against a number of measures, such as the
number of supercomputers that run Linux and the size of the contributing...
- OpenStack Hype vs. Reality: CIO Quick Pulse
- Open-source architecture can enable IT departments to build infrastructure-as-a-service (IaaS) clouds running on standard hardware.
- Building a Bridge to the Next Generation Data Center
- Selecting a widely adopted operating system is a foundational component of a standardization strategy.
- OpenStack and Red Hat: IDC White paper
- Most OpenStack deployments are by public cloud providers that are early adopters of technology and use OpenStack in a do-it-yourself deployment and support... All Government IT White Papers
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,...
- Getting Ready for BlackBerry Enterprise Service 10.2 Find out how BlackBerry® Enterprise Service 10 helps organizations address the full spectrum of EMM challenges, while balancing the needs of both the...
- Containerization Options: How to Choose the Best DLP Solution for Your Organization This webcast outlines a framework for making the right choice when it comes to containerization approaches, along with the pros and cons of...
- All Government IT Webcasts