How to Prepare for a Potential Syrian Counterattack on the U.S. Power Grid
CIO - Earlier this week, on Wall Street Journal This Morning, I shared my increasing concern that we aren't taking seriously the Syrian cyberattack and the possibility of a Syrian military warning shot against U.S. infrastructure.
The U.S. power grid is vulnerable, held together by little more than a prayer and bailing wire. Even if Syria doesn't strike, a broad failure is inevitable. It's therefore prudent to begin testing your short- and long-term power outage contingency plans.
Remember, a broad outage doesn't just mean failover, as it could extend to failover sites. This means your current mitigation and disaster recovery planning may be inadequate for what might end up being a near-nationwide outage.
Even if you don't buy into the Syrian cyber counterattack risk, the likelihood of a massive outage is still great enough to test your firm's ability to survive if much of the power and telecom grid suddenly fails and remains down for weeks or even months. Disaster preparedness assessments are a prudent exercise, after all, and the Japanese tsunami of 2011 showed that the U.S. isn't the only wealthy nation with fragile infrastructure issues.
Power Grid Failure Would Be Catastrophic
Massive failures typically result from a massive weather event. You don't just lose power; if the power outage goes on for a day or more, you eventually lose telecommunications, water and even gas supplies (which often fuel emergency generators). A cascading failure would cause many transformers to catastrophically fail, which is a nice way of saying "explode." Recovery time could easily move from days to months; existing transformer reserves would be inadequate, and the in-country manufacture of new transformers would paradoxically need to wait until those factories could be brought back online.
Most generating facilities - especially hydroelectric - would come back relatively quickly. If distribution is catastrophically destroyed, though, getting that power to your primary or backup sights would be problematic. You could find your in-country facilities down for the count.
Related: 10 Disaster Preparedness Questions For Cloud Service ProvidersHow-to: Plan for Disaster Recovery and Business Continuity
Corporate buildings would hardly be the only facilities affected; employees would suddenly face a world where food, water and gas supplies were unavailable for extended periods. Many would have no choice but to relocate, as extended families, to areas that were secure and had sufficient supplies.
While a downed power grid would largely leave homes intact - unlike New Orleans after Hurricane Katrina - contacting employees and their families and coordinating their movement would fail. Yes, most of today's homes use cable modems for phone service, but those must be plugged in and would be unreliable. And yes, wireless phones and cell towers would work in a power outage, offering organizations a way to deliver rally points and other critical information, but cell towers' backup power supplies only last several hours - as do the typical cell phone batteries.
Contingency plans would need to be in place before an event so everyone is more likely to emerge from it safely.
Assess Disaster Preparedness Now - And Don't Count on Help
This isn't a short-term problem. America's electrical infrastructure is in bad shape. Large-scale weather events such as Hurricane Sandy hit cellular networks and the power grid both far and wide. Groups as varied as hostile nations and anarchists are increasingly gaining the skills necessary to do significant damage.
The federal government is not willing to fund needed infrastructure upgrades. Before the U.S. starts shooting missiles at countries with strong cyberattack teams, it should harden U.S. infrastructure, but betting the government will do the smart thing has been a losing proposition of late.
All of this suggests, then, that putting major data centers near large hydroelectric sites to assure power (as Google has done) or focusing on alternative energy sources (as is the case with Apple's planned new headquarters) to assure the sites can remain operational during extended outages. You'll have to think through network transport, though; if these sites can't connect, you're still in trouble. Having failover capability in another country, such as Canada, would be advised.
Thinking strategically, the only approach that may work in countries with vulnerable infrastructure or unstable government may be an arcology. This eventual evolution of self-sustained architecture and ecology blends corporate and personal living structures, assuring that both people and equipment are safe and recognizing that an inability to protect either could result in company failure. Arcology continues to advance worldwide, but clearly they are needed most where there's a broad risk to infrastructure and/or employee safety.
In the meantime, review your disaster preparedness plans to assure they adequately address large regional or national power outages. This often makes the difference between surviving a catastrophe and becoming a statistic. If people have a plan that they know works, they're less likely to panic and do dangerous, stupid things. Don't put this off.
Rob Enderle is president and principal analyst of the Enderle Group. Previously, he was the Senior Research Fellow for Forrester Research and the Giga Information Group. Prior to that he worked for IBM and held positions in Internal Audit, Competitive Analysis, Marketing, Finance and Security. Currently, Enderle writes on emerging technology, security and Linux for a variety of publications and appears on national news TV shows that include CNBC, FOX, Bloomberg and NPR.
Read more about government in CIO's Government Drilldown.
- 18 Hot IT Certifications for 2014
- CIOs Opting for IT Contractors Over Hiring Full-Time Staff
- 12 Best Free iOS 7 Holiday Shopping Apps
- For CMOs Big Data Can Lead to Big Profits
- Slideshow: 5 ways to lock down your mobile device
- Slideshow: 10 mistakes companies make after a data breach
- How to rob a bank: A social engineering walk through
- Which smartphone is the most secure?
If you like your iPhone, you can keep your iPhone. Period.
President Obama has revealed that he's not permitted to carry an iPhone. It's too insecure for the job, he says. Instead, he's stuck with a BlackBerry. Well, someone's got to have one still. However, it turns out that the Pentagon has also outlawed non-BlackBerry smartphones. In IT Blogwatch, bloggers joke that 2006 called and they want their smartphones back.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Mitigating DDoS Attacks with F5 Technology
- This document examines various DDoS attack methods and the application of specific ADC technologies to block attacks in the DDoS threat spectrum while...
- The DDoS Threat Spectrum
- Bolstered by favorable economics, today's global botnets are using distributed denial-of-service (DDoS) attacks to target firewalls, web services, and applications, often simultaneously.
- Defending Against Denial of Service Attacks
- By utilizing end-user interviews, this whitepaper explores a deeper understanding of DDoS defense plans and reveals the knowledge gaps around the Denial of...
- Strategic Solutions for Government IT
- This paper outlines why F5 is the optimum partner to help achieve the levels of security, performance and availability that are vital to...
Top Considerations for Moving to a Cloud Delivery Model for ITSM
Find out whether SaaS-based ITSM is right for you
- Software-as-a-service is more than just a cloud-based delivery model-it's a new approach to service that lets companies optimize utilization of in-house IT resources... All Government IT White Papers
- Pre-Engineered solutions from VCE Simplify Core Infrastructure Implementation In this video, the CTO of Purdue Pharma, a privately held pharmaceutical company explains how Purdue transformed their data center infrastructure with VCE.
- Integrated Infrastructure: Simplify Operations, Speed Deployments and Reduce Costs George Weiss, Gartner Vice President and Analyst, and Praveen Akkiraju, CEO of VCE, provide practical information regarding the various aspects of Integrated Infrastructures...
- Video: 5 Secrets To Scaling Enterprise Apps Watch this video to learn how to successfully scale enterprise apps>>
- Collaboration 2013: Where Mobility Meets Connectivity Mobility and collaboration are quickly converging and users are demanding more capabilities. It's no longer enough to enable file sharing. This Webcast dives...
- Modernizing SAP environments with minimum risk - a path to Big Data Hear from top IDC analyst, Richard Villars, about the path you can start taking now to enable your organization to get the benefits...
- All Government IT Webcasts
Does your organization offer extensive benefits, cool perks, competitive salaries, opportunities for training and advancement? Then get it recognized!
Nominate your company or another deserving organization for Computerworld's 2014 Best Places to Work in IT list now through Dec. 12, 2013.