Blackout: The Conspiracy Theory

IOL/Popular Mechanics ^ | 12-5-2003 | Jim Wilson

[blam]

Blackout: the conspiracy theory

December 05 2003 at 09:27AM
Popular Mechanics

By Jim Wilson

Several explanations, some more likely than others, have been offered for the massive power failure in the north-eastern United States and Canada on August 14.

The official version, scheduled for release by the US department of energy as our American edition went to press, was expected to retell the story that had already been told: a critical interconnection point in the FirstEnergy electric grid in Ohio had failed. What should have been an easily contained local power failure cascaded east, causing more than R5-billion in damage in eight US states and in Ontario, Canada.

A second version is that terrorists successfully staged a digital Pearl Harbour.

Threat matrix Sceptics in a sceptical business, PM instinctively consigns conspiracy theories to the same shelf as dire Y2K predictions. Having covered major power outages before, PM staff also understand the vulnerability of the system that interconnects power plants with millions of customers. With more than a dozen PM staff stranded in midtown Manhattan on that muggy summer night, we wanted to believe President George Bush when he dismissed a terrorist connection.

We remained so convinced that at first we ignored as bravado an al-Qaeda claim that they had been behind the outage. And then we learned about Lieutenant-Colonel Bradley K Ashley.

Ashley’s connection to the outage began several years ago, when he was marked as a rising star and posted to the Air War College at Maxwell Air Force Base in Alabama. Moving up in the ranks depends upon getting your ticket punched in the right places. For a US Air Force officer, being sent to the Air War College is comparable to having your company pack you off for an expenses-paid Harvard MBA.

One of the objectives of the Air War College is to train officers to accurately analyse military threats, which Ashley did in a report on al-Qaeda and cyber-terrorism. “There is an accepted model within the department of defence that assesses threat based on several factors,” Ashley writes.

The threat-analysis techniques developed by the Defence Intelligence Agency (DIA) rate a threat on five criteria: existence, capabilities, intentions, history and targeting. The threat scale ranges from negligible to critical, depending upon which of those five factors are present.

The SCADA connection The most striking feature of the DIA threat-assessment matrix is that its criteria for categorising threats are far stricter than those of the CIA or FBI. An organisation is considered a “medium” threat after it has established a history of attacks. The DIA is not concerned with individuals who make threats. It focuses its attention on organisations that are threats.

To assess al-Qaeda’s potential as a cyberthreat, Ashley pored over reports of the contents of computers captured in Afghanistan as well as information gathered through prisoner interrogations. In each of the five critical areas, al-Qaeda activities merited a “yes” score on the DIA threat matrix. “The overall assessment of the al-Qaeda cyberthreat is critical,” Ashley concludes. “We know terrorists are pursuing this capability. Major cyberterror attacks against America will occur. It is a matter of when, not if.”

A chilling assessment, to be sure. And Ashley went even further when he identified the trapdoor through which al-Qaeda would attack the power grid.

America’s power system has thousands of not-so-secret trapdoors called supervisory control and data acquisition (Scada) devices. “Scada systems allow utility companies to monitor and direct equipment at unmanned facilities from a central location,” Ashley explains.

In the past decade, Scada devices have become the workhorses for public utilities. More than three million Scada devices are in use around the world today, says Ashley. Chiefly, they replace technicians for the routine tasks of meter reading and switch flipping. Their arrival has made it possible for utilities to maintain a high level of power reliability and at the same time reduce costs. To further reduce costs, Scada systems are designed to send and receive information over the Internet or via radio links. This is the first of their two weak links.

The second and more serious security concern is that Scada devices are a truly global technology. For example, a company that provided Scada expertise for FirstEnergy did similar work for the Egyptian Electricity Authority. It is a normal, legal and perfectly innocent business relationship. But it is also the sort of connection that makes intelligence experts worry, and those familiar with Ashley’s investigation cringe.

“Information about Scada devices and hacking them was found on al-Qaeda computers seized in raids in Afghanistan,” says Ashley. “Al-Qaeda prisoners have informed interrogators about their intent to use these methods to attack the US.” This is hardly surprising since all of the “Axis of Evil” countries – Cuba, Iran, Iraq, Libya, North Korea and Syria – have both access to Scada devices and an in-depth understanding of the technology.

The files of the North American Electric Reliability Council (Nerc), an industry group created after the infamous 1964 Northeast blackout, suggest that a cyberattack dry run took place in January 2003.

According to Charles E Noble, head of Information Security for ISO New England, a Nerc member that operates transmission lines, some sort of probing attack may have occurred during the appearance of the so-called “SQL Slammer Worm” that disrupted many Internet services. It also affected two unnamed utilities. “Both entities lost their ability to execute bulk electric system control from their primary control centres for several hours,” Noble says.

Nerc took the episode seriously enough to ask its members to approve emergency rules that require background checks on employees with access to Scada devices.

Coincidence or conspiracy? Admittedly, the facts are circumstantial. But for a nation built on electric power, the risk of ignoring them might one day prove catastrophic.

Did ‘imaginary power’ cause a real blackout?

One of the more intriguing explanations for the August 14 blackout was offered by New York Times writers Richard Pérez-Peña and Eric Lipton, who said evidence suggested it was caused by a little-understood component of electricity known as “imaginary power”.

Quoting experts in the field, they wrote: “Imaginary power, known to scientists as reactive power, cannot turn on lights or run toasters. Yet power plants and lines need it to create the conditions that allow hundreds of thousands of megawatts to flow across the continent. Scientists often compare it to poles holding up the vast tent that is the country’s power grid.”

One expert said it appeared that a lack of reactive power, measured in what are known as VARs, led to low voltage on transmission lines and threatened the stability of the system.

This article appears in the December issue of the South African edition of Popular Mechanics

[aristeides]

The government is the boy that cried wolf. Government claims of no terrorist involvement are entitled to zero credence.

[Portnoy]

We remained so convinced that at first we ignored as bravado an al-Qaeda claim that they had been behind the outage

This is the first time I've heard this...

[inPhase]

Thanks once again Blam, good interesting find.

SA Pop Mechanics?

Pop Mechanics is a very good magazine.
Not PC 'd last time I looked,

as is Pop Science which is a real liberal rag.

[white trash redneck]

Government claims of no terrorist involvement are entitled to zero credence.

Good point. And yet, we've certainly had plenty of power failures before without any help from terrorists.

Regardless of whether or not AQ was involved with this particular outage or not, the grid has vulnerabilities that can be exploited by terrorists, and these need to be addressed.

[WackyKat]

Consider also the big outages in London and Italy within a few weeks afterward
I think they're hacking into the power grid computers

[Bikers4Bush]

If it was done by terrorists it would have been repeated somewhere else in the country at about the same time or shortly after. Let's not forget that the terrorists intentions are to cripple our economy and destroy it. Had they had the ability to take down one grid they should have had the ability to at least take out a portion of another. To my knowledge no other grid experienced any similar problems.

The intial problem started with a burning wire outside a home and that was caused by a tree falling on it. There has never been a report of evidence that the tree was tampered with or caused to fall over somehow. Since it wasn't that means that the terrorists would have needed to be sitting somewhere constantly monitoring the grid waiting for an opportunity. That's not how they operate. The develop a plan and carry it out, they don't wait for mother nature to complete a part of the plan for them.

[opinion8r]

I wonder why did this not also appear in the US edition? Censorshp?

[blam]

"I wonder why did this not also appear in the US edition? Censorship?"

I don't know that it didn't...do you know?

[swarthyguy]

I believe you expounded upon the SCADA's or other types of hand held remote access devices so prevalent in the power industry on the blackout threads.

[opinion8r]

You cited the SA edition so I assumed that it was not in the US edition. Maybe I jumped to an incorrect conclusion.

[MrNeutron1962]

Has everyone read this report?

www.doe.gov/engine/doe/files/dynamic/1282003113351_BlackoutSummary.pdf

I helped write it.

[OXENinFLA]

Let me add some fule to this fire.

http://www.whitehouse.gov/news/releases/2002/04/20020423-15.html


April 23, 2002
Remarks by Homeland Security Director Tom Ridge to the Electronics Industries Alliance
Grand Hyatt Hotel
Washington, D.C.



GOVERNOR RIDGE: "Terrorists can sit at one computer connected to one network and can create worldwide havoc -- don't necessarily need bomb or explosives to cripple a sector of the economy, or shutdown a power grid. All a terrorist needs is a weapons of mass destruction. "

[OXENinFLA]

Thanks I'll have to read that over the weekend.

[Ronaldus Magnus]

This article appears in the December issue of the South African edition of Popular Mechanics

I read this article at least a month ago (I think two or three months ago) in the US edition sent to my home as part of my subscription.

[oust the louse]

"I read this article at least a month ago (I think two or three months ago) in the US edition sent to my home as part of my subscription."

As did I,maybe a month or two after the outage happened.My wife,who works for a utility,copied it from a copy going around her office.I believe it was a test run by AQ to see the response and timeline for users to go back online.They(AQ) can probably backtrack to see if the holes in the SCADA system are fixed or see if they still now exist.If they do they really slam it hard...JMHO

[Fury]

Ping for you...

[GOP_1900AD]

Indeed, Dell bragged of selling wireless laptops and LANs to DTE on their web site earlier this year. I found that out with a quick web search on the day of the outage. This line of investigation seems to have been so obvious that any failure to have pursued it immediately could be labelled gross incompetence.

[swarthyguy]

>>any failure to have pursued it immediately could be labelled gross incompetence.

Otherwise known as preserving the geopolitical strategic "interests" of the US.

Depends on the highup the food chain any investigation is spiked, it could even move to treason except for the point above.