Insights into the Vulnerability of the Power System

By February 7, 2017 No Comments

Below is the transcript of the first 30 minutes of Peter Pry’s presentation from our conference, “Cyber Resilience: A Holographic Perspective on Continuing Threats and Potential Solutions,” which took place on October 25, 2016 at Massey College at the University of Toronto. For his full presentation, please watch the video above. 

Examining military doctrine and cyber warfare from a state and terrorism perspective reveals an existential level of threat, not harassment and not the kind of thing that industries such as the CIA, the Department of Defence, the Congressional EMP Commission, or in my EMP task force, are used to dealing with. Back in October 2016 when the Mackenzie Institute cyber resilience conference took place, there were two interesting and relevant cyber incidents that occurred: the judgement by the US intelligence community that the Russians had tried to intervene in the US presidential election by hacking the DNC. And the hack on Dyn, which merited great international effect but whose significance was not appreciated in the media, because of the focus on the US presidential election.

A big question to address is: is cyber warfare a watershed kind of event, and how does it pertain to the future? Certainly in the views of our adversaries it is. In General Vladimir Slipchenko’s book, No Contact Wars, it is indeed described as a revolution in military affairs. This is taught in the general staff academy, and they are trained and exercised according to this revolution. Sing Wei Guan’s book, Total Information Warfare, is modelled after Slipchenko’s book, and is an Iranian military textbook. While we do not have a book available from North Korea, it is clear by the way they train and exercise their military that their vision is also modeled after that of Slipchenko.

To begin answering this question, we must consider the notion of the watershed. Namely, what kind of watershed? And what is meant by a revolution in military affairs? This concepts builds on another Russian military textbook titled, The History of Military Art, which describes a series of revolutions in military affairs that have determined the fate of mankind throughout history. In the view of the Russian general staff, the history of man is the history of technological military breakthroughs, which have enabled one civilization to replace another. The book begins with the Egyptians and Babylonians, and the invention of the chariot and the discovery of mass agriculture, which both enabled the rise of the first empires. Because city-states could put more men into the field, and also support a society that could build chariots and maintain horses, these single, desperate city-states were able to transition into organized empires, specifically the first Egyptian and Babylonian empires of Mesopotamia.

Following this, there was Alexander the Great who invented the spear, called the Sarissa, which was twice as long as the spears of his adversaries. As well, the Macedonian Phalanx was developed, which was a new way of warfare that coordinated with the mounted cavalry and enabled Alexander the Great and his armies to conquer the most advanced of the Mesopotamian civilizations: the Persians, and establish the Hellenic Age, which is the foundation of our current western civilization.

This segued into the Romans who established the Roman Legions, roads, the first mobile artillery, Scorpions and catapults. This new military technology allowed them to conquer the Greeks and displace the Hellenic civilization with their own. However, much like the Greeks, the Roman Empire soon fell to the Barbarians. It was the Barbarians who discovered that the complex Roman society was deeply dependent on its critical infrastructure: namely, its roads for trade and its aqueducts to provide citizens with water. Cultural anthropologists would not consider the Barbarians a civilization, as they were greatly technologically inferior to the Romans, and were not literate. However, by figuring out that the very same complex critical infrastructure that allowed the Roman Empire to thrive was also their Achilles Heel, the Barbarians plunged us into a dark age that lasted centuries. The military technology that arose then, namely walled cities and feudal castles, determined the kind of warfare and kinds of societies in which people lived and experienced.

The next major time frame in which we see a surge in military inventiveness was in the Middle Ages with the invention of gun powder and the rise of professional armies that managed to assemble nation states. When we come to the Napoleonic Era, the Napoleonic wars amass large citizen armies, which were much larger than the professional armies that could be organized at the time. Napoleon’s intelligent use of artillery, his ability to mobilize artillery and blow holes in the lines of his adversaries was invaluable to his cause. He introduced the concept of total war by capitalizing on his citizenry and their desire to fight for him. This was no longer war between professional armies and kings, but rather of whole societies, formed by harnessing the technology of that society.

The History of Military Art discusses World War One, which is considered to be the first scientific war that harnessed industrial processes to introduce chemical warfare, machines guns and barbed wire that eventually destroyed the Victoria civilization and replaced it with something entirely different. Namely, Nazi Germany, Fascist Italy and Imperial Japan. They introduced a new way of warfare called the blitzkrieg (lightening war) and used it to nearly conquer the world. The Japanese used aircraft carriers and airpower to eclipse the traditional naval power at the time. The blitzkrieg restored mobility to the battlefields, allowing a much smaller force to conquer whole nations, albeit ones that were economically inferior to the attacker. The sole reason this blitzkrieg warfare ended was because the Allies figured out how to embark upon their own, improved blitzkrieg on the deserts of North Africa and on the bloody battlefields of Eastern Europe, at the cost of 30 million lives. The History of Military Art concludes with the invention of nuclear weapons, and posits that they are the final revolution in warfare. In fact, The History of Military Art was used as the standard textbook for the Soviet Union general staff and is still taught today. In this final section detailing the invention of nuclear weapons, the book explains that these weapons were a technological instrument that would allow communism to triumph over capitalism worldwide.

The reason why this book was titled The History of Military Art was because up until that time, military thinking was indeed an art form and not a science. However, with the discovery of scientific socialism, military science allowed us to predict, calculate and wage and win a nuclear war against our adversaries and displace that civilization with a more successful one. It did not work out this way, and we ended up establishing a nuclear deterrent strategy instead. We managed to outlast the Soviet Union, as it collapsed under its own weight, because of the inefficiencies of the socialist economy. We achieved in that victory an unprecedented triumph, as it was the first time in history when two super-powers collided, and where victory was achieved peacefully without a great conflagration.

Working at the CIA and in the intelligence community for many years, I don’t know anyone who lived through that period who didn’t think that the Cold War would end without nuclear war. No one thought that the Soviet Union would go quietly into that dark night, so it was nothing short of a miracle that it worked out that way. The History of Military Art is still taught in the Russian General Staff Academy, underscoring that they maintain the view that human history unfolds as a series of technological revolutions. Additionally, they have introduced a new book, the aforementioned, No Contact War by Vladimir Slipchenko. This book is a revolution in military affairs that is deeper, more traumatic and more profound than any other that has preceded it. It presents warfare as the means of one civilization replacing another. For the first time in history, this can be done by a weak state. For the first time, a failed state can prevail over more sophisticated societies. In fact, even non-state actors such as terrorists and terrorism cells can do it. This is all possible, because this new warfare is cyber warfare. It is a much more efficient way of fighting wars, and is the greatest watershed to answer the question that was posed at this beginning of this article, in military history and in the view of the Russians, the Chinese, the Iranians and the North Koreans. We may think otherwise, but they think it is this watershed, and they are planning and training to fight future wars in this manner.

It’s important to note that the way these actors conceive cyber warfare is very different from the way that we do. We often think and talk about cyber warfare as encompassing hacking and computer viruses. They see this as a part of cyber warfare, but also include physical sabotage, using commando teams such as the one that stormed the Metcalf Transformer Substation, using non-nuclear EMP weapons, radio-frequency weapons and even nuclear weapons. A nuclear EMP attack is the ultimate cyber weapon in their doctrine. This is as important to understand as it was for the Allies in 1939 to understand what the blitzkrieg was. With the exception of Winston Churchill and a handful of generals close to him, we had no idea about the Nazi blitzkrieg and how this new way of warfare was going to work, which is why we narrowly fell prey to it. If you analyze the thinking and planning behind World War Two, it sheds a great deal of light on our western thinking. We planned for this second war to be fought like the first with tanks, airplanes, communications systems, trucks to move infantry, but no one put it together in the same way that the Germans had. They used all of these same resources but tied them together in a fast-moving, fluid way that made the static trench warfare of the First World War obsolete. This is why the Germans almost won, and there is a striking comparison between our way of thinking then, and our way of thinking now. Pre-World War Two, experts in Germany from all divisions of the army were talking to each other to co-ordinate attacks, unlike the Allied forces, wherein each division and discipline focused on itself. Today, our cyber experts are not talking to our Green Beret-types who do physical sabotage, who would know how to physically take out a power plant. Neither of these disciplines are talking to our experts in radio frequency weapons, and as far as nuclear EMP is concerned, they are also in their own stovepipe. Lack of communication was a horrific downfall of our preparation for war in 1939, and is still something that could benefit from vast improvement today.

The single most important message is that we are on this threshold of revolution in military affairs. The bad guys understand it, but we don’t. Our cyber warfare doctrine has got to be structured to defeat and deter the enemy’s doctrine, and if it’s not, then we are going to fail.

We have already experienced attacks on electric grids both by nation states and non-state actors. On October 27, 2013, the Knight’s Templar, a terrorist drug cartel in Mexico, used explosives to knock out power in Michoacán Province, cutting power from 500,000 people so that they could invade towns and villages to seek out leaders and publicly assassinate them and all others who opposed the drug trade. If unsophisticated actors such as the Knight’s Templar have figured out that the electric grid is a major societal vulnerability, then it’s unsettling to think of what more sophisticated actors, such as ISIS, al-Qaeda or North Korea, have in store.

In 2014 when ISIS invaded Syria and much of the world’s attention was focused on northern Syria, al-Qaeda used explosives to knock out the entire grid in Yemen, which affected 18 cities and 23 million people. An entire nation-state that is an important US ally was completely blacked out, facilitating in the destabilization of their government and shift into the sphere of influence of the Houthi’s, which is a terror group friendly to Iran. On January 25, 2015, 80 per cent of Pakistan’s electric grid was blacked out by an attack carried out by the Taliban. This attack was temporary and did not last long, but Pakistan is a nuclear weapon state, so it would not be a stretch to postulate that this blackout was perhaps a practice run for something more ambitious, such as a nuclear EMP attack. In March 2015, Turkey was also blacked out, allegedly by a cyber-attack originating in Iran. Perhaps the event that received the most coverage was the Russian cyber-attack on the Ukrainian electric grid that blacked out western Ukraine and affected 100,000 people.

North American electrical liability corporations loathe to report incidents where blackouts may have been perpetrated by acts of terror. Evidence of this lies in the Metcalf Transformer Substation attack. PGNE and Nurkit South did not attribute this attack as an act of cyber warfare, but rather chalked it up to vandalism. This was despite the fact that the Metcalf transformer had very clearly suffered from a commando attack, with which even the US Navy SEALs agree. Upon surveying the damage, the SEALs agreed that it mimicked an attack that they themselves would stage. The perpetrators knew exactly where to shoot at the transformers, where an underground tunnel accessible through a man hole was located, and they knew which cables to cut so the police could not arrive on time. They had obviously pre-surveyed their firing positions, AK-47s were used, which is the weapon of choice of terrorists and rogue states, and they managed to disappear minutes after the police arrived on the scene. Not to this day, even with a huge dragnet by the FBI, have we been able to determine who launched this attack. While PGNE and Nurkit South save face by stating that the perpetrators did not black out the grid, one can view this attack as an exercise to test the limits of what is possible, and what one can get away with.

In military exercises, for example when one flies a bomber over another country’s air space, one does not do so to drop the cruise missiles, but rather to see how far they can get into that air space before being detected, and the reaction they get. This is what Metcalf was all about, and this is what all cyber-attacks are all about. It’s hard to understand the significance of these attacks, because the plan of the perpetrator is unclear. But these attacks are escalating, whether it is the Chinese breaking into our information systems and stealing the information of 15 million federal employees, or they break into the White House and the Department of Defence communications systems to prevent employees from working. We are treating these attacks as unconnected acts of random harassment that don’t make any sense. However, they make tremendous sense: they are tests much like the example of the bombers that test how far they can make it into our air space without being detected. Although a president or Department of Defence representative is quick to pontificate that these actions will not be tolerated and make a lot of noise about the hard-line we will be taking, ultimately, we do nothing about it.

Doing nothing sends a very loud and clear message to them. The example of the blitzkrieg during the Second World War provides another great analogy: a part of the German blitzkrieg on the front lines encompassed a motorcycle corps that would range out in front of Allied armored divisions to probe for weaknesses in the enemy lines. Upon finding this weakness, the Germans would use their amassed artillery, infantry and air force to smash through that weak point, achieving breakthrough in the front line and leading to victory. The invasion of France is an example of this. Similarly, these cyber-attacks are a part of a much larger plan. Adversaries breaking into our systems and stealing information is the equivalent to a German motorcycle trooper appearing on the hill over your part of the defences, and looking down over your lines. He is not the whole threat, because behind him is this massive ensemble and huge plan that presents an enormous threat. This is how we should be thinking about these attacks, and why it is vital that we come up with an efficient and responsible way to respond to them.

Perhaps the most sophisticated example of this type of exercise came in 2013 with North Korea. The US had imposed sanctions on them following their detonation of their third nuclear weapon. After the sanctions has been imposed, we were hit with a constant stream of cyber-attacks against our critical infrastructure and power grids by un-identified actors, some of whom were traced back to North Korea. The biggest of these attacks was on the Metcalf Transformer Substation. While this attack cannot be definitively linked to North Korea, on the same day the North Koreans launched their first satellite, the KSM2, into orbit. It passed directly over Washington DC at the optimum trajectory to avoid our national missile defences, and could have potentially placed an EMP over the eastern grid of the US, which generates 75 per cent of our electricity. That EMP field would have affected Canada as well, as both the US and Canada are on the same grid. The EMP Commission recommends protecting against a nuclear EMP attack, which is the worst of the threats, but islanding your grid and stopping the negative attacks that are a threat on the US grid—for example—from affecting Canada. This can be done by using blocking devices and surge arresters, which is technology that has been around and that we have known about for the better part of 50 years. However, we currently only use it on our military systems, such as the Cheyenne Mountain Military Command and Control. Our civilian infrastructures have been left undefended, and the bad guys know that. The EMP Commission estimates that without proper protection, we could potentially suffer an attack that would take down the whole national grid of the US for 18 months. By their calculations, this would result in a loss of 90 per cent of our population from disease, starvation and societal collapse. It would end a civilization.

It is not a dire situation, because there are things that we can do, technologies that we can put in place to prevent and mitigate these types of attacks. Surge arresters placed on transformers would be invaluable in protecting against a surge of energy resultant of a nuclear EMP attack. It would handle the worst overload that could be generated by cyber viruses, and the worst over-voltage cascading out if a transformer was shot at. They would also assist in cases of severe weather. For example, many transformers surged uncontrollably and exploded, leaving many without power. The high power lines were knocked out by the storm, and the energy they emit has to go somewhere, so it comes back down as an over voltage that blows up the transformers, because there are no surge arrestors on them. Surge arrestors would help in the cases of nuclear EMP attacks, geomagnetic storms, radio frequency weapons, severe weather and other extreme cyber-attacks.