'Power backup only lasts so long'
Utah's 'Black Ice': Cyber-attack scenario
By Dan Verton
(IDG) -- A little-known exercise held last year to help federal, state and local officials in Utah prepare for a possible terrorist attack during the 2002 Winter Olympics may hold some of the most important lessons for infrastructure protection in the aftermath of the September 11 terrorist attacks, according to a key official involved in the exercise.
Next month marks the one-year anniversary of the first regional such exercise known as "Black Ice" -- no connection to the commercially available computer-security software of the same name. Sponsored by the Department of Energy (DOE) and the Utah Olympic Public Safety Command, Black Ice demonstrated how the effects of a major terrorist attack or natural disaster could be made significantly worse by a simultaneous cyber-attack.
"The terrorists in the September 11 event had the patience to plan (and) the foresight and the understanding of the infrastructure that could be used to simultaneously or sequentially disrupt the infrastructure electronically and that could cause a major regional failure in this country," says Paula Scalingi, director of the DOE's Critical Infrastructure Protection Office and a central figure in planning the exercise. "There's no question that that's doable."
The Energy Department is preparing a report detailing the impact of the September 11 terrorist attacks in New York on various critical infrastructure sectors. Despite a few minor differences between the Black Ice scenario and the real-world scenario that unfolded on September 11, the exercise proved to officials that future terrorist attacks could be far worse if they include a major cyberdisruption.
The Black Ice scenario takes place on February 14, during the second week of the Olympics. A major ice storm topples power lines across seven counties and disrupts microwave communications in the Salt Lake City area. It also damages the high-voltage bulk transmission lines in several states, including transmission lines north and south of Salt Lake City.
The damage to the transmission system isn't extensive, but the ability to import electricity to the seven-county area is hindered significantly. The lack of power generation forces authorities to conduct rolling blackouts.
That's when the Supervisory Control Data Acquisition systems, which control the power grid, are further damaged by a cyber-attack. The source of the disruption is unknown; it could be a hacker, a terrorist, an insider or the result of storm damage. Regardless, the failure begins to ripple throughout the rest of the regional infrastructure.
"Communications were one of the first things to go," says Scalingi. "What was discovered is that if you have a prolonged power outage that goes on for several hours, your infrastructure starts to degrade. Power backup only lasts so long."
And it's not just telecommunications. Water systems rely on electric power, as does the natural gas industry and the natural gas-powered electric utilities in the region. Emergency responders struggle through the chaos that results from Internet outages, cell phone overload and telephone failures.
"You get the idea," says Scalingi.
The ice storm could easily have been replaced with scenarios of multiple bombs, hijackings or other physical catastrophes, she says. The important lesson is that Black Ice showed how interdependent are the various infrastructure systems -- including telecommunications, utilities and banking -- and how major might be the combined effects of cyber- and physical attacks, she says.
"The infrastructure system providers didn't understand the interdependencies among their systems," Scalingi says. "If you talk to state and local government and local utilities, they'll tell you they have great response plans. The problem is, they write them in isolation."
One recommendation was to develop a template for private-sector owners of critical infrastructure systems to use to identify the various levels of interdependency among their systems. Utah emergency planners also proposed developing a secure database to store information provided by the various infrastructure owners. However, concerns about the security of proprietary industry data put the project on hold, says Scalingi. A report on the lessons learned and recommendations on how to prepare for such disaster was released in May.
The database would have included geographic information system technology that would have enabled officials to view a graphic representation of the status of various infrastructure systems and how they connect, she says. Getting protection from Freedom of Information Act requests remains a key concern to most infrastructure companies and a main sticking point in information sharing, says Scalingi.
"It would have been real useful to have that database," she says. "You have to be able to share information with the other infrastructures. That's exactly where we need to go in the post-September 11 world."
RELATED IDG.net STORIES:
Weighing security and privacy after September 11
Survey: Web attacks doubled in last year
IT industry analyzed one month after attacks
Microsoft creates security ratings
Lessons in disaster preparation
Reconsidering security: Basics first
Guarding against cyberterrorism
Note: Pages will open in a new browser window
External sites are not endorsed by CNN Interactive.
TECHNOLOGY TOP STORIES:
Report: SUVs pose danger to cars
New telemarketer tool trumps TeleZapper
Terra Lycos logs $2.2B loss
AOL to offer song downloads
Microsoft seeks fiscal fountain of youth
|Back to the top|