Just after midnight on April 16, 2013, someone slipped into underground tunnels and cut the phone lines running to the PG&E Metcalf power substation near San Jose, California. Then two snipers proceeded to fire over 100 rounds into the substation in 19 minutes, knocking out 17 transformers. The electric company managed to prevent a widespread blackout, but security officials fear the attack could be a dry run for a larger scale terrorist attack.
Investigators believe that there were two attackers, both of whom remain at-large and unidentified. Jon Wellingoff, chairman of the Federal Energy Regulatory Commission at the time of attack, said it was “the most significant incident of domestic terrorism involving the grid that has ever occurred” in the U.S. While the FBI does not believe a terrorist organization is behind it, the attack underscores the growing threat posed by “lone wolf” attackers. This is also a threat that top U.S. intelligence officials have recently been warning about.
For example, Director of National Intelligence James Clapper warned in his annual global threat assessment that “homegrown violent extremists will likely continue to pose the most frequent threat to the US Homeland,” particularly “those who act alone or in small groups.”
Additionally, Secretary of Homeland Security Jeh Johnson warned that “lone wolf” attacks are “the terrorist threat to the homeland—illustrated last year by the Boston Marathon bombing—that I worry about the most; it may be the hardest to detect, involves independent actors living within our midst, with easy access to things that, in the wrong hands, become tools for mass violence.”
Furthermore, the substation attack demonstrates the weakness in our critical infrastructure, as recently warned by Heritage. Clapper has echoed the warning, saying the critical infrastructure “provides an enticing target to malicious actors.” A recent study by West Point’s Network Science Center found that shutting down the electric grid by causing a cascading failure is much easier than one would think.
The electric grid is arguably the most important sector of the critical national infrastructure, since none of the other sectors could function without it. The liabilities in the psychical structures (e.g., substations, generation facilities, and control centers) are just part of the vulnerabilities in the overall electric grid. Weaknesses within the software, supply chain, operational technologies, and personnel all pose cybersecurity threats.
To mitigate these threats, Congress should enable effective information sharing between the government and the private sector, work collaboratively with utility companies to enhance both cyber and psychical security, and encourage private-sector awareness, education, and training.
Jared Ferris is currently a member of the Young Leaders Program at The Heritage Foundation. For more information on interning at Heritage, please click here.