Brittle Power- PARTS 1-3 (+Notes) - Natural Capitalism Solutions

18Brittle Powerplish with understanding and purpose. It appears that one person, withoutcompromising identity or location, can crash most or all of a corporate orcommercial telephone network and keep it down more or less indefinitely,perhaps causing significant damage to electromechanical components in theprocess. Most—with sufficient effort, perhaps all—communications and computersystems whose entry is controlled by electronic passwords rather thanby physical barriers are vulnerable to penetration, misuse, and disruption.The systems which control electric grids, oil and gas pipelines, and other complexenergy facilities are no exception.Physical barriers, of course, are not an absolute bar to physical penetrationby stealth or force. The physical vulnerability of some control systems, likethe control room of a nuclear reactor, may suggest a need for a duplicate controlroom, located away from the reactor, to be used if the first one is takenover. (Such a proposal has already been rejected by the Nuclear RegulatoryCommission, though some alternative control equipment for basic shutdownfunctions is provided.) But such duplication also increases vulnerability tocapture, or simply to interception and misuse of the communications channels,as in computer and telephone networks today. False control signals canthen be combated by encoding, but this increases operational delays anderrors: recall the thirty-seven minutes it took for a technician to find the “allclear” tape after accidentally broadcasting a tape announcing a Soviet nuclearattack. 38 In this game of threat and countermeasure, problems simply cascade.The design principle seems to be “One damned thing leads to another.” To theextent that deliberate intervention in a control system can be combated, it isseldom by adding yet more layers of complexity, but rather by a quite differentstrategy—of resilient design (Chapter Thirteen).The vulnerability of controls is especially marked in computerized financialsystems. An adversary could probably crash the U.S. (and international) bankingsystem simply, anonymously, and untraceably by using electronic fundstransfer to make hundreds of billions of dollars vanish instantaneously. 39 Theneeded techniques are not unduly difficult. In 1980, four thirteen-year-oldsbrought chaos to some Ottawa commercial computers while playing with amicrocomputer at their New York private school. 40 Fraud, sabotage, and coercionusing electronic banking has already reached alarming (if largely unpublicized)proportions. If a computerized embezzlement is detected (many cannotbe), that fact itself is frequently an effective lever for blackmail, lest the victimizedorganization lose public confidence or have to pay higher insurance premiums.It is doubtless encouraging to potential computerized thieves that ofthe few caught so far, most have been rewarded with lucrative jobs as securityconsultants. As will become clear in later chapters, if financial computers arethis vulnerable despite the immense effort devoted to protecting their data, thefarflung and far less well protected computers which control modern energysystems may be even more vulnerable, with results at least as serious.