I was on duty as security for a.. semi secret substation designated as critical infrastructure that night. In the Bay Area, we just had to divert power a little bit. It basically didn’t affect the grid at all.
Everyone was all a little more worried as to if this was isolated, if we were next, etc etc.
Transformers that are small are often on hand and easy to swap out. But some of the bigger ones have months long lead times. The facility we were at had transformers that had a 6 month lead time from Germany to replace them and they had to be sent via boat as they wouldn’t fit in planes.
The average person isn’t going to know that about transformers. Which leads more credence to the fact it’s an inside job.
> The average person isn’t going to know that about transformers. Which leads more credence to the fact it’s an inside job.
The long replacement time for transformers would be known to anyone spending 15 minutes googling what parts of the electrical infrastructure are vulnerable to a sniper attack. It's been discussed on HN before [0] so you better believe it shows up on forums for linemen or preppers or wannabe terrorists. Maybe it diminishes the chance it was a random act of vandalism, but it doesn't speak in favour of the attack being an inside job.
If it's terrorism, they're going to want to have an effect that is large. That is the nature of terrorism. Small events that are insignificant are not the goal of terrorism.
If a person wanted to cause harm and damage the electrical infrastructure. They would have spent time planning and figuring out how to cause the most damage, with the least detection, with having the most PR and effect. Shooting a bunch of neighborhood transformers isn't the way. In their research they would have found so many other high-reward low-risk targets.
OR this was a "vulnerability scanning", and not the actual attack. Perhaps they were a group of friends that wanted to shoot and see if sparks will fly (literally), like we see in the movies.
OR assuming it is a group of sleepers/terrorists doing a pen-test (not the actual penetration/assault). They now (back then) answered the following critical questions: How long does it take to incapacitate such an installation? Will readily available guns do to work? How many people/guns/bullets do we need to pull this through? What monetary value damage can we do? Who/where is the back of this place? What do we need to shoot in there to make more damage (time, money, both)?
So know "they" know that smaller boxes were replaced in a few minutes and larger boxes cost more and take 6 months (so large boxes it is!!!)
Exactly like a vulnerability scanning/penetration test. "They" now so much more on the target, it's vulnerability, it's protection, how to disable.
This said, they know that taking down one of these things is but a scratch. How about 3? 5? 10? Can a group of 50, broken down in teams.of 4, with 1 rifle and 20 bullets each, take down a station like that and be our of there in 5 minutes?
These are questions that anyone with security, military, project background will be asking (and I am not CIA, KGB, etc)(so imagine how these 'departments'(?)) must have thought of it further...
Unless.. this post was all about trying to identify criminal minds.. in which case.. guys.. I am in the good side on this!! The good hat!! (no more white-black hats)
The idea of a strategic reserve of large power transformers has been discussed at length to help ameliorate the impact of something like this from an order of literally 6-24 months, compounded into multiple years, down to... perhaps a couple of weeks/lower order of months.
It seems completely insane that we're not prioritizing this sort of reserve. We could basically order 50 or so LPTs for < $2B which is a goddamn steal for the peace of mind and short-ish turnaround time we'd have for replacing critical infrastructure. There are some issues in that many are bespoke for their specific implementation, but the report discusses that as well.
I believe that those who make the choices think with their wallets, not their mind (and it's thereof peace). Imagine you got a $2bn worth of stock, that you need to maintain (even if it's just removing the dust from the box). Then an upgrade comes up on component ABZXYZ1B so now you need to fly someone from Germany, fly in the component, replace the thing, test the think, repack the thing. That extra cost and effort is considered. Do all stations use the same make/type/version of the thing? Or we need to stockpile 20 categories of them $500m-$2bn of each type?
A good and expensive side-gain would be repairing and/or upgrading some infrastructure (roads/bridges for the transportation, which is extra cost).
> A good and expensive side-gain would be repairing and/or upgrading some infrastructure (roads/bridges for the transportation, which is extra cost).
Without electricity I find it difficult to see how anything gets done
+ No mobile phones (handsets rapidly run out, base stations (is this the right term?) are fried, and if they weren't they'd be without power
+ No landline phones
+ No internet - how are you going to co-ordinate anything including crop gathering, packing, distribution, and sales? How are people going to buy anything without money, or a job to earn money if that money hadn't disappeared in a puff of no-bank-account-because the banks... see below.
+ Pumps for fuel are electric aren't they. Cash registers are electric. Banks are effectively electric these days - no electricity no action so no movement of money.
Plus if we keep using fossil fuels and don't transfer to electrical power throughout, what w ill climate change throw at us.
How large of a boat would you need to really do damage though? I suspect that most undersea cables are tough enough to withstand your average sub-1000HP fishing/water skiing boat, and would need something a bit harder to come by to be easily damaged.
I'm not going to speak to specifics. Let's just say, you'd be surprised. It's more about the cutting force than it is say about the mass. Yes, a large boat will make even the dullest anchor a strong knife via force. But a small anchor that is sharpened could do the trick.
You don't need to split the wire in half. You merely need to expose it enough to cause it to go to ground with a significant enough amount.
The facility in question could see any boat on the water, and if a boat stayed over the lines too long. Authorities would have to be notified. After I left this exact thing happened by accident, and it was in an area where large boats did not enter due to the water being too shallow.
The [Trans Bay Cable](https://en.wikipedia.org/wiki/Trans_Bay_Cable) is a 53mi-long cable carrying 400MW at 200kV DC (so that's 2000A). It's capable of supplying 40% of San Francisco's electricity needs.
So dragging an anchor probably would do more damage to your boat and the anchor than the cable itself - but I imagine a diamond-tipped cutting blade could probably make its way through the armor layer eventually - perhaps some carefully placed underwater explosives would help weaken it too. Just hope you have protection against the extreme current going through the cable travelling up your anchor...
So yes, it's within the realm of possibility for an individual to sabotage the SF Bay Area's electrical power system.
...that's scary.
But the thing about disrupting public utility infrastructure is that it doesn't fill people with fear - it just inconveniences them. If there was a news headline about some incel/qanon idiot dropping underwater explosives into the bay around this cable from a rowboat to shut-down SF's power supply it just seems... underwhelming and non-threatening: quite the opposite of a macho-masculine power-fantasy - and they'd probably get laughed out of the communities they claim to represent.
Explosives could easily cut right through it. You can cut cleanly through reinforced concrete bridge pillars with just high yield detonation cord or c4 collar charges.
The world of infrastructure security is quite terrifying once you start digging into it. I believe at some point in the 1970s, the CIA started doing red team operations on domestic terrorism infrastructure vulnerabilities. They eventually stopped or slowed significantly because they had so many simulated breaches that they couldn't possibly contain them all. They had to significantly refocus their attention on prevention by identifying who/what/where/why instead of how (their traditional cold war methodology that many thought was outdated), because there were practically infinite ways identified that infrastructure could be crippled.
No need for explosives even. The technology for quickly cutting through reinforced concrete has been available since the end of the nineteenth century, and has been an industrial thing since at least the middle of the twentieth century.
For underwater cables I wouldn't say non-expert: the trade that has the expertise generally pays around USD 60k per annum.
Being around 2 kA discharges underwater is probably not a great idea, however. Automation would be one possibility, raising required expertise and lower required headcount. A little searching indicates that if one is willing to acquire a ROV, there are at least two other commercially available cutting technologies, both of which are normally used for much larger cuts than a 20 cm cable bundle.
Much modern infrastructure relies on people not being jerks, but then again, modern society also relies on people not running around shooting each other, which seems to work.
(except when it doesn't: this is why I am looking into Yugoslavia now. How does one get from socialist brotherhood to shooting each other? I have colleagues, yugo refugees, whose conspiracy theory is that the conflict was externally stoked, but I currently find people being stupid to be a more parsimonious explanation.)
To me this whole thread reads like an ad for solar + local storage. There should be tremendous resilience advantages compared to grid power. I’m surprised security/defence authorities aren’t pushing for that?
It really seems like it would depend on the topology and capacity of the various routes. Just having more of them isn't necessarily the same as having more flexibility in routing.
> There should be tremendous resilience advantages compared to grid power
Perhaps in California, but in northern latitudes (e.g. central Europe) solar does not generate sufficient power during winters. It would be necessary to have either massive south-north power lines (so less resilience), or some storage.
Such storage would need to be massive (orders of magnitude bigger than just for day-night ballancing) and unlikely to be battery-based. Chemical storage is a possibility - plants converting excess electricity to hydrogen/methane and storing it in underground reservoirs (like ones currently used for strategic reservers of natural gas). But such facilities would be subjects to economy of scale, and therefore likely big and centralized, like current grid facilities.
If it's the "instant delivery" you propose to replace by local storage, what is the link with solar? You could as well store energy received from the grid.
Solar is particularly inefficient, both because of the volume it requires per unit of energy produced, and because storing energy incurs a huge loss (also, since this post discusses security risks, I guess storing large amounts of energy at home is definitely not the safest of options)
"Solar is particularly inefficient, both because of the volume it requires per unit of energy produced, and because storing energy incurs a huge loss "
When your goal is to be at least temporarily energy autark (in case of a power loss for some days) it does not really matter, how much energy was needed to produce the panels. What matters is, that you have that powersource in that moment.
And it surely works very efficient, especially in california.
Even in rainy middle europe, I am able to go to a remote place with my tent, laptop, power bank and small solar panels - and can enjoy distraction free working time - without access to the grid.
> What matters is, that you have that powersource in that moment.
And if that moment is during the night, you don't have it. If power outage is a part of your threat model, you want something that you can reliably switch to in a very short time and that will reliably provide the power you need for as long as you need to get the primary power supply back up.
I could entirely scrape by without power at night for some time. Would it be inconvenient? Absolutely. Threatening? No. The little infrastructure I’d really need to run over night includes probably my fridge and my freezer and those could be powered by a battery backup for that time. There’s ready made modules for available for that (camping equipment level ready).
Stove, oven, kettle not being available would be seriously annoying, but not threatening either. Intermittent power would be a massive improvement over no power at all.
Right, but you're not running a data center or factory.
Individually, unless you're in very harsh climates, the safety margin for normal operations is huge. But that's not the case for complex systems. You can't simply shut down a data center for a week without turning it from a data center into some expensive building that currently provides zero value.
Society relies on reliability. By extension, so do you, because without reliability in factories, there won't be solar modules, batteries and all the fancy gadgets being produced. Individually, you can easily survive a few days without power, or without food for that matter. But on a society level, that's a very different story.
The risk here is that a terror attack on grid infra knocks out so much of society. No electricity => so much trouble.
My point is that with solar+storage you get a more resilient system that can continue to provide power even if central grid infra i knocked out.
You can have wind instead of solar, but you need some way of generating. Storage alone gets you through a night, not more.
What risk do you see with commercial battery storage? You do know there is gasoline in cars and many houses are heated using natural gas, right? Compare and evaluate risks between those please.
You say that solar is ”particularly inefficient. I do not agree
> The risk here is that a terror attack on grid infra knocks out so much of society. No electricity => so much trouble.
Seriously, your argument is a 5 sigma event? Sure, everything can be justified with overly extreme and improbable settings. I won't enter the debate on whether it actually make sense to protect yourself from that, I have the feeling it cannot end up being a constructive discussion.
> you do know there is gasoline in cars and many houses are heated using natural gas, right?
Sure, escalate the condescending tone, that will surely improve the quality of the debate.
> What risk do you see with commercial battery storage?
I don't think the consumers should be trusted to store and maintain meaningful quantities of energy.
Long time ago, where I lived in Europe, people used to be heated by either fuel or gas. Nobody had electrical heaters. That meant you would frequently find these gigantic gas tanks (sometimes burried, sometimes not) in people gardens. Now it is forbidden to have them, or they have to be totally underground. Why?
Because there were simply too many accidents, too many tanks left unattended for years, or forgotten.
You cannot trust people to reliably store and pay for maintenance of their installations forever. And keep in mind, I'm talking about gas tanks here, which have a lifespan of dozens of years, and are pretty sturdy.
Batteries? A few years at most, and that is if you have all the proper circuitry to cycle them periodically, regularly rebalance them, change them, etc.
I would be curious to compare the number of defects from consumer grade lithium ion batteries, versus a gas tank. My guess is that there is a higher rate of defect in batteries. Then factor in the number of batteries required to store a few days of your household energy, I guess the law of large numbers would quickly kick in.
> You say that solar is ”particularly inefficient. I do not agree
Alright, let this be my last answer is this thread because I have the feeling arguing more will just lead to feed the troll.
1) if you are trying to generate energy for storing, and your end result is charge, then you're doing it wrong.
There is not much you can do to efficienty store charge, you can transfer it to a battery, but this is not energy efficient, not to mention a battery is inherently short lived.
Efficient energy generating systems generate some kind of mechanical force: steam, heat, are good examples. It is much easier and efficient to store than charge.
Classically, pumping water up a hill is a popular mean of storing energy. That is what most solar plants are doing.
Batteries are used when consumers require very little energy storage, and they are small/easy to distribute.
2) solar is inherently inefficient because it requires storage.
Storage is always a loss because it requires to convert energy to something else. And conversion is never lossless.
Nuclear (and water dam up to a point) deliver real time energy at any time, thus eliminating the need of conversion that you have with solar.
But of course you need a grid system for that. And apparently your sole argument is based on a hypothetical shutdown of the grid.
3) The volume of panels per energy output ratio is ridiculous, making solar a totally impractical and environment unfriendly choice.
From the top of my head, the volume/output ratio between nuclear and solar is >50. Not only does this mean 50x more space, but but also 50 times more unrecyclable equipment.
---
Ton conclude, I just don't find any sense in trying to find alternatives to the grid system. Concentrating the means of energy production and distribution seems to be the most effective and climate friendly way.
In the case of parent post mention that he goes camping with solar panels to charge his laptops, that seems nonsensical to me.
From a quick paper computation, I would need 15 hours of a portable solar charger to fully chargey laptop battery. Based on an average of 5 hour/day (that's what most solar plant can achieve) that means 3 days for a 100% laptop charge. You're better up just taking a spare fully charged battery with you when hiking. It will be lighter than the solar panels, and most probably charged at home with nuclear energy, it will end up being more environmenta
friendly.
As for storing energy in case the grid goes down: environmental problems worries me way more than a terrorist attack on the energy grid. I would rather not spend time trying to purposefully inefficiently store energy "just in case", and use that time to try to convince people that clean energy with the current grid system is more important.
What makes it a power grid is that the stations and substations are connected in a mesh topology. Every major load center is going to have multiple possible paths for power flows from multiple generators. In most cities, even residential distribution will have multiple feeder paths.
In most cases these are controlled by switches at the substations that put circuits in and out of service, thus moving the path current must take. More modern options include phase shifting transformers and other reactive device, and even impedance reactors that will adjust flow across multiple live circuits.
Aside from that, changing where generation is happening also moves current to different circuit paths, so for example a "peaker" gas turbine plant that can ramp up quickly might be brought online in one location electrically closer to the load to balance flow away from an overloaded or to-be-disconnect circuit.
What that practically means is power that would have normally come through those substation would be delivered by some other source, and thus go through a different set of substations.
What most people don't understand is that it's important that the demand + the transmission losses = the production, not just as a whole, but also for each link. To help with that most places don't produce 100%, and a lot of higher power links are redundant. But that can only cover so much. If it's not a high demand day you can probably source power from other providers, but sometimes that's not enough.
EIL5 Answer. Power (mostly) follows the path of least resistance. Like water does.
To divert power certain stations or links in the grid can offer resistance via either terminating, or other means.
Another thing is, It’s a common understanding that power facilities can produce and modulate power. But they can also spin in reverse, thus using power.
The average person might not know about transformers, but the set of people who know about transformers isn’t exactly small. It’s plenty large enough for there to be miscreants who know about transformers but aren’t power company insiders.
Yeah it's pretty well known. For some larger transformers they used the world's largest plane, An 225, to transport them half way across the globe because otherwise it would be a months long delay.
Isn't transmission lines and substation information public by necessity?
My takeaway from this story is that a saboteur cell of as little as 10 people could take down multiple substations in sync, causing way more serious consequences.
Attacking substations is a hard way too, one could just mix up some thermite and bring down some 500kW transmission towers.
Not all of it. Some designated as critical infrastructure is protected, private business can also be protected information.
The trick here is, most of the grid can compensate for outages and entire sections being lost. It's build to handle that. You can't just run out and bring down substations and transmission lines and knock out a city.
There's only some that are absolutely critical. Take Diablo Valley for example. Because they're nuclear and critical, they have an entire SWAT Team on hand and folks with .50 Cal Rifles on the roofs.
I wont speak to the security of this facility. I'll just say this, If someone got within 10 feet of the facility. It would be immediately known and responded in kind. There is no way, even digging a tunnel, someone would not be noticed.
Presumably everything is more robust now that lessons have been learned and single-point failures shouldn't have that sort of effect. Coordinated multiple failures most certainly will take down huge swaths.
Since it is near a gun range, I had simply assumed it was some yahoos driving around with their AR's firing at it as though it were nothing more than another road sign on a remote rural stretch.
I can see (drunk and/or irresponsible) persons wanting to shoot at the insulators to make them spark and blow up - you get some pretty nice fireworks that way: https://www.youtube.com/watch?v=ZCzdPFJ4tog
What? The kind of people who go to ranges are not the kind of people who would fire randomly at infrastructure. What would be the point of going to the range if you’re fine shooting in the open? Please don’t defame responsible gun owners like this.
I don't understand why this is called a terror attack.
From the article it seems managers got spooked, sure. But it doesn't read as if the general population was.
Granted, it's possible the attack failed to achieve its goal and that's why the population is not terrorised. But even then: an actual terrorist could've easily kept track of news on damages caused and how close to great effect they had come. That would surely incentive them to try again. But I'm not aware of that happening.
The terror angle is that someone tried to disrupt a major component of the electrical grid. It’s hard to imagine a motive for such an attack that doesn’t involve trying to cause major panic to a community. That’s definitely qualifiable as terrorism.
Just because they didn’t attempt again (that we know of) doesn’t mean that they weren’t terrorists to begin with. Also noted in the article, investigators later believed it to be an inside job. This goes into wild speculation, but if the attackers worked at DHS, they may have known how close an investigation came to revealing them and opted not to try again. We’ll probably never know why though.
Terrorism is any use of violence or intimidation for the purpose of furthering a political goal. The political motive is a necessary element of terrorism. While you could presume terrorism as being the most likely explanation, it’s not the only one, as state sponsored acts tend not to be classified as terrorism (depending on the perceived legitimacy of the state in question).
Of course is a politically loaded word, so people will redefine it to suit whatever their political agenda is. But that’s it’s original definition at least.
This is certainly not a relevant point at all. All mainstream definitions of terrorism center around the type of acts that are included in the definition (eg violence against people vs violence against property), and the types of motive (political, ideological, religious, revolutionary for example, though all of those could reasonably be described as ‘political’).
Whether or not the perpetrator intended to strike terror into people’s hearts is irrelevant to the definition, because it is presumed that the types of acts covered by the definition are terrorizing.
A revolutionary destroying infrastructure with the sole intention of disabling the capabilities of the state would would fit into almost all definitions of terrorism, even though terrorizing people may have played no role in the perpetrator‘s motive.
I completely disagree and, while I don’t consider myself an expert in “all mainstream definitions of terrorism”, I’d suspect Merriam Webster would be “mainstream” enough for many readers:
“ Definition of terrorism
: the systematic use of terror especially as a means of coercion”
This is such a unnecessary nitpick since yourself seem to understand by calling it terrorism, people are explicitly declaring their belief that it was to political ends.
It's like people calling a bush fire arson, then you giving the definition of arson and saying "arson refers to the deliberate act of setting a fire"...
That's kind of the whole point of implicating it was arson, to further narrow the cause/motivation of an incident.
Also the nitpick isn't internally consistent, if you want to be literal and say terrorism any use of violence for the purpose of furthering a political goal, how is a state sponsored attack not a terrorist attack? Are geopolitics excluded from your definition then?
>State sponsered acts tend to not be classified as terrorism
It’s not an unnecessary nitpick at all. The way the word is used today, it actually doesn’t have a meaning that you could write down. State sponsored acts of violence against another state has traditionally been described as war. The thing that blurs that particular line today is the blurriness between between agents of the state and private agents resourced by the state (as well as controversy around which states are legitimate states, and which governments are legitimate governments).
The reality of the situation today is that ‘terrorism’ doesn’t actually describe a definable act. Whether something is terrorism or not depends entirely on the political perspective of the person describing it. Destroying property, committing arson and tearing down statues as part of a political protest would be quintessential terrorism according to the actual definition of the word. But to describe it that way in our current political climate would be remarkably controversial. Whenever somebody calls something terrorism, all they’re doing is offering a political opinion. Which seems like a particularly relevant point to acknowledge in a discussion about what terrorism actually is.
One person's freedom fighter is another person's rebel; One person's soldier is another person's foreign invader... that's not a new concept? Didn't stop us from calling things wars, groups rebels or soldiers, and a whole host of other words for hostilities that all depend on your point of view.
-
If you put something like a firecracker in a random mailbox and watch it blow up, it will scare people, but a limited number of people would consider that terrorism
If you go and put firecrackers in random mailboxes all around a city for a week, it will be called terrorism because there's an expectation there's some political or ideological objective someone is trying to meet with that fear.
No one knows for sure why you're doing it, maybe it's not terrorism, but it will be called terrorism because that's a logical conclusion. At some point in level of violence, or complexity, or damaged caused, people start to seek meaning past fear for fear's sake. This is why you see them use the word terrorism
If anything your hangup seems to be exactly that, people seeking meaning by calling it terrorism without some concrete objective being known to them, but it's common sense.
This was a sophisticated attack, a team of gunmen with scouted positions, communications lines cut, only very specific components being hit. What non-political motive can you come up with that out ranks some kind of geopolitical motive, or anti-government tilt? Even reasoning like "to wake up the government to the possibility" is political
How so? The surgical nature of the attack _combined with the most probable motives having a political tilt_ is what makes people call it a terrorist attack.
A sophisticated robbery of millions of dollars from a casino has a pretty clear motive that doesn't have to be political. That's not to say it couldn't be, but initial reports wouldn't call it terrorism since personal financial gain is a pretty good motive
Well, I extended upon my point in a consistent manner instead of weeble wobbling from one thing to the next while not really saying much, but that's an intended differentiation.
If you read it as a rephrasing that's ok too. Sometimes it's not a bad idea to rephrase a concept when someone has trouble understanding it.
I think it's a very appropriate nitpick in this case since it seems like the perpetrators wanted to use violence to call attention to the electrical grid's vulnerability more than actually damage/disrupt it. It seems most likely to me that the goal of the attack was to spur the very conversation we're having.
I'm missing "terror" in your outline. Not the word itself per se, but the effect on the general population.
I'm still struggling to see how something is terrorism if it isn't intended to instill widespread fear. Not widespread worries, like the managers had. Actual fear.
How are you struggling to see terrorism doesn't have to cause widespread fear in the general population to be terrorism?
> the unlawful use of violence and intimidation, especially against civilians, in the pursuit of political aims.
The nitpick was pretty much saying "you need to have a political aim to do terrorism!"
My rebuttal is, by calling things terrorism, the implication is there was some political tilt even if said tilt is unknown. That's the whole point of calling it terrorism.
Whether that was geopolitical, or anti-government, or a protest against the lack of action the national security risk that is our power grid, these reasons are all some form of political motivation.
With the level of sophistication shown, this rises above of trying to create fear for the sake of fear or mischief.
In fact, part of why the fear caused by this was somewhat limited was an initial effort to keep it secret which was later abandoned.
Do you really think a team of coordinated gunmen using advanced scouting techniques, cutting communications lines in an anticipation, showing intimate knowledge of a substation wouldn't have caused widespread fear in a community?
Most people wouldn't even care about the substations, just the idea of coordinated professional gunmen attacking targets would be scary enough... it certainly was for the government
This was in 2013 so before the current policy of downplaying any terror angle during events, and during "the war on terror" generally. Hardening national infrastructure was more of a politically relevant story back then.
Additionally
the wiki page says it's "sophisticated" but it was literally firing bullets through a fence. Together it seems as if it was labelled a sophisticated terror incident as part of the War on Terror and because as mentioned in these comments, it shook up the USAs own spooks.
Purposefully cutting monitoring cables and pre-scouting firing positions outside of CCTV field of view is exactly what made this sophisticated. That and managing to not get caught despite firing a rifle in a built up area in the middle of the night.
Knowing the key things to shoot to maximize disruption and damage, the signaling, the fact that the cctv positions seem to have been scouted and dead zones found, the fact that no fingerprints were on any casings, a substantial hunt
being unable to find those responsible, the pre-cut communications links, the coordinated tactics of the group etc. are all signs of sophistication.
Multiple gunmen shot at the transformers for 19 minutes...what about that sounds professional to anyone?
That's not a quick attack, accurate shooting, nor the proper ammo to do real damage. Terrorists can't get a .50? The only impressive part is cutting the phone lines.
Anyone with basic knowledge of a substation could inflict more damage faster than that.
If I were to take a random guess, at best it was a cartel prepping to rob someone, and Telco operations aren't exactly new for them
It's right along the freeway. A couple hundred thousand commuters from south SJ suburbs pass it every day. It's in a little band of open space between South San Jose and those suburbs.
2015: “While we have not yet identified the shooter, there's some indication it was an insider," said Caitlin Durkovich, assistant secretary for infrastructure protection at the Department of Homeland Security.
I always wondered about this. First thing that crossed my mind at the time was that it was (1) idiots who thought it would be fun to cause high-profile trouble, or (2) terrorists, but it sounded a bit sophisticated for #1 and as far as I know, no one ever claimed credit for it.
After reading one of the references (https://money.cnn.com/2015/10/16/technology/sniper-power-gri...), and learning that they think it might have been an insider, a third possibility occurs to me: what if it was someone—maybe a PG&E employee—who knew first-hand how unprotected this infrastructure was, and wasn't being taken seriously? Especially given the Homeland Security report a year earlier about how easy this kind of attack would be.
Conspiracy-theory stuff, maybe, but:
> The assault...became a harsh wake-up call for energy providers, who have since become obsessed with the physical security of their remote power stations.
> PG&E alone has pledged to spend $100 million to improve security at its facilities...Transformers are often custom designed, sometimes costing $3 million each—and replacements are slow. Plus, physical attacks on energy distribution machines are much more effective at taking out the power grid than a computer hack. And it's incredibly easy to pull off, several energy utility firms told CNNMoney.
> Experts attending GridSecCon, held by the North American Electric Reliability Corporation this week, are now discussing the need to enclose electronics in 1/2-inch thick armor plating that can stop high-powered rifle rounds. Power utilities have started loading remote substations with infrared cameras, gunshot audio sensors and even seismic recorders that catch vibrations.
Someone else mentioned job security/contracts as a possible motivation. It makes sense.
I'm less sure about the terrorist angle. The point of a terrorist act is to advance or discourage a specific political agenda; that only works if you're clear about who you are and why you did it, though. These guys never did that (although maybe scaring PG&E into securing their facilities roughly fits the definition of goal-oriented violence, even if it wasn't motivated by politics).
Yeah, arbitrary vandalism was the first option I considered. Can't rule it out, although whoever did this seems to have shown more caution/coordination than you'd expect from a couple of drunk idiots taking potshots at street signs.
If it was an insider, it was probably someone with a workplace grievance. Maybe someone who had raised concerns about security and wanted to prove himself correct, or just someone with a boss they disliked who wanted to make trouble.
> The safety of the electrical grid sat at or near the top of the list of concerns of everyone I spoke with inside the D.O.E. Life in America has become, increasingly, reliant on it. “Food and water has become food and water and electricity,” as one D.O.E. career staffer put it. Back in 2013 there had been an incident in California that got everyone’s attention. Late one night, just southeast of San Jose, at Pacific Gas and Electric’s Metcalf substation, a well-informed sniper, using a .30-caliber rifle, had taken out 17 transformers. Someone had also cut the cables that enabled communication to and from the substation. “They knew exactly what lines to cut,” said Tarak Shah, who studied the incident for the D.O.E. “They knew exactly where to shoot. They knew exactly which manhole covers were relevant—where the communication lines were. These were feeder stations to Apple and Google.” There had been enough backup power in the area that no one noticed the outage, and the incident came and went quickly from the news. But, Shah said, “for us it was a wake-up call.” In 2016 the D.O.E. counted half a million cyber-intrusions into various parts of the U.S. electrical grid. “It’s one thing to put your head in the sand for climate change—it’s like mañana,” says Ali Zaidi, who served in the White House as Obama’s senior adviser on energy policy. “This is here and now. We actually don’t have a transformer reserve. They’re like these million-dollar things. Seventeen transformers getting shot up in California is not like, Oh, we’ll just fix the problem. Our electric-grid assets are growingly vulnerable.”
> In his briefings on the electrical grid MacWilliams made a specific point and a more general one. The specific point was that we don’t actually have a national grid. Our electricity is supplied by a patchwork of not terribly innovative or imaginatively managed regional utilities. The federal government offers the only hope of a coordinated, intelligent response to threats to the system: there is no private-sector mechanism. To that end the D.O.E. had begun to gather the executives of the utility companies, to educate them about the threats they face. “They all sort of said, ‘But is this really real?’ ” said MacWilliams. “You get them security clearance for a day and tell them about the attacks and all of a sudden you see their eyes go really wide.”
Edit
Personal Interpretation: Someone hired highly trained mercenaries (?) to operate on US soil to test destroying critical infrastructure that led directly to Apple + Google. Large, stationary, expensive infrastructure that is lacking in redundancy.
They knew exactly what targets to hit. It follows that they knew that there was backup capacity in the system. This was a test run. And bullets are cheap.
What if instead of one team for one location, it had been three teams for three locations? Or, four? Five? Six? Could they have successfully crippled the nation? And plunged the stock market?
I'm neither a national security expert nor a terrorist, but if I wanted to pull off an attack like this, I'd be concerned that a test run—especially of this sophistication, which would likely get a lot of attention in certain quarters—would result in measures that'll make future attacks more difficult.
Nobody's going to make the grid impregnable overnight, and—depressingly—it may well be that security is so pervasively bad that the attackers don't believe any immediate attempts to fix the situation can stop them. I'd think, though, that additional security at even a few more sensitive spots could change the situation enough to make whatever was learned by the test run less useful. An attack like this would only serve to tip one's hand and underscore the threat (my personal suspicion of why this was done).
It seems a little like testing a valuable 0-day by defacing one government website; okay, that worked, but now everybody's going to start thinking about fixing that vulnerability.
The time span for a deployed "patch" IRL is between years and never. What matters to these unnamed, unknown operators is practise and training. It is a pattern repeated for most covert ops.
> The value gained by practicing on US soil to execute such a mission likely outweighs tipping their hand.
There is tremendous operational value in carrying out the logistics and process of such a test. The lessons learned can be applied not just to the electrical grid, but many other reserves-sensitive infrastructure.
Long rant ahead that comes as no surprise to Taleb and principal-agent problem space cognoscenti which most HN readers are, so freely ignore.
The US lacks reserves of nearly every kind except in the crudest forms like the Strategic Petroleum Reserve. As already noted elsewhere, the leadership-think that in the US permeates both private and public sector leadership to treat redundancy as deadweight losses still outweighs any and all national security considerations. This is absolutely rampant everywhere, and not a national secret.
It is so severe that even companies like 3M who actually plan ahead and do what they're supposed to do (set up emergency production lines, materiel, procedures, and staffing that are mothballed until needed, urge customers to keep a working reserve on hand suitable for continuity planning) get unjustifiably crucified [1]. Because...tada!...leadership in hospitals ditch working reserves who then turn around and blame 3M when the shit hits the fan for their lack of continuity planning. Then these same leaders who utterly failed their continuity planning lean in on government. And...tada!...leadership in government let working reserves exhaust from SARS who then turn around and blame 3M for their lack of continuity planning.
Of course this happens because the incentives are misaligned; leadership are not an evil cat cabal, they're just min-maxing to incentives they've been handed like everyone else. There is no tail risk governance of life- and national-security-critical infrastructure to maintain continuity.
There is no clawback for intentionally ignoring pointed out tail risk, nor is there an emphasis upon leadership in the same organization across a long period of time to expose and correct misalignments. Tail risk decisions are not tracked and evaluated in most organizations. Raising the organizational risk profile way after the leader has left for another role, and disconnecting the organization's ability to systemically learn from those expensive and infrequent tail risk mistakes.
Even worse, the US business culture and political culture itself severely punishes those who do prudently and competently assess tail risk. How the US arranged reserves is about right for nearly a century ago, but that means a successful attack on reserves-sensitive infrastructure will take us roughly back to that tech tree until we resupply.
Precision coordinated infrastructure attacks through black-hat, memetic and specops combined force of arms can be far more effective than many stealth bomber runs, with the additional invaluable bonus of plausible deniability, and possibly economically eclipsing the US if it causes enough damage. It's a really effective asymmetric attack mode option.
The US has long had people who thought about all this already, and encoded their thought experiments into various policy guides, with some updates from lessons learned like during SARS (and now COVID-19). Our policy leadership are choosing not to follow their advice because it involves unsavory spending decisions with negative political ramifications. COVID-19 has not sufficiently raised awareness about this, so it will likely take a Carrington-scale event to have these guides dusted off to see the light of day of implementation.
Individually as a normal citizen, at least prepare for natural disasters as guided by FEMA, financially prepare as much as you feel prudent (if you see the rampant de-reserving in infrastructure going on, just what do you think is happening in the less-regulated parts of finance?), and just hope three standard deviations doesn't hit our asses in our lifetimes.
I thought the strategic PPE reserves were exhausted from H1N1, not SARS. The Democratic House tried to replenish, but it was prevented by the Republican Senate, so there wasn't uniform lack of care or treating it as deadweight.
Correct, they were physically depleted to far below minimum levels after H1N1 (and other crises), but SARS was their last warning before COVID-19. General political leadership across parties and jurisdictions [1] routinely treat it as a deadweight loss by allowing severe atrophy, short-changing the requested budgets; most recently in 2011 a -$121M shortfall [2].
Read into that what you will, but my hot take on it is if there is another pandemic, or an NBC attack, unless you are part of the 0.1% of government, you're on your own preparedness supplies.
I don't see the SNS placing the long-term supplies under inert gases and in extremely dry storage conditions (though much of it is secret, so I'm hoping they're doing this and just not telling anyone), the primary cause of various rubber components expiring. They are definitely not integrated into vendor supply chains, nor practicing shipping on a regular basis to rotate stock and evaluate large-scale field trials of preserved PPE to establish long-term operational practices that no one in the world has performed, injecting into re-supply orders and tracking the results with the healthcare institutions.
Once PPE preservation is worked out reasonably well, then the costs of maintaining the stockpile switch to marginal replacement costs. Then they can switch to funding research into reusable PPE, and ultra-long storage (on the order of 100 years). The national security angle is to weaponize the increasingly-long storage durations themselves, while at the same time benefiting the environment (less disposables): the ever-increasing lifespan covering an ever-increasing percentage of the population for an ever-increasing incident timespan are wielded as a deterrence factor; if we quickly react and return to semi-normal relatively quickly based upon such a robust supply chain, the effectiveness of such attacks are neutralized to that extent.
The three standard deviations (or three-sigma) rule of thumb / guide relies upon a normal distribution to yield the 99.7%/0.3% probability tails. Humans are terrible at gut-feel statistics and probability due to a number of cognitive biases that seem nearly hardwired into us from birth, though. And exogenous factors can distort the normal distribution. This is just the normal landscape of highly complex interacting systems, but command-and-control style leadership's coping mechanism for simplifying complexity smooths out this information into lossiness.
A lot of what people ascribe to tail risk, upon closer examination that brings out the nuances instead of smoothing it away, are not three-sigma events. They're just three-sigma for the duration of now-typically very short job tenures. Of leadership.
What we have here, is a failure to communicate complexity.
Get some Royal Dutch Shell-like cross-disciplinary Long-Term Studies-like [1] groups going on globalization, and they'll probably eventually figure out that globalization will accelerate human encroachment upon habitats, in turn accelerating introducing novel bugs into our civilization. Up until recently in the span of homo sapiens history, while we've always encroached into habitats, and ran across new infectious agents, without quick global travel they would usually wipe out a locality and leave the modified habitats intact for nearby people to take over. So the diseases would usually wipe themselves out, and seemingly "retreat" back into the well they sprung from.
It should come as no surprise that we see increasing spread of infectious agents as globalization mechanizes the modification of habitats, and swiftly moves along the disease into the Amazonion flow of worldwide travel today. And we see an increased frequency of outbreaks of both old enemies and novel vectors.
It might not come as a surprise to Sagan fans [2] that a large fraction of the US population's reaction to these complex systems is superstition and irrationality.
> They knew exactly what targets to hit. It follows that they knew that there was backup capacity in the system. This was a test run. And bullets are cheap.
Sounds like perhaps this was a white hat actor intending to push others to get serious about these risks?
Entirely possible. It's sometimes useful to remember that even in today's "open" world (The fall of the Soviet Union made it a lot less like active warfare even in the spooks still roam free) there will still be huge amounts of material known only to those on the inside.
In the 70s there was an unannounced (to the PM) "terrorism drill" on Heathrow Airport, that some have alleged was a practice run for a potential coup against Wilson (I don't think that holds much weight, but it's not impossible)
The answer: yes, they could've. I had a professor who previously had been part of a US gov group that had been tasked with preparing for an attack on the electrical grid, all the way back in the tail end of the cold war. His impression of the security of the US grid was that it was completely unsecured. He told me that they had no chance of solving the problem then, and that he expects the same is still the case. His worst fear is a large EMP attack, not locally cutting powerlines, but the danger still stands
Putting aside EMP attacks (a real risk, but harder to mitigate against), the big issue right now on a day to day level is that energy suppliers are under pressure from regulators to reduce prices to consumers (in most countries which run regulated private sector energy distribution).
This means redundancy is written down by MBAs as excess capacity. It means assets are stretched to far nearer their safe limits than was ever envisaged previously. This ironically reduces their safe working life (in many cases), but this problem is cast along the road - in markets where providers re-tender regularly to continue to operate, that means it's a problem for the next franchise holder.
The incentives just aren't there to encourage creation of new redundancy. Existing redundancy won't be removed (as that would cost more!), but the long term outcome of this kind of "regulated private provider" system seems to be systemic under-investment in capital assets, with a view to deferring the problem until another time.
Another big challenge is that often the regulators for energy companies are "market" regulators, and therefore staffed by expert economists, rather than expert engineers. This further perpetuates the myth you can maintain and run critical national infrastructure with an economics degree and a calculator, and means the regulator tends to focus solely on economics, while assuming any issues with technology are fixed through economic incentives. Often they aren't, as the cost of a systemic black swan event is multiplied out by its likelihood, and the end result is to take no action while enjoying the profits today.
At least the above is based on my experience in trying to get energy market regulators to understand security and the issues of their regulator approach.
That’s weird that his concern is an EMP attack. Pretty much every serious nuclear scholar I’ve read find an EMP attack laughable. It’s a great thing to stir up fear among a domestic audience, but as an actual military tactic, it’s stupid. First, there’s never been an operational test anywhere, second, you have to fire a nuclear weapon, which is the very act that triggers a full scale nuclear response because of launch-on-warning. And finally, there’s just better uses for a nuclear weapon, like you know, air bursting in a city.
An EMP attack from an enemy nation is unlikely but a solar flare could happen at any time. In 1859 the world experienced an enormous geomagnetic storm when a coronal mass ejection hit Earth's magnetosphere. If the same solar flare happened today most of the world's power grid could be wiped out minus government and military hardened assets.
Non nuclear EMP weapons have existed for years, and that's only the stuff they're talking about publicly. There may be other techniques, say distortion of the Earth's magnetic field to send charged particles toward a target, that we don't know about.
The non-nuclear EMP weapons are very weak and have only minor localized effects. They aren't capable of taking out the power grid for a whole city or something.
And please no one waste our time by claiming that the military has some secret magic EMP technology. The laws of physics impose severe constraints on what can be achieved with conventional explosives in a weapon small enough to put in an airplane or truck.
You only need to take out a few key points to take out the grid. Large scale EMPs are not needed. Knowing which key points to take out is the domain of nation states, but it is absolutely possible.
> there’s just better uses for a nuclear weapon, like you know, air bursting in a city.
If your choice is completely annihilating one city, or destroying even just 10% of computers (including industrial control systems) in 50% of the country, which do you think causes more damage?
Destroying even a small fraction of individual computers makes most larger systems inoperable.
Without industrial control systems, power plants can't operate. Without power, cities become unsurvivable for a majority of the population within days, industrial output becomes effectively zero, and immediate issues like starvation and resulting unrest become a much bigger priority than fighting a war. Most importantly, recovery efforts will be extremely slow without power. How do you call the supplier, or other places that might have spares, when there is no phone network, no cell phones, no Internet? How do you call the experts that could diagnose which of the hundreds or thousands of control components need swapping? How do they get the fuel for their vehicle to get to you? And food and water to survive until you put everything into place? And safety so they don't get murdered by the looters?
> which is the very act that triggers a full scale nuclear response because of launch-on-warning.
AFAIK the US doesn't practice launch-on-warning. Even if it did, a peaceful low earth orbit satellite launch is hard to distinguish from a not-so-peaceful low earth orbit nuke launch (unlike a conventional ICBM that's supposed to come back down). It would likely still result in nuclear retaliation, but if e.g. a dictator was already being invaded by the US, they don't necessarily have much to lose.
You are very misinformed about how satellite launches are publicized, and about the US launch on warning policy. Even if you are too young to remember the Cold War, a simple google search will confirm this.
Again, the threat of an EMP attack is absurd, perpetuated by fundamentally not serious people.
> You are very misinformed about how satellite launches are publicized
Then tell me, where is the difference between North Korea saying "we will be launching this peaceful satellite of peace" and launching a spy satellite, and North Korea saying the same and launching a nuke satellite? Same orbit, same weight, contents kept secret to the best of their ability (and possibly swapped last minute in secret), same orbital timer to trigger it, only difference is whether it takes pictures or goes boom.
Bell pointed out that while the United States has always had the "technical capability" to implement a policy of launch on warning, it has chosen not to do so. "Our policy is to confirm that we are under nuclear attack with actual detonations before retaliating," he said.
This just says that a nuclear EMP attack would start nuclear war (or rather, nuclear retaliation if the EMP nuke was the only one the attacking country had/could deliver).
Starting at 1:50 you can see a flash at the bottom, after 2:00 you can see sparks occasionally on the left fence and the fence to the top-right. There's more sparks before 3:00. The video could certainly be shortened.
Nobody seems to be paying much attention to the fibre cut. What if that was the point, not the substation getting shot up? What do we know about the effects on the network around that point?
The audacity of suggesting this obvious bullshit [0] is stunning.
Inanimate objects in an isolated rural area getting shot up around spring break (April 16th) smells a lot like underutilized youths with a case of beer being destructive. Road signs, substations, the Alaska Pipeline [1] - if it's rural enough it all gets shot up sooner or later.
If it's disruptive enough, and you're in a position to benefit from spinning up the facts into conclusions that earn your responsibilities some funding, then why shouldn't it be terrorists because some casings didn't have fingerprints.
It's not all that far from the spaghetti neighborhoods, but that's where the weird stuff happens. Cranky rural folks break things at the encroaching edges of development. Bored kids get a couple of miles past streetlights and sidewalks and feel like it's no-mans-land.
Perhaps professionals would be less likely to remove casings because they do not expect to ever go to trial, or know that the gun they used can not be connected to them (because perhaps it was issued to them for this job), are not local to the area or do not intend to remain in the US after the job.
Only 100 casings were found, which does not strike me as very much... Basically just three people dumping a mag each + a smidge extra.
It is interesting that the article mentions only finding 7.62x39. This kinda says non-NATO to me, or at least the shooters want us to think "ruskies!"
I wouldn't read anything into the choice of cartridge. Even assuming the shooters were foreign, there's not much reason for them to import the guns, rather than just sourcing them locally, and 7.62 is common in California.
And there were no fingerprints found on the casings, which suggests they had either planned to leave them behind, or planned for the possibility that they'd need to get out of there before they could collect them all.
The only significant facility I can think of in this area is the IBM Almaden Research Lab. It and another IBM office are very specifically in that area, which is an odd connection. Can't say whether their electrical service is provided by that substation, but they are geographically very close.
That’s not the only weird sabotage that has happened in San Jose. Back in 2009, someone intentionally cut some fiber optic cables. They’ve never been found.
I kind of wonder if this was an inside job since it seems like their plan may have been to shut down power but it completely failed? Maybe it was people who worked there who just wanted to destroy some transformers and knew it wouldn't disrupt power. Certainly not impossible. But if they were insiders you think they would have done something that was actually going to get more noticed.
It wouldn't assume it failed. It caused $15M worth of damage for PG&E. It could easily have been a couple of disgruntled employees who wanted to hurt their employer.
On a similar register, multiple French power plants were scouted by unidentified drones in the past 5 years.
Transformers are an fragile point of failure of an entire country infrastructure. I hope security has improved since then.
I'm curious how well data centers are protected from such a coordinated attack that involves an insider? Can a determined, educated group of terrorists disable multiple data centers (e.g. of Amazon) at once? What data center redundancy do the cloud providers have - can they withstand losing 2 data centers at once? How about 5?
I'm sure they have good protection against technical accidents. But in the times when everybody moves their apps and systems into the cloud I'm not equally confident the cloud providers are equally well protected against a sophisticated, coordinated attack.
G. Gordon Liddy wrote about this in the 80’s. The story includes more than just transformers, but it identifies the impact of the issue and the means of attack.
Wouldn't it be better to just disperse a cloud of graphite like the US did in the first gulf war? Transformers seem physically rather tough, unless you can shoot an insulator(are they still ceramic or are they silicone nowadays?).
The bomb works by spreading a dense cloud of extremely fine, chemically treated carbon filaments over air-insulated high voltage installations like transformers and power lines, causing short-circuits and subsequent disruption of the electricity supply.
From a cursory search, it looks like they aren't banned, but the algorithm makes them fall faster. It stinks, they are often good reads (although maybe the discussion isn't always that deep).
Does it count as "terrorism" if nearly no one noticed it happened, and no me claimed credit or made demands?
And why try to kill a power plant with guns instead of bombs? And why go to all the effort and only shoot 100 bullets? Seems like a bizarrely stupid plan executed by talented people, a strange combination.
Also, calling it the largest attack on the grid is strange, when it was quite trivial compared to Enron.
"Additionally, following the attack, investigators found small piles of rocks near to where the shots had been fired, the type of formations that can be used to scout firing positions."
I think that sums it up.
Why do we think it's more than one person?
[edit] The FBI states this attack is not terrorism, Wiki seems to miss this
Investigators will have a pretty good idea of where the shooters were based on where the spent casings piled up. Three piles of casings would mean three shooters, etc.
I don't have inside details on the investigation; three is just an example. It shouldn't be difficult to id different firing positions from spent casings, so if investigators believe it was multiple shooters I assume traces on the ground reflect that.
No investigators actually say it was more than one.
Some leave it open. But that's what they do every shooting.
One drunk possible ex-employee sums up the evidence.
I like one quote of how they were a bad shot and kept missing the exact target. Some circular logic going on there. Maybe they were shooting somewhat randomly.
The supposed inherent inaccuracy of AK pattern rifles is a fud meme, primarily perpetuated by the type who also think M-16s are made by Mattel and other goofy boomer legends that were popularized before the internet made it easy to fact-check. However it's also a popular misconception that sniping is necessarily a matter of long range shooting. JFK was shot from under a hundred meters and that's commonly agreed to be the work of a 'sniper'.
It’s the sights on the AK platform. They’re awful and they always have been. Not getting into vodka-specials or bent barrels, poorly pressed trunnions or eccentric cut chambers, none of which are uncommon. They have a reputations not because of FUDDs but because 95% of them ARE bad.
It seems this calibre is more commonly used for assault rifles like AK-47s [1] than sniper rifles [2]? However, it seems to me that sniping describes behaviour more than weapon (e.g. the DC Sniper seems to have used an assault rifle [3]), so I don't see the problem.
(I don't really know anything about guns, I'm just trying to understand the comment above that assumes we all do.)
No, the DC Sniper did not use an assault rifle. They used a Bushmaster XM-15, the same pattern as the most popular rifle in the country, sometimes called an “assault weapon“ (a political term for political purposes) because of four or five cosmetic traits. An assault rifle would have been prohibitively expensive.
On the x39 and AK pattern guns, 400m for the round, 200m for the gun, typical maximums, although obviously there are videos of people shooting them both longer distances.
By using the term “sniper” for “a bunch of guys unloaded on a transformer station with AKs or SKS”, it’s just using your ignorance to create a picture of the scarier thing. Same thing as confusing the difference between assault rifle (real) and assault weapon (not real).
Everyone was all a little more worried as to if this was isolated, if we were next, etc etc.
Transformers that are small are often on hand and easy to swap out. But some of the bigger ones have months long lead times. The facility we were at had transformers that had a 6 month lead time from Germany to replace them and they had to be sent via boat as they wouldn’t fit in planes.
The average person isn’t going to know that about transformers. Which leads more credence to the fact it’s an inside job.