Thank you for sharing!

Your article was successfully shared with the contacts you provided.
Around lunchtime on Sept. 12, a power outage affected Los Angeles and brought parts of the city to a standstill for an hour or more. Traffic slowed to a halt while firefighters rescued people trapped in elevators. City officials declared a state of emergency, themselves unsure what caused the lights to go out. Coming just one day after the four-year anniversary of the 9/11 attacks, the possibility that the power outage was caused by more than human error or technical difficulties had to be considered.

Security experts have long warned that the electric grid is vulnerable to terrorism — and L.A. has long been on the terrorist’s wish list. Fortunately, foul play had no hand in the blackout; rather, a utility worker who accidentally severed a cable was to blame. But L.A.’s experience highlights the vulnerabilities of the grid and underscores the need to enhance its ability to withstand physical and cyber attacks. From a homeland security perspective, the national electric grid — which is divided among three distinct smaller grids known as interconnections — is an attractive target. It is generally unprotected and vulnerable to physical destruction. Its reliance on computer networking and automation makes it susceptible to cyberattack. At the very least, high-tech terrorists who wreak havoc on the grid or other critical infrastructures using keystrokes rather than truck bombs are seen as an emerging threat within the homeland security community. RISKS OF A DOMINO EFFECT Furthermore, like a perfect storm, a cyberstrike may cause a domino effect: Starved for power, other critical infrastructure sectors — the underpinnings of modern life and commerce — begin to shut down. Almost immediately, communication and transportation are incapacitated or nonexistent. If prolonged, public health and emergency services become overwhelmed. Food supplies and public order may be threatened. These consequences are far from hypothetical. Each occurred during the blackout of August 2003. Although caused by forces other than terrorism, that blackout left approximately 50 million people in eight states and the Canadian province of Ontario powerless. President George W. Bush and then Canadian Prime Minister Jean Chr�tien appointed a bilateral task force to determine why the blackout occurred and offer recommendations to prevent a recurrence. Some initial theories even suggested that a cyberattack caused or contributed to its severity. While the final report of the U.S.-Canada Power System Outage Task Force found “no evidence that a malicious cyber attack was a direct or indirect cause of the August 14, 2003 power outage,” the report acknowledged the cyberthreats to, and vulnerabilities of, the grid. It affirmed that “current assessments suggest that there are terrorists and other malicious actors who have the capability to conduct a malicious cyber attack with potential to disrupt the energy infrastructure.” Such warnings have been acknowledged more recently on Capitol Hill and in the national press. At a September hearing of the Committee on Science of the U.S. House of Representatives, Chairman Sherwood Boehlert, R-N.Y., stated that “we shouldn’t have to wait for the cyber equivalent of a Hurricane Katrina … to realize that we are inadequately prepared to prevent, detect and respond to cyber attacks.” At least for the electric grid, a new law will help close the gaps. The 550-page Energy Policy Act of 2005, Pub. L. No. 109-58, is a sweeping package of energy reform that enhances grid reliability by recognizing the importance of cybersecurity. By specifically enumerating “cybersecurity protection” within the act’s definition of the term “reliability standard,” Congress made its intentions clear: A reliable electric grid is one that must resist not only human error or technical malfunction but also cyberattack. Implementation and enforcement of the reliability standards will be the responsibility of a new electric reliability organization, to be designated and supervised by the Federal Energy Regulatory Commission by Feb. 5, 2006. Before passage of the act, grid reliability standards — including those related to cybersecurity — were only moderately effective because compliance was not enforceable. Law that expressly affirms cybersecurity as a component of grid reliability is an overdue addition to the nation’s homeland security. Such standards will help ensure that the next blackout will not be the work of terrorists. In this regard, cybersecurity’s legal landscape may be changing. If lawmakers determine that other critical infrastructures — such as the chemical sector or the transportation sector — also require mandates to enhance cybersecurity, reliability standards for the electric grid may be a harbinger of things to come. Steven E. Roberts, an NLJ columnist, is a homeland security consultant.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]

Reprints & Licensing
Mentioned in a Law.com story?

License our industry-leading legal content to extend your thought leadership and build your brand.


ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.