U.S. Forecast as No. 2 Economy but Energy Independent
nytimes.com"The worst-case situation envisions a stalling of economic globalization that would preclude any advancement of financial well-being around the world. That would be a likely outcome after an outbreak of a health pandemic that, even if short-lived, would result in closed borders and economic isolationism."
If a reduction in globalization is the worst case scenario the authors envision in the next 20 years, I think they may be lacking somewhat in imagination.
Indeed. No mention of global warming and this omission makes me think that it was written with a specific goal in mind. That is, to justify some program or policy that powerful people are behind.
Or they just assume that global warming is a given. I think more interesting questions is whether or not the current "debate"[1] about the role of religion as government that is going on in the middle east will escalate into a world wide conflict.
[1] Generally watching the Arab spring is like watching a referendum vote on the principle of separating church and state. But done with guns, bombs, and civilian casualties rather than a voting box.
"In an interview, Mr. Burrows noted that the audiences in China were far more accepting of the American intelligence assessments — both those predicting China’s economic ascendancy and those warning of political dangers if there was no reform of governance in Beijing — than were audiences in Russia."
Really, they project China as #1 and Russia on a major downwards trend. Astonishing that this would be the reaction.
The whole cyber-attack warning reminds me of all the Ma Bell projections of phone outages during the phreaking era :P
"The study warns of the risk that terrorists could mount a computer-network attack in which the casualties would be measured not by the hundreds or thousands killed but by the millions severely affected by damaged infrastructure, like electrical grids’ being taken down."
I wonder about this. It seems like every study about the dangers of terrorism mentions this kind of cyber-attack as a possibility, and I just don't see it as being feasible. Hurricane Sandy cut out my own power for a week, and several people I know were without power for 2 weeks, and we got through it. I just don't believe that a cyber attack could damage the electrical infrastructure so badly that it would kill thousands.
> several people I know were without power for 2 weeks, and we got through it
Yes, but there are many people who are not young and healthy.
The worst impact would be on hospitals, nursing homes, the homes of elderly, etc, who require electricity for something other than productivity and comfort.
Hospitals usually have private generators and are first to receive help from the government in times of crises.
Yes, but in Sandy many of those generators failed.
https://www.google.com/search?q=sandy+generators+hospital
I don't dispute that they wouldn't receive government help as quickly as possible, but playing the loss of electricity as having zero impact is also unreasonable.
Further, there's an economic impact to businesses. A terrorist attack need not take lives, just damage something.
Bringing Sandy grids back up depended in part on loaned electrical workers from all over the region and country.
If more regions or a large part of the country is affected, that's going to be hard or impossible.
Providers don't staff for that kind of disaster, they rely in part on each other.
To be fair, Sandy-related grid repair needed loaner crews because damage was widespread. An electronic attack would only need loaner crews if they could exploit things to the point that equipment was damaged.
The more likely case is that power would be down until the stations could be disconnected, computers brought back online and the station brought back up in an orderly fashion -- not unlike the situation in 2003, where extra line crews were largely unnecessary.
Though if such an attack could cause physical damage to transmission or generation equipment, I don't think even loaner crews would help much. Downtime would likely be gated by how quickly new equipment could be made and shipped.
If they could damage notably more parts than are annually made for replacement/expansion... it could be much worse than widespread downed lines.
>"The study warns of the risk that terrorists could..."
Will this ever go away? Have terrorists ever pulled off a meaningful cyber attack? Why didn't the study mention the risk of those aliens from "Mars attacks" flying in and vaporizing important COLO sites?
I upvoted this comment because I agree that threats of cyberwarfare are mostly fear mongering, but Estonia was attacked in 2007. Whether or not the attackers were "terrorists" is another issue.
[1] http://www.wired.com/politics/security/magazine/15-09/ff_est...
A number of folks have argued that if it so easy to do this level of damage with a cyber attack why hasn't a terrorist done so in the last 10 years? Its not like you have to 'sneak' into the country or get pass the security theatre at the airport to mount such an attack. Hacking toolkits and websites are at least as easy to find as bomb making web sites.
Obscurity. It's not like these machines are clearly marked with signs and access points as with Airports.
So the challenge is on par with saying "find a particular unsecured box on the internet". Without per-target research, you don't have a whole lot to go on. You can find tons and tons of targets. But the odds of them being the one you wanted, or even of the type you wanted, are pretty low.
Which isn't to say it's less a threat. But, rather, it's a threat that isn't likely to be casually exploited. Anyone who goes through the trouble of per-target research and exploitation of a number of such targets, isn't likely to pull the trigger for the lulz.
Even a "trial run" of an exploit would be a risk. You'd be inviting scrutiny of the trial machine, including logs at the ISP (and NSA) going back cheney-knows-how-far, and if nothing else, have drawn attention to the very problem you're hoping continues to be ignored.
So I suppose my original comment should have just outright asked: What can a hacker actually do with (hypothetical) remote access to the electrical infrastructure? Open switches under load to effect an arc blast? Blow up a few substations?
Once hackers start mucking around with the grid, things start shutting down by themselves (cascading failures like in the 2003 blackout that you mentioned in another comment). In this situation, damaged equipment can be replaced fairly quickly (far quicker than if, say, a $60 billion storm throws trees across the wires).
I guess I was just looking more for responses from actual electrical engineers with knowledge of the problem. Otherwise we're all just talking out our collective asses, right?
For good or for bad, terrorists have, by and large, ignored targets on the Internet.
Hactivists exist, obviously, but your brand-name terrorists like Al Qaeda have not used the Internet as an attack vector.
Yet.
It's saying that taking the whole country off the grid would be worse than killing a thousand people.
And I'm saying that it's impossible to take the whole country off the grid with a cyber attack.
You may be under-appreciating the interconnected nature of the power grid.
A huge swatch of the north-east US lost power for a couple days, not all that long ago, because of a tree branch. And efforts to contain the problem were hampered by an obscure bug in the management software.
If a freak accident can expose a cascade of unexpected fail-over behavior, do you really think the grid is hardened against deliberate malfeasance? Particularly when we consider that the vulnerabilities from which voltage irregularities could be created, could quite likely attack or destroy the management software itself.
Mix in the likelihood of attackers having access to several nodes on the grid at once and regional blackouts seem quite plausible.
In which case a country-wide blackout is merely a question of whether attackers could compromise enough stations across enough of America to effect several concurrent regional blackouts.
I think that major question here is:
People usually have delusions of grandeur over hackers causing a meltdown at a nuclear plant or something, but no one seems to question why the ability to control a nuclear plant needs to be hooked up to the internet.Why is control of the electrical grid accessible to the internet?I'd agree, but disagree.
There are people asking that question, it just doesn't get press. Because the reality is quite likely that there are solid business reasons for some access and the real problem is piss-poor security on that access [1].
So you either report on computer security details or alarmist disaster scenarios [2]. And one of those lines of reporting will sell more copies than the other.
[1] If there was no business value in access, they wouldn't have paid to install data lines. I'd imagine remote administration, monitoring and centralized reporting are quite useful, particularly when observing large swaths of the grid.
[2] Which means, yes, people tend to get caught up in infeasible scenarios like hackers causing nuclear meltdowns. But the unlikelihood of those types of catastrophes does not mean that there are no catastrophes that can be caused by compromised infrastructure control machines.
It isn't saying damaging the electrical infrastructure would kill anyone. It seems to be saying that cutting power to a few million people for a few weeks would be more heinous than killing a few thousand, which if you will excuse me is bullshit. If we lose electricity, we'll still live on.
DNI website seems to be down at the moment. Report mirror: http://www.scribd.com/doc/115962650/GlobalTrends-2030