by Bobby Akart
RECOMMENDED MITIGATION ACTIVITIES
The following actions are recommended as particularly effective ones for mitigating the impacts of EMP attack:
· Expand the respective roles of the National Communications System (NCS) and the Defense Threat Reduction Agency (DTRA) as the Federal Focal Point for EMP within the Code of Federal Regulations Part 215 to address infrastructure interdependencies related to NS/EP telecommunications services.
· Ensure services targeted at NS/EP operate effectively as new technology is introduced into the telecommunications network. Specifically, services such as Government Emergency Telecommunications Service (GETS) and Wireless Priority Service (WPS) that are intended for use in emergency situations to improve the call completion probabilities for key personnel must operate effectively. Within the next 15 years, new technologies will be introduced into the public networks that will play major roles in operation of these services. EMP is just one of the potential threats that could stress the telecommunications networks; therefore, ensuring that NS/EP services perform effectively as new technology is introduced has benefits beyond providing robustness to EMP, and moreover is consistent with avoiding failures from other hostile actions.
· Determine the effects of EMP on different types of telecommunication equipment and facilities, using tests and theoretical analyses of the type done in the course of Commission-sponsored work and previous EMP-related studies conducted by the National Communications System (NCS).. A comprehensive, continuing telecommunications testing program, along with the use of existing national and international standards, may be a model activity that would be a key part of this overall National effort.
· Improve the ability of key network assets to survive HEMP. There are key elements in the network such as the Signal Transfer Points (STPs) in the signaling system (Signaling System 7 (SS7)), Home Location Register (HLR), and Visiting Location Register (VLR) in the wireless networks whose degradation can result in the loss of service to a larger number of users. Effective mitigation strategies include a combination of site hardening and installation of protective measures for the fast rise-time (E1) component of EMP.
· Improve the ability of telecommunications to withstand the sustained loss of utility-supplied electric power. This mitigation strategy would entail the use of best practices, review and improvement of existing programs such as the Telecommunications Electric Service Priority (TESP) program, and the increased use of alternative backup power sources.
· Conduct exercises to refine contingency operations. Conduct exercises that test and provide for improved contingency operations, assuming widespread multi-infrastructure degradation. The adequacy of mutual aid agreements, cross-organizational planning and coordination, and critical asset prioritization are examples of elements that should be tested and developed.
Managers of these critical services must design their systems and operating procedures to take into account the potential vulnerabilities introduced by EMP-driven failure of telecommunications devices and sub-systems.
BANKING AND FINANCE
NATURE OF THE PROBLEM
The financial services industry comprises a network of organizations and attendant systems that process instruments of monetary value in the form of deposits, loans, funds transfers, savings, and other financial transactions. It includes banks and other depository institutions, including the Federal Reserve System; investment-related companies such as underwriters, brokerages, and mutual funds; industry utilities such as the New York Stock Exchange, the Automated Clearing House, and the Society for Worldwide Interbank Financial Telecommunications; and third party processors that provide electronic processing services to financial institutions, including data and network management and check processing.
Virtually all American economic activity depends upon the functioning of the financial services industry. Today, most financial transactions that express National wealth are performed and recorded electronically. Virtually all transactions involving banks and other financial institutions happen electronically. Essentially all record-keeping of financial transactions involves information stored electronically. The financial services industry has evolved to the point that it would be impossible to operate without the efficiencies, speeds, and processing and storage capabilities of electronic information technology.
The terrorist attacks of September 11, 2001, demonstrated the vulnerabilities arising from the significant interdependencies of the Nation’s critical infrastructures. The attacks disrupted all critical infrastructures in New York City, including power, transportation, and telecommunications. Consequently, operations in key financial markets were interrupted, increasing liquidity risks for the United States financial system.
The Interagency Paper, which was jointly issued by the Office of the Comptroller of the Currency (OCC), the Federal Reserve Board (FRB), and the Securities and Exchange Commission (SEC), specifies clearing and settlement systems as the most critical business operations at risk for financial markets. Because financial markets are highly interdependent, a wide-scale disruption of core clearing and settlement processes would have an immediate systemic effect on critical financial markets.
Moreover, in December 2002, the FRB revised its policy and procedures for NS/EP telecommunications programs administered by the National Communications System (NCS) to identify those functions supporting the Federal Reserve’s NS/EP mission to maintain national liquidity. The FRB expanded the scope of services that would seriously affect continued financial operations if a telecommunications disruption of “a few minutes to one day” occurred. These functions, which are listed below, require same-day recovery and are critical to the operation and liquidity of banks and the stability of financial markets:
· Large-value inter-bank funds transfer, securities transfer, or payment-related services, such as FedWire, Clearing House Interbank Payments System (CHIPS), and the Society for Worldwide Interbank Financial Telecommunications (SWIFT)
· Automated clearinghouse (ACH) operators
· Key clearing and settlement utilities
· Treasury automated auction and processing system
· Large-dollar participants of these systems and utilities
The increasing dependence of the United States on an electronic economy, so beneficial to the creation and preservation of wealth, also adds to the adverse effects that would be produced by an EMP attack. The electronic technologies that are the foundation of the financial infrastructure are potentially vulnerable to EMP. These systems are also potentially vulnerable to EMP indirectly through other critical infrastructures, such as the electric power grid and telecommunications.
RECOMMENDED MITIGATION AND RESPONSIBILITY
Securing the financial services industry from the EMP threat is vital to the national security of the United States. The Federal government must assure that this system can survive sufficiently to preclude serious, long-term consequences.
The Department of Homeland Security, the Federal Reserve Board, and the Department of the Treasury, in cooperation with other relevant agencies, must develop contingency plans to ride out and recover key financial systems promptly from an EMP attack.
Key financial services include those means and resources that provide the general population with cash, credit, and other liquidity required to buy food, fuel, and other essential goods and services. We must protect the Nation’s financial networks, banking records, and data retrieval systems that support cash, check, credit, debit, and other transactions through judicious balance of hardening, redundancy, and contingency plans.
The Federal government must work with the private sector to assure the protection and effective recovery of essential financial records and services infrastructure components from all deliberate adverse events, including EMP attack. Implementation of the recommendations made by the Department of the Treasury, the FRB, and the SEC in their Interagency Paper on Sound Practices to Strengthen the Resilience of the US Financial System to meet sa
botage and cyber-threats that could engender requirements for protection and recovery should be expanded to include expeditious recovery from EMP attack:
· “Every organization in the financial services industry should identify all clearing and settlement activities in each critical financial market in which it is a core clearing and settlement organization or plays a significant role” that could be threatened by EMP attack.
· Industry should “determine appropriate recovery and resumption objectives for clearing and settlement activities in support of critical markets” following an EMP attack.
· Industry should be prepared to cope with an EMP attack by maintaining “sufficient geographically dispersed resources to meet recovery and resumption objectives…. Backup sites should not rely on the same infrastructure components (e.g., transportation, telecommunications, water supply, electric power) used by the primary site. Moreover, the operation of such sites should not be impaired by a wide-scale evacuation at or inaccessibility of staff that service the primary site.”
· Industry should, “Routinely use or test recovery and resumption arrangements…. It is critical for firms to test backup facilities of markets, core clearing and settlement organizations, and third-party service providers to ensure connectivity, capacity, and the integrity of data transmission” against an EMP attack.
FUEL/ENERGY INFRASTRUCTURE
The vulnerabilities of this sector are produced by the responses of the electronic control systems that provide and utilize the near-real-time data flows needed to operate the fuel/energy infrastructure efficiently, as well as to identify and quickly react to equipment malfunctions or untoward incidents. EMP could also cause control or data-sensor malfunctions that are not easily discernible, leading to counterproductive operational decisions. Process control systems are critical to the operation and control of petroleum refineries, and little or no notice of an outage significantly increases the potential for damage during an emergency shutdown. Communications systems that are critical for operational control represent another locus of vulnerability. Communications are also critical in refineries to ensure safety of on-site personnel, the adjacent population, and the surrounding environment. The energy distribution infrastructure is also critically dependent on the availability of commercial power to operate the numerous pumps, valves and other electrical equipment that are required for a functional infrastructure.
DHS must develop a contingency plan that will provide strategy for protection and recovery for this sector, to include actions to be taken by both Government and industry. Government should establish a national inventory of parts for those items with long lead-times or that would be in demand in the event of a catastrophic event such as an EMP attack. The Energy Information Sharing and Analysis Center (ISAAC) should, with government funding, expand its mission to address EMP issues, and the government should work with the private sector to implement the general approach described in Strategy and Recommendations.
TRANSPORTATION INFRASTRUCTURE
NATURE OF THE PROBLEM
America’s transportation sector is often addressed as a single infrastructure, but in reality its multiple modes provide for several separate infrastructures. Rail includes the freight railroad and commuter rail infrastructures; road includes the trucking and automobile infrastructures; water includes the maritime shipping and inland waterway infrastructures; and air includes the commercial and general aviation infrastructures.
As recognized by the President’s National Security Telecommunications Advisory Committee (NSTAC) Information Infrastructure Group Report:
· The transportation industry is increasingly reliant on information technology and public information-transporting networks.
· Although a nationwide disruption of the transportation infrastructure may be unlikely, even a local or regional disruption could have a significant impact. Due to the diversity and redundancy of the US transportation system, the infrastructure is not at risk of nationwide disruption resulting from information system failure. Nonetheless, a disruption of the transportation information infrastructure on a regional or local scale has potential for widespread economic and national security effects.
· Marketplace pressures and increasing utilization of IT make large-scale, multimodal disruptions more likely in the future. As the infrastructure becomes more interconnected and interdependent, the transportation industry will increasingly rely on information technology to perform its most basic business functions. As this occurs, it becomes more likely that information system failures could result in large-scale disruptions of multiple modes of the transportation infrastructure.
· There is a need for a broad-based infrastructure assurance awareness program to assist all modes of transportation.
· The transportation industry could leverage ongoing research and development initiatives to improve the security of the transportation information infrastructure.
· There is a need for closer coordination between the transportation industry and other critical infrastructures.
The imperative to achieve superior performance has also led to a tremendous increase in the use of electronics that are potentially vulnerable to EMP. The internal combustion engine provides a familiar example of this phenomenon. Modern engines utilize electronics to increase performance, increase fuel efficiency, reduce emissions, increase diagnostic capability, and increase safety.
To gauge the degree of vulnerability of transportation infrastructures to EMP, the Commission has conducted an assessment of selected components of these infrastructures that are necessary to their operations. The assessment relied on testing where feasible, surveys and analyses for equipment and facilities for which testing was impractical, and reference to similarities to equipment for which EMP vulnerability data exists.
Based on this assessment, significant degradation of the transportation infrastructures are likely to occur in the immediate aftermath of an EMP attack. For example, municipal road traffic will likely be severely congested, possibly to the point of wide-area gridlock, as a result of traffic light malfunctions and the fraction of operating cars and trucks that will experience both temporary and in some cases unrecoverable engine shutdown. Railroad traffic will stop if communications with railroad control centers are lost or railway signals malfunction. Commercial air traffic will likely cease operations for safety and other traffic control reasons. Ports will stop loading and unloading ships until commercial power and cargo hauling infrastructures are restored.
The ability of the major transportation infrastructure components to recover depends on the plans in place and the availability of resources—including spare parts and support from other critical infrastructures upon which transportation is dependent. Transportation infrastructures have emergency response procedures in place; however, they do not explicitly address conditions that may exist for an EMP attack, such as little or no warning time and simultaneous disruptions over wide areas. Restoration times will depend on the planning and training carried out, and on the availability of services from other infrastructures—notably power, fuel, and telecommunications.
STRATEGY FOR PROTECTION AND RECOVERY
RAILROADS
Railroad operations are designed to continue under stressed conditions. Backup power and provisioning is provided for operations to continue for days or even weeks at reduced capacity. However, some existing emergency procedures, such as transferring operations to backup sites, rely on significant warning time, such as may be received in a weather forecast before a hurricane. An EMP attack may occur without warning, thereby compromising the viability of available emergency procedures. Therefore, under the overall leadership of the DHS, the government and private sectors should work together to implement the general approach described in Strategy and Recommendations.
Specific actions should include:
· Heighten railroad officials’ awareness of the possibility of EMP attack without warning that would produce wide-area, long-term disruptio
n and damage to electronic systems.
· Perform test-based EMP assessments of railroad traffic control centers and retrofit modest EMP protection into these facilities, thereby minimizing the potential for adverse long term EMP effects. The emphasis of this effort should be on electronic control and telecommunication systems.
TRUCKING AND AUTOMOBILES
Emphasizing prevention and emergency clearing of traffic congestion in this area, DHS should coordinate a government and private sector program to:
· Initiate an outreach program to educate State and local authorities and traffic engineers on EMP effects and the expectation of traffic signal malfunctions, vehicle disruption and damage, and consequent traffic congestion.
· Work with municipalities to formulate recovery plans, including emergency clearing of traffic congestion and provisioning spare controller cards that could be used to repair controller boxes.
· Sponsor development of economical protection modules—preliminary results for which are already available from Commission-sponsored research—that could be retrofitted into existing traffic signal controller boxes and installed in new controller boxes during manufacture.