"Destroy nine interconnection substations and a transformer manufacturer and the entire United States grid would be down for at least 18 months, probably longer."
- Internal memo from FERC (Federal Energy Regulatory Commission)
Physical Attack Against the Electric Grid
Most Americans have never heard about the terrorist attack on our electric grid on April 16, 2013 at the Metcalf substation in rural California. This attack could have brought down the electric grid for Silicon Valley and Central California. Have you ever heard it? To be fair, it hasn’t been officially designated a terrorist attack yet by the FBI. At the same time, they are the ones who refuse to assign that designation to the Fort Hood shooting when Nadal Hasan (a self-proclaimed “Soldier of Allah” fighting for Jihad) shot up a military base while yelling “Allah Akbar” after discussing the potential attack online with a radical imam. That incident was clearly workplace violence in the eyes of the FBI. But I digress…. The Metcalf substation attack was originally reported as vandalism by the local media and most people moved on with their lives after getting the mental image of a couple good ol’ boys in a pickup truck firing pot shots at a transformer after having a few too many drinks on a Saturday night. But that wasn’t the case.
12:58am - Some person(s) removes a 75-pound manhole cover and enters an underground vault cutting specific fiber optic cables to shut down AT&T’s telecommunication lines, effectively knocking out 911 service to the substation and the surrounding area. Next, they cut the cables in a different location for the internet service provider in the area, Level 3 Communications. They did this in such a manner as to prevent their easy repair and it showed a serious level of pre-planning and technical knowledge on the attacker’s behalf.
1:31am - Security cameras at the Metcalf power station picked up what investigators believed was the waving of a flashlight signaling the start of the attack. The security cameras show bullets hitting the chain link fence as the attackers fired at the large oil-filled cooling tanks designed to keep the transformers from overheating.
1:41am - An employee at the nearby Metcalf Power Plant hears the gunfire and places a 911 call to police.
1:45am - With over 52,000 gallons of oil leaking from their holding tanks, the transformers start to overheat. This sets off an alarm at PG&E’s control center 90 miles away, allowing them to transfer and re-route power around the substation.
1:50am - Another wave of the flashlight and the attack ceases.
1:51am - One minute after the attack ends, police show up to investigate but find nothing out of the ordinary and can’t gain access to the site, so they leave.
As of today, here is what we know of the attacks:
- No one has ever been arrested and the FBI investigators don’t have a single suspect.
- The attackers used AK-47’s and there wasn’t a single fingerprint found on any of the shell casings left behind.
- There was evidence that the location may have been scouted previously. Next to the empty shell casings was a small pile of rocks similar to what Al Queda and the Taliban insurgents use for targeting packages and to show attackers where they can get the best shots for an ambush. On a side note, according to State Department data, between 1996 and 2006, terrorist organizations have been linked to 2,500 attacks on over 500 substations around the world. So let’s not kid ourselves that the Metcalf attack is a one-off scenario and the bad guys don’t have experience in knocking out power grids. Just look at how terrorists took down the electric grid for an entire country like Yemen.
- If the attackers had chosen to fire at a certain part of the transformers instead of the cooling tanks or lit the leaking oil on fire, the transformers could have arced and possibly exploded instead of slowly overheating. This would have prevented the control center from having enough time to re-route the power around the failing substation and brought down the electric grid for Silicon Valley.
When Jon Wellinghoff, then chairman of FERC (Federal Energy Regulatory Commission) heard of the attack on the Metcalf substation, he immediately flew to California, taking with him experts from the Joint Warfare Analysis Center in Dahlgren, VA. Months later, after their report was finished, a very different picture came to light. Even still, outside of the Wall Street Journal and a report on Fox, very few media outlets covered this attack.
Here is a short breakdown of what transpired on April 23, 2013 in rural California:
For almost a year after the attack, very little was reported or known about the investigation. Jon Wellinghoff continued his push to raise the alarm on this threat with the Federal regulators, industry representatives, and Congress without much success. He resigned as Chairman of FERC later that year. Mr. Wellinghoff described the attack as, “the most significant incident of domestic terrorism involving the grid that has ever occurred." When speaking to the WSJ, he said, "What keeps me awake at night is a physical attack that could take down the grid…. This is a huge problem." In prophetic fashion, only five months before the Metcalf attack, Wellinghoff told Bloomberg that “a coordinated physical attack is a very, very unsettling thing to me,” and “There are ways that a very few number of actors with very rudimentary equipment could take down large portions of our grid; I don’t think we have the level of physical security we need.”
Mark Johnson, former vice president of PG&E (the company that owns the Metcalf substation) told an industry gathering in November 2013 that he believed this attack to be a dress-rehearsal for a larger attack. He said, “This wasn't an incident where Billy-Bob and Joe decided, after a few brewskis, to come in and shoot up a substation… This was an event that was well thought out, well planned and they targeted certain components.”
In February of 2014, after almost a year with no arrests, Mr Wellinghoff grew frustrated that not enough was being done and contacted the Wall Street Journal with more details about the Metcalf attack and how vulnerable the electric grid was from a physical attack. He was concerned that a larger attack could be in the works and he decided to go public because he felt it was a matter of national security and the substations weren’t being adequately protected.
Shortly after, an internal and confidential FERC analysis was released to the Wall Street Journal (I could not find any evidence that it was Mr. Wellinghoff who released it). The WSJ reported that if as few as 9 of the larger, critical substations were attacked simultaneously; the entire Grid could be brought down for an extended period. Luckily, the WSJ was responsible enough not to publish the actual locations of “critical” substation locations (at the same time, how hard would it be for cyber hackers to get their hands on a document that has been shown and discussed at numerous conferences around the country, especially when the WSJ can obtain a copy). A memo from FERC to the WSJ also noted, “Destroy nine interconnection substations and a transformer manufacturer and the entire United States grid would be down for at least 18 months, probably longer.” What does 18 months without electricity look like to this country? I’ll discuss that later.
Most everything else you want to know about the vulnerability of our substations and HV transformers can be found in this Congressional Report: Physical Security of the US Power Grid: High Voltage Transformer Substations. I challenge you to read through it and you’ll see how unprepared we are for a physical attack on the grid, how easily it could be pulled off with the right knowledge and rudimentary weapons, and how long it would take us to recover.
There have been multiple other physical attacks against our electric grid, but the Metcalf attack was definitely the most threatening. Especially since the perpetrators are still at large and possibly planning another, larger attack using the plethora of information, data, and reports that have come out since the Metcalf attack. To be honest, most of the vandalism against the electric grid involves scrappers stealing copper and disgruntled ex-employees. There was even a case a few years back of a man trying to pull down a high voltage transmission line with his tractor. But with the amount of information we now know about the Metcalf attack, it shouldn’t be lumped in with these vandalism cases. Even if the FBI refuses to label this a terrorist attack for political reasons, we Americans need to be aware of the threat and pressure Congress to act soon to harden the grid and protect the US from another, possibly larger, attack.
"ONE YEAR AFTER METCALF"
A must-watch Report on the follow-up of the Metcalf attack and where we stand today...
I’ll leave you with one more thought. When asked by The Blaze magazine about the Metcalf substation attack, former CIA Director James Woosley, who had been trying to raise the alarm to Congress for years about the vulnerability of the electric grid, had this to say, “People have an almost infinite capacity for not wanting to think about ugly things, and the utilities and companies who could be affected have demonstrated an extraordinary capacity of ostrich-like behavior.”
I couldn’t have said it better myself!
Links dealing with the threat to our electric grid from Physical Attacks: