EMP, The Ultimate Cyber Threat
James Woolsey & Peter Pry: Four days before Halloween, on Sunday morning, October 27, 2013, terrorists in Mexico’s Michoacan state blacked out the electric grid, leaving some 420,000 powerless and thirteen dead. That same Sunday night, National Geographic aired the docudrama American Blackout. This fictionalized account of a cyber attack on the electric grid depicts some of the horrific consequences of a nationwide blackout in the USA lasting 10 days:
People get trapped in elevators and become virtual prisoners in their high-rise apartment buildings. Gasoline is rationed to the military and hospitals, so the average American has no transportation–except for his legs. Food and water become so scarce that there is a life and death struggle over a can of peaches. Before day 10 of the blackout, when the lights come back on, society starts breaking down into anarchy as gangs and vigilante groups run wild.
National Geographic is to be applauded for American Blackout which is essentially a training film to educate the American people about the very real threat posed to their lives by a cyber attack on the electric grid. If there is any fault or unrealism in the docudrama, it is that the blackout lasts only 10 days, and recovery is achieved so quickly.
While Mother Nature can also be a source of EMP disasters, this article deals with the possible threats posed by man. In real life, terrorists or rogue states would probably not limit their attack on the nation’s electric grid to computer viruses or hacking, as implied in the docudrama. They would also use other more destructive means–that could cause a protracted national blackout lasting months or years.
Nuclear EMP–The Ultimate Cyber Threat
Electromagnetic Pulse (EMP) is a dimension of the cyber threat that is not usually considered a cyber threat in Western doctrine, but is in the playbooks for an Information Warfare Operation of Russia, China, North Korea, and Iran. These potential adversaries in their military doctrines include as part of cyber warfare a wide spectrum of operations beyond computer viruses, including sabotage and kinetic attacks, up to and including nuclear EMP attack.
It is vitally important that we understand that a nuclear EMP attack is part of cyber and information warfare operations as conceived by our potential adversaries. Our cyber doctrine must be designed to deter and defeat the cyber doctrines of our potential adversaries by anticipating how they plan to attack us–but our doctrine currently does not.
Our cyber and information warfare doctrines are dangerously blind to the likelihood that a potential adversary making an all-out information warfare campaign designed to cripple the U.S. electric grid and other critical infrastructures would include an EMP attack.
The assessment that nuclear EMP attack is included in the cyber and information warfare doctrine of potential adversaries, and the effects of an EMP attack described here, are based on the work of the Congressional EMP Commission that analysed this threat for nearly a decade (2001-2008). The Congressional Strategic Posture Commission and several other major U.S. Government studies independently arrived at similar conclusions, and represent collectively a scientific and strategic consensus that nuclear EMP attack upon the United States is an existential threat.
Nuclear EMP Attack
A nuclear weapon detonated at high-altitude, above 30 kilometers, will generate an electromagnetic pulse that can be likened to a super-energetic radio wave, more powerful than lightning, that can destroy and disrupt electronics across a broad geographic area, from the line of sight from the high-altitude detonation to the horizon.
For example, a nuclear weapon detonated at an altitude of 30 kilometers would project an EMP field with a radius on the ground of about 600 kilometers, that could cover all the New England States, New York and Pennsylvania, damaging electronics across this entire region, including electronics on aircraft flying across the region at the time of the EMP attack. The EMP attack would blackout at least the regional electric grid, and probably the entire Eastern Grid that generates 70 percent of U.S. electricity, for a protracted period of weeks, months, possibly years.
The blackout and EMP damage beyond the electric grid in other systems would collapse all the other critical infrastructures–communications, transportation, banking and finance, food and water–that sustain modern civilization and the lives of millions.
Such an EMP attack, a nuclear detonation over the U.S. East Coast at an altitude of 30 kilometers, could be achieved by lofting the warhead with a meteorological balloon.
A more ambitious EMP attack could use a freighter to launch a medium-range missile from the Gulf of Mexico, to detonate a nuclear warhead over the geographic center of the United States at an altitude of 400-500 kilometers. The EMP field would extend to a radius of at least 2,200 kilometers on the ground, covering all of the contiguous 48 United States, causing a nationwide blackout and collapse of the critical infrastructures everywhere.
All of this would result from the high-altitude detonation of a single nuclear missile.
The Congressional EMP Commission warned that Iran appears to have practiced exactly this scenario. Iran has demonstrated the capability to launch a ballistic missile from a vessel at sea. Iran has also several times practiced and demonstrated the capability to detonate a warhead on its medium-range Shahab III ballistic missile at the high-altitudes necessary for an EMP attack on the entire United States. The Shahab III is a mobile missile, a characteristic that makes it more suitable for launching from the hold of a freighter.
Launching an EMP attack from a ship off the U.S. coast could enable the aggressor to remain anonymous and unidentified, and so escape U.S. retaliation.
EMP In Cyber Warfare
The Congressional EMP Commission warned that Iran in military doctrinal writings explicitly describes making a nuclear EMP attack to eliminate the United States as an actor on the world stage as part of an Information Warfare Operation. For example, various Iranian doctrinal writings on information and cyber warfare make the following assertions:
“Nuclear weapons…can be used to determine the outcome of a war…without inflicting serious human damage [by neutralizing] strategic and information networks.”
“Terrorist information warfare [includes]…using the technology of directed energy weapons (DEW) or electromagnetic pulse (EMP).”
“…today when you disable a country’s military high command through disruption of communications you will, in effect, disrupt all the affairs of that country….If the world’s industrial countries fail to devise effective ways to defend themselves against dangerous electronic assaults, then they will disintegrate within a few years.”
China’s premier military textbook on information warfare, written by China’s foremost expert on cyber and information warfare doctrine, makes unmistakably clear that China’s version of an all-out Information Warfare Operation includes both computer viruses and nuclear EMP attack. According to People’s Liberation Army textbook World War, the Third World War–Total Information Warfare, written by Shen Weiguang, “Therefore, China should focus on measures to counter computer viruses, nuclear electromagnetic pulse…and quickly achieve breakthroughs in those technologies…”:
With their massive destructiveness, long-range nuclear weapons have combined with highly sophisticated information technology and information warfare under nuclear deterrence….Information war and traditional war have one thing in common, namely that the country which possesses the critical weapons such as atomic bombs will have “first strike” and “second strike retaliation” capabilities ….As soon as its computer networks come under attack and are destroyed, the country will slip into a state of paralysis and the lives of its people will ground to a halt. Therefore, China should focus on measures to counter computer viruses, nuclear electromagnetic pulse…and quickly achieve breakthroughs in those technologies in order to equip China without delay with equivalent deterrence that will enable it to stand up to the military powers in the information age and neutralize and check the deterrence of Western powers, including the United States.
Surprise EMP Attack
North Korea appears to be attempting to implement the information warfare doctrine described above by developing a long range missile capable of making a catastrophic nuclear EMP attack on the United States. In December 2012, North Korea demonstrated the capability to launch a satellite on a polar orbit circling the Earth at an altitude of 500 kilometers.
An altitude of 500 kilometers would be ideal for making an EMP attack that places the field over the entire contiguous 48 United States, using an inaccurate satellite warhead for delivery, likely to miss its horizontal aimpoint over the geographic center of the U.S. by tens of kilometers.
North Korea appears to have borrowed from the Russians their idea for using a so-called Space Launch Vehicle to make a stealthy nuclear attack on the United States. During the Cold War, Moscow developed a secret weapon called a Fractional Orbital Bombardment System (FOBS) that looked like a Space Launch Vehicle, but was designed to launch a nuclear warhead southward, away from the United States initially, but deliver the warhead like a satellite on a south polar orbit, so the nuclear attack comes at the U.S. from the south.
The United States has no Ballistic Missile Early Warning (BMEW) radars or missile interceptors facing south. We might not even see the attack coming.
Miroslav Gyurosi in The Soviet Fractional Orbital Bombardment System describes Moscow’s development of the FOBS:
The Fractional Orbital Bombardment System (FOBS) as it was known in the West, was a Soviet innovation intended to exploit the limitations of U.S. BMEW radar coverage. The idea behind FOBS was that a large thermonuclear warhead would be inserted into a steeply inclined low altitude polar orbit, such that it would approach CONUS from any direction, but primarily from the southern hemisphere, and following a programmed braking maneuver, re-enter from a direction which was not covered by BMEW radars.
“The first warning the U.S. would have of such a strike in progress would be the EMP…,” writes Gyurosi.
The trajectory of North Korea’s satellite launch of December 12, 2012 looked very much like a Fractional Orbital Bombardment System for EMP attack. The missile launched southward, away from the United States, sent the satellite over the south polar region, approaching the U.S. from the south, at the optimum altitude for EMP attack–although the test trajectory deliberately avoided flying over the United States initially.
In subsequent orbits the North Korean satellite did overfly the central U.S. at the optimum location for an EMP attack.
North Korea appears to have borrowed from Russia more than the FOBS. In 2004, a delegation of Russian generals met with the Congressional EMP Commission to warn that design information for a Super-EMP nuclear warhead had leaked from Russia to North Korea, and that North Korea might be able to develop such a weapon “in a few years.”
A few years later, in 2006, North Korea conducted its first nuclear test, of a device having a very low yield, about 3 kilotons. All three North Korean nuclear tests have had similarly low yields. A Super-EMP warhead would have a low-yield, like the North Korean device, because it is not designed to create a big explosion, but to produce gamma rays, that generate the EMP effect.
According to several press reports, South Korean military intelligence concluded independently of the EMP Commission that Russian scientists are in North Korea helping develop a Super-EMP nuclear warhead. In 2012, a military commentator for the People’s Republic of China stated that North Korea has Super-EMP nuclear warheads.
One design of a Super-EMP warhead would be a modified neutron bomb, more accurately an Enhanced Radiation Warhead (ERW) because it produces not only large amounts of neutrons but large amounts of gamma rays, that cause the EMP effect. One U.S. ERW warhead (the W-82) weighed less than 50 kilograms. North Korea’s so-called Space Launch Vehicle, which orbited a satellite weighing 100 kilograms, could deliver such a warhead against the U.S. mainland–or against any nation on Earth.
Iran has not yet tested a nuclear weapon, but may already have a FOBS delivery capability, as it has successfully launched several satellites on polar orbits, assisted by North Korean missile technology and North Korean technicians.
Iranian scientists were present at all three North Korean nuclear tests, according to press reports.
Defending America and the World
What is to be done about the Cyber and EMP threats?
There is no excuse for the United States to be vulnerable to EMP or to the worst case cyber scenarios as depicted in American Blackout. The U.S. Department of Defense has understood for 50 years how to protect military systems from EMP. Private vendors specializing in EMP protection are standing by with faraday cages, surge arrestors, blocking devices and other technology, ready to protect the national electric grid.
Technically, it is important to understand that surge arrestors and other hardware designed to protect against EMP can also protect against the worst-case cyber scenarios that, for example, envision computer viruses collapsing the national power grid. For example, surge arrestors that protect Extra High Voltage transformers from EMP can also protect transformers from damaging electrical surges caused by a computer virus that manipulates the grid Supervisory Control And Data Acquisition Systems (SCADAS).
Unfortunately, the electric power industry so far shows no inclination to invest in the technologies necessary to protect the national electric grid. The congressional EMP Commission estimates that robust protection of the national electric grid could be achieved for a one-time investment of $2 billion–which is what the U.S. gives every year in foreign aid to Pakistan. The U.S. Federal Energy Regulatory Commission (FERC) estimates that EMP protection of the national grid would increase the electric bill of the average rate payer by 20 cents annually.
Administratively, a coherent and effective answer will not likely arise from uncoordinated decisions made independently by the thousands of individual electric utilities and industries at risk. Because cyber preparedness should encompass EMP preparedness–and since EMP is an existential threat–it is imperative that Government play a supervisory and coordinating role to achieve protection against these threats swiftly:
- The President should sign the Executive Order provided to the White House by the Congressional EMP Commission directing that the national electric grid shall be protected against EMP;
- The Congress should pass the SHIELD Act, which has been stalled before the House Energy and Commerce Committee for three years. SHIELD empowers the U.S. FERC with legal and financial authorities to protect the national grid from EMP;
- States should not wait for Washington, but should immediately launch their own legislative initiatives, as done already by the State of Maine, to protect that portion of the electric grid within their states. States can “island” their grids, which will in no way impede their ability to receive or export electric power from or to other states, and thereby protect their people from an EMP catastrophe.
- Industry should start manufacturing Extra-High Voltage (EHV) transformers, SCADAS, and other critical technologies hardened against EMP. Defense Department experience with hardening military systems has shown that, when systems are built with EMP protection as part of the original design, it only adds 1-3 percent to manufacturing cost. As old EHV transformers are retired and other systems are replaced with new systems designed EMP hard, not only the United States, but the entire Free World would eventually become protected from an EMP catastrophe.
The Unfree World, Russia and China, have already hardened their grids against EMP. Israel may have done the same – and if it has not, there is no time to be lost.
Ambassador R. James Woolsey is former Director of Central Intelligence and Co-Chair of the EMP Coalition; Dr. Peter Vincent Pry served on the Congressional EMP Commission, the House Armed Services Committee, and the CIA, and is author of the books Apocalypse Unknown and Electric Armageddon.