Personal Perspective: Terrorism Risk to Critical Infrastructure

By Daniel Colcher

 

Critical infrastructure is defined by the US Government as “assets, systems, and networks, whether physical or virtual, so vital to the United States that the incapacity or destruction of such assets, systems, or networks would have a debilitating impact on security, national economic security, public health or safety, or any combination of those matters.”  The term also includes the virtual networks that link information assets together.  The risk is not shouldered entirely by the US government.  Most of the critical infrastructures are owned and/or operated by private firms.

 

The critical infrastructures are complex and adaptive systems that are far more capable and complicated than the sum of their physical components.  While they are resilient to random failures, they are very vulnerable to targeted attacks.  Deliberate attacks, while less frequent then “normal accidents” or natural disasters, are more worrisome.  Advisories can take their time and study the targeted infrastructure(s) to identify critical nodes and target those specific nodes.  In addition, the terrorists can mount sustained attacks that could cause lasting damage because the node may be able to recover from a single incident but not from continuous attacks.

 

Since 9/11, the United States has focused the bulk of its energy and resources on trying to prevent terrorist-sponsored infrastructure attacks. Such efforts are absolutely necessary, but they are not sufficient; it is practically impossible to prevent some kind of terrorist attack in the United States. In addition, by focusing on the threat from manmade attacks, the government has diverted attention from the risks posed by both natural disasters and industrial accidents, neither of which can be prevented by antiterrorism measures. For both of these reasons, the Nation should weigh the costs and benefits of initiatives that go beyond purely preventive measures and explore ways to increase the resilience of critical infrastructures.⁽²⁾

 

Modern society has grown dependant on critical infrastructures and interconnected systems.  When resources are unavailable for even a short amount of time, the effects can be observed worldwide. Attacks on critical infrastructure can have both direct and indirect consequences.  An indirect consequence could be public confidence.  The public expects tomorrow will resemble today and events are generally predictable and controllable by public authorities.  If things go wrong, public confidence can be shaken and, eventually, broken.  A breakdown in public confidence can lead to a rapid collapse of law and order, anarchy, and a “war of all against all.” Something of this sort occurred in the aftermath of Hurricane Katrina.  If the media becomes unavailable because of infrastructure collapse, media-reliant individuals will feel a sense of dislocation and confusion that may leave them susceptible to rumors and misinformation.

 

There are challenges that will face DHS and DoD on creating a strategy for handling threats against the critical infrastructure.  Since a majority of the critical infrastructure is owned or operated by private firms, a coordinated response to threats or incidents would require a large number of private companies to work together in addition to the local, state and federal government agencies.  Even though it has been shown that private companies display commendable patriotism in times of emergency, for legal, financial, and competitive reasons, full cooperation among companies is unlikely.  Firms will naturally put their own business interests ahead of broader, vaguer public interests thus leaving critical nodes vulnerable.

 

Sources:

(1) http://www.comw.org/tct/homeland10.html

(2) Strategic Fragility: Infrastructure Protection and National Security in the Information Age

            Defense Horizons, January 20087, by Robert A. Miller and Irving Lachow

(3) CRITICAL INFRASTRUCTURE: Challenges Remain in Protecting Key Sectors, Testimony

Before the Subcommittee on Homeland Security, Committee on Appropriations, House of Representatives, GAO-07-626T, March 20, 2007