We have written numerous articles about the risks associated with legacy technologies from a cybersecurity perspective. It seems Colonial Pipeline got off easy in its recent ransomware cyberattack. The economic and national security impact would have been significant if an enemy state decided to corrupt Colonial’s systems in such a manner so as to prevent gasoline from flowing through Colonial’s 5,500 miles of pipeline for an extended period of time (Colonial transports more than 100 million gallons of fuel each day to 14 states, including 7 airports). A stroke of luck such a disaster was avoided.
Oil refineries could be hacked, preventing heating oil from reaching cold weather states during the winter. Nuclear power plants could be hacked to release waste material in a manner that would harm the public. The electric grid could be gravely damaged by deploying a nuclear bomb at altitude above a major city. Mr. Biden’s infrastructure plan fails to address these economic and national security risks. The events mentioned are known security risks and are entirely possible. Our guess is that such an event has a 50% probability of occurring given that we know those with malicious intent exist and we know our legacy infrastructure (broadly defined) is not equipped to prevent an attack. “Fragile” is perhaps the best adjective to describe the U.S.’s legacy infrastructure.