April Sniper Attack Knocked Out Substation, Raises Concern for Country's Power Grid
A sniper attack in April that knocked out an electrical substation near San Jose, Calif., has raised fears that the country's power grid is vulnerable to terrorism. WSJ's Rebecca Smith has the details. Photo: Talia Herman for The Wall Street Journal
SAN JOSE, Calif.—The attack began just before 1 a.m. on April 16 last year, when someone slipped into an underground vault not far from a busy freeway and cut telephone cables.
Within half an hour, snipers opened fire on a nearby electrical substation. Shooting for 19 minutes, they surgically knocked out 17 giant transformers that funnel power to Silicon Valley. A minute before a police car arrived, the shooters disappeared into the night.
To avoid a blackout, electric-grid officials rerouted power around the site and asked power plants in Silicon Valley to produce more electricity. But it took utility workers 27 days to make repairs and bring the substation back to life.
Nobody has been arrested or charged in the attack at PG&E Corp.'s Metcalf transmission substation. It is an incident of which few Americans are aware. But one former federal regulator is calling it a terrorist act that, if it were widely replicated across the country, could take down the U.S. electric grid and black out much of the country.
The attack was "the most significant incident of domestic terrorism involving the grid that has ever occurred" in the U.S., said Jon Wellinghoff, who was chairman of the Federal Energy Regulatory Commission at the time.
The Wall Street Journal assembled a chronology of the Metcalf attack from filings PG&E made to state and federal regulators; from other documents including a video released by the Santa Clara County Sheriff's Department; and from interviews, including with Mr. Wellinghoff.
The 64-year-old Nevadan, who was appointed to FERC in 2006 by President George W. Bush and stepped down in November, said he gave closed-door, high-level briefings to federal agencies, Congress and the White House last year. As months have passed without arrests, he said, he has grown increasingly concerned that an even larger attack could be in the works. He said he was going public about the incident out of concern that national security is at risk and critical electric-grid sites aren't adequately protected.
The Federal Bureau of Investigation doesn't think a terrorist organization caused the Metcalf attack, said a spokesman for the FBI in San Francisco. Investigators are "continuing to sift through the evidence," he said.
Some people in the utility industry share Mr. Wellinghoff's concerns, including a former official at PG&E, Metcalf's owner, who told an industry gathering in November he feared the incident could have been a dress rehearsal for a larger event.
"This wasn't an incident where Billy-Bob and Joe decided, after a few brewskis, to come in and shoot up a substation," Mark Johnson, retired vice president of transmission for PG&E, told the utility security conference, according to a video of his presentation. "This was an event that was well thought out, well planned and they targeted certain components." When reached, Mr. Johnson declined to comment further.
A spokesman for PG&E said the company takes all incidents seriously but declined to discuss the Metcalf event in detail for fear of giving information to potential copycats. "We won't speculate about the motives" of the attackers, added the spokesman, Brian Swanson. He said PG&E has increased security measures.
Utility executives and federal energy officials have long worried that the electric grid is vulnerable to sabotage. That is in part because the grid, which is really three systems serving different areas of the U.S., has failed when small problems such as trees hitting transmission lines created cascading blackouts. One in 2003 knocked out power to 50 million people in the Eastern U.S. and Canada for days.
Many of the system's most important components sit out in the open, often in remote locations, protected by little more than cameras and chain-link fences.
Transmission substations are critical links in the grid. They make it possible for electricity to move long distances, and serve as hubs for intersecting power lines.
Within a substation, transformers raise the voltage of electricity so it can travel hundreds of miles on high-voltage lines, or reduce voltages when electricity approaches its destination. The Metcalf substation functions as an off-ramp from power lines for electricity heading to homes and businesses in Silicon Valley.
The country's roughly 2,000 very large transformers are expensive to build, often costing millions of dollars each, and hard to replace. Each is custom made and weighs up to 500,000 pounds, and "I can only build 10 units a month," said Dennis Blake, general manager of Pennsylvania Transformer in Pittsburgh, one of seven U.S. manufacturers. The utility industry keeps some spares on hand.
A 2009 Energy Department report said that "physical damage of certain system components (e.g. extra-high-voltage transformers) on a large scale…could result in prolonged outages, as procurement cycles for these components range from months to years."
Mr. Wellinghoff said a FERC analysis found that if a surprisingly small number of U.S. substations were knocked out at once, that could destabilize the system enough to cause a blackout that could encompass most of the U.S.
Not everyone is so pessimistic. Gerry Cauley, chief executive of the North America Electric Reliability Corp., a standards-setting group that reports to FERC, said he thinks the grid is more resilient than Mr. Wellinghoff fears.
"I don't want to downplay the scenario he describes," Mr. Cauley said. "I'll agree it's possible from a technical assessment." But he said that even if several substations went down, the vast majority of people would have their power back in a few hours.
The utility industry has been focused on Internet attacks, worrying that hackers could take down the grid by disabling communications and important pieces of equipment. Companies have reported 13 cyber incidents in the past three years, according to a Wall Street Journal analysis of emergency reports utilities file with the federal government. There have been no reports of major outages linked to these events, although companies have generally declined to provide details.
"A lot of people in the electric industry have been distracted by cybersecurity threats," said Stephen Berberich, chief executive of the California Independent System Operator, which runs much of the high-voltage transmission system for the utilities. He said that physical attacks pose a "big, if not bigger" menace.
There were 274 significant instances of vandalism or deliberate damage in the three years, and more than 700 weather-related problems, according to the Journal's analysis.
Until the Metcalf incident, attacks on U.S. utility equipment were mostly linked to metal thieves, disgruntled employees or bored hunters, who sometimes took potshots at small transformers on utility poles to see what happens. (Answer: a small explosion followed by an outage.)
Last year, an Arkansas man was charged with multiple attacks on the power grid, including setting fire to a switching station. He has pleaded not guilty and is undergoing a psychiatric evaluation, according to federal court records.
Overseas, terrorist organizations were linked to 2,500 attacks on transmission lines or towers and at least 500 on substations from 1996 to 2006, according to a January report from the Electric Power Research Institute, an industry-funded research group, which cited State Department data.
An attack on a PG&E substation near San Jose, Calif., in April knocked out 17 transformers like this one.
To some, the Metcalf incident has lifted the discussion of serious U.S. grid attacks beyond the theoretical. "The breadth and depth of the attack was unprecedented" in the U.S., said Rich Lordan, senior technical executive for the Electric Power Research Institute. The motivation, he said, "appears to be preparation for an act of war."
The attack lasted slightly less than an hour, according to the chronology assembled by the Journal.
At 12:58 a.m., AT&T fiber-optic telecommunications cables were cut—in a way that made them hard to repair—in an underground vault near the substation, not far from U.S. Highway 101 just outside south San Jose. It would have taken more than one person to lift the metal vault cover, said people who visited the site.
Nine minutes later, some customers of Level 3 Communications, an Internet service provider, lost service. Cables in its vault near the Metcalf substation were also cut.
At 1:31 a.m., a surveillance camera pointed along a chain-link fence around the substation recorded a streak of light that investigators from the Santa Clara County Sheriff's office think was a signal from a waved flashlight. It was followed by the muzzle flash of rifles and sparks from bullets hitting the fence.
The substation's cameras weren't aimed outside its perimeter, where the attackers were. They shooters appear to have aimed at the transformers' oil-filled cooling systems. These began to bleed oil, but didn't explode, as the transformers probably would have done if hit in other areas.
About six minutes after the shooting started, PG&E confirms, it got an alarm from motion sensors at the substation, possibly from bullets grazing the fence, which is shown on video.
Four minutes later, at 1:41 a.m., the sheriff's department received a 911 call about gunfire, sent by an engineer at a nearby power plant that still had phone service.
Riddled with bullet holes, the transformers leaked 52,000 gallons of oil, then overheated. The first bank of them crashed at 1:45 a.m., at which time PG&E's control center about 90 miles north received an equipment-failure alarm.
Five minutes later, another apparent flashlight signal, caught on film, marked the end of the attack. More than 100 shell casings of the sort ejected by AK-47s were later found at the site.
At 1:51 a.m., law-enforcement officers arrived, but found everything quiet. Unable to get past the locked fence and seeing nothing suspicious, they left.
A PG&E worker, awakened by the utility's control center at 2:03 a.m., arrived at 3:15 a.m. to survey the damage.
Grid officials routed some power around the substation to keep the system stable and asked customers in Silicon Valley to conserve electricity.
In a news release, PG&E said the substation had been hit by vandals. It has since confirmed 17 transformers were knocked out.
Mr. Wellinghoff, then chairman of FERC, said that after he heard about the scope of the attack, he flew to California, bringing with him experts from the U.S. Navy's Dahlgren Surface Warfare Center in Virginia, which trains Navy SEALs. After walking the site with PG&E officials and FBI agents, Mr. Wellinghoff said, the military experts told him it looked like a professional job.
In addition to fingerprint-free shell casings, they pointed out small piles of rocks, which they said could have been left by an advance scout to tell the attackers where to get the best shots.
"They said it was a targeting package just like they would put together for an attack," Mr. Wellinghoff said.
Mr. Wellinghoff, now a law partner at Stoel Rives LLP in San Francisco, said he arranged a series of meetings in the following weeks to let other federal agencies, including the Department of Homeland Security, know what happened and to enlist their help. He held a closed-door meeting with utility executives in San Francisco in June and has distributed lists of things utilities should do to strengthen their defenses.
A spokesman for Homeland Security said it is up to utilities to protect the grid. The department's role in an emergency is to connect federal agencies and local police and facilitate information sharing, the spokesman said.
As word of the attack spread through the utility industry, some companies moved swiftly to review their security efforts. "We're looking at things differently now," said Michelle Campanella, an FBI veteran who is director of security for Consolidated Edison Inc. in New York. For example, she said, Con Ed changed the angles of some of its 1,200 security cameras "so we don't have any blind spots."
Some of the legislators Mr. Wellinghoff briefed are calling for action. Rep. Henry Waxman (D., Calif.) mentioned the incident at a FERC oversight hearing in December, saying he was concerned that no one in government can order utilities to improve grid protections or to take charge in an emergency.
As for Mr. Wellinghoff, he said he has made something of a hobby of visiting big substations to look over defenses and see whether he is questioned by security details or local police. He said he typically finds easy access to fence lines that are often close to important equipment.
"What keeps me awake at night is a physical attack that could take down the grid," he said. "This is a huge problem."
—Tom McGinty contributed to this article.
This is a repost of an article that appeared in the Wall Street Journal on February 4, 2014