Long, long ago US Special Operations Forces extensively studied what you can do with a sniper rifle, beyond just killing people. And they discovered that some items are highly vulnerable to what’s called in the trade a “standoff attack”.
Someone, in the United States, has gone beyond studying targets and has attacked at least one of them in this way; the FBI and other agencies are investigating, and playing their investigation very close to the chest. Hold that thought while we can consider what a mere rifle can do, and in a while we’ll tell you what a rifle or rifles did last April.
Many mighty weapons systems and economic targets are vulnerable to the sort of projectile that might be launched by an individual weapon. One example is that staple of rogue nations, the SCUD transporter-erector-launcher. There are specific places where, if you put a bullet in it, you can render this millions-of-dollars system <i>hors de combat</i>, permanently (or as near so as you need to do, to win the war). Some of these vulnerabilities can be protected with armor plate, and some can’t. Other examples come in the realm of critical infrastructure.
While US SOF might have been first to the party, anyone can play this game. (And to be honest, SOF’s methodology was originally developed by nuclear targeteers working the SIOP, based on the efforts of conventional bomber targeteers in World War II). Whether you’re attacker or defender, you can apply the same critical analysis to any target. This is of particular interest with infrastructure targets.
The target analysis methodology we use is unclassified. It is described by the acronym CARVER. That stands for Criticality, Accessibility, Recuperability, Vulnerability, Effect, and Recognizability. A brief definition of Criticality might be: “how critical is the targeted node to the target system, or to the enemy’s war-making capability?” Compare that to an official definition from a doctrinal publication:
Criticality means target value. This is the primary consideration in targeting. A target is critical when its destruction or damage has a significant impact on military, political, or economic operations.
Accessibility: “Can we get to it?” Recuperability: “How quickly can the attack’s consequences be repaired, replaced or substituted for?” Vulnerability: “Can we take it out with the tools we have?” (The most critical target might be a hydroelectric dam, but absent 617 Squadron or a nuke, it’s staying put). Effect: ”What consequences, strategic, operational and tactical, and good or ill, flow from attacking this target?” and Recognizability: “Can we be sure the guy pulling the trigger will have the right target?”
CARVER works as well when planning to protect or defend a target. For instance, it systematizes developing CT countermeasures or securing a target against exploitation by reconnaissance, surveillance, or attack. The primary product of CARVER is a thorough understanding of the target, target system or target complex by the assigned team, but they also produce a target folder. (In the real world, they’re usually updating a preexisting target folder, which might be a half-century old). One of the documents they produce, for each target, is a CARVER matrix which can be unweighted, but in the real world is usually drafted with weighted values. The weights depend on overall mission objectives and priorities. (For example, CARVER values are weighted differently for a clandestine attack in a time of nominal peace, than they are for an overt attack in time of war). This example of a simple, unweighted CARVER Matrix is from Appendix B to FM 34-36.
For those wishing to play their own CARVER games on targets near and dear to you, the methodology is outlined in the Appendix, here: FM_34-36_app_D.pdf. Bear in mind, that’s the simple version and CARVER can be as complicated, deep and sophisticated as you care to make it.
The numbers in the example above are for a gross oversimplification of an attack on an electric power supply system, but they show something interesting: step-up transformers are uniquely vulnerable. (Step-downs, not on this list, are right up there, too).
This has long been known and discussed in and out of the community.
A Predictive Example: Captain’s Quarters
Back in 2010, Herschel Smith of the Captain’s Quarters blog wrote what was well known about power generation and transmission, at least in unconventional warfare circles:
The most vulnerable structure, system or component for large scale coal plants is the main step up transformer – that component that handles electricity at 230 or 500 kV. They are one of a kind components, and no two are exactly alike. They are so huge and so heavy that they must be transported to the site via special designed rail cars intended only for them, and only about three of these exist in the U.S.
They are no longer fabricated in the U.S., much the same as other large scale steel fabrication. Its manufacture has primarily gone overseas. These step up transformers must be ordered years in advance of their installation. Some utilities are part of a consortium to keep one of these transformers available for multiple coal units, hoping that more will not be needed at any one time. In industrial engineering terms, the warehouse min-max for these components is a fine line.
On any given day with the right timing, several well trained, dedicated, well armed fighters would be able to force their way on to utility property, fire missiles or lay explosives at the transformer, destroy it, and perhaps even go to the next given the security for coal plants. Next in line along the transmission system are other important transformers, not as important as the main step up transformers, but still important, that would also be vulnerable to attack. With the transmission system in chaos and completely isolated due to protective relaying, and with the coal units that supply the majority of the electricity to the nation incapable of providing that power for years due to the wait for step up transformers, whole cites, heavy industry, and homes and businesses would be left in the dark for a protracted period of time, all over the nation.
Smith made a few errors. There are US manufacturers with the capability of manufacturing large transformers, although there are only three of them (and, irony of ironies, they all depend on mains power). And some transformers are designed with fail-safe methods that prevent them going supernova just because the mineral oil within drains out a .30 caliber hole — the less said of those, perhaps, the better. But his analysis is, generally, right on.
Attacks in Arkansas
After the April attack in California, which is recounted below, there have been no further overt small arms attacks on power generation and transmission infrastructure. But there have been three varied attacks in Arkansas. In the first, in August, the attacker attached a cable to a power-transmission tower, after spending a month loosening the bolts of the tower, and ran it across a railroad track, in hopes that the train would hit the cable and pull down the tower. This attack caused a brief, local outage. The second, as described by the FBI, was arson:
In the early morning hours of September 29, 2013, officials with Entergy Arkansas reported a fire at its Keo substation located on Arkansas Highway 165 between Scott and England in Lonoke County. Fortunately, there were no injuries and no reported power outages. Investigation has determined that the fire, which consumed the control house at the substation, was intentionally set. The person or persons responsible for this incident inscribed a message on a metal control panel outside the substation which reads, ‘YOU SHOULD HAVE EXPECTED U.S.’
And in October, the attacker used a tree-trimming machine to sever power poles and the 115,000 watt transmission line they carried. This attack left 10,000 people without power.
These attacks show an attacker with imagination and motive (assuming these to be the work of a single attacker, which the long lead time between attacks suggests). But he is also an attacker without a great deal of organization or a CARVER methodology. The September attack had no consequences at all for power distribution.
The FBI assessed the Arkansas attacks as the work of a single individual who has no connection to the West Coast small arms attack. They have arrested one Jason Woodring, 37, less than two weeks after the October 6 power-line attack, and he has been indicted on terrorism and weapons charges (the weapons charges include possession of an unregistered NFA weapon — short barreled shotgun — and possession of firearms while a user of drugs, to wit, methamphetamine). It was not their exploitation of the surveillance state, or systematic invasion of people’s privacy, that led them to Woodring: his home is adjacent to the power-company motor pool from which the Sky-Trim machine was stolen. They consider Woodring the sole perpetrator in all three Arkansas incidents.
If Woodring said anything about his motive to the FBI, they’ve kept a lid on it.
So: if one disorganized, untrained solo actor can do this much damage, what can a small conspiracy achieve? Or what can one organized and trained solo actor do? This is the more frightening prospect; solo operation gives the authorities none of the usual fault-lines they can count on to penetrate conspiracies.
The Metcalf, CA Attack
The attack seems to have had some near-military planning and execution. At approximately one AM local time, unknown subject cut two sets of phone lines. One was under a very heavy manifold cover, suggesting a team rather than a single individual. The fiber optic lines were cut in such a way as to render them hard to repair. Surveillance video then shows an arc of light — possibly a signal sent by flashlight — and a gunman or gunmen began to fire at a transformer substation in Metcalf, CA. He, or they, maintained a steady fire for almost an hour, and then melted away into the night, shortly before police arrived. The cop could not get into the locked substation. This graphic from the Wall Street Journal is a companion piece to a decent article. (If you’re paywalled out, use this Google search).
By the time technicians arrived, the plant was out of service and would be for some time. Gunfire had holed a number of transformers, causing them to fail.
The attackers made errors. They left behind their brass (7.62x39mm), and their position marking cairns. Their marksmanship was only so-so — there were a lot of misses — and perhaps more importantly, they engaged some targets that would not have had any systemic effect. The phone lines cut were not sufficient to isolate the substation and the associated installations, so the police were called while the attack was still underway. Still, the shooter(s) were off and away before the police were on scene.
Focus of the Investigation
The focus of the investigation has been on domestic political opposition. Originally, a great deal of effort was made to try to tie this to a series of power transmission attacks in Arkansas, without success, because the author of the Arkansas attacks appears to have been an imaginative singleton. No consideration has been given to the possibility of Mexican Drug Trafficking Organization (DTO) involvement, either on their own behalf or on behalf of anti-American international terrorists; indeed, no consideration has been given to international terrorists at all. Given the way the Arkansas case shook out, the FBI are pretty sure they’re on the right track.
A remote possibility exists that this could have been representatives of the Sinaloa Cartel doing a favor for their BATFE gun suppliers, or the ATF themselves, looking to generate enthusiasm — or pretext — for further gun bans. That sounds far-fetched to the point of paranoid, but these attacks took no lives, and in the past, they did launch a policy that predictably resulted in the deaths of Federal agents. And one of the guys who planned that fiasco is the new director.
The FBI has also made great use of national intelligence agencies’ pervasive surveillance of domestic computer communications. Exactly who is swept up in the dragnet can’t be known, but given that Herschel Smith’s posts predate the attacks, they’ve probably looked at everybody who has looked at those pages. Say hello to J. Edgar, or maybe he’s really Markus Wolf, guys.
Consider this: Metcalf and Arkansas were clearly attacks, given their complexity and persistence. But there may be other attacks that have not been documented as such. Last year, a Louisiana electric co-op lost a transformer and insulators to rifle fire, but managers aren’t thinking terrorism. They think it’s something the industry has come to accept, unwillingly, as routine: equipment damaged deliberately by armed vandals, or recklessly by irresponsible shooters or hunters.
We’re not sure what’s the worst possibility: these attacks are foreign terrorists or drug kings, or they’re attacks by rogue agents, or they’re just sheer bloody-minded vandalism, destruction for the simple and sick joy of destruction. Each option is pretty dreadful.
And consider this: it might not be a fully-formed plan at this point. It might have been a confidence target, a guerilla’s version of a test flight or shakedown cruise. That’s a lovely concept.
It could be worse
But as bad as the Metcalf, CA attack was, it could definitely have been worse. The West Point Combating Terrorism Center (CTC) sponsored game-theory research into taking down the grid. While the work is theoretical, and mathematically dense, and it assumes a cyber, not physical, attack, the conclusions are clear: an attack on well-chosen nodes could take down one of the three regional/subnational grids; and adding more resources to both sides increases the advantage of the attacker.
We’ve seen a lot of similar attacks on power transmission in Iraq. Some of them are political (or as the faultlines in Iraq are shaping up today, sectarian). Others are just nihilistic vandalism. Once you uncork the bottle, the genie gets a vote.
Prediction: we haven’t heard the end of these attacks.
In the end, last April, Metcalf went offline and PG&E patched around it and limped along for the weeks it took for repairs to bring the substation back online. And it did finally go online, with some new surveillance technology, and something new in place to thwart rifle attacks: opaque screens. This can still be overcome by the offense, of course, but it makes him work harder or select different weapons.