(govt)-CIA testimony 10-13-99greenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread
Thanks to Brian for the heads up on this doc. - mitch
NIO for Science and Technology Statement October 13, 1999 ----------------------------------------------------------------------
Statement for the Record Senate Special Committee on the Year 2000 Technology Problem
Foreign Preparedness for Y2K
Lawrence K. Gershwin National Intelligence Officer for Science and Technology
Mr. Chairman and members of the Committee, I am pleased to have the opportunity to provide the Committee with the Intelligence Communitys latest assessment of the status of foreign preparedness for Y2K. We recently published a comprehensive, classified National Intelligence Estimate on foreign Y2K efforts, and we are continuing to focus on this evolving issue to ensure that policy makers are as prepared as possible for the potential consequences for the US and our allies of international Y2K failures. This assessment is essentially a "snapshot" of the current state of international preparedness for Y2K. As countries continue their remediation, testing, and contingency planning activities, and as we get more information, some of our observations will change.
Efforts to address potential problems vary widely both among and within individual countries. For example, the United Kingdom has a highly successful government awareness campaign which has spurred industry, commerce and government agencies to take steps to correct Y2K problems. At the other end of the spectrum, when Indonesia's national electricity board was recently asked by an Indonesian newspaper about its Y2K preparedness, they replied that they can observe what happens at midnight 1999 in Western Samoa, New Zealand and Australia, and still have six hours to make plans.
* The quality of corrective work varies greatly among countries and sectors and, in some cases, remediation work introduces new flaws that go undetected due to limited or faulty testing. Moreover, time for effective corrective action is running out. Even if remediation work has taken place, there may be insufficient time left for testing, identifying problems that emerge, and follow-up remediation. Industry experts believe, in many cases, effective testing can take two to three times as long as remediation. The availability of funding and technical expertise in foreign countries to analyze vulnerabilities and carry out remediation and testing will continue to be a major impediment. The public and private sectors will increasingly focus on contingency planning for coping with the impact of Y2K failures after 1 January and prioritizing repairs.
Where effective prevention action has been taken in advance of 1 January, disruptions will likely be random, temporary, and of localized impact. In the absence of effective remediation and contingency plans, Y2K-related problems could cause widespread, possibly prolonged disruptions in vital services that could have serious humanitarian and economic consequences.
Y2K failures will occur before and as the date rollover approaches, peaking on 1 January and persisting well beyond that. In some countries, such as Russia, it will likely take a significant amount of time to overcome Y2K failures.
Russia, Ukraine, China and Indonesia are among the countries most likely to experience significant Y2K-related failures. Countries in Western Europe are generally better prepared, although we see the chance of some significant failures in countries such as Italy. Major economic powers such as Germany and Japan are making great strides in Y2K remediation, but their late start and the magnitude of the effort suggest that even these countries are at risk of some failures. Canada, the UK, Australia, Singapore, and Hong Kong are very well prepared and have a lower chance of experiencing any significant Y2K failures.
The Americas. The level of Y2K preparedness varies widely among foreign countries in the Americas and even among sectors within individual countries; Canadaworking closely with the United States on sectors where national interests are highly integrated such as electrical poweremerges as the best prepared.
Most national governments in Latin America have established commissions to coordinate preparations within the public sector and to increase general awareness, but efforts in many cases are late, underfunded, and weakly enforced. Some disruptions of basic public servicesincluding utilities, telecommunications, public health, and social welfareare likely throughout the region, but we are unable to judge their potential scope or duration. We consider it unlikely that these disruptions will affect domestic stability or US interests in this region.
Europe. European countries, with the exception of the United Kingdom, got a late start in assessing, repairing, and planning for contingencies related to the Y2K problem. Nearly all European governments have national Y2K programs in place, and most are working very hard to minimize the significance of Y2K-related problems. However, we are concerned that some have not allotted adequate resources to remediation and testing. Remediation efforts are the most advanced in the finance and telecommunications sectors Russia and Ukraine. Russia and Ukraine are particularly vulnerable to Y2K failures. They got a late start in remediation and lack sufficient resources to identify and correct problems--virtually guaranteeing that the countries will suffer economic and social consequences for some time. Both countries have old capital stock, much of which has not been upgraded since the Soviet era. They are further impeded because of their perception that a limited computer dependence largely "protects" them. Areas of greatest risk are strategic warning and command and control, nuclear power plants, the gas industry, and the electric power grid.
Middle East & North Africa. Most countries in the Middle East and North Africa recognize Y2K as a computer hardware and software problem, but started later in dealing with the potential problems with embedded chips and interconnected systems. The oil companies, banking sector, and large multinational companies are best informed and are conducting remediation and testing. Government institutions, small businesses, the health sector, and some public utilities lag because of funding shortfalls, a late start in addressing the problem and, in some cases, a misunderstanding of the nature and scope of Y2K vulnerabilities.
Y2K-related failures will occur, especially in public utilities, although we cannot yet judge their scope or duration. Urban areas will be most affected.
Africa. With the exception of South Africa, other countries in sub-Saharan Africa were late in recognizing the Y2K problem but are developing preparations to deal with it. Because many Africansespecially in rural areasexpect little from government, interruptions in services are unlikely to spark unrest.
Asia-Pacific. Preparations for dealing with Y2K problems across the Asia-Pacific region vary greatly. The Asian countries that rely heavily on advanced technology for power generation, communications, and transportation have had comprehensive Y2K programs under way for some time. Most countries with moderate reliance on computers are aware of potential Y2K problems and have begun assessment and remediation efforts.
The sectors with the most advanced programs for dealing with Y2K are banking and finance, civil aviation, and telecommunications. The sectors least prepared, as a general rule, are railroads, ports, medical services, and small- and medium-sized enterprises.
Impact on US of Y2K Failures
Y2K-related disruptions and failures can affect US interests in three ways:
* They may have a direct impact. Some foreign infrastructures and vital sectors are directly linked to those in the United States either physically or through computer networks. * They may have an indirect impact. The United States depends on the uninterrupted flow of many raw materials and finished goods for its economic security and national defense. In addition, diplomatic and military operations depend upon host-nation infrastructure support, including telecommunications and electric power. * They may have broad national security implications. Foreign Y2K-related crises have the potential to involve US military and civilian components in humanitarian relief, environmental disaster recovery, or evacuations.
The direct impact on the United States of Y2K-related disruptions and failures in foreign infrastructures will be limited. There are several reasons for this. First of all, Canada, the country to whose infrastructure we are most tightly linked, is well advanced in Y2K remediation and unlikely to export significant problems to the United States.
Second, the global payments system is unlikely to experience significant failures, because most of the developed countries appear well prepared in the banking and finance sector. Financial institutions in most emerging markets, however, as well as those in less developed countries, may experience failures because they started the remediation process later and because they are experiencing scarcities of resources and technical expertise.
* Even well-prepared institutions, however, will still be impacted if disruptions occur in domestic infrastructuresespecially electric power and telecommunications. They are also exposed to Y2K problems in the information systems of their customers, vendors, and smaller banks to whom they are linked.
Third, we are highly confident that Y2K failures will not lead to the inadvertent or unauthorized launch of a ballistic missile by any country. If Y2K failures do occur, we are concerned about the potential for Russia to misinterpret early warning dataespecially if we were in a period of increased tensions brought on by an international political crisis. Russia and the United States have agreed to establish the Center for Year 2000 Strategic Stability at Peterson Air Force Base, Colorado. The Center will provide a venue for sharing information on missile and space launches collected by US sensors across the year 2000 date change in order to prevent any misunderstandings resulting from Russian early warning failures.
Finally, the United States is unlikely to experience a significant disruption in oil deliveries because our key suppliers appear to be Y2K ready. Major multinational firms have been in the forefront of remediation and testing efforts, and operators of oil terminals and tankers have been similarly active in correcting Y2K vulnerabilities.
While we probably will not be directly impacted by foreign Y2K failures, breakdowns in foreign infrastructure could impact US interests overseas: our official and military presence overseas, US businesses, and the welfare of countries important to us. Disruptions and failures in telecommunications, electricity generation and transmission, and transportation pose the greatest threat because of their fundamental importance to all other critical services.
Telecommunications. Although a high priority for most countries, efforts to remediate Y2K problems in the telecommunications sector in many countries, particularly developing countries, have been hampered by inadequate funding, a shortage of skilled personnel, a late start, and the need for lengthy remediation and testing. We estimate that only a few countries are on target in remediating and testing their telecommunications systems. Networks elsewhere are likely to experience problems ranging from minor inconveniences to serious disruptions. Experts are concerned that minor failures could cascade, causing a network to become degraded over time.
* The interconnections among many time-sensitive systems make it more likely that a Y2K problem in one system will cause problems in a system with which it is connected. Problems in telecommunications would also affect other sectors, such as power and national defense.
Failure to complete Y2K remediation is likely to result in outages that could affect the United States and foreign countries in significant ways. They could cost telecommunications operators considerable money in lost revenue; affect the operations of government, the financial sector, the military, industry, and the energy sector; and exacerbate regional tensions. Communications disruptions will damage US businesses and official activities that depend on host-government support.
Many well known companies that follow Y2K preparations list countries such as Russia, China, and Italy as likely to have telecommunications problems and we have no reason to disagree with these assessments. Some countriessuch as Russiaare likely to be so poorly prepared that widespread telecommunications failures will likely occur.
Electric Power. Localized blackouts lasting possibly up to a week and regional brownouts of much shorter duration are likely to occur in Russia; however, the city of Moscow is unlikely to experience serious disruptions. In western Europe, some countries are likely to experience localized blackouts; however, a cascading failure throughout the region is highly unlikely.
* Each of the different elements of the electric power sectorgeneration facilities, transmission and distribution networks, telecommunications, protection systems, and consumersforms a complex interrelationship that could cause a systemwide failure even if there were significant failures in only one element. Some electrical power grids in Europe and Asiawhere Y2K remediation has been inconsistent at the national and local levelsare likely to experience outages.
Foreign Nuclear Power Plants. Y2K failures affecting nuclear power plants fall into two categories: problems that occur outside the nuclear plant (for example, voltage and frequency fluctuations or the collapse of the electricity grid) or, less likely, problems that occur inside the nuclear plant that affect generation capability. Of these two, the first is by far the more serious because nuclear plants depend on off-site electricity to operate. Loss of off-site power or large fluctuations of voltage frequency on the grid would lead to an automatic shutdown. In the event that a prolonged outage occurs, this would require, among other things, that backup systems supply power to pump coolant through the reactor core for about a week until the reactor is below fuel melting temperatures. Therefore, Y2K problems impacting generation capability in conventional plants can affect nuclear plants by causing frequency or voltage fluctuations leading to a possible collapse of the electrical grid. Similarly, Y2K problems within equipment on the grid itself might cause problems leading to the disconnection and shutdown of nuclear power plants.
We judge that those Y2K problems occurring within nuclear power plants probably will pose no direct safety problem because almost all plants have analog, electro-mechanical safety systems that will shut down the reactors if anomalies are detected. Y2K problems in digital non-safety-related systems within the nuclear plants, if they occur, would most likely lead to a reduction in generation capacity or shutdowns.
These Y2K-initiated shutdowns presumably could be conducted in a safe manner, but digital systems experiencing Y2K problems could produce false data that would then be displayed to operators, increasing the chance for operator error and, potentially, accidents. Internally-generated Y2K problems that caused a shutdown could also contribute to instability of the electricity grid by removing generation capacity from the grid. Therefore, Y2K problems at one nuclear power plant could contribute to problems at surrounding power plants.
Soviet-Designed Reactors. We are most concerned about the safety of Soviet-designed nuclear plants, including Chernobyl-type reactors in Russia and Ukraine, due both to inherent design problems of these plantsfor example, lack of total containment systemsand to the lack of detailed data on Y2K remediation plans and contingency plans.
* Nonetheless, we judge the chance of a nuclear accident on the scale of Chernobyl is extremely low.
The combined effects of possible Y2K-generated internal failures and external power problems (loss of offsite power) increase the risk of a nuclear incident, particularly if operators believe they can compensate for Y2K malfunctions or for power supply reductions in the grid by overriding plant safety systems. Similar operator actions led to the accident at Chernobyl.
At this late date, remediating and testing all Soviet-designed nuclear power plant systems before yearend is not feasible, particularly given the age of the computer systems and the fact that many of the original manufacturers have gone out of business. However, countries possessing these systems have made significant efforts to identify their Y2K-related problems and are working hard to minimize the effects. Moreover, significant international attention and assistance has been beneficial.
The chance of a nuclear incident in Russia, Ukraine, or another state with Soviet-designed reactors during the Y2K rollover is low. It is, however, higher than normal because of the likelihood that the power grid could experience failures, leading to a reliance on emergency power supplies of questionable reliability, because of the possibility that auxiliary generators are inoperable due to maintenance problems or a lack of sufficient fuel, and the potential for erroneous data leading to operator error. In the worst case, this could cause a meltdown and in some cases, an accompanying release of radioactive fission gases causing localized contamination.
Gazprom Gas Deliveries. The dependence of Russian and European markets on gas deliveries from Russias Gazprom is of particular concern. We know that several countries in Europe have extensive facilities to store natural gas and, in some cases, are preparing to increase their stored reserves in anticipation of possible disruptions in gas supplies at yearend. We cannot, however, estimate the sufficiency of these reserves should Gazprom deliveries be reduced due to Y2K failures. This would depend, in part, on the successful operation of the local pipeline distribution system. Locally severe gas shortages may occur in Russia, Ukraine, and in parts of Central and Eastern Europe due to reduced pipeline efficiency resulting from Y2K problems. Western Europe is at less risk due to greater attention to storage, contingency plans, and remediation of other infrastructure on which gas supply depends.
Transportation. Y2K problems can emerge in the transportation sector from failures in rail, highway, ports and shipping, and civil aviation services as well as from disruptions in electrical power, telecommunications, and the distribution of fuel. Because transportation systems cross national borders, noncompliance of neighbors can cause interruptions in the systems of compliant countries. Information on the potential impact of Y2K on foreign transport services and facilities has been particularly difficult to acquire, and much of it is still being gathered by international organizations and private groups. Moreover, much of the data is self-reported with little independent analysis. We lack critical details necessary to make confident judgments on problems likely to be encountered in the sector.
Commerce. Because of the increasing dependence of the US economy on "just-in-time" distribution systems, interruptions in trade flows are important to us.The lack of Y2K preparationsand even awarenesswithin small- and medium-sized businesses throughout the world indicates that larger enterprises, which have conscientiously addressed their own Y2K problems, may experience delays and disruptions due to failures in the systems of key business partners.
Lack of financial resources and technical skills in many cases is preventing smaller companies from undertaking remediation, and failure to take timely action will put some of them out of business.
We are also concerned about possible Y2K-related disruptions in countries planning major tourist eventsfor example, Italy, Egypt, Brazil, and the Caribbeanshould local infrastructures experience significant failures. Other countries may experience a dramatic decline in normal tourist flowsand foreign exchangebecause of concerns about Y2K-related disasters.
Public Response. Public behavior in both the runup to 1 January and in response to Y2K-generated failures, whether real or perceived, will vary widely and could have significant economic and political implications.
In developing countries, populations have minimal access to Y2K-vulnerable public services, and those who do are accustomed to frequent breakdowns. But countries with crowded urban populations could experience significant unrest if outages are prolonged.
The reactions of urban populations in developed countries are harder to gauge. Because of widespread media attention and high public awareness of the issue, we expect that the risks of panicbefore and after the date rolloverare higher than in countries with lower interest in Y2K. Possible risks include hoarding, heavy bank withdrawals, safehavening financial assets, and purchases of guns and other equipment to ensure personal safety. Public reactions will depend to a great extent on how the media represents the issue. Inaccurate reporting or hyping minor inconveniences could stimulate disruptive public behavior.
We judge the threat of Y2K-inspired social unrest in developed countries to be low, but protracted delays in resolving problems with basic services, especially banks and utilities, could provoke demonstrations.
Malevolent Actors. The extensive publicity surrounding the Y2K phenomenon and the millennium, the increased vulnerability of critical infrastructures, and the resultant potential for disruptions in services could invite state and nonstate actors, including mischief-makers, to conduct attacks against the United States or US interests abroad, or against other perceived adversaries.
Humanitarian Crises. Y2K-related malfunctions have the potential to cause or exacerbate humanitarian crises through prolonged outages of power and heat, breakdowns in urban water supplies, food shortages, degraded medical services, and environmental disasters resulting from failures in safety controls. Russia, Ukraine, China, Eastern Europe, Egypt, India, and Indonesia are especially vulnerable, due to their poor Y2K preparations and, in some cases, the difficulty of coping with breakdowns in critical services in the middle of winter. We are also concerned that Y2K failures in chemical plantswhich are often located in urban areascould result in environmental degradation and hazards to the nearby population.
Even the poorest countries rely on essential services that are computerized to some extent, such as power, telecommunications, food and fuel distribution, and medical care. Remediation work in these sectors, however, has proceeded slowly.
Few governments outside the West would be capable of managing widespread humanitarian needs should they arise from a breakdown of basic infrastructure in their countries, especially in urban areas. Although many have systems experienced in delivering medical and social services following natural disasters, Y2K failures present a more complex challenge because of the potential for multiple and simultaneous "disasters" within specific countries and around the world, taxing the ability of international organizations to help. Y2K failures in necessary emergency communications systems and in needed medical and social services would compound difficulties mobilizing emergency responses.
Some foreign governments and businesses will look to the United States and its better prepared infrastructure to overcome Y2K problems abroad. We expect to see "safehavening" of financial assets, routing traffic through US computer and telecommunications networks to avoid local bottlenecks, using US transportation facilities to move international trade, and calls on the US military to intervene in humanitarian crises.
Challenges for Intelligence
Y2K is a particularly challenging issue for analysis because of the uneven understanding around the world of the vulnerabilities of computer hardware and software, the unpredictability of cascading failures among interconnected systems, and the self-interest at all levels in either overstating or minimizing Y2K preparedness.
We have seen in recent months an increasing number of statements by countries and commercial enterprises that they are now prepared for Y2K, and we expect to see more such claims in the remaining three months of the year. While progress has certainly been made on many fronts since I testified to this Committee in March, not all of these readiness claims are credible, and it is a challenge for us to sort out the truth. Commercial enterprises marketing Y2K remediation services and governments soliciting external assistance have an incentive to overstate the Y2K problem. At the same time, fear of stimulating panic, sensitivity about disclosing security vulnerabilities, and concerns about legal liability are incentives to downplay the risks of Y2K failures.
In some cases, our uncertainty about Y2K preparations in a country or sector has led us to conclude that there is an increased risk of failures. For example, in open societies with high popular interest in Y2K issues, a paucity of information about efforts to prepare public services is likely to indicate that authorities have paid insufficient attention to potential problems.
Y2K has a unique capacity to produce multiple, simultaneous crises. Its probable impact, however, is difficult to assess. We have an uneven understanding about global and national infrastructures, and the reactions of decisionmakers and the general public in a Y2K-stressed environment are also uncertain.
Furthermore, the impact of Y2K failures will depend, to some extent, on the context in which failures occur. While manageable under normal circumstances, some outages and breakdowns would assume much greater significance in the event of heightened political tensions, severe weather conditions, or an ongoing humanitarian emergency.
The Intelligence Community continues to work closely with key policy consumers to ensure that policy makers are kept informed of our best assessment of foreign Y2K developments between now and years end.
-- Mitchell Barnes (email@example.com), October 16, 1999
"Finally, the United States is unlikely to experience a significant disruption in oil deliveries because our key suppliers appear to be Y2K ready. Major multinational firms have been in the forefront of remediation and testing efforts, and operators of oil terminals and tankers have been similarly active in correcting Y2K vulnerabilities."
-- Rachel Gibson (firstname.lastname@example.org), October 16, 1999.
Rachel: It's called a "Lie Sandwich" Tell a truth, tell a lie (that oil remediation has been on top of y2k and there will be no problems), then close with a truth. A lie sandwich.
-- dw (email@example.com), October 16, 1999.
I am not sure if you are reffering to me but the credit will have to go to someone else for digging that link up, Diane I believe posted it first.
By the way Mitchell check out the Tao thread just above, I am getting brave :o)
-- Brian (firstname.lastname@example.org), October 16, 1999.
It's all a group effort, Brian.
Tried to make this the "key" links thread...
New Senate Y2K Hearings - "What in the World Will Happen?"
NOW it's time for a latte!
*Very Big Sigh*
-- Diane J. Squire (email@example.com), October 16, 1999.
dw, A lie sandwich?
>the United States is unlikely to experience a significant disruption in oil deliveries
true or false?
because our key suppliers appear to be Y2K ready
true or false?
Major multinational firms have been in the forefront of remediation and testing efforts
true or false?
and operators of oil terminals and tankers have been similarly active in correcting Y2K vulnerabilities.
true or false?
Where's the truth?
-- Rachel Gibson (firstname.lastname@example.org), October 16, 1999.
.........."has led us to conclude that there is an increased risk of failures. For example, in open societies with high popular interest in Y2K issues, a paucity of information about efforts to prepare public services is likely to indicate that authorities have paid insufficient attention to potential problems." If this isn't the USof A, I will buy Ko-skin-em a steak diner.
Hell...they didn't have to travel the world to come back and tell Congress all that they don't know and couldn't find out. They could have gotten more info off this forum. And whomever wrote the report must have taken lessons from Flint. The guy could sure cover both sides in two sentences and leave the reader totally confused.
-- Taz (Taz@aol.com), October 16, 1999.
Brian, just happened to catch your links in Dog Gone's thread for the Adobe challenged.
-- Mitchell Barnes (email@example.com), October 16, 1999.
Having been out of circulation for a while, it is absolutely amazing and incredibly sad that that the dueling thread of the day (Hoff vs Big Dog, or flint vs Milne, etc) or FPL receives more attention than this one or the original from a couple of days ago. What would this information (sugar coated as it is) been worth on this forum a year ago?
Tired and disgusted in DC
-- MoVe Immediate (MVI@yepimhere.com), October 16, 1999.
Rachel: Right, all false info about conditions of oil producion/ delivery. That was what I was getting at. A big fat lie sqeezed between truths (that other countries are going to experience problems).
-- dw (firstname.lastname@example.org), October 17, 1999.
MVI, we agree totally. We often go into the archives for relief. Many of the threads with meaty mind-blowing Y2K info languish and fall off the page quickly. But we read them all, carefully. Perhaps that is why we're at a 9 now. We're paying attention.
How are you? What are you seeing? Have missed you.
-- Ashton & Leska in Cascadia (email@example.com), October 17, 1999.
Hello MVI!! Good to see that you still check in here once in awhile! Tell us that you DO intend to be out of Dee Cee by the first!!!! You are correct about the quality of some of the threads on the forum...I have decided to just avoid those from now on, and read for updated info only. I really believe, however, that some/most polly-minded individuals that regularly post their condescending(sp) and sometimes simply hateful messages are now moving from denial into anger. See any of that where you are????
-- jeanne (firstname.lastname@example.org), October 17, 1999.
How does the FedGov look from your vantage MVI
-- jason (email@example.com), October 17, 1999.
Thanks for the clarification, dw. I hadn't realized that you were taking the quotation within the context of the larger work.
I guess oil and gas is a terribly sensitive topic for me; it hits too close to home. Alberta has a surplus of both, so it should not be a concern. However, when our gasoline prices shot up during the summer, the oil and gas industry's scapegoat was first a heat wave in parts of the U.S. that increased demand, then the OPEC tactics. When/if some of the other U.S. suppliers decrease/cease contributing their product to you, some eyes will be looking north for an inflation of that 18% of your needs that we now provide. If that happens, it will impact our economy bigtime.
Unless, of course, enough of your industry shuts down that you will no longer consume such huge quantities of this resource.
-- Rachel Gibson (firstname.lastname@example.org), October 17, 1999.
I too marveled as I read that "our key suppliers appear to be y2k ready" Which country was listed as the 3rd largest exporter of oil in the world by Reuters just a week or so ago? As I remember that country has taken a "fix on fail" stance. Yep...nothing's wrong with that.
-- beej (email@example.com), October 17, 1999.
From my perspective, the big picture is OK (hardware and off the shelf software). The details are real sloppy and testing (at least documented testing) is a joke. The US needs a little luck. By that I mean that the sequence and duration of failures is critical. The rest of the world...well I just don't know. You know as much as I do. Everyone is lying to some extent. It could go either way. I know this doesn't help much but it's the truth as I know it.
-- MoVe Immediate (MVI@yepimhere.com), October 17, 1999.
Thanks, MVI (more TP). Stay safe.
-- Ashton & Leska in Cascadia (firstname.lastname@example.org), October 17, 1999.