Millions of Americans woke up Wednesday morning to find out they weren’t going anywhere. Around 6:30 a.m., the Federal Aviation Administration (FAA) announced that its Notice to Air Missions (NOTAM) system had failed. By 9 a.m. the ground stop was lifted, but the damage was already done. Thousands of flights were delayed or cancelled.
It appears that the NOTAM outage was the result of a system failure, but the nation’s critical infrastructure faces a range of threats — everything from Russian hackers, to weather events to angry individuals with guns. So, the failure and subsequent air travel chaos brought on by this latest cyber failure could serve as a real-life demonstration of what might happen if risks to critical infrastructure systems are left unaddressed.
It is too early to know the exact causes and consequences of the NOTAM failure, but two things are clear: It was bad, and it could have been worse.
Based on estimates of the economic consequences of Southwest Airlines’ flight scheduling woes earlier this holiday season, the economic damage from this two- to three-hour disruption could exceed $50 million from flight cancellations alone. And as large as this estimate is, it doesn’t account for the more than 10,000 delayed flights and inconvenience and angst travelers experienced when their plans were scuttled and they were stranded.
But air traffic systems are hardly the only critical functions served by infrastructure that faces persistent threats. Disruptions of systems underlying financial transactions could halt commerce and business across sectors. Outages of the Global Positioning System could scuttle supply chains, transportation and even cash withdrawals. Failure of the nation’s electric grid or oil and gas pipelines could leave communities without power and heat. These are just a few examples of systems that could be at risk, and failures of any one could ripple across the others.
The threats these systems face are many and increasing.
Russian attacks on infrastructure in Georgia and Ukraine illustrate the perils critical infrastructure can face from malicious agents. Recent firearm attacks on electricity transformers in the Pacific Northwest and North Carolina show how the risk need not require advanced attack capabilities. Frigid temperatures in the southern U.S., ice storms in Canada and drought across the Mississippi River Valley highlight how weather and natural disasters can threaten infrastructure. And the disruptions of supply chains, manufacturing, education and health care taught lessons about how even pandemics can threaten infrastructure.
Each of these sources of risk is becoming more complex. Climate change is exacerbating the risks national infrastructure faces from natural disasters. Business decisions made by multinational firms seeking to increase efficiency and profitability can create fragile and brittle supply chains that extend into regions at risk of conflict and instability. Advances in biotechnology, quantum computing and artificial intelligence create new and easier ways for people and countries to do harm. And modernization of infrastructure, such as electrification and automation of transportation, can create new ways infrastructure can fail and new interdependencies among infrastructure functions.
Despite this long and complex list of hazards revealed by the NOTAM outage, the government and organizations responsible for critical infrastructure can take steps to actively manage these risks by working to better understand the risks that exist and filling the gaps in strategies to manage them.
A lack of collective understanding of how systemic risks propagate across infrastructure, economic sectors and supply chains can obscure the threat of catastrophic events. Lack of information about how effective security measures are at deterring, preventing or reducing the effectiveness of attacks on infrastructure may hamper investment and adoption of security improvements. Ongoing efforts to collect, analyze and share information about threats, vulnerabilities and security could address these challenges and deserve more attention.
Managing systemic infrastructure will require a variety of approaches. Where evidence and consensus exist, standards could be established to encourage adoption of good practices. Insurance and civil liability systems can provide market mechanisms for increasing resilience and incentivizing sound risk management.
Where insurance markets cannot be established because risks are poorly defined or too catastrophic, stronger government intervention may be required, whether through regulation, government funding or government provision of security. Collective efforts to understand the nature and sources of risks also may be needed to identify and fill gaps in the national strategies to manage infrastructure risk.
The nation dodged a bullet this time, though it may not feel that way to those who were stranded in an airport or missed a vacation. Next time, America might not be so lucky, so this should be the time to prioritize steps to manage the risks.
Henry H. Willis is a senior policy researcher at the nonprofit, nonpartisan RAND Corporation and a professor of policy analysis at the Pardee RAND Graduate School.