Glenn Harlan Reynolds

Could it be lights out for America? That’s something that people are starting to worry about, and these worries aren’t coming solely from the usual crowd of survivalists and preppers. Shut down the computers that run the power plants and distribution systems and you shut down America. That’s looking more possible, lately.

One of those worrying is former ABC News anchor Ted Koppel, whose new book, Lights Out: A Cyberattack, A Nation Unprepared, Surviving the Aftermath , looks at the danger of losing electrical power due to a cyberattack. The picture Koppel paints isn’t a pretty one: Cities, unpowered for weeks and months, could become largely uninhabitable.

But, says Koppel, nobody is thinking about this very clearly: “It would be comforting to report that those agencies charged with responding to disaster are adequately prepared to deal with the consequences of a cyberattack on the grid. They are not.”

In fact, he writes, they can’t even agree on what’s involved: “The deputy administrator of the Federal Emergency Management Agency (FEMA) believes that a major urban center would have to be evacuated. His boss, the administrator, does not. The administrator believes that a successful cyberattack on a power grid is possible, even likely. His deputy does not. The current secretary of homeland security is sure that a plan to deal with the aftermath of a cyberattack on the grid exists, but he doesn’t know any details of the plan. As of this writing, there is no specific plan.”

Well, that’s comforting, though not especially surprising: If the government flubs its response to natural disasters like Katrina or Sandy, when storms are a regular occurrence, how likely is it to deal well with something that hasn’t happened to the United States before?

Trump is unfit to command the military: Column

Nor is a cyber-attack on the power grid just a fantasy. In fact, in Ukraine (which I fear is a laboratory for new warfare techniques the way Spain was in the 1930s), it’s already happened.

As Wired magazine recently reported, someone — most likely someone Russian — shut down Ukraine’s power grid with a hack attack that sounds like something out of a thriller movie: “Inside the Prykarpattyaoblenergo control center, which distributes power to the region’s residents, operators too were nearing the end of their shift. But just as one worker was organizing papers at his desk that day, the cursor on his computer suddenly skittered across the screen of its own accord. He watched as it navigated purposefully toward buttons controlling the circuit breakers at a substation in the region and then clicked on a box to open the breakers and take the substation offline. A dialogue window popped up on screen asking to confirm the action, and the operator stared dumbfounded as the cursor glided to the box and clicked to affirm. Somewhere in a region outside the city he knew that thousands of residents had just lost their lights and heaters.”

Glenn Reynolds: Stars closer than you think

POLICING THE USA: A look at race, justice, media

The hackers didn’t just turn things off — they overwrote firmware on critical devices, making it impossible for operators to control them from control centers. And, lest Americans think that our system is less vulnerable, the Ukrainian control systems were actually quite secure, separated from the regular Internet and protected by robust security systems. American networks are, in some ways, more vulnerable.

Even so, the Ukrainian attack wasn’t as bad as it could have been — the attackers didn’t use techniques that would have allowed them to physically wreck generators and other important equipment. It seems to have been meant as a warning.

But will we take it as one? We should. Though the American power grid is reliable and well-designed, it wasn’t constructed with cyberattacks in mind.

We could protect against cyberattacks completely, of course, by simply taking computers out of the grid and controlling things manually. This is undoubtedly possible since we ran electrical networks before computers existed, but it would be costly and inefficient. And while that approach would protect against cyber attacks, it wouldn’t do much to insulate the grid from other threats, like electromagnetic pulse (EMP) attacks and solar flares that are also causes of concern.

Apparently, the White House is finally beginning to address the problem, but we’re years behind the curve. At the very least, we should have backup plans for restoring power if things go wrong. And beyond that, we should be designing networks that are more resistant to cyber sabotage. Because the world is unlikely to become a safer place anytime soon.

Glenn Harlan Reynolds, a University of Tennessee law professor, is the author of The New School: How the Information Age Will Save American Education from Itself, and a member of USA TODAY's Board of Contributors.

In addition to its own editorials, USA TODAY publishes diverse opinions from outside writers, including our Board of Contributors. To read more columns like this, go to the Opinion front page.