Last month the Federal Bureau of Investigation and the Department of Homeland Security confirmed that the nuclear, aviation, energy, and water sectors, as well as some critical manufacturing industries, have come under cyberattack since at least May of 2017. These attacks have come from foreign governments, terrorists, and professional hackers.
The major problem in responding to this threat is: Who’s in charge? Who can give the orders to strengthen this facility or protect that one? The answer is that no one is in charge. There is no central authority that can speak - much less give orders - to the nuclear, aviation, energy, water and other industries. When it comes to protecting these resources from cyberattacks and other such threats, there needs to be!
In addition to foreign governments, terrorists and hackers, there is an even bigger cyberthreat from one of our neighbors in the galaxy, the sun. In 1859, what has come to be called a “Carrington Event” occurred. Essentially, a storm on the sun threw off massive amounts of electromagnetic energy into space. When this energy struck the earth, it fried all electric power. Now in 1859, the only electricity that existed was used to power telegraphs. So, in 1859, all of the telegraphs went dead. Today, almost everything we do or touch is powered by electricity. If we experience another Carrington Event today, all life on earth could come to a halt.
So it is critical that we protect ourselves both from manmade and natural cyberthreats!
To do this, we need a central command. As Americans, we don’t think in terms of “central commands” for anything outside of the military. But the cyberthreats we face can hurt us more than any foreign enemy. So, we need an office that can tell each critical sector what it needs to do not only to protect themselves, but also to protect the rest of us who are all interconnected by the power grid. In addition to serving as the coordinator and director of these protective efforts, this “central command” needs three other powers.
First, it needs to raise funds – issue debt – so what needs to get done can get done today - without waiting for taxes or fees to dribble in over time. This debt should carry the most favorable interest rates possible. This means something new in the world of public finance: both a federal guaranty and exemption from all federal and state income taxes. Tax-exemption has been enjoyed by municipal bonds issued by states and local governments and agencies for over a century – but never by the federal government. This time has come. This situation is so grave that new ground must be broken. Federally guarantied debt commands the lowest rates in the international taxable debt market. It will command even lower rates in the tax-exempt market.
Second, this “central command” needs to be a central repository for various fees and taxes that are levied to pay for hardening the grid. Some of the “hardening” should be paid for by federal taxes because it is part of national security. Responding to cyberthreats is every bit as important as fielding a battalion of Marines. So, some of the money should come out of our taxes. In addition, at least some of the money needs to come from the users of electricity that would disappear in a massive cyberattack. These funds could be part of the electric bills that utilities send out. In this case, the more electricity a customer used, the more he would have to pay to keep it safe. It could also be collected through a national sales tax on electricity bills.
In addition, the companies – like internet service providers – that absolutely depend on the grid for their survival, should chip in as well. Again, this could either be in the form of surcharges to their customers or as a national sales tax on internet services.
And third, the “central command” needs to spend these funds (or furnish them to grid participants) where they are needed. There are many poor communities today that cannot pay their water bills. Adding costs for hardening their water system isn’t going to work. Someone else needs to pay for it. The point here is that “need” and “money” are not always found in the same place. We need a central authority to distribute funds where they are truly needed.
So protecting ourselves from cyber attacks either from foreign enemies, terrorists, troublemakers, or even Carrington events, is the new, major issue for our generation. It needs coordination and direction across a number of sectors including various level of government. And we need to create new financing mechanisms to make sure we have the money to get the job done.