Managing editor of nightline from 1980 to 2005. He has won every significant television award, including eight peabody awards, 11 overseas press club awards, 12 dupont columbia awards and 42 emmys. He has been a contributing columnist to the new york times, the Washington Post and the wall street george and the author of the wall street journal and the author of off camera. In his latest book, lights out cyberattack, a nation unprepared, surviving the aftermath, koppel reveals that a major cyber attack on americas power grid is not only possible, but likely, that it would be devastating, and that the United States is shockingly unprepared. With urgency and authority, one of our most renowned journalists examines a threat unique to our time and evaluates potential ways to prepare for catastrophe that is all but inevitable. The former director of the nsa, retired general keith alexander, says of lights out, a wakeup call for all of us. Please welcome tom hudson and ted koppel. [applause] thats very kind of you. Is this thing on . [laughter] youd better stand up now, because you wont stand up when im through. [laughter] ted, in the introduction welcome to miami, by the way. Thank you. Its wonderful to see such a packed house on a saturday night in miami for the book fair, wonderful. [applause] all right. May i, before you ask your first question, jon meacham was such a charming and engaging speaker. Yeah. Yeah, yeah. [applause] and even consistently amusing that i just want to tell you a quick story, because there wont be a whole lot of giggles after in this. [laughter] in 1972 i was in china with richard nixon, and i found myself one morning sitting in a minibus next to james michener. And mitscher told me this story which he told me was true. Its an author story, so its appropriate here. He got a call one evening from someone who said, mr. Mitscher be, congratulations. Our organization has voted you the greatest living american author. And we would like you to come and accept the award, and he named a time and place, and michener said, thats lovely, thank you very much. Terrific award. Do you mind if i consult my calendar, and he went and got his calendar, and he said, you know, im terribly sorry, but i have a previous engagement which im afraid i cant change. There was a long pause, and then the caller said, well, can you think of another greatest living [laughter] american author . And michener said what about vonnegut or mail hour . No, no, we already tried them, they couldnt make it either. [laughter] [applause] okay. As i say, the giggles end here. [laughter] when they asked me to interview koppel, thats what i figured was going to happen, koppel was going to interview the audience here. [laughter] so in the introduction, ted, they describe this book using your words, the publishers words, as a wakeup call for the United States. Have americans woken up . Well, if they have, im not sure i see any evidence of it yet. But its early. I mean, the books only been out three weeks. [laughter] let me, let me put this into context for you. We are currently sitting here in the aftermath of a russian jet being blown out of the sky, in the aftermath of the terrible attack in paris, in the aftermath of what just happened in west africa, and our political leaders and i use the term, i use the term very loosely at least those who would like to be our political leaders are covering themselves with a lack of glory. All the talk now is about the need to protect the nation against the influx of 10,000 syrian, muslim refugees. And i would argue that we have long since passed the day when what we need to be most worried about is some terrorist blowing himself or herself up with a suicide vest even in a crowded venue. Were beyond that, folks. We are living in an age now in which cyber terrorists have the capacity to take down all or part of one of our electric power grids. And, you know, you dont have to use a great deal of imagination to know what would happen. Down here in miami you are familiar with the impact of a hurricane. When perhaps the electricity may go out for a matter of hours or even a matter of days. What im talking about here is a cyberattack on a power grilled in which all or grid in which all or part of a grid comes down, and the impact would be that tens of millions of americans would be without power for a matter of weeks or even months. Think about that for a moment and then tell me how worried you are about those refugees coming in. In fact, you write in the book, we have become disoriented by the similarities between the aftermath of a Natural Disaster such as a hurricane and what will be required when it comes to helping the nation deal with the aftermath of a cyberattack on a grid. What are those differences . Well, the main difference is one of scope and duration. An earthquake in california, for example, might have a similar kind of scope where you could have millions of people forced out of their homes, thousands of people immediately dying, but even there youd be talking about a relatively limited region. And the aftermath of that would be devastating, but are we capable of handling a million domestic refugees in this country . We probably are. But what if the number imagine for a moment just if new york city were deprived of power for a period of weeks or months. We arent accustomed in you are our urban centers in our urban centers to having a storehouse of food. Most apartment dwellers will have maybe enough food for another day or two. If you pick up the phone and call the red cross, if you pick up the phone and you call fema or pick up the phone and call the department of Homeland Security or go online to one of those sites, what you will find is that they recommend that you do what you would do in the wake of a or in anticipation of a hurricane. Have a two to three day supply of food and water. Make sure you have a battery batterypowered radio. Have a little bit of extra money. Make sure you and your family know if youre separated where it is youre going to go in order to meet. Thats it. That doesnt cut it in the event of a cyber attack on the power grid. The power grid is a terribly sensitive mechanism. Let me give you just a very simple example. Its an oversimplified example. We have to have exactly the same amount of power being generated, electricity being generated throughout the grid as is being used by the country as a whole. Imagine a balloon with a thousand valves. 500 of those valves are letting air into the balloon, 500 of those valves are letting air out of the balloon. As long as the amount coming in and the amount going out are exactly the same, the balloon remains perfectly inflated. Too much air in, the balloon explodes. Too much air out, the balloon collapses. We have to maintain a perfect balance in our power system, our power grids between the amount of energy that is produced and the amount of energy that is used. We have in the United States today 3200 Power Companies. Theyre all linked. If for some reason the balance between the power coming in and the power going out is not maintained, the system begins to collapse. That can only be maintained when you have that many operations functioning, thousands, tens of thousands, hundreds of thousands of operations that are required to function simultaneously. It can only be handled by the internet. So if someone can get into the mechanism within the internet, the socalled supervisor control and Data Acquisition systems, get into those, knock it out of balance and you have cascading outages that will be far beyond anything weve ever known from a Natural Disaster. As youve gone through the reporting process, you spoke with industry advocates, you spoke with Electricity Generating and distribution executives, you spoke with federal and state regulators, you spoke with military experts, Emergency Management experts, legislators. Gauge their level of engagement and their ability to grasp the scenario that you have laid out there. Well, lets start with the Power Industry itself. Its almost insulting to suggest that they dont grasp the danger. Of course they do. They are fully aware of what the danger is. And the larger Power Companies, what is it, florida light . Fpl. Fpl, Florida Power and light. Florida power and light is a guy cant gantic organization. I am confident theyve pent not just spent not just tens of billions, but probably hundreds of billions of dollars in their cyber defenses. The smaller companies, however and there are hundreds upon hundreds of them are investorowned. Theyre more worried about profit than they are about security. And the problem with a network of 3200 companies is if you get into the weakest part of the network, you can affect the strongest parking lot of the network. Part of the network. Speak to the really of en speak to the level of engagement that you encountered in regards to regulators. Well, and again this gets awfully wonky. The notion of regulation the Power Industry a number of years ago was deregulated. That works out very well from an economic point of view, because it means theres simply more competition. Between and among Power Companies in this country. From the point of view of imposing federal regulations, security regulations, regulations that might toughen the industry up against cyber attack, here is the problem. The body, its called nerc, the north american Regulatory Commission or something. Nerc is the body that represents the Power Industry. Ferc, ferc, the federal body that theoretically it doesnt just theoretically, it proposes the legislation to the industry. Mark my words there proposes. The industry then has to vote on that proposal. And unless 60 of the industry approves of the proposal that the federal government wants to impose upon them, it doesnt get passed. Now, if you have an industry that decides what regulations it is going to tolerate, youre not going to get the toughest regulations. In the book you describe not just an existential threat, a real threat. Whos behind it . Whos posing the threatsome. Well the threat . Well, first of all, let me just make the point that this is not ted saying this is going to happen. The reason i began to write the book in the first place, the reason i started looking into it is the president i wonder how many people took note of it at the time . The president in two successive state of the Union Addresses warned about the danger of cyber attackers going after our infrastructure. And he specifically singled out the electric Power Industry. The secretary of defense, leon panetta at the time, spoke of a cyber pearl harbor. That was the sort of dimensions of the disaster he foresaw coming. Janet napolitano, just before she left office after five years as secretary of Homeland Security, Janet Napolitano spoke about the danger of a cyber attack. Shes now the president of the university of california. I called her in researching the book, and i said, tell me, how seriously do you take the danger of a cyber attack on the power grid . And she said, very, very lightly. 809 0 very, very likely, 8090 . The likelihood of this happening is huge. You raised the question of who can do it. Ive spoken to now the director, the former director of the nsa, the National Security agency, keith alexander, and he referred me to his former chief scientist, a man by the name of George Cotter. Cotter tells me he knows for a fact that the chinese and the russians are already inside our grid. Theyre there. Literally with a keystroke, they could take down all or part of the grid. The iranians are probably there. We dont know for sure. Heres the danger or heres the good news and the bad news. The good news is that those who have the greatest capacity the chinese, the russians, the iranians are actually the least likely to take the grid. We have so many crossinterests with them. Once you get to the level of the north koreans, however, all of a sudden our common interests are few and far between. And then when you come down one more rung to groups like isis, thats where the danger is really chilling. Because what isis wants to do is to inflict pain and hardship on western europe, on the United States. And to be able to do that by Remote Control when im told that there are plenty of experts out there that they can hire they have a couple of billion dollars in hard cash available to them. You can get a lot of expertise more that. And then the equipment that you need, off the shelf. Its available. So this is a very real danger that is being confronted by the country right now and where the federal government is just letting us down completely is there is no plan. And if there were a plan, you would think they would be eager to share it with all of us, all of you. But they havent. You describe the United States as confronting this. I would say were facing it, but as youve laid out, theres not much confrontation happening in a real way. Well, i mean, there are people craig fugate, for example, who is the administrator of fema, the federal Emergency Management agency he had been the director of Emergency Management in florida here. And hes terrific. He only cares Janet Napolitano told me craig only cares about two things; he cares about Disaster Response and university of florida football. [laughter] those are the [applause] the only two things he cares about. But he is amazing. I mean, we are very lucky to have him in that job. But he is not a guy, you know, he doesnt make the rules. He reports to the department of Homeland Security, which i must tell you is one of the least efficient organizations in the federal government. And thats saying something. [laughter] you know, they do, they do an annual poll among federal workers in which they assess what Employee Satisfaction is, level of perceived leadership, and there are 19 separate federal agencies that are measured in this fashion. D. Of Homeland Department of homeland comes in 19th in every category but one x in that category it comes in 18. Not very reassuring at all. [laughter] let me is can you about let me ask you about the response. You mentioned you became curious about this after president obama mentioned it two consecutive states of Union Addresses. We have seen some legislation proposed and passed. And passed. Is it too late . Not enough . A start . Its not too late, but it is not enough, that is for sure. The legislation look, part of this is, and youre a perfect example, each of you individually and as a whole. We are all struggling internally with this battle between security on the one hand and privacy on the other. We care about privacy, we care about security. In the wake of 9 11, you know, all the emphasis was on security. Over the course of past 14 years, gradually the pendulum has shifted back so that now i suspect its fair to say that more americans cared about privacy until last friday. Until paris. Now once again, i mean, and you can see it. The director of the fbi, jim comey, the attorney general, people are talking about the need for some of these communications companies, Companies Like google, you know, to and the Telephone Companies to remove, as you probably know, they know are capable of being locked so that only the owner of the phone himself or herself is capable of getting into it. He or she is the only person with the password. Even the phone company cant get in. And Law Enforcement agencies are saying this is terribly dangerous because, for example, in france and in belgium over the last couple of weeks there were communications which might normally have been intercepted which can no longer be intercepted. So here we are with that struggle. Here we are in an Election Year in which i guarantee you this is going to become one of the issues that youre going to be asked to vote on. The people out there who will put the emphasis on privacy, the emphasis on security. Its a tough, tough call. And how is that articulated in the legislation weve seen proposed and potential solutions as youve gone through the reporting process that the experts are advocating . Well, for example, the Senate Passed some cyber legislation just a few weeks ago. The essence of it is electric Power Companies were worried about the privacy of their subscribers, about the privacy of people whom they serve. And, therefore, there has been a reluctance among the Power Companies to share information with the federal governments, with groups like the fb, and i the nsa. The legislation that was finally passed after years by the u. S. Senate tries to compromise on this issue. And the compromise they found is that before this information will be given to any federal government agency, it can be scrubbed by power company, scrubbed so that all privacy considerations are taken out of it. Then after it has been scrubbed, it is given to not the nsa which is the post competent Intelligence Organization when it comes to cyber warfare, but to the department of Homeland Security which is the least competent. They then have the chance to scrub it for privacy considerations. And only then will it be handed over to the nsa. Now, im sure you understand that in a world in which microseconds are the amount of time in which information is communicated or an attack can take place, the taking time to scrub this information before it finally gets t