A MARTINEZ, HOST:
How do you protect critical infrastructure against potential sabotage? It's a question now being asked after a suspicious rupture occurred last week on the Nord Stream pipelines in the Baltic Sea. Now, while that investigation is ongoing, NATO claims the disruption is an act of sabotage. For more, we turn to national security analyst Juliette Kayyem of Harvard's Kennedy School of Government. Juliette, all right, so let's talk about underwater pipelines. Nord Stream 1, Nord Stream 2 - what makes them especially vulnerable to attacks?
JULIETTE KAYYEM: Well, they're especially vulnerable because an entity wants to attack them. They supply so much energy to Germany and other parts of Europe, at least before the Russian attacks in Ukraine. And so they were a lifeline. And that's essentially what all these pipelines are. They're lifelines for these countries to continue moving and living and having access to electricity. They're vulnerable because they're large. They are exposed, at least under the ocean floor. And they are very hard to protect. And so right now, there's about 730,000 miles of pipeline around the world. That's enough to circle the Earth 30 times. So you can't protect them all.
MARTINEZ: And are these one of these things that we don't think about protecting as often - or maybe now, in 2022, we should?
KAYYEM: We should think about it more and people do think about it. Look, the standard is not, can we make it safe? It's just sort of, can we make it safer at this stage, right? Can we minimize the risk for these pipelines? And this doesn't even include the wires that connect the internet. That's another million miles of cable, essentially. And so the way we think about it in terms of securing critical infrastructure is just layered defenses. You're just trying to minimize the exposure of these pipelines.
And you do that by protecting them, in terms of building pipes that are more protective, that can withstand intrusion, controlling access. You do it by surveillance, which we've seen play out with Nord Stream that, you know, you basically want to know what boats are around, what submarines are around. Do you have a sense of what might be going after the pipeline? There's lots of detection devices on these cables. Is something nearby? Is it a whale, or is it something that's about to attack the pipeline? And then to a lesser extent, interception is that if something looks bad and may be attacking the pipeline, can you intercept it? And those are sort of the four ways that we think of protecting something that is always going to be vulnerable but is at least - you're just trying to minimize the risk at this stage.
MARTINEZ: So we're talking like battleships maybe on the ready just in case something looks suspicious.
KAYYEM: Yeah, you do, or submarines or - you know, I mean, if they're exposed - because there's areas where they're exposed, you would think about drones or other things that could - other equipment that could take things out. And so it's a little bit like warfare because you are protecting something that would be attacked in a war. But there's - it's almost impossible to protect against an entity that would want to sabotage its own pipelines, at least in Nord Stream. We don't know who did it, but, you know, it's essentially owned by the Russians and a Russian company. It'd be hard to protect against someone wanting to self-sabotage.
MARTINEZ: And one more thing - what about the threat of cyberattacks? How does that change the equation at all when it comes to infrastructure?
KAYYEM: It does. And we had it here with Colonial Pipeline a couple years ago where just some random ransomware attack then leads to the inability of the company to essentially pump oil because it has no transparency on what it's doing because it can't connect through the internet. And so what's happening now in a lot of this critical infrastructure and something I've been pushing for is we have to just anticipate the disruption, and then can we bring the system back online as quickly as possible? Unfortunately, a lot of these companies haven't done that yet, but we just have to anticipate that there will be attacks. And then the standard of success is, can we get back online quickly?
MARTINEZ: Juliette Kayyem is former assistant secretary for the Department of Homeland Security. Juliette, thanks.
KAYYEM: Thank you so much. Good morning.
NPR transcripts are created on a rush deadline by an NPR contractor. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of NPR’s programming is the audio record.