by Austin Bay
January 16, 2018
The false missile attack alert that the Hawaii Emergency Management Agency issued at 8:05 a.m. on January 13 provides American civil defense agencies and military planners with numerous points to ponder.
Three deserve immediate attention.
Point 1: Hawaii's civil defense warning system procedures are abysmally bad.
Yes, the Wireless Emergency Alert system worked. Mobile phones instantly received over 1 million text messages.
But that leads to Point 2: the resulting public fright demonstrated rational people fear nuclear-armed missiles, especially when malign regimes like North Korea routinely threaten ICBM attacks. When told by government authorities that an attack was underway, Hawaiian residents felt vulnerable, even those who know the U.S. Navy deploys AEGIS ballistic missile defense warships in the area. Still, Hawaii's current missile defenses are quite thin, so many people panicked. False warnings of this magnitude always erode public trust in government defense agencies, leaders and the media.
This leads to an even more complex defense issue. Point 3: the incident demonstrates computer and digital device vulnerability to cyber warfare attacks, especially computers linked to alert networks.
The Hollywood movie scene has someone pushing a red button on a control console. HawaiiNewsNow.com reports that a rather mundane act generated Hawaii's false alert: a single HI-EMA employee selected the wrong option on a confusing drop-down computer menu checklist.
That menu is a mess. On the menu, the "drill" is in close proximity with other choices. Moreover, the state civil defense drill and the for real U.S. Pacific Command civil defense warning for Hawaii option (an attack warning) nest among other options, including high surf and tsunami warnings.
Tsunamis and enemy missile attacks are deadly threats. The menu's miserable clutter reflects sloppy institutional planning.
8:05 a.m. January 13: instead of selecting the state-PACOM civil defense warning drill, the employee clicked the PACOM civil defense warning option. Then he compounded his error by clicking "yes" on "a second (computer) confirmation page." The false warning was immediately transmitted to the public.
Yes, two mistakes on two separate pages, by one employee, that can generate an automatic message instantaneously alerting 1 million people. Then it took HI-EMA almost 40 minutes to send out a wide-area alert cancellation notice.
Why weren't two people on duty? In the military -- whether the message is drill or for real-- a two-person emergency message team is the standing operating procedure. Two on a team greatly reduces the possibility of a bad decision.
HI-EMA has given media screen shots of a revised menu. The revision? The clutter now includes the option "BMD False Alarm." The revision is a hasty attempt to correct Point 1. However, False Enemy Attack Alarm is a more accurate choice. Small point? Perhaps; think about civil defense threats. The more inclusive choice cancels any false attack alert from a terror attack to an ICBM.
Correcting Point 2 takes money. North Korea isn't the only nuclear threat. America is about 10 years behind where it should be in terms of developing and deploying missile defenses. The Clinton Administration slowed anti-ballistic missile development because hard left Democrats disdained Ronald Reagan's Strategic Defense Initiative. They were also wedded to the Cold War ABM Treaty.
In 2003 ,House Minority Leader Nancy Pelosi opined: "The United States does not need a multi-billion-dollar national missile defense against the possibility of a nuclear-armed ICBM. What we need is a strong nonproliferation policy with other nations to combat the most serious threat to our national security."
Does she deserve blame? Yes. America must accelerate ABM procurement.
As for Point 3, hackers have grown more sophisticated in techniques and technology. The Pentagon is worried about the cyber attacks on U.S. sensor systems (like those detecting missile launches) and on some offensive weapons (to include nuclear weapons). The Hawaii fiasco shows how much chaos an enemy hacker can create by generating a false attack alert. The enemy then follows the cyber fake with a genuine ICBM attack.