Experts refer to the long-anticipated moment as the “midnight crossing.” It will arrive in the western Pacific at the stroke of midnight–local time–on Dec. 31, 1999. Inhabitants of the small Pacific islands will officially become the first humans to enter the 21st century. Their computers will come along with them into the Year 2000, also known as Y2K.
When the midnight crossing occurs, senior US officials will be intently staring at screens in a Year 2000 Operations Center that will be up and running in Washington, D.C. The Aleutian Islands in far western Alaska will be among the first to experience Y2K computer problems, if they exist.
|Correction: Subsequent to publication, we found that the author had mistaken the location of the Aleutians as west of the International Dateline, and we failed to spot the error. The Aleutians are east of the dateline, so will be among the last US sites to cross into the new year.|
The problem then will work its way westward from the international date line.
At the Operations Center, American officials will be especially interested in how the Y2K phenomenon affects the first two industrialized nations to feel its full impact–Japan and Australia. What happens when modern, computer-reliant nations such as those cross into the new millennium? The answer will give an early indication of exactly how Jan. 1, 2000, will go down in the history books.
Computer technicians have known for years that the Y2K problem is buried in millions of lines of software code that use two digits to represent four-digit years. That will lead some software around the world to read “00” not as 2000, but 1900, and possibly cause computers to crash or issue false data. No one knows for sure what will happen.
While the US government and the Pentagon have worked aggressively in recent years to fix the Y2K problem-at a cost to DoD of roughly $2.5 billion, including $1.16 billion to the US Air Force-the very connectivity that is the hallmark of the information age makes predicting the cumulative impact of the problem all but impossible.
“I Wake Up in a Cold Sweat”
Deputy defense secretary John J. Hamre, the Pentagon’s point man on the Y2K problem, referred to uncertainty in a press interview. “Probably one out of five days I wake up in a cold sweat, thinking [Y2K] is much bigger than we think,” said Hamre, “and then the other four days, I think maybe we really are on top of it. Everything is so interconnected, it’s very hard to know with any precision that we’ve got it fixed.”
In a report dated Feb. 24, 1999, the Senate Special Committee on the Year 2000 Technology Problem delivered an even more sobering assessment of the likely impact of Y2K on the nation’s social and economic fabric. The inability of computers to recognize dates starting on Jan. 1, 2000, is a “worldwide collective crisis,” the report concluded. A letter to colleagues released with the report stated, “The Y2K problem is undoubtedly one of the most important issues we will face this year.”
Because Y2K could have far-reaching implications for weapons, communications, and infrastructure systems, Air Force officials began working the problem early and seriously.
“We are such a finely tuned Air Force that computer technology affects everything we do,” Brig. Gen. Gary A. Ambrose, director of the Air Force Year 2000 Implementation Office, told Air Force News in February. “There are computer chips and computer codes in everything from your wristwatch to your radar. So, there’s potential for Y2K to affect lots and lots of things.”
Ambrose believes the Air Force is on top of the problem. The reality, he said, is that there will be some Y2K failures, but he expects them to be minor and transient.
“Most will probably last no longer than a few minutes,” he said, “but we don’t envision any catastrophic failures.”
The Operations Center, as presently planned, will be a multiagency command-and-control organization operated under the auspices of the Federal Emergency Management Agency. As arranged and practiced, OC managers will attempt to immediately establish Y2K’s impact on communications and electricity grids in Japan and Australia.
The biggest fear is that, even in modernized nations that have been working diligently to lessen the impact of Y2K, a cascading effect will occur. In the worst-case scenario, even systems that have been meticulously tested as Y2K compliant rapidly will be infected with the Y2K bug as a result of their connection to noncompliant systems through the Internet or other networks. Further, they, in turn, will contaminate others.
The Digital Snowball
The result could be a digital snowball that wipes out whole sectors of the infrastructure on which modern societies have been built, from major communications and transportation nodes to entire power grids.
In the words of the Senate Y2K panel’s report: “The interdependent nature of technology systems makes the severity of possible disruptions difficult to predict. Adding to the confusion, there are still very few overall Year 2000 technology compliance assessments of infrastructure or industry sectors. Consequently, the fundamental questions of risk and personal preparedness cannot be answered at this time.”
A potential cascading effect has raised particular concerns for China, the world’s most populous nation. It will be the first nuclear-weapon state to face the danger of a large-scale, catastrophic computer failure as a result of Y2Krelated glitches.
In a nightmare scenario, screens go totally blank at China’s nuclear command-and-control facilities. US officials have been working to prevent that by cooperating with their Chinese counterparts to share early warning data between the two countries’ nuclear command-and-control organizations. Because of the relatively small size of China’s nuclear forces and its reliance on manual procedures rather than computer generated commands, US officials are relatively confident that no major incident involving China’s nuclear weapons will actually occur.
Still, officials are concerned by the fact that 90 percent of the software in use on Chinese computers is pirated, meaning Chinese technicians are unable to call manufacturers for help and have not received software updates from producers on how to address the Y2K problem.
The US Embassy in Beijing, for instance, concluded earlier this year that “many old computer systems, running half-forgotten program languages and complex systems configurations, increase Chinese exposure to the Year 2000 bug.”
At a Senate Armed Services Committee hearing in February, Gen. John A. Gordon, USAF, CIA deputy director, emphasized that gaps in information make it hard to assess the scope of damage in foreign countries such as China. There is little doubt, however, that developing countries will encounter the greatest threats of disruptions in nuclear reactors, interference with military systems, and loss of power.
“[China] will probably experience failures in key sectors such as telecommunications, electric power, and banking,” said Gordon.
Foreign embassies in China are taking the Y2K threat seriously; some reportedly plan to evacuate embassy staff members and their families from the country in the months leading up to the midnight crossing.
Of all the Y2K nightmare scenarios, none are more plausible or troubling than those that revolve around Russia.
Russia is the world’s largest nuclear warehouse. It has more than 22,000 nuclear weapons scattered through 90 sites, 65 Sovietmade nuclear reactors, 715 tons of fissile material (enough plutonium and uranium for 40,000 nuclear weapons), and tens of thousands of nuclear scientists who have not been paid regularly in years.
Russia’s Underlying Problem
Today, the vast nuclear enterprise rests on a foundation that already has been rocked by a decade of political and economic upheavals. Despite the fact that the US has spent $400 million per year since 1993 to help Russia dismantle nuclear weapons and secure poorly guarded nuclear materials, US officials estimate that only about 25 percent of Russian nuclear materials are under sufficiently strong lock-and-key. Any social upheavals in Russia as a result of Y2K could put those stockpiles at serious risk.
CIA intelligence reports have also indicated that critical electronic devices and computers that control Russian nuclear weapons frequently switch to combat mode for no evident reason. On numerous occasions in recent years, operations at Russia’s nuclear weapons centers have been disrupted by thieves trying to steal critical communications cables for their copper content. Given its already shaky condition, some fear that Y2K problems could send the equivalent of a digital shock wave through the Russian nuclear complex.
By far the greatest concern is that Y2K could cause a malfunction in Russia’s already dangerously eroded early warning network and command-and-control system, leading to an accidental or mistaken launch command. As an indication of just how fragile that early warning system is already, experts point back to the events of Jan. 25, 1995.
On that day, a Russian radar warning system detected a rocket launch somewhere off Norway. A ballistic missile launched from a US submarine in those waters could hit Moscow within 15 minutes, so the watchers sent the alert message up the command chain all the way to Russian President Boris Yeltsin, who for the first time in an emergency activated the “nuclear briefcase” carried by Russian leaders.
Russian radar installations reported evidence of the devastating first-strike attack Moscow had long feared. Officials reportedly stood ready to invoke Russia’s doctrine of “launch on warning” in a defensive response to the perceived attack.
The unidentified “missile” turned out to be a US weather probe launched by the Norwegians, who had notified the Russian authorities weeks earlier. Somehow, the Russian bureaucracy had failed to get the message to the Strategic Rocket Forces. Few doubt that Y2K could potentially lead to false data readings of far greater proportions.
Sergei Fradkov, a former Soviet satellite technician now working in the US, was recently quoted as saying, “Russia is extremely vulnerable to the Year 2000 problem. If the date … shifts to ‘0’ for a brief moment, … that fools the system into thinking there is a high probability of an attack in progress.” US authorities said that the default response for failure in the Russian command-and-control system is not to launch but to freeze up the system. For that reason, officials say they are not overly anxious about the danger of a Y2Kinduced inadvertent missile launch.
Nobody is relaxed, however. In a Pentagon press briefing, Hamre said, “My sense is that Russia is not as fully aware of the extent that [Y2K] is a problem. They don’t seem to have the same level of urgency that we’ve had over it. … They’ve got a lot of other pretty serious problems. So I think therein lies our nervousness about it.” He added, “They have come to this much later. The country is going through some fairly profound changes. … Undoubtedly, they’re going to have problems that they don’t anticipate right now.”
US officials are also disappointed that Russia, so far, has rejected their idea to establish joint command centers and trade personnel from their nuclear forces to prevent misunderstandings. Part of the problem is the anti-Western sentiment that had been building in Russia as a result of that country’s domestic economic collapse and NATO’s bombing of Yugoslavia.
The Russians repeatedly have rebuffed American efforts to provide help on the Y2K front. The most critical project was the proposed exchange of key personnel from each nation’s missile forces, an idea that the US offered to fully finance. Privately, many US officials suspect the Russians are simply too concerned about the shoddy state of their nuclear command-and-control system to allow US officers to view it up close.
In April, the BBC reported, “The Russian Federation Defense Ministry has abandoned cooperation with military personnel from the United States and other NATO countries in resolving the Y2K problem. The Russian military are evidently not very keen on showing how outdated their computer systems are. Then an excuse for the refusal appeared-the bombing of Yugoslavia.”
Even if the Russian early warning or missile-launch systems function properly, other problems could crop up.
US officials are very concerned that a computer failure in Russia’s interconnected power grid could cascade through the entire nuclear system and lead to a massive power outage. Such an event could easily end in catastrophe at one of the 65 Sovietmade nuclear reactors.
Those concerns are heightened by reports that nuclear scientists and technicians at two of Russia’s closed nuclear cities-Arzamas16 and Chelyabinsk70-staged walkouts last year because they had not been paid in nearly 10 months. An undermanned and unmotivated nuclear workforce raises the possibility that a power outage at a nuclear reactor could lead to a catastrophe through human error.
Moreover, there are worries that the diesel generators designed to provide backup power at nuclear reactors in the event of a main power outage could fail as a result of problems within embedded chips. One audit of the Seabrook nuclear reactor in New Hampshire, conducted by the US Nuclear Regulatory Commission, revealed that a single nuclear power plant had 1,304 separate software items and embedded chips affected by the Y2K bug. No one believes that the Russian counterpart to the NRC has been as thorough in alerting Russian technicians to the vulnerability.
Facing the Russian Winter
Without steady electric current, the cooling systems in Russia’s nuclear reactors could fail. Even if many of the reactors were successfully shut down, that would leave millions of people facing a Russian winter without heat.
Far more worrisome is the prospect of meltdowns at one or more of the 65 Sovietmade nuclear reactors. An NRC report on the issue noted that, in a worst-case scenario, a total loss of power could result in problems tracking the reactor facility’s status and make recovery all but impossible.
Even if handled well, loss of power and cooling at the numerous waste pools where atomic fuel rods are kept could cause the water to boil away and permit the release, into the local atmosphere, of lethal levels of radioactivity. Recently loaded rods-those placed in the waste pools within the past two years-could begin to melt down within 48 hours of a loss of power.
The jitters were put succinctly by an intelligence source quoted in The Times of London: “Russia’s nuclear industry is in desperate straits. Throw in Y2K and you could have a giant Chernobyl on your hands.”
The White House recently expressed its most pessimistic assessment to date about anticipated Year 2000 computer failures at Russiandesigned nuclear plants in nine countries.
That outlook was contained in the latest study presented by John Koskinen, the Clinton Administration’s top Y2K expert. In Koskinen’s view, one of his greatest international concerns is how to ensure the safe operation of the 65 Sovietbuilt nuclear plants, including one in eastern Russia near Alaska. Koskinen, who heads the President’s Council on Year 2000 Conversion, said those plants are in countries “with major economic problems,” and US experts know little about how the Russian equipment will react to the date rollover.
The problem is somewhat different in advanced Western countries, particularly the US. The danger is not so much the total failure of a computer as a result of Y2K; rather, the real problem is that an unnoticed glitch will cause a system to produce erroneous data.
Here’s one example: Because military and civilian aircraft have become so reliant on the Global Positioning System for precise navigation, defense officials have exercised a scenario that had the entire GPS system crashing off line. In the case of erroneous data, however, the GPS system might seem to be working fine. A computer ground station-which uses dates to synchronize the signals from satellites and to maintain satellite uplinks-could inadvertently send false information and allow aircraft to stray perilously close to one another.
Hamre testified last year, “Frankly, I think we’ll be lucky if on Jan. 1, 2000, the system just doesn’t come on, because then we’ll know we have a problem. Our bigger fear is going to be that the system seems to work fine but the data is unreliable. That’s a far worse problem.”
Pentagon officials contend that DoD will have fully tested 100 percent of its “mission critical” systems for Y2K compliance by the end of the year.
Not all are entirely comforted by that claim, however.
Take, for example, a study released Feb. 22 by Business Executives for National Security, a nonprofit advocacy group based in Washington, D.C. The report found much to cheer in the Pentagon’s handling of the Y2K problem, but it warned that computer and software executives with direct experience in ensuring Y2K compliance were advising great caution.
“Avoid Rosy Scenarios”
“We found that the private sector is far ahead of government in terms of addressing the Y2K challenge,” noted retired Air Force Lt. Gen. Thomas G. McInerney, BENS president. “That was no surprise, but we also found that most companies and business leaders believe that unanticipated problems will emerge. That’s an important message for the Pentagon: Avoid rosy scenarios.”
Hamre concedes that he also has a specific worry: that all of the Pentagon systems, ultimately, will depend on the smooth functioning of the civilian infrastructure.
Marvin Langston, DoD’s deputy chief information officer, draws an analogy to a ship’s captain steering around an iceberg when all he can see is the tip poking out above the surface.
“The Defense Department is like a large ship headed toward an iceberg,” said Langston. “We have successfully changed course to avoid the tip, but we must continue our efforts to ensure we miss the submerged portion.”
Hamre was blunter. “If Ma Bell or Bell Atlantic’s system fails on Year 2000, we’re also going to have mission failure, and I don’t have any control over that,” he said. “This is going to have implications for American society and the world that we can’t even comprehend.”
What really aggravates US officials is their inability to predict whether Y2K will turn into a minor disruption that mocks the dire predictions or whether it might prove to be a disaster of near biblical proportions, a digital locust swarm.
For instance, many technology experts have warned of the vulnerability of the Japanese banking sector. If Japanese banks crash as a result of the millennium bug, the shock could lead to a selling panic in Asia that dwarfs the Asian economic flu of the past few years. Oil refineries in Saudi Arabia and Venezuela have also been cited for their vulnerability, raising concerns about the availability of oil. Power outages could condemn countless millions of Chinese and Russians in brutal winters without power or heat and raise the prospect of a major catastrophe in the world’s network of over 400 nuclear reactors.
In the US, major telephone and communications systems are expected to operate without major disruptions, and no one anticipates that airplanes will fall out of the sky. Even so, some experts predict the eruption of regional blackouts and warn that the 911 system could crash in many communities.
The ability of the US military to respond to domestic disturbances could be hindered by breakdowns in communication and power systems outside of military control. Experts have also warned that the US health care industry is especially unprepared, and many small-town hospitals and doctors offices could be paralyzed by the Y2K bug.
One day into the new millennium, everyone will know whether the Y2K problem was grossly hyped or undersold. One who is eager to find out is Sen. Robert Bennett (R-Utah), the chairman of the Senate Special Committee on the Year 2000 Technology Problem.
“When people say to me, ‘Is the world going to come to an end?’ I say, ‘I don’t know,’ ” Bennett remarked. “I don’t know whether this will be a bump in the road–that’s the most optimistic assessment of what we’ve got, a fairly serious bump in the road–or whether this will, in fact, trigger a major worldwide recession with absolutely devastating economic consequences in some parts of the world.”
James Kitfield is the defense correspondent for National Journal in Washington, D.C. His most recent article for Air Force Magazine, “War in the Urban Jungles,” appeared in the December 1998 issue.