Description & Background

More than 90,000 dams are included in the 2018 National Inventory of Dams (NID) database.  According to the 2016 U.S. Department of Homeland Security (DHS) Dams Sector fact sheet, “Dams Sector assets irrigate at least 10 percent of U.S. cropland, help protect more than 43 percent of the U.S. population from flooding, and generate about 60 percent of electricity in the Pacific Northwest.”  It is undeniable that the Dams Sector, including dams, levees, hydropower plants, and navigation locks, provide a wide range of economic, environmental, and social benefits and serve a vital role in the national interest.

Unfortunately, the economic, environmental, and public safety consequences of failure also makes dams and other similar structures an attractive target for physical, cyber, and other deliberate attacks.  Deliberate attacks are not new to the Dams Sector risk profile.  There are well documented historical examples of deliberate physical attacks on dams, including the German Möhne and Eder Dams during World War II in 1943, the North Korean Sui-Ho Dam and hydroelectric facility during the Korean War in 1952, and numerous smaller scale domestic attacks on several U.S. dams as recent as 2016.  In 2012, DHS compiled and documented a list of 25 physical attacks on dams worldwide during the first decade of the twenty first century alone, with no indication of a drop in frequency during that time period.

Eder Dam after dam was attacked under Operation Chastise in World War II, 1943 (Photo source: The Dambusters Website - http://www.thedambusters.org.uk).

In comparison to other more common potential failure modes, deliberate attacks on dams in the U.S. are relatively rare.  According to the Association of Dam Safety Officials (ASDSO) Dam Failures and Incidents website, 173 dam failures and 587 incidents were reported by U.S. state dam safety programs during the eight-year period between 2005 and 2013.  Of the 25 physical attacks on dams between 2001 and 2011 documented by DHS, only 1 occurred in the U.S.  The low rate of executed attacks in the U.S. can be attributed, in part, to the advanced threat monitoring and assessment systems in place in the country; however, dam owners and engineers have a responsibility to remain vigilant to these threats, avoid complacency, and continue to protect against a rise in successful attacks.

The advent and growth of digital infrastructure and automated data collection with internet-facing components has opened the door to relatively new threats to the Dams Sector risk profile, as demonstrated by a cyber attack on a small U.S. dam in 2013.  The evidence indicates that dams will continue to be the target of deliberate physical and cyber attacks; therefore, it is imperative that Dams Sector partners develop and implement appropriate risk reduction strategies to protect these critical infrastructure.

Catastrophic failure of dams are generally difficult to achieve through conventional and unsophisticated means.  When properly designed and constructed, dams are built through advanced engineering principals to resist extreme loading conditions, which makes them inherently robust.  However, dams are also notoriously difficult to secure.  They’re commonly located in remote areas; have large footprints; can be approached by land, water, or air; and are occasionally required to provide public access to certain portions of the facilities.  Adding to that complexity, approximately 65 percent of dams in the U.S. are privately owned.  The inherent pressure to maximize profits in private industry competes with the need for infrastructure maintenance and site security investment, and occasionally leads to under allocation of resources for site security.  However, the private sector dams are no less critical to the national interest than public sector dams.  This highlights the need for active collaboration and information sharing between public and private sector partners to ensure the security and resilience of the Dams Sector at large.

When evaluating the costs and benefits of implementing security systems, dam owners and engineers must be careful to not only evaluate the direct costs of failure, but to also consider the broader effects to downstream users, such as cost implications to businesses that rely on water security, health and safety considerations if contaminants enter the water supply, and environmental remediation for flood-impacted areas.  Even then, it may not be cost effective to implement security measures for every conceivable attack vector at a dam.  At a minimum, a custom suite of comprehensive security measures coupled with appropriate emergency action planning should be developed and implemented for all dams that threaten life and/or infrastructure to maximize risk mitigation potential.

Routine coordination and emergency exercises with local, state, and federal emergency management partners should be the top priority from a site security perspective.  Dam owners and design engineers can leverage their emergency management partners’ extensive knowledge in threat assessment to gain a better understanding of site-specific threats and can request assistance with the development of appropriate security measures to address the critical threats at each dam.  Conversely, the emergency management partners benefit from this coordination by gaining a familiarity with the dam(s) in question and the anticipated consequences of failure, allowing them to respond to dam-related emergency incidents with greater confidence and effectiveness.

Dams have been, and will continue to be, targets for vandalism and other deliberate attacks.  We are fortunate in the U.S. to have highly trained emergency management and threat assessment experts to help monitor for threats to critical infrastructure assets and protect the public when needed.  However, dam owners and engineers also have a responsibility to contribute to this effort by developing and maintaining strong relationships with emergency management experts, identifying site-specific conditions that could expose dams and associated infrastructure, and incorporating appropriate security measures to mitigate security weaknesses and guard against both physical and cyber attacks.


References:

(1) DHS, Dams Sector. (2016). Introduction to the Dams Sector-Specific Agency. United States Department of Homeland Security.

(2) ASDSO. (2018). Dam Failures and Incidents Webpage. Association of State Dam Safety Officials.

(3) DHS, Dams Sector. (2012). Worldwide Attacks Against Dams: A Historical Threat Resource for Owners and Operators. United States Department of Homeland Security.

(4) DHS, Dams Sector. (2015). Dams Sector Crisis Management Handbook. United States Department of Homeland Security.

(5) Shannon, Alexander. (2017). The Economics of Dam Security Post 9/11 and the Threat to Consumer Confidence. It's a Small World: Managing Our Water Resources: 37th Annual USSD Conference. Anaheim, California: United States Society on Dams.


This lesson learned was peer-reviewed by Frank Calcagno, Engineering Geologist.

Summary

Photos

Videos

Case Studies

Maple Grove Dam (Colorado, 1979)

In an effort to increase water storage capacity and provide flood protection to the surrounding communities of Lakewood, Colorado, two inflatable Fabridams were added to the crest of Maple Grove Reservoir and spillway in 1977. Shortly before midnight...

Learn More

Tempe Town Lake Dam (Arizona, 2010)

Historically, the Salt River was a perennial source of water to the early residents of the Phoenix Valley. With a drainage area of nearly 13,000 square miles, the river provided many benefits to the area including water for irrigation and recreation during the very hot summer months. However, the river also proved to be an unpredictable flooding hazard, and would periodically experience major floods that washed out roads and bridges, including the railroad bridge in the late 1800’s and Mill Avenue Bridge in the 1990’s.

Learn More

Additional Case Studies (Not Yet Developed)

  1. Möhne & Eder Dams (Germany, 1943)
  2. Sui-Ho Dam (North Korea, 1952)
  3. Fremont Inflatable Dam (California, 2015)
  4. Bowman Dam (New York, 2013)

Best Practices

Worldwide Attacks Against Dams

Author: United States Department of Homeland Security
Date Published: 2012
A Historical Threat Resource for Owners and Operators

Dams Sector-Specific Plan

Author: United States Department of Homeland Security
Date Published: 2015
An Annex to the NIPP 2013

Dams Sector Crisis Management Handbook

Author: United States Department of Homeland Security
Date Published: 2021

Dams Sector Personnel Screening Guide for Owners and Operators

Author: United States Department of Homeland Security
Date Published: 2017

Dams Sector Cybersecurity Program Guidance

Author: United States Department of Homeland Security
Date Published: 2016

Dams Sector Waterside Barriers Guide

Author: United States Department of Homeland Security
Date Published: 2017

Dams Sector Active and Passive Vehicle Barriers Guide

Author: United States Department of Homeland Security - Cybersecurity and Infrastructure Security Agency
Date Published: 2020

Other Resources

ASDSO Awareness Center

Author: ASDSO

DamSafety.org