Michael Arendt has spent his career on the water. After working his way up through the US Merchant Marines from deckhand to riverboat captain, he came ashore in 2001 to work as a lock and dam operator for the US Army Corps of Engineers. He now guides boats hauling anything from rocks to missiles through Alabama’s Tennessee–Tombigbee Waterway, which connects Tennessee and Alabama to the Gulf of Mexico.
Arendt enjoys the work and sees lock and dam operators as a crucial part of US transportation infrastructure and national security. It’s why he joined a campaign in the mid-2000s to prevent the Corps of Engineers from outsourcing jobs like his to contractors, resulting in the US Congress passing a law requiring the work stay with federal employees. It’s also why Arendt is speaking out again now, protesting Corps of Engineers plans to remotely manage 13 locks and hydroelectric dams in the southeast and replace onsite staff with workers who control them remotely from a central office.
Arendt’s own facility is not on that list for now, but he fears the plan will make US infrastructure and waterways less safe and more vulnerable to cyberattacks. “It’s important in all these systems to have eyes and ears on the waterfront,” says Arendt, who is an officer with the International Federation of Professional and Technical Engineers (IFPTE) labor union. He recalls an incident when a barge passenger fell overboard in wintertime and Arendt helped him get back to shore, something a remote operator could not do.“I don’t know if they’re going to be able to see this type of thing when there’s so much else going on,” Arendt says. Workers on site like him use cameras to monitor dams and locks but also walk the rounds. Remote operators will also use cameras but have to supervise multiple facilities at once, and won’t be able to step outside in an emergency or for a closer look in bad weather.
The Corps of Engineers plans to centralize operation of the 13 facilities by the end of 2023, adding to the rolls of many others the organization already operates that way. The locks and dams are currently staffed 24/7 by 29 people. That number will go down to 12 once the remote operations plan is complete, with each operator overseeing multiple dams. The first of the project’s dams came online this summer, when workers began operating the Jim Woodruff hydroelectric dam and lock on the Florida–Georgia border from 80 miles away in Fort Gaines, Georgia.Bringing more dams online is intended to reduce labor costs, according to emails from the Corps of Engineers’ South Atlantic Division sent in response to questions from WIRED. By doing so it hopes to pacify concerns about pricing from hydroelectric power customers, the emails said, while also claiming that automation and upgraded systems installed at the centralized hub will improve reliability and reduce power outages. Operators will be offered retraining for different onsite jobs, but the Corps of Engineers hasn’t worked out the details yet.
The IFPTE says the plan not only destroys jobs and harms waterfront safety, but could also open vital US transportation and energy infrastructure to cybersecurity threats. State-backed attackers from around the world have developed software that can target critical infrastructure control systems. Russian government hackers infamously caused blackouts in Kyiv, Ukraine, in 2015 and 2016, attacks that investigators say should be classified as war crimes. And in 2013, an Iranian hacker allegedly attacked a tiny, 20-foot-tall dam in Westchester County, New York, accessing information that included water levels and the status of the dam’s sluice gate, which opens and closes to control flow and water levels.
That attacker would have been able to remotely operate the sluice gate, according to a 2016 US Department of Justice indictment, had the dam not been offline for repairs at the time. It’s unclear why such a minor facility would have been targeted, but the incident shows that cyberattacks on dams are not just a theoretical hazard. “It’s a nightmare coming,” Arendt says. “It needs to be secured.”
Most PopularThe End of Airbnb in New YorkBusiness
Gus Serino, an analyst at the industrial control security firm Dragos who previously worked for a Massachusetts water utility, says correctly implemented defenses can protect infrastructure like dams. But there isn’t a one-size-fits-all solution. “There are certainly dams that could be configured in a way that somebody could remotely open the gates and cause downstream flooding that would have serious consequences, but you can’t say that without looking specifically,” he says. “In pretty much every case there’s a way to at least do remote monitoring without exposing risky controls, but it really takes an assessment and a plan.”
The IFPTE says the Corps of Engineers has not been transparent enough about its approach to remote operation. The Corps says it has communicated relevant details of its plan to bring the 13 facilities online with all the relevant stakeholders, and that all hydropower control systems are designed to comply with Department of Defense and US Army cybersecurity regulations and undergo “periodic” audits. More than half of all US hydropower plants are already operated remotely, the Corps says.Joseph Kane, a fellow at the Brookings Institution who focuses on transportation and water infrastructure, says the concern over cutting dam operator jobs fits into a broader debate about US infrastructure. While the US is good at building things, he says, maintenance, repair, and long-term operations tend to receive less attention and less funding.
“Federal policymakers have this fascination with the shiny new object,” Kane says. “They think in terms of ribbon cuttings. They don’t think in terms of long-term operational and maintenance needs.” He points to the recently passed climate bill, which provides billions of dollars for new infrastructure, such as heat pumps and solar panels, and the CHIPS Act, which funnels funding into semiconductor development. That slew of funding for building out new projects will, over the longer term, create a need for workers to maintain them, Kane says. “It’s going to require a whole new generation of workers.”
The IFPTE has asked lawmakers from congressional committees that work on infrastructure to intervene and provide oversight on the Corps of Engineers plan, says Faraz Khan, the union’s legislative director. So far, there appears to be little traction. Arendt says he’s prepared to continue the fight because he takes his role as a steward of the country’s critical infrastructure seriously. “That’s why I came to work for the Army Corps of Engineers,” he says. “To have job security and to be a part of something bigger than me.”