A quarter century ago, the US Government led a global effort to prevent the failure of computers and the systems they depend upon. Much of the software running those computers and other equipment had been written in the 1980s and early 1990s and were dependent upon a date/time indicator, without which many of the programs simply stalled or shut down. Unfortunately, in these programs the code for the year was entered into a two-digit space and when the field was “00,” some software failed, and machines stopped. Thus, when December 31, 1999 (12.31.99) rolled over into January 1, 2000 (01.01.00), some things would not work.
When this phenomenon was described in the mid-1990s, it quickly became evident that few people knew whether the software on their networks would have that problem. The first step in a remediation process was creating an inventory of the software in use in operating systems, in applications, and, crucially, embedded in devices and even at chip level (firmware). Two things were evident in that inventorying process. First, we were now much more dependent upon software, for nearly everything, than we had realized. The preceding decade had seen a massive proliferation of computing. Second, few software users and even developers had kept meticulous records.
So, what devices might stop at the stroke of midnight? The theoretical list included elevators, heart-lung machines, fuel pumps, navigation systems, telephone switches, internet routers, ATMs, traffic lights, stock trading exchanges, etc. It was easy to imagine that New Years Day 2000 and the week that would follow could involve a certain amount of chaos and disruption.
Two people were key to organizing the American and global response, a disciplined management effort to prevent that chaos.
The first was a lawyer originally from Kentucky, John Koskinen. He had spent two decades in the private sector specializing in the turn-around of failing corporations. He had joined the Clinton Administration as Associate Director of the Office of Management and Budget, the number three official in the White House’s powerful OMB.
What Koskinen understood was that preventing the potential chaos required two things everyone in the Executive Branch wanted and almost no one had: a lot of discretionary spending and mandatory powers, or put more simply, cash and clout. Having explained the problem to Clinton and Vice President Al Gore, Koskinen got the clout. Now he needed the cash. For that he needed a Congressional champion.
Robert Bennett, a Republican, was an unlikely champion, having just been elected to the Senate from Utah in 1992, he had no seniority. What he did have were almost forty years in the corporate world, from being an aide to the mercurial billionaire Howard Hughes, to marketing the Franklin Planner kits popular in the pre-laptop era. Bennett wanted an issue to make his mark in the Senate and, having talked with Koskinen, he convinced the Senate leadership to create a rare thing, a special ad hoc committee to address a problem, the one that was by then known as Y2K. No one else in the Senate appeared either to understand the issue or want anything to do with the possible failure of our infrastructure, so freshman Senator Bob Bennett became the Chair.
Bennett orchestrated public hearings, with Koskinen’s backstage direction, and appropriations flowed to fix government systems. Then private sector leaders from every industry were called upon to explain what they were doing to address the problem. Groups were formed for banking, transportation, health care, energy, and other key sectors. Companies reported on their plans and progress. Experts shared recommended best practices, back-up or fail over systems were created, data was archived, new software was procured in a great boon to the young Information Technology industry.
Then, they took their show on the road internationally, with Koskinen leading experts at the United Nations and in a series of bi-lateral groups including with Russia. Bennett contacted parliamentarians around the world to urge them into action in their countries. Computer science experts globally were sought to assist government and industry to understand, assess, and mitigate the problem. By mid-1999, a national and global system to deal with Y2K was operating well and reporting in metrics, as, one after another, major systems were remediated.
Because there was a concern that malevolent actors could use the occasion of Y2K to conduct criminal acts, including terrorism, or that nation states might take military advantage of potential chaos, I was asked to run a parallel national security component to Koskinen’s efforts. Together we built a first of its kind, state of the art, public-private command center two blocks from the White House. On the operations center floor were representatives of every major critical infrastructure and every government agency. In a vault just off the main room, an intelligence fusion center monitored indicators of potential trouble. (We did become aware of an al Qaeda plan to conduct several terrorist attacks around the millennium rollover and were able to prevent them, but we were not confident that we had uncovered them all and, therefore, had intelligence and law enforcement assets on global alert.)
January 1, 2000 came first to Asia Pacific. Although glitches were reported by our counterparts in Japan, Australia, and New Zealand, no major systems crashed. As the hours rolled on, that pattern continued across EurAsia. Thus, by early evening of December 31st, my major remaining concern was terrorism. I talked to my FBI colleague John O’Neill who was with the NYPD in a heavily patrolled and very crowded Times Square. I checked with the National Military Command Center, the CIA Operations Center, and a half dozen other nerve centers, then took a half hour to make a quick drop by to one of the millions of parties that were getting rolling. It was a black-tie affair and looked like it would be rocking when the clock struck midnight a few hours later, but I hurried back to our operations room.
Following a concert broadcast nationwide, President Clinton spoke to the nation from the steps of the Lincoln Memorial as midnight approached. I led the National Security Council team to the roof of the command center building and there, at midnight and still in black tie, popped a bottle of champagne and watched the fireworks shooting up at the nearby Lincoln Memorial. Then the call came. National Security Advisor Sandy Berger said the President, who was standing next to him at the Lincoln Memorial, wanted to know if we had detected any problems. “I think we can safely tell the President we made it through ok.”
And we had, but not because there would not have been any problems, but because the US government took the risks seriously and organized effectively, demonstrating what good government, bi-partisanism, and a public-private partnership can do, mitigating and managing risks. Koskinen and Bennett knew, as did the National Security team, that if we were very successful at the Y2K computer problem (and the terrorism alert), we would be criticized for having “cried wolf” and exaggerated the problem.
As predicted, that criticism came. Chaos did not.
Richard Clarke served for thirty years in national security roles in the US government, including ten years in the White House under three presidents. He is the CEO of Good Harbor Security Risk Management. (richardaclarke.net)
