Schneier on Security
A blog covering security and security technology.
« Friday Squid Blogging: Tentacle Doorstop |
| Fear-Mongering at TED »
July 30, 2012
Detroit Bomb Threats
There have been a few hoax bomb threats in Detroit recently (Windsor tunnel, US-Canada bridge, Tiger Stadium). The good news is that police learned; during the third one, they didn't close down the threatened location.
Posted on July 30, 2012 at 7:34 AM
• 26 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Well the others were just about a major route to/from canada - but this would have threatened a football game!
This reminds me of a tactic many of the best players used in this online strategy game I played some years ago. In the game, if you attacked someone, the other player could see that there is an attack coming but the other player can't see if you're really attacking or just sending a small amount of troops as a decoy. Then a good strategy was to send a large number of fake attacks and among them, hide one real attack. This way the opponent couldn't know when and where to ready his defenses.
That's not why. Closing the stadium is a much bigger deal, affecting broadcasting, private contracts, etc. I'm guessing a VIP intervened.
There really isn't much of a point in reacting to bomb threats by shutting stuff down. It just gives people a very low-risk way to disrupt a business. If they were prepared to do real damage, they would build a bomb and plant it. They wouldn't call to tell you to start paying special attention so you can catch them/disarm the bomb.
Remember, the adage "Threateners don't bomb and bombers don't threaten" is almost always true...
In the case of a bomb threat why not just inform people there has been a threat and let them make up their own minds whether they want to proceed? A few big signs, a suggested alternative route, and done.
James, because most people won't react rationally to the news that there has been a threat, and their reaction will have a negative impact others.
I wouldn't want to be in a stadium where some people are choosing to ignore a bomb threat and others are rushing out in a panic - it's bad enough trying to evacuate a large building when everybody's going. Perhaps that's the difference between the stadium and bridge examples - the risk of death from a false-alarm stadium evacuation is much higher than from a bridge closure.
And what would you do with the stadium staff? If they all chose to leave, the remaining spectators could steal from the concessions, invade the pitch and so on - and what would happen if enough players left to compromise the game?
If I were a terrorist, particularly one trying to attack a state, it seems like an excellent approach to report a bunch of hoaxes (especially since it costs my organisation so little), and then, once the authorities are willing to ignore my reports, finally plant my bomb and call it in, too. If I'm so fortunate as to actually succeed in detonating it, then aside from the civilian deaths, now the authorities are in a grave situation from having ignored what turned out to be a legitimate warning! Pure gold.
I like the idea of having the authorities being transparent and informative: it would work well in a the tunnel and bridge scenarios; however, as Dave Page pointed out, there are aspects of it which don't work well, particularly in the stadium example.
Which movie was that? The bad guys trigger some alarm, but don't break in yet. Repeat a few times until the guards stop showing up or they disable the alarm completely. Then break in.
I love the idea of not overreacting to threats, but unfortunately you're damned if you do and damned if you don't.
Bomb threats are the original layer one DoS.
Err ... my understanding is that the IRA finally managed to "win" by planting bombs in critical locations and informing the police shortly before they were due to go off. This way people were evacuated but the *stuff* still blew up. Roughly the same amount of fear and damage, but a lot less backlash.
Of course, that implies an ongoing campaign of violence and terror, not just somebody who wants to have fun shutting down stuff for kicks.
The last comment on IRA tactics would have been right on if it was not for the Camden town bomb.
There the IRA planted a bomb in a cast iron side-walk trash can and phoned in a warning that caused the police to evacuate people away from the reported location. But towards where the bomb actually was.
The resulting detonation and flying fragments caused much greater numbers of injuries and at least one fatality (a child) because the crowds were concentrated around the location of the actual bomb.
In the end Terrorism is what it says on the can, its about terror and how best to cause this emotion in your enemy.
@James - Use an alternate route??? Do you have any clue about the Windsor-Detroit border crossing and how much truck traffic goes through the tummel every day? There is NO altrnate route other than to send the trucks over the bridge (which is already congested as it is and would cause further problems), or route traffic to Sarnia / Sualt Ste. Marie or Niagra Falls / Buffalo - which are detours of several hours and a few hundred miles...
@NobodySpecial - Football at Tiger Stadium? Detroit's Tiger Stadium is the home of the Detroit Tigers basebal team, not football. Think you might have confused it with Tiger Stadium at LSU...?
Remember, the adage...
Unfortunatly it's a truism that was almost as often wrong as it is currently right.
Take for instance IRA/ PIRA and other N.I. groups they almost always used to phone through a coded message with sufficient time to allow the area to be cleared but not for the bomb to be found/defused.
These days however phoning warnings through in the UK is potentialy suicide for a terrorist due to the fact that what ever phone they use the location will be known almost before the call has ended. Also the logs of mobile phones etc in the area who they have called and who calls them will be known almost as quickly and CCTV footage will if available be cross refrenced within a day at the most.
Also one heck of a lot of other changes have happened since 7/7 which makes coded phone calls problematic.
OK you could buy a "basher phone" at one of these "second hand" outlets and make up a little micro controller that will fire off the redial or send button and then play software generated DTMF tones down the phone after a short duration to spell out words and numbers. But you have to buy a SIM card to get service and that may well be traceable. Then many micro controlers have batch numbers etc that makes them traceable and the "software style" can be as recognisable as handwriting as can the solder techniques and wire cutting style and other "instrument marks" on parts. Even mounting it on the bomb is unlikely to reduce it's forensic value (just harder to analyse).
Then there is the issue of what happens if there is a bug in the software or setup so it dials early or not at all or garbles the message?
But more importantly these days is "disruptive defusing" of bombs via "controled explosions" and "saline cutting jets" etc or even "rapid burn" devices like the "snap dragon" that is basicaly a high intesity flare which provides enough energy to burn most high explosives without putting enough energy to make them go "high order". All can be very very rapid and destroy a home made bomb before it has the chance to explode...
I sometimes wonder how long it will be for anything other than suicide bombing to die out as a terrorist method outside of active conflict areas
I might get bashed for this but I think all situations were handled properly.
For one, when the bridge and the tunnel were closed, it was relatively easy and quick to get everyone out of the tunnel without panic. Once done, a thorough check of the structure can be done with relative ease and is not all that time consuming. To me, the loss in revenue due to these closures does not compare or out weigh the potential danger if these threats were indeed validated. Simply, the ultimate goal of protecting human life and the structure were upheld (sorry if a 3 hour delay is not tolerable to ensure safety). We, as a society, cannot ignore or tolerate threats and this does not mean that anyone overreacted or is fear-mongering.
On the other hand, at Comerica Park (not Tiger Stadium as Bruce noted), an evacuation of the premises would cause great commotion (substantial probability for injury) and potentially make a sweep of the stadium more difficult by slowing it down. Taking overall safety as a priority, it would seem that all three situations were handled properly.
How awkward the alternate route is is irrelevant to whether you inform people and give them the choice. Once you have given them the choice, they can weigh the convenience vs the risk themselves. It's how I would like to be treated, and even if it causes some congestion with people turning back it would cause less than closing the tunnel completely.
Obviously in a stadium the owners would decide whether or not they can keep it open. The situation of the customers staying while the people who work there walk out and leave them unsupervised would not occur.
Would it not be possible to use some sort of email or phone over the internet to do precisely the same thing without using a physical phone in the UK and all the problems that entails? Seems that you could set up a backroom server in some other country and do precisely the same thing as before with just as much traceability.
The bridge is also privately owned and it's up to the fire officials, not police, who can force a private structure closed. Police can make recommendations.
Furthermore, your rationale of choice sounds great in a utopian society but would only cause more confusion. That confusion, would only make a search take a longer time.
I think you are right on this one. The difference in the structure-types makes difference in response easy to discuss and figure out. A bridge or tunnel is easy to empty. Most of the people present are in vehicles, and already moving.
A stadium is much harder to empty.
As an afterthought, I do wonder if this factor is in play in a different way.
With all three cases (bridge, tunnel, and stadium), it is hard for a person on foot to bring enough explosives to damage the structural integrity of the target. But it is easy for a large vehicle to bring enough explosives. (Compare the energy released by the truck-bomb at the Murrah Building in Oklahoma City to the energy that would be released by a backpack or suitcase full of C-4.)
The bridge/tunnel see lots of vehicle traffic.
The stadium sees much less vehicle traffic. If the Stadium owners and Police are smart, they have a process for verifying/searching the vehicles that are present.
(If the Stadium architects were planning to minimize the potential damage from terrorist bombs, they didn't put a prominent support beam next to the area where vehicles would park during the game...)
I've got one word for you: JOPLIN
A lot of reports coming out of that area after last year's tornado frenzy said that people ignored the warnings. People get tired of what they perceive as "false alarms", so they ignore the alarms. The problem is, they aren't false alarms. So maybe this time nothing happens, but we warned you of the THREAT, and the THREAT was very real...it just didn't materialize.
While I heartily agree with Schneier's opinions on security theater, I am not sure I agree that ignoring a bomb threat is a "win". Sure, in this case there was no bomb and everyone was fine. But "it only takes once" for the bomb to be real and a lot of people get killed.
I don't know what the answer is, as to how to not be terrorized AND still keep people safe. But I don't think that evacuating (as safely as possible) in the face of a threat is security theater, I think it is prudence.
I'm surprised. Detroit is the city that went haywire over that little cartoon sign. Next thing you know, you'll tell me that they're no longer freaking out over batteries and wires?
The video noted in Friday's Squid Blogging comments should have had a fourth part : Avoid, Run, Hide, Fight.
@ It had a battery...
The city that went haywire over the cartoon sign was Boston, not Detroit.
I used to work as the system administrator for a high school. When I started working there, I was told that faculty and staff were _not_ to answer ringing payphones on campus. Apparently, students would call bomb threats into the pay phones, and if an employee happened to answer it, school district policy required them to report it and go through the bomb-threat theater.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.