A Minor Security Lesson from Mumbai Terrorist Bombings

Two quotes:

Authorities had also severely limited the cellular network for fear it could be used to trigger more attacks.

And:

Some of the injured were seen frantically dialing their cell phones. The mobile phone network collapsed adding to the sense of panic.

(Note: The story was changed online, and the second quote was deleted.)

Cell phones are useful to terrorists, but they're more useful to the rest of us.

Posted on July 13, 2006 at 1:20 PM • 32 Comments

Comments

Carlo GrazianiJuly 13, 2006 1:37 PM

Most people can only do half of a cost-benefit analysis, particularly when they are affected by only costs or only benefits.

JimJuly 13, 2006 1:46 PM

When the RIM patent case was hot a while back, some arguments were made that Blackberries were vital to national security. One of the more persuasive points: on 9/11, text messages got through when cell phones were choking with overuse.

There's something to be said in emergencies for using the communication method with the lowest overhead that still gets the message through.

bobJuly 13, 2006 2:04 PM

If I was a terrorist and wanted reliable comm after my "primary" incident I would use something similar to ham radios where the "authorities" could not for all intents and purposes interfere with my comm. So I would be thrilled with them shutting down cellphone nets, it would be a fear multiplier for (whatever I had done).

AnonymousJuly 13, 2006 2:16 PM

I think they said the triggers used cellphones for the signals, like some of the IED's in Iraq.

I don't think a bandwidth such as ham could be used reliably that way to trigger a detonator, although it makes me think of the traffic signs where blasting is occuring "please turn off all 2-way radios"

Now, for communication between the terrorists themselves, ham would be perfect. Some little-used sideband would be probably recorded and monitored, but very tough to track and single out like a cell user is.

JarrodJuly 13, 2006 2:24 PM

I've seen several articles saying that the unexploded bomb that was recovered used pencil timers (not entirely sure what those are), so there may not even have been cell phones involved in triggering the detonation.

ProhiasJuly 13, 2006 2:32 PM

@Jim,

Numerous reports said that SMS messages (which are hugely used in India) went through more easily then cell phone calls. I saw some help web sites which were used as SMS message boards and it seemed to be very effective in alleviating the fears of many.

Steven BlackJuly 13, 2006 3:00 PM

Cellphone calls yield call records which can occasionally be invaluable pre- and post-event. With luck you can reconstruct a network of communications between parties. A smart security thing would be a system that quickly disables stolen cellphones, and escalates calls made to stolen cellphones. This because either you use your cellphone and leave a record, or you if you're smarter, you use a stolen one but you always must test those first. Even smarter would be a cellular system with strong or otherwise reliable real-time authentication for use.

Tom ChivertonJuly 13, 2006 3:08 PM

There was an interesting article on TheRegister about the mobile network during the London tube attacks. Summary: no one will build a network that can take a 10x jump in traffic for a few hours once a decade. SMS will get through much easier than voice due to less bandwidth usage, so use them in a major emergency rather than calling people.

Nigel SedgwickJuly 13, 2006 3:11 PM

@Anonymous, at July 13, 2006 02:16 PM, who wrote: "I don't think a bandwidth such as ham could be used reliably that way to trigger a detonator, ..."

@Nick Lancaster, who wrote: "There are too many Hams to make such communications reliable or secure."

Is there any chance you guys could explain what you are on about?

Best regards

bobJuly 13, 2006 3:19 PM

@nick: well, it all depends on what you want to communicate and over what distance. Simply triggering a bomb from within a couple of miles distance [close enough to see the target] has too many possible techniques to list (or prevent).

I am talking about using "cellphone-like" capabilities in coordinating hierarchical attacks building on the primary incident; so I figure voice communications among teams of up to 20 people over 50 miles or less, based from a safe house on a hill someplace. I could also use shortwave to get back to "higher HQ" for damage assessment or whatever.

I would use digitized voice, possibly with some mild encryption just to keep out the curious. That would be illegal, but I figure if I am willing to murder 3,000+ people [and thats where the bar currently stands to guarantee headlines for weeks], the FCC fine will be irrelevant, nevermind the fact it will take 4 years for them to get around to me. Actually I think it would be cool to convert voice to MORSE CODE and back just to be funny. I figure 500WPM IMC could carry acceptable voice.

If the ham freqs were busy I could always use adjacent service frequencies, then who could do anything about it would notice. Or just rent/steal business band radios in the first place.

Hams themselves would have very little way of interfering with my traffic, other than report me.

It would probably never even be acted upon, but if so it would merely add "they learned to fly at my flight school but didnt want to know how to land" irony way-after-the-fact.

VasuJuly 13, 2006 3:55 PM

Just wait for a month. We'll make the same silly mistakes you made in the height of the paranoia after a terrorist attack in
1. Banning cell phones
2. Banning matches
3. Banning cigarette lighters
4. Banning cell phones
5. Oh Breathing is illegal now

'Then' the terrorists win.

Moshe YudkowskyJuly 13, 2006 6:14 PM

Terrorists use cell phones to detonate devices, and terrorists often detonate a series of bombs with the specific intent of killing or wounding first responders.

I'm particuarly puzzled that you make this assessment without any knowledge of the threat profile. Sure, people are calling frantically on their cell phones. Are they coordinating first aid, or are they calling their mothers to let them know they're safe?

If a series of ten bombs had been detonated remotely right after the first series, would you have made the same value judgement? Unless you're clarivoyent and can tell whether or not secondary attacks are imminent, it's absurd to say that cell phones "are more useful to the rest of us."

DonJuly 13, 2006 6:37 PM

In the olden days of the POTS there was a big freakin switch in the telephone exchange (or perhaps 'central office' in US speak) that in times of civil unrest/commotion/nuclear attack would be flicked and thus render the system useless to mere mortals. Subscribers, as users were termed, were allocated a class of service which determined their priority to use the system. If you didn't know anything of this you had the lowest class of service. And should it be a surprise that mobile phone networks are any different? No, it'll be even worse as the capacity for mobile networks to carry mega-simultaneous calls is even less than a landline network and, really, mobiles are discretionary communication devices. If you need to communicate use a landline or a radio network designed for reliable comms. Erlang calcs for a cell base with a few hundred, if not a few thousand, petrified commuters would be interesting. Does no-one remember 00:01 on 01/01/2000, I do: it was 02:30 before I got a call through and that was just happy people. Of course it's more likely that SMS will get through - an SMS msg only contains 160 characters of data whereas voice is encoded at ~13Kbps in GSM EFR. I think I read (bbc.co.uk) that the Madrid train bombs were detonated via mobi's using SMS - it only needs a beep (pulse) on the ringer. The mobile network Call Data Records would be useful to the law enforcement agencies if a) the networks were mandated to warehouse the CDRs to provide a history and b) the call was made from a legitimately held phone. Neither's a given but the CDRs do offer a start point of an evidential trail.

Stuart YoungJuly 13, 2006 8:23 PM

Mobile phones are cheap, easily procured, and work over long distances. That is not to say that some other transmitter/receiver combination could not do the job, just that it's cheaper. Car alarms, Wireless doorbells, Garage door openers, WiFi, AV transmitters, CB radio, whatever - all of them are capable for such a purpose with minimal or no real modification. Take away one method, and they'll just resort to another.

At least with mobile phones, you have a chance of recording call/SMS details in the network, whereas with direct transmissions, it's damn likely you won't get anything at all. I'd rather we had a chance to track them down after the event, wouldn't you?

People don't think rationally, particularly under threat and pressure, and they make stupid decisions like this that do more harm than good.

AnonymousJuly 13, 2006 10:47 PM

@Don;

I doubt that you read that the Madrid bombings used cell phone calls. Best evidence is that they used cell phone alarms as timers.

http://news.bbc.co.uk/1/hi/england/london/...

Should authorities decide to ban alarms on cell phones, they can switch to kitchen timers - or any of a dozen other ways to make two wires connect remotely. Heck - hunt down plans for a $5 circuit you can build from components. While they remain unstopped, our cell phones get cut off.

Even the chance of disruption of the cell signal likely is too much of an operational risk for the bomber. Those who build and use such devices are detestable, but they apparently are doing better risk analyses than most people.

parijatJuly 14, 2006 6:10 AM

I don't know who made the first statement but on television news police officials denied touching the cellular networks at all. I'm a Mumbai/Bombay resident and it is true that service was very bad but my assumption is that it was only because of extremely high traffic. SMS services were running fine which probably only means that most distressed people were only trying to call instead of trying to SMS.

Tom DavisJuly 14, 2006 6:29 AM

"Cell phones are useful to terrorists, but they're more useful to the rest of us."

This is also true of weapons. If there were a shot-gun mounted on the middle seat of every airliner, I'm pretty sure air traffic would be terrorist-free. That's because good guys outnumber bad guys.

The other analyis mistake made besides weighing only costs or benefits is to only do half of the "they are all potential terrorists" and forget the "they are all potential adversaries-of-terrorists". Especially given the odds of bad guy vs. good guy.

Erik V. OlsonJuly 14, 2006 9:07 AM

If there were a shot-gun mounted on the middle seat of every airliner, I'm pretty sure air traffic would be terrorist-free.

And rapidly, more people would be killed by idiots with shotguns than were killed by terrorist. All I need is to have the nicotine, oxygen and blackberry deprived nutcase in 7B to have is a shotgun to go with his third crown on the rocks -- esp. when he gets pissed off that he didn't get his fourth, yanks out the shotgun, and everyone else in the cabin goes for thiers in defense.

Matt DJuly 14, 2006 9:30 AM

@Tom Davis:

"This is also true of weapons. If there were a shot-gun mounted on the middle seat of every airliner, I'm pretty sure air traffic would be terrorist-free. That's because good guys outnumber bad guys."

The problem with this scenario (yes, I know it's a tongue-in-cheek, hypothetical one) being that, in addition to the terrorist bad-guys there is a *much* larger threat group which includes belicose drunks, vindictive would-be suicides and people who are just plain stupid; you wouldn't want any of these types to have access to a shotgun on a remote desert island, let alone in a crowded, pressurised tube five miles up in the sky.

The other, other analysis mistake is to forget that if there were a switch marked "End of Everything Button - Absolutely Do Not Press Under Any Circumstances", there would also be a mile-long queue of twits with itchy thumbs, just aching to see what does happen when it's pressed.

The poor bloody terrorists would be in the parking lot at the back of the queue, grumbling to their Union rep about demarcation...

DaveJuly 14, 2006 11:11 AM

How about shotguns with locks, releasable remotely by the flight crew? Or maybe they could just drop down from above like the oxygen masks. "Please chamber a round in your own shotgun, before assisting your children with theirs." ;->

RvnPhnxJuly 14, 2006 2:19 PM

@bob
If you were a terrorist using a HAM radio you'd be RDF'd and blown to Kingdom Come just about as fast as using any other RF communication method if not faster. HAM radio operators have a REALLY HUGE incentive to prevent morons from abusing their spectrum.

I agree with Carlo.

greygeekJuly 14, 2006 4:19 PM

Fortunately, terrorists are seldom technically savvy.

Personally, if I were planning a terrorist attack, I'd steal a spectrum analyzer (like the one on the workbench in front of me), and use it to find a quiet bit of spectrum close to a hamband.

Then I'd modify a few nice ham transceivers to work in that bit of spectrum. Once the job was done, of course, we would all destroy the transceivers.

Maybe the NSA spook types would have a full-spectrum recorder going so they would be able to analyze our comms after the fact. If we were really clever, we'd do something like Navaho code-talking and all they would learn was where we were at the time.

My bomb trigger, of course, would use spread-spectrum technology that would be extremely hard to jam or even to detect, especially since it would only run for a fraction of a second. It might trigger the bomb to go off in say, 3.278 minutes (or hours), so it would be hard to find even in that full-spectrum RF recording.

solitaireJuly 15, 2006 6:07 PM

@Tom Chiverton: Re: ``Summary: no one will build a network that can take a 10x jump in traffic for a few hours once a decade''

That's not just true of cellphones, but also true of intercontinental satellite communications. Fact is that unused capacity is not generating income, so the economics are all wrong. This makes us dangerously close to a meltdown when usage surges. Ever hear of the slashdot effect? Same principle.

Regarding HAM radios and detonators, it's perfectly possible; bandwidth is not an issue; you could quite easily create a CW morse code detonator, with a little logic and some digital timers, or some other, easier techniques that I'm not going to talk about here. CW is a perfect sine wave, as narrowband as they come. In fact, you can bounce one off the moon and still hear it well enough to understand it.

For communication, you could talk in an "open code"; that's how teams that use good wireless communication have operated for a long time; "the players are on the field, the ballgame is set to begin". It doesn't have to be HAM radio; one could buy off-the-shelf FRS radios, you can get a pair for $20 at Fry's, and they have a several mile range, and multiple channels.

No brainers.

Re: "End of Everything Button":
``Ren, do not under any circumstances press the "erase space-time button"!''

KeesJuly 15, 2006 7:55 PM

@jarrod: "pencil timers (not entirely sure what those are)"

Introduced during World War II, a pencil detonator or time pencil is a chemically activated time fuze designed to be connected to a detonator. It was so-called because it has approximately the same dimensions as a pencil.

More at: http://en.wikipedia.org/wiki/Pencil_detonator

A quote from the wikpedia article:
"Interestingly, pencil detonators are immune to detection or jamming via electronic countermeasures because they use a chemical time fuze."

MikeFromEarthJuly 15, 2006 9:54 PM

@greygeek: "Fortunately, terrorists are seldom technically savvy."

I'm not sure about this. The 9/11 terrorists knew how to fly sophisticated airliners. Bin Laden is an engineer, isn't he? They seem savvy enough to me. They just don't overdo it.

KeesJuly 16, 2006 7:07 AM

@MikeFromEarth Re: "They seem savvy enough to me. They just don't overdo it."

I agree, it seems that even terrorists have heard of KISS. Why use complicated methods such as ham radios or spectrum analyzers when a chemical time fuze will do the trick?

Remember the old wisdom: it it ain't in there, it can't be broken.

DevangJuly 19, 2006 5:01 PM

Allowing the pro- to happen in such a case (allowing us to talk) can have a bad side as well, like rumors can spread leading to a wrong response.

That's the reason I heard why the cellphone networks were down.

Nigel SedgwickAugust 7, 2006 5:41 AM

@Tom Chiverton, who wrote: "@nigel: ham (amateur) radio"

Yes Tom, I know that. My question was:

@Anonymous, at July 13, 2006 02:16 PM, who wrote: "I don't think a bandwidth such as ham could be used reliably that way to trigger a detonator, ..."

@Nick Lancaster, who wrote: "There are too many Hams to make such communications reliable or secure."

Is there any chance you guys could explain what you are on about?

This would be a question on why Ham-allocated channels are not good enough for detonating bombs, on grounds of bandwidth and of allocation to other users.

The requirement is to transmit 1 bit of information (detonate now), with negligible probability of false alarm, considerable confidence in correct operation, avoidance of purposeful jamming (ie by use of unknown frequency or frequencies), low probability of detection and location finding in time for arrest, etc.

What is the case that this is not practical in Ham-allocated frequency bands? Or in many other frequency bands, not allocated to near-continuous transmissions, at high signal levels at the receiver's location?

Best regards

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..