London Bombing and the Usefulness of Terrorist Watch Lists
According to the London Times:
Security sources confirmed that none of the bombers was on any MI5 file, although one had links to a person investigated by police.
Entries Tagged "bombs"
Page 21 of 22
Terrorism Defense: A Failure of Imagination
The 9/11 Commission report talked about a “failure of imagination” before the 9/11 attacks:
The most important failure was one of imagination. We do not believe leaders understood the gravity of the threat. The terrorist danger from Bin Ladin and al Qaeda was not a major topic for policy debate among the public, the media, or in the Congress. Indeed, it barely came up during the 2000 presidential campaign.
More generally, this term has been used to describe the U.S. government’s response to the terrorist threat. We spend a lot of money defending against what they did last time, or against particular threats we imagine, but ignore the general threat or the root causes of terrorism.
With the London bombings, we’re doing it again. I was going to write a long post about this, but Richard Forno already wrote a nice essay.
The London bombs went off over 12 hours ago.
So why is CNN-TV still splashing “breaking news” on the screen?
There’s been zero new developments in the past several hours. Perhaps the “breaking news” is that CNN’s now playing spooky “terror attack” music over commercial bumpers now filled with dramatic camera-phone images from London commuters that appeared on the Web earlier this morning.
Aside from that, the only new development since about noon seems to be the incessant press conferences held by public officials in cities around the country showcasing what they’ve done since 9/11 and what they’re doing here at home to respond to the blasts in London…which pretty much comes down to lots of guys with guns running around America’s mass transit system in an effort to present the appearance of “increased security” to reassure the public. While such activities are a political necessity to show that our leaders are ‘doing something’ during a time of crisis we must remember that talk or activity is no substitute for progress or effectiveness.
Forget the fact that regular uniformed police officers and rail employees can sweep or monitor a train station just as well as a fully-decked-out SWAT team—not to mention, they know it better, too. Forget that even with an added law enforcement presence, it’s quite possible to launch a suicide attack on mass transit. Forget that a smart terrorist now knows that the DHS response to attacks is to “increase” the security of related infrastructures (e.g., train stations) and just might attack another, lesser-protected part of American society potentially with far greater success. In these and other ways today following the London bombings, the majority of security attention has been directed at mass transit. However, while we can’t protect everything against every form of attack, our American responses remain conventional and predictable—just as we did after the Madrid train bombings in 2004 and today’s events in London, we continue to respond in ways designed to “prevent the last attack.”
In other words, we are demonstrating a lack of protective imagination.
Contrary to America’s infatuation with instant gratification, protective imagination is not quickly built, funded, or enacted. It takes years to inculcate such a mindset brought about by outside the box, unconventional, and daring thinking from folks with expertise and years of firsthand knowledge in areas far beyond security or law enforcement and who are encouraged to think freely and have their analyses seriously considered in the halls of Washington. Such a radical way of thinking and planning is necessary to deal with an equally radical adversary, yet we remain entrenched in conventional wisdom and responses.
Here at home, for all the money spent in the name of homeland security, we’re not acting against the terrorists, we’re reacting against them, and doing so in a very conventional, very ineffective manner. Yet nobody seems to be asking why.
While this morning’s events in London is a tragedy and Londoners deserve our full support in the coming days, it’s sad to see that regarding the need for effective domestic preparedness here in the United States, nearly 4 years after 9/11, it’s clear that despite the catchy sound-bytes and flurry of activity in the name of protecting the homeland, the more things seem to change, the more they stay the same.
London Transport Bombings
I am on vacation today and this weekend, and won’t be able to read about the London Transport bombings in depth until Monday. For now I would just like to express my sympathy and condolences to those directly affected, and the good people of London, England, Europe, and the world. Targeting innocents might be an effective tactic, but that doesn’t make it any less craven and despicable.
I would also like to urge everyone not to get wrapped up in the particulars of the terrorist tactics. We need to resist the urge to react against the particulars of this particular terrorist plot, and to keep focused on the terrorists’ goals. Spending billions to defend our trains and busses at the expense of other counterterrorist measures makes no sense. Terrorists are out to cause terror, and they don’t care if they bomb trains, busses, shopping malls, theaters, stadiums, schools, markets, restaurants, discos, or any other collection of 100 people in a small space. There are simply too many targets to defend, and we need to think smarter than protecting the particular targets the terrorists attacked last week.
Smart counterterrorism focuses on the terrorists and their funding—stopping plots regardless of their targets—and emergency response that limits their damage.
I’ll have more to say later. But again, my sympathy goes out to those killed and injured, their family and friends, and everyone else in the world indirectly affected by these acts as they are endlessly repeated in the media.
The Adaptability of Iraqi Insurgents
This Newsweek article on the insurgents in Iraq includes an interesting paragraph on how they adapt to American military defenses.
Counterinsurgency experts are alarmed by how fast the other side’s tactics can evolve. A particularly worrisome case is the ongoing arms race over improvised explosive devices. The first IEDs were triggered by wires and batteries; insurgents waited on the roadside and detonated the primitive devices when Americans drove past. After a while, U.S. troops got good at spotting and killing the triggermen when bombs went off. That led the insurgents to replace their wires with radio signals. The Pentagon, at frantic speed and high cost, equipped its forces with jammers to block those signals, accomplishing the task this spring. The insurgents adapted swiftly by sending a continuous radio signal to the IED; when the signal stops or is jammed, the bomb explodes. The solution? Track the signal and make sure it continues. Problem: the signal is encrypted. Now the Americans are grappling with the task of cracking the encryption on the fly and mimicking it—so far, without success. Still, IED casualties have dropped, since U.S. troops can break the signal and trigger the device before a convoy passes. That’s the good news. The bad news is what the new triggering system says about the insurgents’ technical abilities.
The CIA is worried that Iraq is becoming a far more effective breeding ground for terrorists than Afghanistan ever was, because they get real-world experience with urban terrorist-style combat.
Edited to add: Link fixed.
Fearmongering About Bot Networks
Bot networks are a serious security problem, but this is ridiculous. From the Independent:
The PC in your home could be part of a complex international terrorist network. Without you realising it, your computer could be helping to launder millions of pounds, attacking companies’ websites or cracking confidential government codes.
This is not the stuff of science fiction or a conspiracy theory from a paranoid mind, but a warning from one of the world’s most-respected experts on computer crime. Dr Peter Tippett is chief technology officer at Cybertrust, a US computer security company, and a senior adviser on the issue to President George Bush. His warning is stark: criminals and terrorists are hijacking home PCs over the internet, creating “bot” computers to carry out illegal activities.
Yes, bot networks are bad. They’re used to send spam (both commercial and phishing), launch denial-of-service attacks (sometimes involving extortion), and stage attacks on other systems. Most bot networks are controlled by kids, but more and more criminals are getting into the act.
But your computer a part of an international terrorist network? Get real.
Once a criminal has gathered together what is known as a “herd” of bots, the combined computing power can be dangerous. “If you want to break the nuclear launch code then set a million computers to work on it. There is now a danger of nation state attacks,” says Dr Tippett. “The vast majority of terrorist organisations will use bots.”
I keep reading that last sentence, and wonder if “bots” is just a typo for “bombs.” And the line about bot networks being used to crack nuclear launch codes is nothing more than fearmongering.
Clearly I need to write an essay on bot networks.
Lighters Banned on Airplanes
Lighters are now banned on U.S. commercial flights, but not matches.
The Senators who proposed the bill point to Richard Reid, who unsuccessfully tried to light explosives on an airplane with matches. They were worried that a lighter might have worked.
That, of course, is silly. The reason Reid failed is because he tried to light the explosives in his seat, so he could watch the faces of those around him. If he’d gone into the lavatory and lit them in private, he would have been successful.
Hence, the ban is silly.
But there’s a serious problem here. Airport security screeners are much better at detecting explosives when the detonation mechanism is attached. Explosives without any detonation mechanism—like Richard Reid’s—are much harder to detect. As are explosives carried by one person and a detonation device carried by another. I’ve heard that this was the technique the Chechnyan women used to blow up a Russian airplane.
Wi-Fi Minefield
The U.S. is laying a minefield in Iraq that can be controlled by a soldier with a wi-fi-enabled laptop. Details via AP.
Put aside arguments about the ethics and efficacy of landmines. Assume they exist and are being used. Given that, the question is whether radio-controlled landmines are better or worse than regular landmines. This comment, for example, seems to get it wrong:
“We’re concerned the United States is going to field something that has the capability of taking the man out of the loop when engaging the target,” said senior researcher Mark Hiznay of Human Rights Watch. “Or that we’re putting a 19-year-old soldier in the position of pushing a button when a blip shows up on a computer screen.”
With conventional landmines, the man is out of the loop as soon as he lays the mine. Even a 19-year-old seeing a blip on a computer screen is better than a completely automatic system.
Were I the U.S. military, I would be more worried whether the mines could accidentally be triggered by radio interference. I would be more worried about the enemy jamming the radio control mechanism.
Radiation Detectors in Ports
According to Reuters:
The United States is stepping up investment in radiation detection devices at its ports to thwart attempts to smuggle a nuclear device or dirty bomb into the country, a Senate committee heard on Wednesday.
Robert Bonner, commissioner of U.S. Customs and Border Protection, told a Senate subcommittee on homeland security that since the first such devices were installed in May 2000, they had picked up over 10,000 radiation hits in vehicles or cargo shipments entering the country. All proved harmless.
It amazes me that 10,000 false alarms—instances where the security system failed—are being touted as proof that the system is working.
As an example of how the system was working, Bonner said on Jan. 26, 2005, a machines got a hit from a South Korean vessel at the Los Angeles seaport. The radiation turned out to be emanating from the ship’s fire extinguishing system and was no threat to safety.
That sounds like an example of how the system is not working to me. Sometimes I wish that those in charge of security actually understood security.
Fertilizer as a Weapon
In an attempt to protect us from terrorism, there are new restrictions on fertilizer sales in the Kansas (and elsewhere):
Under the rules, retailers would have to obtain the name, address and telephone and driver’s license number of purchasers of ammonium nitrate fertilizer and maintain records, including the date of the sale and the amount purchased, for at least two years.
The administrative guidelines would authorize retailers to refuse to sell ammonium nitrate when it was being purchased out of season, in unusual quantities or in other suspicious circumstances.
The proposal, similar to rules in place in South Carolina and Nevada, is designed to make ammonium nitrate more secure and keep it out of the hands of terrorists….
Altimeter Watches Now a Terrorism Threat
This story is so idiotic that I have trouble believing it’s true. According to MSNBC:
An advisory issued Monday by the Department of Homeland Security and the FBI urges the Transportation Security Administration to have airport screeners keep an eye out for wristwatches containing cigarette lighters or altimeters.
The notice says “recent intelligence suggests al-Qaida has expressed interest in obtaining wristwatches with a hidden butane-lighter function and Casio watches with an altimeter function. Casio watches have been extensively used by al-Qaida and associated organizations as timers for improvised explosive devices. The Casio brand is likely chosen due to its worldwide availability and inexpensive price.”
Clocks and watches definitely make good device timers for remotely triggered bombs. In this scenario, the person carrying the watch is an innocent. (Otherwise he wouldn’t need a remote triggering device; he could set the bomb off himself.) This implies that the bomb is stuffed inside the functional watch. But if you assume a bomb as small as the non-functioning space in a wristwatch can blow up an airplane, you’ve got problems far bigger than one particular brand of wristwatch. This story simply makes no sense.
And, like most of the random “alerts” from the DHS, it’s not based on any real facts:
The advisory notes that there is no specific information indicating any terrorist plans to use the devices, but it urges screeners to watch for them.
I wish the DHS were half as good at keeping people safe as they are at scaring people. (I’ve written more about that here.)
Sidebar photo of Bruce Schneier by Joe MacInnis.