Entries Tagged "movie-plot threats"

Page 4 of 15

Movie-Plot Threats at the U.S. Capitol

This would make a great movie:

Rep. Dan Burton, R-Ind., renewed his call for the installation of an impenetrable, see-through security shield around the viewing gallery overlooking the House floor. Burton points out that, while guns and some bombs would be picked up by metal detectors, a saboteur could get into the Capitol concealing plastic explosives.

The House floor, he pointed out, is the only room where all three branches of government gather to hear the president speak, as President Obama will do when he delivers his State of the Union address on Jan. 25.

Burton introduced the legislation in the past, but it’s gone nowhere. He’s hoping the tragic events of Saturday could help it win more serious consideration by the Republican leadership.

“I think the risk is there,” Burton told The Washington Examiner. “The threat is more now than it has ever been.”

Posted on January 18, 2011 at 6:29 AMView Comments

Book Review: Cyber War

Cyber War: The Next Threat to National Security and What to do About It by Richard Clarke and Robert Knake, HarperCollins, 2010.

Cyber War is a fast and enjoyable read. This means you could give the book to your non-techy friends, and they’d understand most of it, enjoy all of it, and learn a lot from it. Unfortunately, while there’s a lot of smart discussion and good information in the book, there’s also a lot of fear-mongering and hyperbole as well. Since there’s no easy way to tell someone what parts of the book to pay attention to and what parts to take with a grain of salt, I can’t recommend it for that purpose. This is a pity, because parts of the book really need to be widely read and discussed.

The fear-mongering and hyperbole is mostly in the beginning. There, the authors describe the cyberwar of novels. Hackers disable air traffic control, delete money from bank accounts, cause widespread blackouts, release chlorine gas from chemical plants, and — this is my favorite — remotely cause your printer to catch on fire. It’s exciting and scary stuff, but not terribly realistic. Even their discussions of previous “cyber wars” — Estonia, Georgia, attacks against U.S. and South Korea on July 4, 2009 — are full of hyperbole. A lot of what they write is unproven speculation, but they don’t say that.

Better is the historical discussion of the formation of the U.S. Cyber Command, but there are important omissions. There’s nothing about the cyberwar fear being stoked that accompanied this: by the NSA’s General Keith Alexander — who became the first head of the command — or by the NSA’s former director, current military contractor, by Mike McConnell, who’s Senior Vice President at Booz Allen Hamilton, and by others. By hyping the threat, the former has amassed a lot of power, and the latter a lot of money. Cyberwar is the new cash cow of the military-industrial complex, and any political discussion of cyberwar should include this as well.

Also interesting is the discussion of the asymmetric nature of the threat. A country like the United States, which is heavily dependent on the Internet and information technology, is much more vulnerable to cyber-attacks than a less-developed country like North Korea. This means that a country like North Korea would benefit from a cyberwar exchange: they’d inflict far more damage than they’d incur. This also means that, in this hypothetical cyberwar, there would be pressure on the U.S. to move the war to another theater: air and ground, for example. Definitely worth thinking about.

Most important is the section on treaties. Clarke and Knake have a lot of experience with nuclear treaties, and have done considerable thinking about how to apply that experience to cyberspace. The parallel isn’t perfect, but there’s a lot to learn about what worked and what didn’t, and — more importantly — how things worked and didn’t. The authors discuss treaties banning cyberwar entirely (unlikely), banning attacks against civilians, limiting what is allowed in peacetime, stipulating no first use of cyber weapons, and so on. They discuss cyberwar inspections, and how these treaties might be enforced. Since cyberwar would be likely to result in a new worldwide arms race, one with a more precarious trigger than the nuclear arms race, this part should be read and discussed far and wide. Sadly, it gets lost in the rest of the book. And, since the book lacks an index, it can be hard to find any particular section after you’re done reading it.

In the last chapter, the authors lay out their agenda for the future, which largely I agree with.

  1. We need to start talking publicly about cyber war. This is certainly true. The threat of cyberwar is going to consume the sorts of resources we shoveled into the nuclear threat half a century ago, and a realistic discussion of the threats, risks, countermeasures, and policy choices is essential. We need more universities offering degrees in cyber security, because we need more expertise for the entire gamut of threats.
  2. We need to better defend our military networks, the high-level ISPs, and our national power grid. Clarke and Knake call this the “Defensive Triad.” The authors and I disagree strongly on how this should be done, but there is no doubt that it should be done. The two parts of that triad currently in commercial hands are simply too central to our nation, and too vulnerable, to be left insecure. And their value is far greater to the nation than it is to the corporations that own it, which means the market will not naturally secure it. I agree with the authors that regulation is necessary.
  3. We need to reduce cybercrime. Even without the cyber warriors bit, we need to do that. Cybercrime is bad, and it’s continuing to get worse. Yes, it’s hard. But it’s important.
  4. We need international cyberwar treaties. I couldn’t agree more about this. We do. We need to start thinking about them, talking about them, and negotiating them now, before the cyberwar arms race takes off. There are all kind of issues with cyberwar treaties, and the book talks about a lot of them. However full of loopholes they might be, their existence will do more good than harm.
  5. We need more research on secure network designs. Again, even without the cyberwar bit, this is essential. We need more research in cybersecurity, a lot more.
  6. We need decisions about cyberwar — what weapons to build, what offensive actions to take, who to target — to be made as far up the command structure as possible. Clarke and Knake want the president to personally approve all of this, and I agree. Because of its nature, it can be easy to launch a small-scale cyber attack, and it can be easy for a small-scale attack to get out of hand and turn into a large-scale attack. We need the president to make the decisions, not some low-level military officer ensconced in a computer-filled bunker late one night.

This is great stuff, and a fine starting place for a national policy discussion on cybersecurity, whether it be against a military, espionage, or criminal threat. Unfortunately, for readers to get there, they have to wade through the rest of the book. And unless their bullshit detectors are already well-calibrated on this topic, I don’t want them reading all the hyperbole and fear-mongering that comes before, no matter how readable the book.

Note: I read Cyber War in April, when it first came out. I wanted to write a review then, but found that while my Kindle is great for reading, it’s terrible for flipping back and forth looking for bits and pieces to write about in a review. So I let the review languish. Finally, I borrowed a paper copy from my local library.

Some other reviews of the book Cyber War. See also the reviews on the Amazon page.

I wrote two essays on cyberwar.

Posted on December 21, 2010 at 7:23 AMView Comments

High School Teacher Assigns Movie-Plot Threat Contest Problem

In Australia:

A high school teacher who assigned her class to plan a terrorist attack that would kill as many innocent people as possible had no intent to promote terrorism, the school principal said yesterday.

The Year-10 students at Kalgoorlie-Boulder Community High School were asked to pretend they were terrorists making a political statement by releasing a chemical or biological agent on “an unsuspecting Australian community”.

The task included choosing the best time to attack and explaining their choice of victims and what effects the attack would have on a human body.

“Your goal is to kill the MOST innocent civilians,” the assignment read.

Principal Terry Martino said he withdrew the assignment for the class on contemporary conflict and terrorism as soon as he heard of it. He said the teacher was “relatively inexperienced” and it was a “well-intentioned but misguided attempt to engage the students”.

Sounds like me:

It is in this spirit I announce the (possibly First) Movie-Plot Threat Contest. Entrants are invited to submit the most unlikely, yet still plausible, terrorist attack scenarios they can come up with.

Your goal: cause terror. Make the American people notice. Inflict lasting damage on the U.S. economy. Change the political landscape, or the culture. The more grandiose the goal, the better.

Assume an attacker profile on the order of 9/11: 20 to 30 unskilled people, and about $500,000 with which to buy skills, equipment, etc.

For the record, 1) I have no interest in promoting terrorism — I’m not even sure how I could promote terrorism without actually engaging in terrorism, 2) I’m pretty experienced, and 3) my movie-plot threat contests are not misguided. You can’t understand security defense without also understanding attack.

Australian police are claiming the assignment was illegal, so Australians who enter my movie-plot threat contests should think twice. Also anyone writing a thriller novel about terrorism, perhaps.

An AFP spokeswoman said it was an offence to collect or make documents preparing for or assisting a terrorist attack.

It was also illegal to be “reckless as to whether these documents may assist or prepare for a terrorist attack”.

Posted on August 31, 2010 at 6:42 AMView Comments

Fifth Annual Movie-Plot Threat Contest Winner

On April 1, I announced the Fifth Annual Movie Plot Threat Contest:

Your task, ye Weavers of Tales, is to create a fable of fairytale suitable for instilling the appropriate level of fear in children so they grow up appreciating all the lords do to protect them.

On May 15, I announced the five semi-finalists. Voting continued through the end of the month, and the winner (improved by the author, with help from blog comments) is:

The Gashlycrumb Terrors, by Laura

A is for anthrax, so deadly and white.
B is for burglars who break in at night.
C is for cars that, with minds of their own,
accelerate suddenly in a school zone.
D is for dynamite lit with a fuse.
E is for everything we have to lose.
F is for foreigners, different and strange.
G is for gangs and the crimes they arrange.
H is for hand lotion, more than three ounces;
pray some brave agent sees it and pounces.
I is for ingenious criminal plans.
J is for jury-rigged pipe-bombs in vans.
K is for kids who would recklessly play
in playgrounds and parks with their friends every day.
L is for lead in our toys and our food.
M is for Mom’s cavalier attitude.
N is for neighbors — you never can tell:
is that a book club or terrorist cell?
O is for ostrich, with head in the sand.
P is for plots to blow up Disneyland.
Q is for those who would question authorities.
R is for radical sects and minorities.
S is for Satanists, who have been seen
giving kids razor blades on Halloween.
T is for terrorists, by definition.
U is for uncensored acts of sedition.
V is for vigilance, our leaders’ tool,
keeping us safe, both at home and at school.
W is for warnings with colors and levels.
X is for x-raying bags at all revels.
Y is for *you*, my dear daughter or son
Z is for Zero! No tolerance! None!

Laura, contact me with your address so I can send you your prize. Anyone interesting in illustrating this, preferably in Edward Gorey’s style, should e-mail me first.

History: The First Movie-Plot Threat Contest rules and winner. The Second Movie-Plot Threat Contest rules, semifinalists, and winner. The Third Movie-Plot Threat Contest rules, semifinalists, and winner. The Fourth Movie-Plot Threat Contest rules and winner.

Posted on June 15, 2010 at 6:02 AMView Comments

Fifth Annual Movie-Plot Threat Contest Semi-Finalists

On April 1, I announced the Fifth Annual Movie Plot Threat Contest:

Your task, ye Weavers of Tales, is to create a fable of fairytale suitable for instilling the appropriate level of fear in children so they grow up appreciating all the lords do to protect them.

Submissions are in, and here are the semifinalists.

  1. Untitled story about polar bears, by Mike Ferguson.
  2. The Gashlycrumb Terrors,” by Laura.
  3. Untitled Little Red Riding Hood parody, by Isti.
  4. The Boy who Didn’t Cry Wolf,” by yt.
  5. Untitled story about exploding imps, by Mister JTA.

Cast your vote by number; voting closes at the end of the month.

Posted on May 14, 2010 at 6:51 AM

Preventing Terrorist Attacks in Crowded Areas

On the New York Times Room for Debate Blog, I — along with several other people — was asked about how to prevent terrorist attacks in crowded areas. This is my response.

In the wake of Saturday’s failed Times Square car bombing, it’s natural to ask how we can prevent this sort of thing from happening again. The answer is stop focusing on the specifics of what actually happened, and instead think about the threat in general.

Think about the security measures commonly proposed. Cameras won’t help. They don’t prevent terrorist attacks, and their forensic value after the fact is minimal. In the Times Square case, surely there’s enough other evidence — the car’s identification number, the auto body shop the stolen license plates came from, the name of the fertilizer store — to identify the guy. We will almost certainly not need the camera footage. The images released so far, like the images in so many other terrorist attacks, may make for exciting television, but their value to law enforcement officers is limited.

Check points won’t help, either. You can’t check everybody and everything. There are too many people to check, and too many train stations, buses, theaters, department stores and other places where people congregate. Patrolling guards, bomb-sniffing dogs, chemical and biological weapons detectors: they all suffer from similar problems. In general, focusing on specific tactics or defending specific targets doesn’t make sense. They’re inflexible; possibly effective if you guess the plot correctly, but completely ineffective if you don’t. At best, the countermeasures just force the terrorists to make minor changes in their tactic and target.

It’s much smarter to spend our limited counterterrorism resources on measures that don’t focus on the specific. It’s more efficient to spend money on investigating and stopping terrorist attacks before they happen, and responding effectively to any that occur. This approach works because it’s flexible and adaptive; it’s effective regardless of what the bad guys are planning for next time.

After the Christmas Day airplane bombing attempt, I was asked how we can better protect our airplanes from terrorist attacks. I pointed out that the event was a security success — the plane landed safely, nobody was hurt, a terrorist was in custody — and that the next attack would probably have nothing to do with explosive underwear. After the Moscow subway bombing, I wrote that overly specific security countermeasures like subway cameras and sensors were a waste of money.

Now we have a failed car bombing in Times Square. We can’t protect against the next imagined movie-plot threat. Isn’t it time to recognize that the bad guys are flexible and adaptive, and that we need the same quality in our countermeasures?

I know, nothing I haven’t said many times before.

Steven Simon likes cameras, although his arguments are more movie-plot than real. Michael Black, Noah Shachtman, Michael Tarr, and Jeffrey Rosen all write about the limitations of security cameras. Paul Ekman wants more people. And Richard Clarke has a nice essay about how we shouldn’t panic.

Posted on May 4, 2010 at 1:31 PMView Comments

Explosive Breast Implants — Not an April Fool's Joke

Is MI5 playing a joke on us?

Female homicide bombers are being fitted with exploding breast implants which are almost impossible to detect, British spies have reportedly discovered.

[…]

MI5 has also discovered that extremists are inserting the explosives into the buttocks of some male bombers.

“Women suicide bombers recruited by Al Qaeda are known to have had the explosives inserted in their breasts under techniques similar to breast enhancing surgery,” Terrorist expert Joseph Farah claims.

They’re “known to have” this? I doubt it. More likely, they could be:

Radical Islamist plastic surgeons could be carrying out the implant operations in lawless areas of Pakistan, security sources are said to warned.

They also could be having tea with their families. They could be building killer robots with lasers shooting out of their eyes.

I love the poor Photoshop job in this article from The Sun.

Perhaps we should just give up. When this sort of hysterical nonsense becomes an actual news story, the terrorists have won.

Posted on April 1, 2010 at 1:33 PMView Comments

Fifth Annual Movie-Plot Threat Contest

Once upon a time, men and women throughout the land lived in fear. This caused them to do foolish things that made them feel better temporarily, but didn’t make them any safer. Gradually, some people became less fearful, and less tolerant of the foolish things they were told to submit to. The lords who ruled the land tried to revive the fear, but with less and less success. Sensible men and women from all over the land were peering behind the curtain, and seeing that the emperor had no clothes.

Thus it came to pass that the lords decided to appeal to the children. If the children could be made more fearful, then their fathers and mothers might also become more fearful, and the lords would remain lords, and all would be right with the order of things. The children would grow up in fear, and thus become accustomed to doing what the lords said, further allowing the lords to remain lords. But to do this, the lords realized they needed Frightful Fables and Fear-Mongering Fairytales to tell the children at bedtime.

Your task, ye Weavers of Tales, is to create a fable or fairytale suitable for instilling the appropriate level of fear in children so they grow up appreciating all the lords do to protect them.

That’s this year’s contest. Make your submissions short and sweet: 400 words or less. Imagine that someone will be illustrating this story for young children. Submit your entry in comments; deadline is May 1. I’ll choose several semifinalists, and then you all will vote for the winner. The prize is a signed copy of my latest book, Cryptography Engineering. And if anyone seriously wants to illustrate this, please contact me directly — or just go for it and post a link.

Thank you to loyal reader — and frequent reader of my draft essays — “grenouille,” who suggested this year’s contest.

And good luck!

The First Movie-Plot Threat Contest rules and winner. The Second Movie-Plot Threat Contest rules, semifinalists, and winner. The Third Movie-Plot Threat Contest rules, semifinalists, and winner. The Fourth Movie-Plot Threat Contest rules and winner.

EDITED TO ADD (4/1): I’m looking for entries in the form of a fairytale or fable. Plot summaries and descriptions won’t count as entries, although you are welcome to post them and comment on them — and use them if others post them.

EDITED TO ADD (5/15): Voting is now open here.

Posted on April 1, 2010 at 6:24 AMView Comments

Acrobatic Thieves

Some movie-plot attacks actually happen:

They never touched the floor—that would have set off an alarm.

They didn’t appear on store security cameras. They cut a hole in the roof and came in at a spot where the cameras were obscured by advertising banners.

And they left with some $26,000 in laptop computers, departing the same way they came in—down a 3-inch gas pipe that runs from the roof to the ground outside the store.

EDITED TO ADD (4/13): Similar heists.

Posted on March 24, 2010 at 1:51 PMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.