Terrorism goes low-tech
Winning the technological battle forces terrorists to innovate
- By John Breeden II
- May 05, 2010
It’s not often that a high-tech computer guy like me advocates concentrating more on the low-tech side of things, but in the world of security, that might be where the new wars will be waged.
I spend part of my days reviewing and testing security hardware designed to thwart or at least alert people to the dangers of high-tech attacks. Many of these are information-gathering or network-killing attacks, and what some hackers (many possibly sponsored by foreign governments) can do is pretty amazing.
We once set up a honeypot network in the lab and loaded it with government-esque data. Given our government-sounding name, it didn’t take long before the hackers came out of the woodwork. We cataloged their moves and in some cases watched them work, as they stole the “valuable” data and poisoned the network in their wake. It’s interesting to note that the majority of these attacks came from China and the Far East, with quite a few from Hong Kong. But we stopped them. Indeed, the whole point of a honeypot network (named with a nod toward Winnie the Pooh and the time he got stuck in the honey jar) is to trap hackers and learn their tactics.
And I have to say that the high-tech defenses the government has in place are extremely efficient. Kudos goes to all the developers out there who battle these cyber terrorists every day and, for the most part, win.
But the danger now seems to be on the other end of the spectrum. I think terrorists have figured out that they can’t really compete with us on the high end, so they are reverting to low-tech weapons and attacks. The Times Square bomb attempt was one of the most low-tech attack attempts ever created. Pictures of the setup inside the car show cheap alarm clocks for timers that look like they were designed for a kid’s bedroom and propane tanks as the main fuel. Basically, the bomber just opened up the tanks to leak out gas, and then hoped the detonating charge would trigger the main blast. That didn’t happen, but according to NYC police, it was a very close call.
Low tech attacks have killed people in the United States before. On this very day, May 5, in 1945 five children and a pregnant woman were killed by an extremely low-tech balloon bomb launched by Japan. Japan no longer had the ability to attack the U.S. directly, so they reverted to the use of weather balloons carrying either incendiary or explosive payloads. The balloons sailed across the ocean in the jet stream in three days, and then crashed (sometimes) in the United States. Several landed in Canada and many went down in the ocean or in remote areas never to be found.
But one landed where pregnant Elsye Mitchell was having a church picnic with her Sunday school students. Unaware of the danger due to a government cover-up (the government didn’t want Japan to know the balloons were landing here) they approached the strange device and it exploded, killing Elsye and five children under the age of 14. Like the bomb, low-tech devices often don’t work. The Japanese fire balloons had a 0.067 percent kill ratio, but sometimes they explode just fine.
The Times Square bomb was thwarted by a Vietnam veteran selling T-shirts, who thought something didn’t look quite right, and a nearby mounted patrolman who got people out of the area quickly. Even if the bomb had exploded, their quick actions might have lessened the casualties.
The lesson for us is that a lot of money can be spent, and will be spent, in government budgets this year for high-tech security devices. But don’t forget to put something into physical security and protecting against the least common denominator as well. That may well be the new terrorist battleground, and we had better be prepared for it. Otherwise, like Elsye and her innocent school children, we may walk headfirst into great danger.
John Breeden II is a freelance technology writer for GCN.