USA: +1(669)289-8683 
Sign in
HSMN 610 – Concepts in Homeland Security
Session Five
Terrorism II
Read:
· Lecture 5
· Spindlove & Simonsen: Chs. 8-9, pp. 220-306.
· Kamien: Chs.7-14, pp. 115-219.
Assignments:
· Respond to Week 5 Conference Discussion
Learning Objectives:
· To become familiar with terrorist groups beyond al Qaeda
· To become familiar with how terrorist groups arise from world conditions
· To be able to define weapons of mass effect and cyber terrorism
· To understand the elements of CBRNE and how each is employed
Terrorists: al Qaeda and Beyond
As your readings this week in Kamien point out, terrorism is perpetrated by far more than al Qaeda, although that remains a significant focus of our counterterrorism efforts. One has to only remember the 1995 bombing of the Murrah federal building in Oklahoma City to realize that terrorists come in all beliefs, colors, and nationalities.
WMEs
WME – these initials alone have become sufficient to cause the hairs on one’s neck to rise upon hearing or reading them. The term was initially “WMD” — Weapons of Mass Destruction, and was thrown about with increasing frequency since 9/11 and has been cited as the basis for many actions by the U.S. government subsequent to that date, the most significant of which was the invasion of Iraq and overthrow of the regime of Saddam Hussein. WMDs traditionally referred to chemical, biological, radiological, and nuclear weapons that cause widespread damage and destruction. As our thinking has evolved, we have come to realize that it is the “effect” of the weapon, rather than the actual composition of the weapon, and the definition has been expanded to include conventional explosives that are deployed in such a way as to have mass “effect”. Weapons of mass effect, or WME, are weapons capable of inflicting grave destructive, psychological and/or economic damage. These include chemical, biological, nuclear, radiological, or explosive weapons. But what are the real risks from such weapons?
“The probability of a nuclear weapon one day going off in an American city cannot be calculated, but it is larger than it was five years ago. Potential sources of bombs or the fissile materials to make them have proliferated in North Korea and Iran. Russia’s arsenal remains incompletely secured 15 years after the end of the Soviet Union. And Pakistan’s nuclear technology, already put on the market once by Abdul Qadeer Khan, could go to terrorists if the president, Gen. Pervez Musharraf, cannot control radicals in that country.
In the same period, terrorism has surged into a mass global movement and seems to gather strength daily as extremism spills out of Iraq into the rest of the Middle East, Asia, Europe and even the Americas. More nuclear materials that can be lost or stolen plus more terrorists aspiring to mass destruction equals a greater chance of nuclear terrorism…”
New York Times, June 12, 2007, authored by William Perry, former Secretary of Defense; Ashton Carter, now Deputy Secretary of Defense; and Michael May of Center for International Security and Cooperation at Stanford University. (I am indebted to my faculty colleagues Robert Miller and Richard Thayer, for the citation).
The nuclear material to which these gentlemen refer could, with the proper knowledge and financial and technological capabilities, be utilized to construct an Improvised Nuclear Device, or IND. This is a nuke that results in a “traditional” nuclear explosion – electromagnetic pulse (EMP) mushroom cloud and so forth – caused by the fission of the radioactive materials. Less financially and technologically capable terrorists could simply utilize the radioactive material to create a so-called “dirty bomb.”
Dirty bombs (“Radiological Dispersal Devices,” or RDDs) are arguably the easiest WME weapons to deploy, the most difficult to defend against, and in the minds of many experts, the most worrisome WME threat of all. The RDD combines a conventional explosive with some type of radiation-emitting material. The sources of available radiological materials are vast, ranging from the traditional fissile material referred to in the above article to materials used in some medical diagnostic procedures and devices, a variety of industrial and commercial devices that measure density and thickness, even to radiological material found in minute quantities in common smoke detectors. RDDs disperse the radiological material when the conventional explosive is set off. Most injuries, however, tend to be from the blast (pressure wave) and shrapnel from the device, rather than from the radioactive material. Even though persons may be contaminated by the radioactive material and require decontamination, few will be contaminated to a level that requires medical treatment. However, the mass panic that will likely ensue after widespread media reports of the detonation of a “nuclear” or “radioactive” bomb will be considerable and can be as debilitating as any physical effects. The costs of the cleanup also will be considerable. If an RDD has been properly deployed (not always that easy), it can make parts of the targeted area effectively uninhabitable for many years.
Other types of WMEs that bear further study are chemical, biological and explosive. There is an entire 3 credit course on Biosecurity and Bioterrorism (BSBD 641) that is required in the Homeland Security Management graduate program. I will not try and capsulize an entire semester’s knowledge and work in a couple of paragraphs. I will tell you that this is one of my personal favorite subjects and one that I fear more likely to be employed against our country in the not-to-distant future. Why? Because there are hundreds (if not thousands) of well-trained and capable biological warfare scientists from the huge bioweapons program of the former Soviet Union that are available for hire to the highest bidder. Stocks of biological agents were known to be compromised and nature itself provides ample supplies of bacterium and viruses that can be weaponized. Also, we have substantial vulnerabilities in our food and agricultural infrastructures that could be exploited for the introduction of biological agents. Detection technology of bioweapons is woefully inadequate, and lags far behind that for nuclear and radiological materials and conventional explosives.
In 2008, a man was arrested and convicted after four grams of the deadly poison ricin was found by authorities in his motel room on the Las Vegas strip. Ricin, readily produced from the common castor bean or by purifying castor oil manufacturing waste, is one of the deadliest known poisons, and the amount possessed by the defendant could have easily been sufficient to kill 500 people. Interestingly, ricin has been classified as both a biological and a chemical weapon. In April 2013, an envelope addressed to a Senator from Mississippi and to President Barack Obama tested positive for ricin. Actress Shannon Richardson was arrested in June 2013 and charged with involvement in sending three ricin-laced letters to politicians, including President Obama and New York City Mayor Michael Bloomberg. Richardson confessed to the crime, but claimed her estranged husband forced her to do so. Authorities believed that Richardson was trying to set up her husband.
Chemical terrorism is more than likely to result from the employment of cyanide agents, nerve agents, pulmonary agents, or vesicant/blistering agents. Perhaps the most well-known use of chemical weapons by a terrorist group was the 1995 sarin nerve agent attack on a Tokyo subway by the Aum Shinrikyo. 12 people died as a result. Detection technology for chemical weapons is also insufficiently widespread to provide much protection.
Explosive devices are one of the more common forms of terrorist weapons, ranging from the IEDs pervasive in the Southwest Asia wars to the commercial aircraft used in the 9/11 attacks. (Yes, the aircraft were, in fact, giant explosive devices. Explosive devices rely on exothermic reactions to create a violent and sudden release of energy.) Explosive detection technology is fairly sophisticated and widely in use. However, this is balanced by the ease in which groups can obtain conventional explosive material and the relative unsophisticated knowledge required to build a device – just look on the Internet. I found at least a dozen well-documented sets of instructions in only a couple of minutes. The Boston Marathon bombers in April 2013 used two pressure cookers filled with black powder extracted from fireworks, nails, and ball bearings. The IEDs were triggered by kitchen egg timers, killing 3 persons and injuring 264 others. Timothy McVeigh used a fairly basic ANFO bomb (although it was quite large) to destroy a reinforced concrete federal building and kill 168 people in Oklahoma City in 1995.
For an excellent overall and visually stimulating treatment of CBRNE, please see the attached PDF document of a PowerPoint presentation created by my colleague Kelley Davis, Ph.D., Associate Professor of Microbiology and Public Health at Nova Southeastern University. Dr. Davis has been a trainer for the Institute for Disaster and Emergency Preparedness since 2006 and is considered an authority in chemical, biological, radiological, nuclear weapons, and explosives (CBRNE).
Cyber-Terrorism
As I have said previously, and a fact of which I am sure you are all aware, we are a networked and completely integrated nation. Indeed, most of the world is networked as well. And there is no turning back – we have become so dependent upon our cyber infrastructure that our most common day-to-day activities would not be possible without it. Indeed, you would not be taking this class right here and now without our cyber infrastructure. I don’t know about all of you, but when our IT system is down, work at my day job grinds to a halt. Documents can’t be retrieved, work progress cannot be tracked, vendors and employees can’t be paid – the list goes on and on and on.
While hackers defacing web sites can be annoying, identity theft and cyber-crime costly, cyber-terrorism can be deadly. In 2008, former President George Bush signed a directive to expand monitoring of Internet traffic and redistribute the responsibility for the national management of the program from the Director of the NSA (previously tasked as sole manager under National Security Directive 42).
Bush Order Expands Network Monitoring
Intelligence Agencies to Track Intrusions
By Ellen Nakashima, Washington Post Staff Writer
Saturday, January 26, 2008; Page A03
President Bush signed a directive this month that expands the intelligence community’s role in monitoring Internet traffic to protect against a rising number of attacks on federal agencies’ computer systems…
Until now, the government’s efforts to protect itself from cyber-attacks — which run the gamut from hackers to organized crime to foreign governments trying to steal sensitive data — have been piecemeal. Under the new initiative, a task force headed by the Office of the Director of National Intelligence (ODNI) will coordinate efforts to identify the source of cyber-attacks against government computer systems. As part of that effort, the Department of Homeland Security will work to protect the systems and the Pentagon will devise strategies for counterattacks against the intruders.
There has been a string of attacks on networks at the State, Commerce, Defense and Homeland Security departments in the past year and a half. U.S. officials and cyber-security experts have said Chinese Web sites were involved in several of the biggest attacks back to 2005, including some at the country’s nuclear-energy labs and large defense contractors…
According to congressional aides and former White House officials with knowledge of the program, the directive outlines measures collectively referred to as the “cyber initiative,” aimed at securing the government’s computer systems against attacks by foreign adversaries and other intruders. It will cost billions of dollars, which the White House is expected to request in its fiscal 2009 budget…
The initiative foreshadows a policy debate over the proper role for government as the Internet becomes more dangerous.
(Thanks to Professor Robert Miller for the citation.)
There is no question that the Internet, and, indeed the entire cyber infrastructure, has vulnerabilities that can be exploited by knowledgeable hackers. Until recently, most believed hackers to be focused on self-aggrandizement, personal profit and recognition. Even those individuals or groups bent on cyber-vandalism were most often motivated by recognition, if not of themselves, then of their beliefs or causes. While this type of cyber-attack still occurs, with the integration of virtually all other critical infrastructures into the cyber infrastructure, cyberspace has become one of, if not the most, critical components of our national security strategy.
One of the more recent examples of the vulnerability and exploitive capabilities of cyber-warfare was the Stuxnet worm. No longer content with taking over the computer environment itself, the creators of the worm were aiming to take control of physical processes by targeting the devices that actual produce or control the processes. By August 2010, Stuxnet had tried to infect as many as 6,000 computers – primarily in Iran, Indonesia, India, and in the U.S. These types of attacks pose a significant risk to the U.S., particularly given the old and often unsecured supervisory control and data acquisition (SCADA) software used in many applications. The U.S. Department of Energy warned in a May 2010 report that a successful attack against a critical control system “may result in catastrophic physical or property damage and loss.”
Another example is the cyber-attack on Estonia in 2007. The cyber infrastructure of that small Baltic country was disrupted for more than a month, and included financial institutions, government ministries, the parliament, newspapers and broadcasters. While many Estonians blamed the Russian government, a small group of Russian activists associated with the pro-Kremlin youth group Nashi claimed responsibility in 2009. The claim has not been verified, but many Estonian experts believe it’s credible.
Recognizing the serious nature of the threat, DHS formed U.S. Computer Emergency Readiness Team (US-CERT) to assess weaknesses and investigate and help control cyber incidents and attacks. In the same agency as US-CERT (the National Cybersecurity and Communications Integration Center – NCCIC) is the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). ICS-CERT focuses on reducing risk to the nation’s critical infrastructure by strengthening security for control systems (e.g., SCADA) through public-private partnerships.
Making the situation more ominous is the rising level of skill and sophistication of non-state hackers. These have been joined by a much more dangerous type of adversary, “professional” hackers, who are perhaps in the employ of terrorists or other nation-states. Although for the most part these professionals, with their sophisticated skills and array for captive botnets, are interested in ordinary criminal activity, most of them are in it for the money — effectively cyber mercenaries available to the highest bidders. Terrorists may not themselves have significant cyber skills, but they are increasingly able to rent them elsewhere.
Recently, Chinese government involvement in cyberwarfare and cyberespionage against U.S. interests were reported by multiple sources. Targets have included companies such as Google, Northrup Grumman, Dow Chemical, and Yahoo. China denies involvement. I will note that the People’s Liberation Army acknowledged in 2011 that a special cyber security unit (PLA unit 61398) existed.
One important factor that must be remembered is that physical and cyberattacks can be coordinated. How much more devastating would a chemical attack be if the communications capabilities of the responders were simultaneously shut down by a cyberattack? And if Internet, cellular and land line communications networks were hacked and the affected community isolated from help? I am sure that you can see the implications and understand the seriousness of the threat.
5 – 6
