Home » Cyber-warfare » Cyber Weapons and e-Bombs

Cyber Weapons and e-Bombs

Recently NATO’s Chief of Cyber Defense stated that cyber terrorism/cyber attack poses as great a threat to national security as a missile attack. Strong words for sure.

Most people do not equate cyber war with explosives, but that is short sighted. Ever heard of TEDs or EPFCs? If you havent, you are not alone. In a recent briefing of 85 individuals responsible for business continuity in a major U.S. city, no one had ever heard of the two terms either.

TEDs and EPFCs are two weapons that create an EMP — electromagnetic pulse (similar to that nuclear explosion but less powerful) that destroy electronic circuitry. Both of these devices use conventional explosives to push an armature through and electromagnetic field.

The resulting pulse generated by a van size device could destroy electronics in an area up to a couple city blocks.

  • TEDs Transient electromagnetic devices
  • EPFCs Explosively pumped flux compressor
  • Development Assessment Cost = Low between $500 and $1,000
  • Design = Multiple websites had fairly detailed design plans
  • Skill Set = Moderate basic wiring and mechanical skills. (High School Shop Class)
  • Detection = Low due to the minimal amount of special needs required to build a device. The only special material required are conventional explosives.
  • Defense = Building data centers underground and metal shielding as well as utilities isolation would be required to defend against such an attack. EMP weapons attack our computers and communications infrastructure. The development of TEDs and EPFCs now makes the threat of an EMP attack much more likely. These EMP weapons pose a unique threat to the electronic society and our national security and economy.

Can you imagine the stock market reaction in one such device was detonated on Wall Street?

– Kevin Coleman

Share |

{ 25 comments… read them below or add one }

demophilus March 13, 2008 at 1:19 pm

IIRC, EMP devices have figured in a few works of popular fiction, including the OCEAN’S ELEVEN remake.
So much for “cultural literacy”.

Reply

evangeline March 13, 2008 at 1:55 pm

people laugh but this is exactly the reason I stick with my old tube based IBM 709. shure it may take up my entire basement and most of my garage but I got this sucker pimped with 32k of ferrite core, a selectric output with an ASCII ball, and a diamond turning machine (a girls got to have her diamonds).
when some terrorists decides to throw all you back into the stone age I’ll still be playing tetris.

Reply

Chris March 13, 2008 at 2:23 pm

@ evangeline:
If some terrorist manages to throw us all back into the dark ages, you’re going to wish you had all that room to store food and ammunition.

Reply

Roy Smith March 13, 2008 at 2:28 pm

Monkey wants my burger,MONKEY WANTS MY BURGER!!!!!!

Reply

eric March 13, 2008 at 4:13 pm

I thought “a van size device” could blow up a government building in Oklahoma.

Reply

RobertoElGrande March 13, 2008 at 4:53 pm

“Ever heard of TEDs or EPFCs?”
No. Never. Not once in my life.
EMP Bombs? EMP Generators? Sure. EMPs are a staple of popular fiction and “bomb” and “generator” get the point across. I don’t think an obscure acronym about a particular technique is the best way to judge awareness.

Reply

ScienceGuy March 13, 2008 at 6:43 pm

Um……..how about those FDG’s (frapa dwizzle grenades)and especially the PSB’s (para snatchet blasters)………..you guys are way behind the curve!

Reply

jon March 13, 2008 at 8:17 pm

Classic last sentence from Mr. Coleman.
For anyone looking for real info about this so called threat, here is the transcript of a Senate hearing for the Joint Economic Committee called, “Radio Frequency Weapons and Proliferation: Potential Impact on the Economy” that took place in February of 98.
http://www.freedomdomain.com/weathercontrol/jointhearing.html

Reply

Nied March 13, 2008 at 8:58 pm

“Can you imagine the stock market reaction in one such device was detonated on Wall Street?”
I imagine it would be similar to the one cause by a small car bomb going off in Wall Street. After all, like any enterprise level organization the NYSE has extensive off site backups so any data loss would be minor. The biggest impact would probably come from having to close off trading for the day for security reasons, and the replacement costs of all those laptops, crackberries and iphones most of the traders use. There might be a handful of casualties for people who happened to be nearby the vehicle they hid the device in but otherwise life would go on just fine. Trading could pick up the next day where it left off.
Honestly a terrorist would be far better off setting off an OKC style truck bomb in the middle of Wall Street. It’d shut down trading just as well, cause way more fatalities and property damage and be easier to build too.
But everyone understands big explosions, while IT is still somewhat of a black magic to outsiders so cyberterrorism sounds scarier.

Reply

Kaltes March 13, 2008 at 10:23 pm

Yawn.
These devices have been out since the 1950s. They’ve been researched for a long time and yet never turned into an effective weapon.
Which means: they’re not an effective weapon.
If they were, we’d use them. It would be a great capability to shut down an enemy with no collateral damage. Since we don’t have them, I submit this is a load of crap.

Reply

world_leader March 14, 2008 at 2:39 am

This is just a idea. But like all idea’s this can be improve to be more effective. Instead of knocking out a building in the future. It will be able to knock out not just the building but also track the addresses of other computer and target them. say 1 computer who signals to 1000 computer around the world.Sending one of these can knock out that computer make clones knock out 10000 computer and transfer all the Intel that computer had in a blink of the eye back and with out messing up everyone else’s who happen to be connected. this is just 1 of many idea’s that could come from this thing.

Reply

ggm March 14, 2008 at 5:22 am

Nied has a point, I think.
When the Washington snipers killed Linda Franklin of the FBI Cyber-Crimes division, they effectively denied the bureau the use of Franklin’s skills permanently. Although she was not specifically targetted, the FBI then had to find a replacement and train an agent to take her place, which costs money and time but in the meantime also left a gap in the bureau’s needed expertise.
Causing a localized blackout of electronics would only be temporary setback, since the equipment can be quickly replaced and law-enforcement along would learn from such an attack whereas taking out the experts whose skills are relied upon to defend against such an attack would have a greater impact on response and preparedness, leaving exploitable vulnerabilities.

Reply

Kevin March 14, 2008 at 12:29 pm

As a security expert this is the problem I see with much of security today. Amateurs masquerading as experts based on the fact that they can find a way to destroy a system. This is a work of fiction and the attackers we plan for are not the ones that will detonate an EMP near Wall Street. That is about as stupid as robbing a bank at gunpoint for a dollar! Yes it could happen though these genius’s who rode the short bus to school are not the real threat.
The threat, IMHO, is the group that penetrates the Wall Street networks quietly and undetected. The damage they can do is infinitely more than some EMP that knocks out servers and storage that are 100% redundant with others in different geographical locations.
Amateur security work like this makes the rest of us who have put in our time and blood look bad!

Reply

My FIrst Post Ever March 14, 2008 at 5:52 pm

I want to address the comment that starts out with “As a security expert this is the problem I see with much of security today. Amateurs” You could not be more right! BUT YOU ARE THE AMATEUR! I feel so sorry for your customers! No wonder you don’t identify yourself!

Reply

Mark March 14, 2008 at 7:46 pm

Fiction or no, this is not an example of “cyber warfare”. It’s an EMP bomb, a physical device that needs to be built and detonated. That’s regular-ass warfare.

Reply

SpyGuy March 14, 2008 at 9:05 pm

Don’t be so narrow minded. Anything that disrupts or damages our information infrastructure falls under the cyber warfare heading. Just like the 5 telecommunications/internet under sea cables that were cut in one week (two of them were cut in multiple places). We all need to up our security capabilities because of everything that has been posted on this blog.

Reply

stephen russell March 15, 2008 at 9:34 am

Maximize our defenses Here alone.
Must do.
This is a Real threat.
& have some EMP bomb ruin our IT IS systems,
were down.
FIX the System.

Reply

DHS March 15, 2008 at 11:12 am

I have read everything on this BLOG and found it to be credible, relevant and timely. Why, because it is my job. I do not understand why Mr. Coleman tolerates the childish behavior many of you show on here - it is beyond me! I would not! While I do not know Mr. Coleman, I know of his work in this area and he is highly regarded as a top authority not just in the US but in Europe. Many of you should stop the foolishness and try to learn something. Try to make positively contributions

Reply

Dumass March 16, 2008 at 4:04 pm

TEDs and EPFCs… You mean “Turtle Exclusion Devices” & “Elvis Presley Fan Clubs”?? What do they havec to do with cyberterrorism?
More seriously, if making an EMP weapon is so easy, cheap, and the plans are readily available on web sites don’t you think folks would have used them by now?

Reply

Kevin March 16, 2008 at 7:37 pm

OK just to be open minded based upon response to my previous post I will ask a question, especially “My First Post Ever”.
I saw a threat that could be a viable threat described in this blog post. What I did not see was a recommendation or an attempt to describe viable controls to mitigate this threat. Tell me, “My First Post Ever” or anyone else, how do you mitigate this threat with a normal enterprise client beyond using the same measures currently being taken in the DR/BCP to mitigate the threat of the loss of the data center?

Reply

Klatou March 17, 2008 at 9:05 am

This is why I wrap my head in aluminum foil every morning :-)

Reply

Kevin March 17, 2008 at 10:47 am

COUNTER MEASURES.
1. Distance from the facility - Keep parking back away form the building specifically any vans or trucks.
2. Shielding - Shield the external walls and properly ground them and provide isolation of the utilities so that the pulse can not travel inside.
3. Data Center Protection - Many new data centers are being built underground. This provides multiple security benefits including protection from EMP.
Feel free to ask questions

Reply

DoubleTapper March 17, 2008 at 11:50 am

Why not just send out a Trojan virus that only kills computers that use Arabic as the default language?
DoubleTapper
DoubleTapper@gmail.com
DoubleTapper, blogging on Guns Politics Defense from Israel

Reply

Kevin March 17, 2008 at 12:41 pm

> Retrofitting is expensive but new builds are not that much more expensive.
On that I can fully agree. In a new build or remodel then the case can be made that the measures will also increase the value of the property and the NPV of the project.

Reply

Nied March 17, 2008 at 9:16 pm

“I forgot to mention the final point about back-up data centers. The real issue is the electronics that switch and reroute data from one data center to another are destroyed. So rerouting takes several hours to accomplish.”
And how likely is it that a terrorist organization is going to be able to take out enough switching centers to have much of an effect? Once the data gets out of the facility there’s quite a few switches to re-route through if one or more go down. One of these EMP bombs effect at most a few city blocks, so you’d need tens of devices spread throughout the country. You’re talking about an operation that would make 9/11 look like organizing a little league game in terms of coordination, for far less spectacular results.
“Three clients are building new data centers and the equipment costs exceed $83 million so your statement about costs of protection exceeding the costs of the equipment does no hold up.”
However backup data centers are also useful in case of fire, natural disaster, and more pedestrian “blow stuff up” terrorism. Building a Faraday Cage around your data center really only protects against one thing.
“It appears you think there will be a huge explosion by a van sized TEDs attack which properly constructed is not the case. The amount of conventional explosives used in these devices is small. Just enough to propel the armature through the excited field at very high speed!”
Actually I thought that was a knock against it. Which is scarier to you? Someone setting off some kind of device which momentarily interrupts the flow of the economy? Or someone setting off a huge explosion which kills scores of people and momentarily interrupts the flow of the economy. remember the operative word in terrorism is terror. Some company losing their primary data center just doesn’t strike fear into the hearts of the populous like body bags getting carted out of rubble, and the later is a lot easier to accomplish than the former.

Reply

Leave a Comment

Previous post:

Next post: