"I forgot to mention the final point about back-up data centers. The real issue is the electronics that switch and reroute data from one data center to another are destroyed. So rerouting takes several hours to accomplish."

And how likely is it that a terrorist organization is going to be able to take out enough switching centers to have much of an effect? Once the data gets out of the facility there's quite a few switches to re-route through if one or more go down. One of these EMP bombs effect at most a few city blocks, so you'd need tens of devices spread throughout the country. You're talking about an operation that would make 9/11 look like organizing a little league game in terms of coordination, for far less spectacular results.

"Three clients are building new data centers and the equipment costs exceed $83 million so your statement about costs of protection exceeding the costs of the equipment does no hold up."

However backup data centers are also useful in case of fire, natural disaster, and more pedestrian "blow stuff up" terrorism. Building a Faraday Cage around your data center really only protects against one thing.

"It appears you think there will be a huge explosion by a van sized TEDs attack which properly constructed is not the case. The amount of conventional explosives used in these devices is small. Just enough to propel the armature through the excited field at very high speed!"

Actually I thought that was a knock against it. Which is scarier to you? Someone setting off some kind of device which momentarily interrupts the flow of the economy? Or someone setting off a huge explosion which kills scores of people and momentarily interrupts the flow of the economy. remember the operative word in terrorism is terror. Some company losing their primary data center just doesn't strike fear into the hearts of the populous like body bags getting carted out of rubble, and the later is a lot easier to accomplish than the former.

Posted by: Nied at March 17, 2008 09:16 PM

I forgot to mention the final point about back-up data centers. The real issue is the electronics that switch and reroute data from one data center to another are destroyed. So rerouting takes several hours to accomplish. Three clients are building new data centers and the equipment costs exceed $83 million so your statement about costs of protection exceeding the costs of the equipment does no hold up.

It appears you think there will be a huge explosion by a van sized TEDs attack which properly constructed is not the case. The amount of conventional explosives used in these devices is small. Just enough to propel the armature through the excited field at very high speed!

In one government document an EMP attack on the US is considered to be a significant possibility and risk form terrorist groups as well as rogue nations states (that the document names).

If you want to debate this issue give me you phone number and i will call you and do so.

Posted by: Kevin at March 17, 2008 12:43 PM

> Retrofitting is expensive but new builds are not that much more expensive.

On that I can fully agree. In a new build or remodel then the case can be made that the measures will also increase the value of the property and the NPV of the project.

Posted by: Kevin at March 17, 2008 12:41 PM

Retrofitting is expensive but new builds are not that much more expensive. Given the fact that "cyber attacks" are beginning to be included in SEC reporting documents like a 10Qs, the CFO has to recognize the threat and the risk and what is required to mitigate the issue. If the organization is part of the country's critical infrastructure like "financial community" (and others) and are medium to high on the target list the risk is high enough that a risk mitigation strategy is required. I can tell you that the vast majority of organizations once presented with the risk and their exposure are quick to take mitigation steps.

Posted by: Kevin at March 17, 2008 12:20 PM

> COUNTER MEASURES.

>1. Distance from the facility - Keep parking back >away form the building specifically any vans or >trucks.
In most cases this would entail a very expensive construction project which both the VP in charge of facilities and the CFO would balk at. That is unless the statistical viability of an EMP attack can be proven or generic benchmarking demonstrates that this is best practice.

>2. Shielding - Shield the external walls and >properly ground them and provide isolation of the >utilities so that the pulse can not travel inside.

Very expensive. See answer to #1.

>3. Data Center Protection - Many new data centers >are being built underground. This provides >multiple security benefits including protection >from EMP.

Very expensive. See answer to #1.

I suppose to further clarify there are a few threats. There is the threat to productivity and there is the threat to loss of data. In both cases the mitigating security controls, from a business value perspective, (the only one the CFO and CEO will agree with), are the same as a building fire, a truck bomb, a disgruntled employee with weapons, a van sized EMP device, and anything else that threatens business as usual. (from a cybersecurity perspective!!!)

The data will be backed up and syncronized with remote locations based upon the businesses risk tolerance of the organization as defined by the stakeholders. This could be every minute to every day or once a week.

Except in some extreme examples the controls listed above are specialized controls targeting EMP attacks only, are localized controls that are lost when the organization changes buildings or locations, and are very expensive. Realistically if a van sized explosion were to take place within a block of a business productivity would hit 0% regardless of the buildings shielding. Finally these controls, given interest in getting productivity back to 100% quickly, would probably cost more than replacing the equipment such as laptops and phones/PDA's.

Posted by: Kevin at March 17, 2008 12:02 PM

Why not just send out a Trojan virus that only kills computers that use Arabic as the default language?

DoubleTapper
DoubleTapper@gmail.com
DoubleTapper, blogging on Guns Politics Defense from Israel

Posted by: DoubleTapper at March 17, 2008 11:50 AM

COUNTER MEASURES.

1. Distance from the facility - Keep parking back away form the building specifically any vans or trucks.

2. Shielding - Shield the external walls and properly ground them and provide isolation of the utilities so that the pulse can not travel inside.

3. Data Center Protection - Many new data centers are being built underground. This provides multiple security benefits including protection from EMP.

Feel free to ask questions

Posted by: Kevin at March 17, 2008 10:47 AM

This is why I wrap my head in aluminum foil every morning :-)

Posted by: Klatou at March 17, 2008 09:05 AM

OK just to be open minded based upon response to my previous post I will ask a question, especially "My First Post Ever".

I saw a threat that could be a viable threat described in this blog post. What I did not see was a recommendation or an attempt to describe viable controls to mitigate this threat. Tell me, "My First Post Ever" or anyone else, how do you mitigate this threat with a normal enterprise client beyond using the same measures currently being taken in the DR/BCP to mitigate the threat of the loss of the data center?

Posted by: Kevin at March 16, 2008 07:37 PM

TEDs and EPFCs... You mean "Turtle Exclusion Devices" & "Elvis Presley Fan Clubs"?? What do they havec to do with cyberterrorism?

More seriously, if making an EMP weapon is so easy, cheap, and the plans are readily available on web sites don't you think folks would have used them by now?

Posted by: Dumass at March 16, 2008 04:04 PM

I have read everything on this BLOG and found it to be credible, relevant and timely. Why, because it is my job. I do not understand why Mr. Coleman tolerates the childish behavior many of you show on here - it is beyond me! I would not! While I do not know Mr. Coleman, I know of his work in this area and he is highly regarded as a top authority not just in the US but in Europe. Many of you should stop the foolishness and try to learn something. Try to make positively contributions

Posted by: DHS at March 15, 2008 11:12 AM

Maximize our defenses Here alone.
Must do.
This is a Real threat.
& have some EMP bomb ruin our IT IS systems,
were down.
FIX the System.

Posted by: stephen russell at March 15, 2008 09:34 AM

Don't be so narrow minded. Anything that disrupts or damages our information infrastructure falls under the cyber warfare heading. Just like the 5 telecommunications/internet under sea cables that were cut in one week (two of them were cut in multiple places). We all need to up our security capabilities because of everything that has been posted on this blog.

Posted by: SpyGuy at March 14, 2008 09:05 PM

Fiction or no, this is not an example of "cyber warfare". It's an EMP bomb, a physical device that needs to be built and detonated. That's regular-ass warfare.

Posted by: Mark at March 14, 2008 07:46 PM

I want to address the comment that starts out with "As a security expert this is the problem I see with much of security today. Amateurs" You could not be more right! BUT YOU ARE THE AMATEUR! I feel so sorry for your customers! No wonder you don't identify yourself!

Posted by: My FIrst Post Ever at March 14, 2008 05:52 PM

You got to love the comments on here. One side calls it fiction, the other side shows this bas been around for a while and still other comments add no value at all. However, no one brought up the The Bell Island Explosion 1978. Check it out.Also you can get fairly detailed documents about these weapons from public congressional hearing a couple of years ago. I have to say, they are real and the point is that there are so many ways our electronic dependent age can be attacked. At a meeting less that 10 days ago of nearly 90 professionals responsible for business continuity planning. NONE new of these EMP weapons. None had plans covering a cyber attack. Only 3 new of the attack on Estonia that took place last year.

Posted by: Kevin at March 14, 2008 05:13 PM

As a security expert this is the problem I see with much of security today. Amateurs masquerading as experts based on the fact that they can find a way to destroy a system. This is a work of fiction and the attackers we plan for are not the ones that will detonate an EMP near Wall Street. That is about as stupid as robbing a bank at gunpoint for a dollar! Yes it could happen though these genius's who rode the short bus to school are not the real threat.

The threat, IMHO, is the group that penetrates the Wall Street networks quietly and undetected. The damage they can do is infinitely more than some EMP that knocks out servers and storage that are 100% redundant with others in different geographical locations.

Amateur security work like this makes the rest of us who have put in our time and blood look bad!

Posted by: Kevin at March 14, 2008 12:29 PM

Nied has a point, I think.

When the Washington snipers killed Linda Franklin of the FBI Cyber-Crimes division, they effectively denied the bureau the use of Franklin's skills permanently. Although she was not specifically targetted, the FBI then had to find a replacement and train an agent to take her place, which costs money and time but in the meantime also left a gap in the bureau's needed expertise.

Causing a localized blackout of electronics would only be temporary setback, since the equipment can be quickly replaced and law-enforcement along would learn from such an attack whereas taking out the experts whose skills are relied upon to defend against such an attack would have a greater impact on response and preparedness, leaving exploitable vulnerabilities.

Posted by: ggm at March 14, 2008 05:22 AM

This is just a idea. But like all idea's this can be improve to be more effective. Instead of knocking out a building in the future. It will be able to knock out not just the building but also track the addresses of other computer and target them. say 1 computer who signals to 1000 computer around the world.Sending one of these can knock out that computer make clones knock out 10000 computer and transfer all the Intel that computer had in a blink of the eye back and with out messing up everyone else's who happen to be connected. this is just 1 of many idea's that could come from this thing.

Posted by: world_leader at March 14, 2008 02:39 AM

Yawn.

These devices have been out since the 1950s. They've been researched for a long time and yet never turned into an effective weapon.

Which means: they're not an effective weapon.

If they were, we'd use them. It would be a great capability to shut down an enemy with no collateral damage. Since we don't have them, I submit this is a load of crap.

Posted by: Kaltes at March 13, 2008 10:23 PM

"Can you imagine the stock market reaction in one such device was detonated on Wall Street?"

I imagine it would be similar to the one cause by a small car bomb going off in Wall Street. After all, like any enterprise level organization the NYSE has extensive off site backups so any data loss would be minor. The biggest impact would probably come from having to close off trading for the day for security reasons, and the replacement costs of all those laptops, crackberries and iphones most of the traders use. There might be a handful of casualties for people who happened to be nearby the vehicle they hid the device in but otherwise life would go on just fine. Trading could pick up the next day where it left off.

Honestly a terrorist would be far better off setting off an OKC style truck bomb in the middle of Wall Street. It'd shut down trading just as well, cause way more fatalities and property damage and be easier to build too.

But everyone understands big explosions, while IT is still somewhat of a black magic to outsiders so cyberterrorism sounds scarier.

Posted by: Nied at March 13, 2008 08:58 PM

Classic last sentence from Mr. Coleman.

For anyone looking for real info about this so called threat, here is the transcript of a Senate hearing for the Joint Economic Committee called, "Radio Frequency Weapons and Proliferation: Potential Impact on the Economy" that took place in February of 98.

http://www.freedomdomain.com/weathercontrol/jointhearing.html

Posted by: jon at March 13, 2008 08:17 PM

Um........how about those FDG's (frapa dwizzle grenades)and especially the PSB's (para snatchet blasters)...........you guys are way behind the curve!

Posted by: ScienceGuy at March 13, 2008 06:43 PM

"Ever heard of TEDs or EPFCs?"

No. Never. Not once in my life.

EMP Bombs? EMP Generators? Sure. EMPs are a staple of popular fiction and "bomb" and "generator" get the point across. I don't think an obscure acronym about a particular technique is the best way to judge awareness.

Posted by: RobertoElGrande at March 13, 2008 04:53 PM

I thought "a van size device" could blow up a government building in Oklahoma.

Posted by: eric at March 13, 2008 04:13 PM

Monkey wants my burger,MONKEY WANTS MY BURGER!!!!!!

Posted by: Roy Smith at March 13, 2008 02:28 PM

@ evangeline:

If some terrorist manages to throw us all back into the dark ages, you're going to wish you had all that room to store food and ammunition.

Posted by: Chris at March 13, 2008 02:23 PM

people laugh but this is exactly the reason I stick with my old tube based IBM 709. shure it may take up my entire basement and most of my garage but I got this sucker pimped with 32k of ferrite core, a selectric output with an ASCII ball, and a diamond turning machine (a girls got to have her diamonds).

when some terrorists decides to throw all you back into the stone age I'll still be playing tetris.

Posted by: evangeline at March 13, 2008 01:55 PM

IIRC, EMP devices have figured in a few works of popular fiction, including the OCEAN'S ELEVEN remake.

So much for "cultural literacy".

Posted by: demophilus at March 13, 2008 01:19 PM

Wow, they had never heard of a flux compressor?
It is not exactly a new tech.
Here is a mirror of a New Scientist article from way back in 2000.

http://www.geocities.com/Area51/Shadowlands/6583/project413.html

Posted by: alex at March 13, 2008 12:56 PM