Aviation Denial-of-Service Attack

You may have heard about the Swedish guy who told the FBI his son-in-law was a terrorist in order to prevent a business trip to the Untied States. A blog entry at Discourse.net raises an interesting point: we've now become so paranoid about air travel and border crossings that anyone (and I mean anyone) can have someone arrested, hassled, and denied entry or deported. It doesn't matter how credible the threat is, our security apparatus has determined that any threat has to be treated as true.

This effectively gives Those Who Wish To Do Others Harm a powerful weapon, effectively a simple denial-of-service attack against air travel (and probably train and bus travel, for that matter). Even better, this attack can be carried out anonymously, even from the safety of a village in a third-world country.

But I don't think Michael at Discourse thought this through entirely. It's easy to see that this could become a crippling attack against our entire aviation infrastructure. If an enemy's goal is to disrupt rather than actually kill, it can be extremely effective, cost nothing, and present little or no risk to the attackers' lives or even liberty.

Consider these attack scenarios:

1. An e-mail is sent to the TSA claiming that a terrorist will be checking a suitcase packed with 50 lbs of high explosive onto a flight departing LaGuardia airport at 10 AM on a specified date. The bomb is set to detonate in or near the baggage screening area, killing people and severely damaging part of the terminal building. The threat contains enough details to be considered credible, but not enough to pin it to an exact passenger or flight. The threat might even contain previously unknown but confirmable details about some terrorist organization (to better establish the legitimacy of the sender).

   Likely impact: Some or all of LaGuardia airport is shut down for several hours, canceling hundreds of flights and delaying hundreds more, causing airlines, the TSA, and passengers substantial financial losses. Since delays at LaGuardia tend to ripple across the entire flight schedule of several airlines, many flights are canceled or delayed which go nowhere near New York.

2. Now suppose that the threat claims that this will be a coordinated attack on several of the largest hub airports in the U.S.: LaGuardia, Logan, O'Hare, Minneapolis, Denver, San Francisco, Los Angeles, etc. Since a coordinated exploding suitcase attack is well within the means of even a small terrorist organization, this doesn't diminish the credibility of the threat much.

   Likely Impact: Total disruption of the national air system for most (possibly all) of the day. Depending on how credible the terrorists make the threat, a one-day grounding of all commercial flights isn't out of the question.

3. A terrorist network uses a communication channel which they know is compromised to implicate targeted individuals (for example, prominent businessmen, key opponents) as part of a sleeper cell or other plot. This kind of disinformation campaign was actually used in WWII very successfully against the axis countries, and can be extremely effective if the covert listener doesn't know that the enemy knows about its listening. (Disinformation in a compromised channel can also be used to deliver the threats for attacks #1 or #2.)

   Likely impact: Targeted individuals will find it difficult or impossible to travel to/within the United States, and may even be arrested (and possibly tortured these days).

4. Simultaneously in several airports around the country, someone rushes past security screening. This usually causes the airport to shut down for a time until the individual is arrested (and with simultaneous incidents it may trigger a more thorough security sweep and further disruption). This is not zero-risk for the attackers, since they are likely to be arrested and tried, and there's an outside chance of being shot, but it's still a lot better odds than a suicide attack.

   Likely impact: Major disruption of the national air system for several hours at least. The coordinated attack could lead to a complete shutdown until the authorities decide there's no larger plot.

The bottom line is that it's now very easy for anyone to create major headaches for anyone else trying to travel in the U.S., and the authorities seem to care little that their overzealousness can cause big problems for a few people here and there. Worse, a highly credible threat could lead to a service disruption which might be more expensive and deadly(*) than an actual terrorist attack.

(*) Disrupting air service might actually be deadly when you consider things like (1) people who decide to drive instead of fly, since driving is something like ten times as dangerous per mile; (2) disruption in life-saving medical treatments, like patients traveling to a distant hospital and organs traveling to distant patients; and (3) the combination of paranoid security personnel with angry mobs of passengers possibly leading to someone accidentally getting shot.