In view of how toroughly compromized we have become, and how the vulnerabilities have just mushroomed after this little thing, it might be sort of interesting to have a quickie-look.
Today you can probably just forget wifi spots, just watch islamic agents in the NSA set up as terror services central.
It’s a sunny day. The mall is crowded with people, the time is 4:44 pm and it’s Valentine’s Day. People are enjoying themselves and generally having a good time. Somewhere, a computer clock tips over to 4:45. The computer is a netbook linked into the mall’s WIFI net.
On time, the machine does several things:
• Sends its status to the other computers it knows about, all of them close and inside the mall’s WIFI cover.
• Sends an email to an anonymous account at a popular anon-mail service.
• Explodes the car where it is sitting inside a cardboard box, on top of 50 pounds of C4 surrounded by bags of marbles and nails.
The car was placed close to one of the main entrances, and the number of casualties—both wounded and dead—is quite large. Alarms are going off all over the place. The west side of the mall quickly becomes a chaos of police, ambulances and fire trucks. Meanwhile, two computers that received A’s status have quietly started a countdown, they’re now counting down 20 minutes. Another one has switched status: sitting in a van parked not so far from the mall loading dock, it has turned on the car’s theft alarm. The alarm is a sophisticated unit capable of calling police or security help on activation. The programmed number, however, belongs to a simple Nokia phone lying in the van’s cargo hold. It’s set up as the detonator for 2000 pounds of ANFO (schematics for that are available all over the internet). The computer isn’t taking any chances, anyway: it now also has its own time ticking down and will call the Nokia in 30 minutes if nothing has happened until then.
+ 15 minutes:
By now, one of the other computers has been found by the local bomb squad. It is in a box together with a half pound of semtex. The bomb disposal crew decides to disable the rather small bomb by blowing it to smithereens using a robot-mounted shotgun. Which works, the bomb does not go off. However, now the computer is no longer on the net. This is detected by the computer in the third bomb, placed inside a large rubbish bin near the mall restaurant. That computer promptly decides not to wait its countdown time and blows up, but not before calling the Nokia in the van by the loading dock.
A third netbook now goes into action, seeing that all of its brothers have left the net. The job is done. It calls a second Nokia on the roof of a nearby tall building, which sets off a small load of semtex driving an EMP generator. The emp, while fairly local in size and power, still manages to fry the last netbook’s electronics—and play havoc with communications and first-responders.
This is one example of how the western urban scene is vulnerable to an enemy using a mix of technology and simple explosive devices. Instead of all the devices being very local, they might have been slightly less local but still effectively linked. Any network can in principle work as a tripwire or detonation service. Seeing what al quaeda has made before, it is likely that we will see software aiming to give this sort of tool to terrorists with no deep computer knowledge.
Next issue, we’ll look at how this concept is likely to fit into the malware universe, and who are likely to produce and distribute the software.
© Ståle Fagerland 2010