• United States



Urban Exploration aids terrorists with photos of critical infrastructure?

Mar 20, 20136 mins
Critical InfrastructureData and Information SecurityMicrosoft

The National Counterterrorism Center warned that 'suspicious' urban explorers armed with cameras should be reported to fusion centers, since urban exploration helps terrorists via photos that offer insight into infrastructure vulnerabilities.

One more ridiculous “you might be a terrorist if” warning has surfaced that might cause you to shake your head and wonder, “Are you fricking kidding me?” Now that the Intelligence Community decided Al-Qaeda no longer poses a major threat to launch complex attacks, terrorism is no longer the USA’s top national security threat. However, that didn’t stop yet another ridiculous terrorism bulletin from being issued in November 2012 and recently posted onto Public Intelligence. Photographers have long been harassed as potential terrorists, but now the National Counterterrorism Center warned that ‘suspicious’ urban explorers armed with cameras are supposedly giving aid to terrorists via their photos that offer insight into critical infrastructure.

The National Counterterrorism Center (NCTC) has a database in which we all might be listed as potential domestic terrorists. NCTC can retain private information about Americans for five years, even when there is no suspicion that they are tied to terrorism. Now, according to NCTC:

Urban Explorers (UE) – hobbyists who seek illicit access to transportation and industrial facilities in urban areas-frequently post photographs, video footage, and diagrams on line that could be used by terrorists to remotely identify and surveil potential targets. Advanced navigation and mapping technologies, including three dimensional modeling and geo-tagging, could aid terrorists in pinpointing locations in dense urban environments. Any suspicious UE activity should be reported to the nearest State and Major Area Fusion Center and to the local FBI Joint Terrorism Task Force.

Dr. Bradley Garrett completed his PhD thesis on Place Hacking: Tales of Urban Exploration [PDF]. He is an urban explorer who has been hacking skyscrapers to exploit physical security holes. This knowledge of vulnerabilities into buildings and skyscrapers has, in turn, been used to tighten physical security. Dr. Garrett’s website, Place Hacking, was specifically mentioned in the National Counterterrorism Center bulletin. In a previous interview, Garrett told Computerworld:

You previously pushed the point “I’m a photographer, not a terrorist.” Your website states, “All up in your infrastructure.” The Department of Homeland Security is constantly releasing warnings about U.S. infrastructure such as water treatment plantschemical plants and mass transit systems. Are you concerned that through your urban exploration adventurers, you might actually be charged with something crazy like terrorism?

Garrett: Charging us with terrorism would be absurd and would never stick; we are clearly photographers and way too geeky to hurt anyone.

On Public Intelligence, Garrett commented upon the NCTC bulletin, saying:

What urban explorers are doing by sneaking into places is expressing deep admiration for their environment and its history. They are participatory citizens who take an active interest in their city and inspire others to playfully and creatively engage with their surroundings. They also have a strong sense of community, the very thing that makes a city safer.

Another “popular” urban exploration website specifically mentioned in the NCTC bulletin is based in the UK. Regarding some of the problems explorers have with the public, SilentUK wrote:

The problems start when you become faced with someone who doesn’t have anything better to do. White knights. Those who have been brain washed by the state and media, convinced they are saving the world against the “evils of terrorism” by thwarting your night of photography. It’s these people we pray we avoid when we set out at night, they don’t listen to reason, are quick to judge and generally respond with aggression, as if you have somehow ruined their evening.

Well, it’s much worse than that now because in the U.S. “suspicious UE activity” will get your name dumped into a fusion center’s database, which, according to a Senate report, are already filled with “crap” and don’t help find terrorists.

The website of Steve Duncan, an urban historian, explorer and photographer of the urban underground, is also specifically named as “popular” in the bulletin. Duncan has given tours into NYC’s “underground worlds of lost urban waterways and sewers.” That will give any future UE tourists another type of adrenline rush…the type trying to avoid being named in a suspicious activity report (SAR).

Urban explorers are usually adrenaline junkies; they already dodge security guards, motion detectors and surveillance cameras, and are at risk of being arrested for trespassing. No urban explorers that I know vandalize property or steal anything during urbex adventures. Quite the contrary, most of those with whom I am acquainted are armed with cameras and consider their photos to be a type of documenting history. Many places have been torn down and the photos pay tribute to previous buildings. You can be sure they are not posting their urbex photos to somehow help scum-sucking terrorists.

Urban explorer Jordy Meow has been taking photos of abandoned Japan for three years. When I asked him what he thought of “Urban Exploration Offers Insight Into Critical Infrastructure Vulnerabilities,” he said, “Shouldn’t we be paid for that? Honestly. Hackers are! They should welcome and thank the UE for finding the security holes! Hackers are thanked more and more nowadays, and the hackers of the material world should also be thanked.” When I asked if he would still be willing to urbex in the USA, he said, “Actually I wouldn’t mind to go urbex in the U.S. anyway; we are doing something illegal from the start, but as long as we respect the place and don’t publish critical or sensitive information then it is fine. (Myself – I am careful with what I publish and try to respect the owners and neighbors).”

Most everyone enjoys urbex photography, vicariously enjoying the adventure, but the idea that terrorists are using the photos to gain insight into infrastructure in order to attack us is ridiculous! Another way to think of urbex is that it helps point out exploitable physical vulnerabilities into infrastructure, so if it is so blasted suspicious, then why doesn’t the intelligence community use this info to tighten the hatches?

What’s next, adding your name to a database of suspicious behavior if you use Google Street View, or virtually tour Google Street View Galleries? Better fire up your proxie, or a VPN, just to be safe before you search SHODAN for Internet-facing critical infrastructure devices…because at this rate, even that’s likely to be labeled suspicious at some point.

Like this? Here’s more posts:

  • Gov’t wielded security as a shield to deny the most FOIA requests yet under Obama
  • Microsoft patch stops attackers from owning PC via USB flash drive hack
  • Microsoft: Office 2013 can now be transferred to another PC every 90 days
  • Transparency report reveals Google receives less than 1,000 NSLs yearly
  • Black Hat Europe: ‘Hardening Windows 8 Apps for the Windows Store’
  • DOJ & SEC allegedly investigating Microsoft over bribery allegations in 3 countries
  • Will future surveillance include global ‘pre-crime’ machine spying on everyone?
  • Sunshine on extreme secrecy: Hear full leaked audio of Bradley Manning’s statement
  • Microsoft’s Secure Boot, Red Hat request ignites Linus Torvalds’ NSFW flame war
  • FBI’s National Security Letter gag orders violate 1st Amendment, ruled unconstitutional
  • Microsoft may not scan your email for keywords like Google, but your boss can

Follow me on Twitter @PrivacyFanatic

ms smith

Ms. Smith (not her real name) is a freelance writer and programmer with a special and somewhat personal interest in IT privacy and security issues. She focuses on the unique challenges of maintaining privacy and security, both for individuals and enterprises. She has worked as a journalist and has also penned many technical papers and guides covering various technologies. Smith is herself a self-described privacy and security freak.