Were Brussels Terrorists Trying To Build 'dirty bomb'

Nuclear policy experts can seem like Cassandra, constantly prophesizing apocalyptic futures. In case you haven't noticed, we don't live in a Mad Max world devastated by nuclear war. Terrorists have not blown up New York with a makeshift nuclear bomb. We haven't bankrupted ourselves, despite the trillions of dollars spent on Cold War weapons.

Cassandra's curse, however, was not that she was wrong, but that no one believed her. I don't know a single nuclear expert who thinks that the threat of nuclear terrorism is shrinking. I don't know a single one who thinks that the actions taken by world leaders at this week's Nuclear Security Summit are enough. We are fearful. And you should be, too.

Chills went down a lot of experts' spines last month when we saw the news that the Brussels bombers, the ISIS terrorists who blew up the airport and attacked the metro, were secretly videotaping a Belgian nuclear official. This official worked at a facility that had radiological material that terrorists could use for a "dirty bomb." We do not know if they were filming him or his family, if there was a kidnap plot in motion, or what their exact plans were. But this is not some Hollywood fantasy. This is real. A nuclear terrorist event may be closer than you think.

What are the risks? First, that some terrorists could steal a complete nuclear weapon, like SPECTRE in the James Bond thriller, "Thunderball." This is hard, but not impossible. The key risk is that the outside terrorists get insider help: For example, a radical jihadist working at a Pakistan weapon storage site. Or the Belgian base just outside Brussels where we still stash a half-dozen nuclear weapons left over from Cold War deployments. Or the Incirlik air base in Turkey where we keep an estimated 50 weapons just 200 miles from the Syrian border.

Second, terrorists could steal the "stuff" of a bomb, highly enriched uranium or plutonium. They cannot make this themselves -- that requires huge, high-tech facilities that only nations can construct. But if they could get 50 or 100 pounds of uranium -- about the size of a bag of sugar -- they could construct a crude Hiroshima-style bomb. ISIS, with its money, territory and global networks, poses the greatest threat to do this that we have ever seen. Such a bomb brought by truck or ship or FedEx to an urban target could kill hundreds of thousands, destroy a city and put the world's economy and politics into shock.
            
Third, there is the possibility of a dirty bomb. Frankly, many of us are surprised this has not happened already. I spoke to Jon Stewart on his show 15 years ago about the danger. This is not a nuclear explosion unleashed by splitting atoms, but simply a conventional explosive, like dynamite, laced with radioactive material, like cesium or strontium. A 10-pound satchel of dynamite mixed with less than 2 ounces of cesium (about the size of a pencil eraser) could spew a radioactive cloud over tens of square blocks.

No one would die, unless they were right next to the explosion. But the material would stick to the buildings. Inhaling just a speck would greatly increase your risk of getting cancer. You could go into the buildings, but no one would. There would be mass panic and evacuations, and the bomb would render a port, financial district, or government complex unusable and uninhabitable for years until scrubbed clean. Economic losses could be in the trillions.

Fourth, terrorists could just attack a nuclear power reactor, fuel storage or other site to trigger a massive radioactive release that could contaminate hundreds or thousands of square miles, like Chernobyl or Fukushima. While nuclear reactors are hardened against outside attack, including by the intentional crash of a medium-sized jet plane, larger planes could destroy them. Or a series of suicide truck bombers. But it might not even take a physical explosion. This week, it was reported the United States and the United Kingdom are to simulate a cyberattack on a nuclear power plant.

Can we prevent these attacks? Yes, by eliminating, reducing and securing all supplies of nuclear materials so that terrorists would find it too difficult to get them. And by reducing and better protecting nuclear reactors and spent nuclear fuel.

Are we doing enough? No. "The capabilities of some terrorist groups, particularly the Islamic State, have grown dramatically," says Harvard scholar and former Bush Administration official William Tobey, "In a net calculation, the risk of nuclear terrorism is higher than it was two years ago."

The United States spends about $35 billion on nuclear weapons every year. This year, we will spend $1.8 billion on all our efforts to stop the spread these weapons and stop nuclear terrorism. You don't have to be a nuclear expert to know something is out of whack here.

It is time we put our money where our threats are.

Edition: http://cnn.it/20uy2ua

« Donald Trump Has A Plan for CyberWar
Women in Cybersecurity »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cypress Semiconductor

Cypress Semiconductor

Cypress is a semiconductor design and manufacturing company providing embedded devices for secure IoT applications.

CyberTrap

CyberTrap

CyberTrap is an advanced highly-interactive deception technology allowing real-time analysis and control of security breaches.

SCIPP International

SCIPP International

SCIPP’s courses are based on internationally recognized best business practices for security awareness, for both technical and non-technical staff and to comply with regulatory mandates.

CyberSeek

CyberSeek

CyberSeek provides detailed, actionable data about supply and demand in the cybersecurity job market.

Braintrace

Braintrace

Braintrace’s services include Managed Detection and Response (MDR), Managed SIEM, SIEM-as-a-Service, SOC-as-a-Service, Advisory Services, and Incident Response.

Austrian Institute of Technology (AIT)

Austrian Institute of Technology (AIT)

AIT is Austria's largest research and technology organisation and a specialist in the key infrastructure issues of the future including data science and cybersecurity.

Cube 5

Cube 5

The Cube 5 incubator, located at the Horst Görtz Institute for IT Security (HGI), supports IT security startups and people interested in starting a business in IT security.

White Cloud Security

White Cloud Security

White Cloud is a cloud-based Application Trust-Listing security service that prevents unauthorized programs from running on your computers.

OSIbeyond

OSIbeyond

OSIbeyond provides comprehensive Managed IT Services to organizations in the Washington D.C., MD, and VA area including IT Help Desk Support, Cloud Solutions, Cybersecurity, and Technology Strategy.

Timus Networks

Timus Networks

Timus Networks enables today's work from anywhere organizations to secure their networks very easily and cost effectively.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

Endure Secure

Endure Secure

Endure Secure is a managed cyber security & information security consultancy. Our passion for IS and our understanding of the threat landscape is reflected in the services that we provide.

Bit Sentinel

Bit Sentinel

Bit Sentinel is an information security company. We help companies like yours discover, prioritize, and effectively remediate potential cybersecurity risks.

FTI Consulting

FTI Consulting

FTI Consulting is a global business advisory firm dedicated to helping organizations manage change, mitigate risk and resolve disputes.

SektorCERT

SektorCERT

SektorCERT is the cybersecurity center for the critical infrastructure sectors in Denmark. We help detect and handle when critical infrastructure is exposed to cyber attacks.

RAH Infotech

RAH Infotech

RAH Infotech is India’s leading value added distributor and solutions provider in the Network and Security domain. We are specialists in Enterprise and App Security and Application Delivery.