Discussing the Undiscussable: Hacking a Stadium

The first high profile case of “hacking a stadium” transpired during the opening ceremonies of the 2018 Olympics.

The cyber-attack took out internet access and telecasts, grounded broadcasting drones, shut down the Pyeongchang Olympic website and prevented spectators from printing out reservations and attending the ceremony.  This physically resulted in an unusually high number of empty seats.  Preliminary reports indicate the attack was not designed to extract money, but possibly, inflict a different type of damage.  Perhaps even make a political statement of some sort.  Investigators claim the attack was the result of malware installed back in December 2017.  Apparently, it was a year in the making.

But the actual terminology of “hacking a stadium?”  What exactly does that mean?  What could it possibly entail?

Not to state the obvious, but to the best of my knowledge, there’s no way to “electronically hack” a flight of steps or the spiral rotunda or an asphalt parking lot.  Tangible elements like concrete, glass and steel are indifferent to the world of wireless information.  Even in this era of alternative facts and fake news, I’d hope most people could reach a consensus with that one.

I must rhetorically wonder though, could this “hack” have been taken a step further?  Could there be a new precedent?

When there’s no financial incentive, you start venturing into scary, uncharted territory.  So what could be another purpose?  Well, as a military theorist and student of generational warfare, I might throw out the possibility that maybe… just maybe… a different objective could be to kill and injure innocent civilians.  Try thinking in terms of asymmetric terrorism.

If that sounds unsettling it’s because the prospect of weaponizing a human stampede is, by its very nature, undiscussable.  It’s not that government or private industry has never conceived of this threat (the modern, technological equivalent of shouting “FIRE” in a crowded theater).  It’s just that the powers that be won’t acknowledge it… for 4 fundamental reasons:

1.  Plausible deniability

2.  Hypothetical litigation

3.  The lose-lose proposition

4.  The necessary admission that it’s possible to indiscriminately kill innocent civilians without conventional weapons

I’ve thoroughly explored all of these factors on a point-by-point basis.  If you wish to further understand the rationale, just perform a targeted search on the AGSAF website.

First Pivot.

In the 150+ articles I’ve written for the site, I’ve NEVER used the phrase “hacking a stadium.”  But ironically, if there actually was a wireless driven panic resulting in an artificially generated stampede, I imagine the media and the entire planet earth would immediately start using that exact phrase.  What exactly caused fans to panic and run for their lives?  Well, the stadium was hacked!  Call me naive, but I think mankind would demand a more definitive, thorough explanation for what happened.

The actual word “hack” seems to cover a vast array of territory.  These days, the media use it with little discretion.  And the general public bandies it about with virtually zero consideration.

For example, the most high profile case of “hacking” was the 2016 presidential election.  If you subscribe to the general narrative regarding Donald Trump’s victory, Russian state sponsored actors created and purchased phony ads, trolled facebook and manipulated social media as much as they could in order to to delegitimize the election results or swing the outcome in Trump’s favor.  I imagine their mission statement went something like this:  Well, we might not be able to hack their voting systems and alter the actual votes.  However, we can do as much conventional damage as possible to cause friction, erode trust and destabilize the democratic process.

But does any of their interference conform to the technological definition or society’s notion of hacking?  Well, not really.

Instead of hacking, I think much of what unraveled during the 2016 election, justifies the creation of a new word.  One that embodies the overall concept of hacking, but without the electronic degree of system penetration and intrusive manipulation.  The word “jacked” would seem ideal.  It’s simple, straightforward and easily digestible for the the general public.  The urban definition of “jacked” implies blatant robbery or brute theft… as in a carjacking.  There’s also the similar term “hijacking.”  In the case of 9/11, planes were hijacked.  They were physically seized and intended for misuse.  Both carjacking and hijacking seem to echo the notion of hacking, but without the necessary wireless finesse or electronic elegance.  The word “hacking” is just too broad and vague.  In time, I suspect the word “jacked” or “cyber-jacked” might rise to prominence.

If my concerns about an artificially generated stampede came to fruition, I doubt it would be the result of a direct hack (wireless carrier, opt-in abuse, Stingray, and so on).  More likely, it would be the result of a decentralized flood of information.  Basically, a wireless info-bomb, a cellular bombardment both deliberate and unintentional, from every conventional direction conceivable (phone calls, text messages, social media platforms, etc.).  Picture a dam being breached.  I normally use the term “viral blitzkrieg” because the initial attack vector(s) would be designed to grow quickly and exponentially.  In essence, the stadium occupants would be overwhelmed with raw, sudden, panic-inducing cellular information.  In a case like this, the stadium would be “jacked,” but not hacked.

Second Pivot.

February 13, 2018 marked an intriguing day of hearings in the United States Senate.  FBI Director Christopher Wray, CIA Director Mike Pompeo, and other top defense officials fielded questions on the topic of cyber-security.  Director of National Intelligence Dan Coats, in his opening statement, said cyber-security is our greatest concern and top priority.  National Security Agency Director Mike Rogers added, “If you think the problem is challenging now, just wait.  It’s going to get much worse.”  The general consensus was that cyber-threats will become bolder, more aggressive and more complex.  That our country must stay ahead of the curve and be proactive.  That we need greater cooperation between government and the tech industry.  And of course, we could always use additional talent and greater funding.  Go figure.

As one might expect, the level of specificity was alarmingly minimal.  Perhaps that changes when they go into private session.  I do not know.

But what I do know is this.  I think it’s very plausible to speculate… that if you take a long-term view… there will eventually be a cyber-incident where innocent people die.  My concerns regarding the the prospect of an artificially generated stampede(s) reflect that very notion.  And while I have zero confidence that this specific cyber-threat will be acknowledged during televised congressional hearings, it’s my sincere hope that someone, anyone in Congress, might be willing to open up this can of worms behind closed doors.  I seriously doubt any politician would have the requisite courage to publicly take the bait.  But one day, I can assure you, it will make for a helluva fishing expedition.