Back in 2001, the morning of September the 11th, my friends and I were in class. The instructor was, naturally, trying to get us to focus on our studies. We, of course, were trying to focus on events just a few miles away in Manhattan.
I believe that, at this time, Command & Conquer: Red Alert 2 had just come out. It's an alternate-history-themed wargame. Numerous challenges in the game involved deploying defensive weapons (like Patriot missile batteries) around national monuments, to prevent them from being destroyed.
Around lunchtime, shortly before the rest of the day's classes were canceled and we were all sent home, one of these friends turned toward us as a group and said, only half jokingly, "Maybe, before you become president or anything, you should have to play through a game of Red Alert 2. That'll teach them to defend national sites with AA guns and Patriot missiles."
Sure, it sounds like a joke. But still...
It really struck me as disappointing that a lot of the various ways terrorists have, or could, carry out attacks seem not to have been anticipated. Now, some of these just can't easily be prevented - who stops people to search their bags as they board a train, for example? - but others could have been avoided, or the damage minimized, by reasonably simple precautions. For example, this might be searching vehicles entering any compound with guards present, or keeping non-authorized surface craft away from Navy ships. I understand some of the automated defenses used by the Navy have been modified to allow operators to override their controls and track small boats, which are warned away by hailing them and telling them to get lost. I have to assume vehicles entering any guarded and enclosed US government compound are searched, at least superficially, for anything that doesn't belong.
These are just examples. I'm not going to go into a full list of ways one could cause havoc if really motivated, because that would be a bad idea. But, well...
It seems to me that there are three four big things you need, if you're going to seriously try to defend against massively destructive terrorist attacks. The zeroeth part is "stop whacking the bees nest" (h/t k9disc). The first of these is boring old detective work: talking to people, tracing financial transactions, finding out who traveled where to speak with whom and do what, all that good stuff. The second part is intelligence work: having someone close to or even part of the groups you suspect are trying to harm you, who can report back and tell you what they're up to. And the third part is getting people with an imagination to think of ways that terrorists might attack, and what a reasonable defense against them would look like. (Reasonable, in this case, being defined as a cost-benefit analysis that weighs the damage that could be caused by a successful attack against the cost in time, effort, money, potential inconvenience to the public and potential infringement of their civil liberties and comes out with an optimal solution.)
In the same way that large corporations and governments sometimes take advice from or even hire people who are skilled in breaking through network security and tricking computer users into doing things they shouldn't... A network hacker who tests for vulnerabilities and then reports them to management so that they will be fixed is a White Hat. (Someone who uses what he finds for his own advantage is a Black Hat.) My question/proposal is this: perhaps our government should consider creating a program to study how terrorists could carry out massively destructive attacks, using historical data to some degree, but also using a good bit of imagination. Then, based on their ideas, find or create ways to stop those plans and judge them by the above standard of reasonableness. Do they do this? And if not, shouldn't they?
It's not too ridiculous, because the US Armed Forces already use simulated exercises to do this kind of thing. You know, Red vs Blue wargaming. Occasionally, a team controlling a militarily-weaker, lower-tech force will find a way to inflict overwhelming damage on the team representing the US military through creative solutions, like using telescopes instead of radar to spot ships and aircraft and sending communications by motorcycle courier instead of radio - after all, anything that broadcasts radio waves can be easily located and destroyed at long distance. But (as happened with one such exercise) if the enemy team creatively uses low-tech methods to evade US high-tech weapons until the last moment, and then opens up with everything it has, it can inflict devastating losses. This historical example resulted in several crippled warships and the loss of many plane-loads of airborne infantry. The tricky thinking that led to this simulated victory is precisely what I'm thinking of here.
Is there government policy that puts in place the kind of thing I'm thinking about here? Or if there isn't: is it a lack of imagination on the part of policymakers, or are there reasons why it would be a really bad idea?