National Counterterrorism Center Says Urban Exploration Could “Aid Terrorists”

A short film showing examples of urban exploration with the creator of, a site mentioned in the NCTC’s November 2012 advisory.

Public Intelligence

The National Counterterrorism Center (NCTC) is warning law enforcement and first responders that urban exploration, an activity that involves trying to gain access to restricted or abandoned man-made structures, can provide useful information for terrorists conducting surveillance of a potential target. Also known as “building hacking”, urban exploration has been around in its modern form for decades, tracing some its recent history to post-war exploration of the Parisian catacombs and members of MIT’s Tech Model Railroad Club Signals and Power Subcommittee, who organized explorations of steam tunnels and rooftops around campus in the late 1950s.

In an advisory released to law enforcement in November 2012 titled Urban Exploration Offers Insight Into Critical Infrastructure Vulnerabilities, the NCTC warns of the potential risks posed by urban explorers and their online posting of photos and videos depicting their exploration. The NCTC document describes urban explorers as “hobbyists who seek illicit access to transportation and industrial facilities in urban areas” including rooftops, utility tunnels and bridges. According to the NCTC, photos and videos posted online by urban explorers “could be used by terrorists to remotely identify and surveil potential targets” which could “aid terrorists in pinpointing locations in dense urban environments.” The document also makes specific reference to the advancement of navigation and mapping technology, including three-dimensional modeling and geo-tagging, as potentially aiding terrorists to conduct online surveillance of a target. Corporate websites can often provide “information about buildings” and “social media postings of explorers’ activity often identify access points and security flaws” that could be exploited by terrorists.  A 2010 bulletin issued by the Department of Homeland Security expressed similar concerns about the use of Google Earth and other publicly available mapping software for terrorist surveillance.  The bulletin stated that “live Web-based camera feeds combined with street-level and direct overhead imagery views from Internet imagery sites allow terrorists to conduct remote surveillance of multiple potential targets without exposing themselves to detection.”

The NCTC advisory also lists several locations, such as bridges, utility tunnels, rooftops and subways, where an urban explorer might reveal “security flaws”. Along with each location, there is a list of potential access locations and security vulnerabilities that the NCTC believes an urban explorer’s postings could potentially reveal. For example, urban explorers could discover and document the use of a bridge’s “ladders, crosswalk scaffoldings, trap doors, scuttles, and hatches” and reveal methods of accessing “structural components, including caissons (the structures that house the anchor points of a bridge suspension system), to identify weaknesses.”

Past activities by urban explorers have occasionally been mistaken for potential terrorist activity. In 2011 four men were arrested in London for “suspicion of railway trespass and burglary” after they were found near an elevator used by private contractors working on the rail lines for the London Underground. The men were arrested at the Russell Square station, one of the locations of the 7/7 terrorist attacks, after security camera operators saw the men in dark clothing with cameras and feared preparations for a terrorist attack around the upcoming royal wedding between Prince William and Catherine Middleton. A few months later, four men were arrested in New York City for criminal trespass after a local resident saw them “carrying Roman candles and cameras” into the Second Avenue Subway tunnel. The men identified themselves as urban explorers and said they planned to use the Roman candles for lighting photographs.

Share this: