"All the information you need to target an attack is readily available on the internet itself," says graduate student William Enck, one of the paper's co-authors. As few as 165 carefully targeted text messages could shut down Manhattan, the researchers add. This is how it would be done:

1) Hackers need to acquire a set of mobile numbers for a geographic area

2) Using Google, websites and other search tools, a tentative "hit list" of numbers is assembled

3) Using one of the websites that allow SMS messages to be sent from the net, numbers are tested to see if they are active

4) The hit list is then narrowed down to active accounts

5) Text messages are sent simultaneously to all the numbers; computers can be used to mass-send texts

6) The SMS data traffic swamps the mobile network's narrow bandwidth and the network crashes