ad space
The Nightmare Scenario – the Insider Threat
The recent report of an American Airlines employee sabotaging a flight in order to obtain more overtime represents the biggest threat to commercial aviation. Not only do you have an employee with access to an airport, but also to an airliner, with a legitimate reason to be crawling around the innards of the plane, and with the know-how on how to bring it down.
I often compare the insider threat as someone having the keys to your house and doing work at your house. With the keys, they bypass your security measures and it’s not unusual for them to be there as they have legitimate business they are conducting. In this case, it’s not just someone with the keys, it’s a member of the family.
For the aviation system to work, we have to trust some people to do their jobs without someone constantly looking over their shoulder. Pilots, mechanics, flight attendants, airport police, fire, maintenance and operations personnel, air traffic controllers and so on. There is no reasonable way to monitor their actions on a continual basis to ensure they aren’t doing something to threaten the flight. We can do background checks until we’re blue in the face but they still won’t reveal intent AFTER the checks are done and the person is already on the job.
This case is similar to the ramp employee at Sea-Tac airport last year who stole a Horizon Air aircraft and went joyriding before crashing it into the ground. You have a person with a clean background, with legitimate and approved access to the airfield and a legitimate reason to be in the flight deck. Most of the proposed solutions are unsustainable, like requiring personnel to always work in pairs, or installing various surveillance devices into the cockpits, hangars and maintenance areas, then hiring people to monitor all of this stuff – and not just any people, but ones who can tell when someone is sabotaging an airplane.
This type of threat isn’t mitigated through technology or process. It’s mitigated through good workplace violence training programs, noticing when your co-workers are having problems and getting interventions in place to get them on the right track, whether that’s counseling, the police or the court system.
It’s not always the quiet ones.
The late comedian George Carlin said, “They always say ‘it’s the quiet ones,’ you gotta watch. Imagine you’re in a bar and a guy was in the corner reading a book, not bothering anyone, and there’s another guy by the door jumping up and down screaming with a machete, yelling “I’ll kill the next motherf^@%er who comes in here,”… who are you gonna watch?”
There’s never an attack where there weren’t some sort of pre-incident indicators that could have been noticed or were noticed and action wasn’t taken on them. It’s about noticing things in the workplace and comparing them with the norms of that individual and the workplace itself.
There will always be a risk of an insider taking criminal or terrorist actions. That risk will never be completely eliminated, but, as we do in other areas of aviation security, its a risk that can be mitigated.
by 
