DHS Exposes Weaknesses in TSA Security

TSAscanThe latest report about DHS red team personnel able to get prohibited items through screening checkpoints without being detected, an average of 95% of the time, is extraordinary. Even more extraordinary though is why the items were not being detected. According to the inspectors, the failures were “caused by human and technology-based failures,” John Roth, the inspector general at Homeland Security, said at a House hearing last month (Source:
http://www.latimes.com/nation/nationnow/la-na-tsa-screeners-20150602-story.html ).

Before we get to what’s wrong, let’s look at what’s right. Prior to 9/11 red team testing DID occur, but the results of the tests weren’t allowed to be used in fining the airlines for security shortcomings. There were certain testing protocols in place and if those protocols weren’t followed, then the test could not be used in civil penalties against the airlines (remember, they, or more accurately, their contractors did screening prior to 9/11).

Today however, the system is set up to be able to adjust to evolving security threats. The question is, will it?

Red team members are THE experts at aviation security. Remember Top Gun? They are the aggressor pilots – they are “call sign Viper,” (played by Tom Skerritt) the very best of the best. They know the weaknesses in the system and in the technology and how to exploit it. More good news? The good guys found these weaknesses, not the bad guys (yet).

The bad news is that the bad guys pay attention to reports like this. While they may not know how the red team got the items past the TSA personnel, what they just learned from this is that it’s possible to do it. In some of the most recent editions of al Qaeda’s online magazine, Inspire, they continue to talk about how to attack aviation.

More bad news? While you’re driving to work, making your money, spending your money, spending time with your family, enjoying weekend picnics and holidays, watching your reality TV, and generally living your life, the bad guys are out there trying to figure out new ways to exploit the weaknesses of the system. They remain fascinated with aviation and they never stop.

So now the question is, what’s next?

TSA has already ordered screeners to be re-trained, more random screenings at the checkpoints and more K-9 into the checkpoints, which, as anyone whose read my textbook or any of my previous blogs knows, I love dogs! You can’t try to befriend a dog, so you can try to make the him “miss” something. You can’t try to explain a liquid away with the dog – Fido either responds or doesn’t. And what I really love is that dogs add a huge random element – bad guys don’t want to see dogs and for good reason.

For the failures that are technological in nature, TSA needs to figure out what isn’t working and either the technology providers need to fix it, or TSA needs to implement operational fixes with their personnel to make up for the gap in technology. That’s part of a layered system – where one area is weak, other areas make up for it or cover the gap.

For the failures that are “human-based,” then it’s a matter of assessing where the failure took place and applying the proper antidote. Is is a training issue? Is it a performance issue? Is it a management issue? I know plenty of TSA personnel and many are good people trying to do a difficult job. I know some are very embarrassed by this and want to see the system fixed.

I don’t think that this is a systemic failure of the entire system and we need to start over from scratch. We did that already. But the gaps definitely must be identified and corrected. What I hope is that whatever TSA does moving forward, that we don’t go backward in the areas where we’ve made progress. I don’t want to see the risk-based approach go away and I also want to see transportation continue. The purpose of security is to get in the way and make it difficult as possible. We will never achieve 100% security. Just like anyone that really wants to break into your house will find a way, if someone really is committed to attacking aviation, they will eventually find a way. It’s about reasonable levels of deterrence while still allowing transportation, and to a certain extent, our way of life, to continue.

The mistake in aviation security is to believe that there is a “fix” that makes everything okay. Terrorism isn’t like a broken leg. You don’t put a cast on it and go on about your way. Terrorism is like the flu – it will always be with us and every year there’s a new strain of the virus. We must remain flexible, we must evolve with the new threats, while not forgetting that old threats can still kill us, we must use information like this to improve the system so we can continue to live our lives in relative peace and security.


4 Responses to DHS Exposes Weaknesses in TSA Security

  1. Joel thats an overly broad statement. Most of them are quite intelligent and work hard everyday. Image the border patrol missing 600k illegals or the system missing enough drugs to supply the entire u.s. wait that happens too. Certainly the other agencies are working hard as well. Image any police force with 100 percent crime and conviction rate. Oh wait that doesnt happen either. So while i understand the desire to comment the obvious, it doesnt hold muster. Mistakes are mostly due to volume problems vs time constaints vs equipment. An airport generally operates like a small city except it has enormous flows of people and cargo that move in waves. Not a steady flow. And its fenced. Some of the best minds in world are working on this. Privitation has its limitatioms..I worked in tbe industry prior to tje goverment assuming responsibility when it was private. There were issues then. If you think a contract to a company that pays 10 an hour will improve the system, well, we only have to look at the job boards to to see what the companies pay dont we, then lets get at it.Otherwise we could have a good discussionon changes recommendations and Iimprovements.

    • Thank you for your comments Darrel. The current private model seems to be working at the 16 or 17 airports they are currently doing that at. I think the challenge with that model is the worry that things could slide back to pre 9/11 performance. But, it’s a different model post 9/11 than it was prior. TSA selects the contractor and has direct oversight, not the airlines. The report didn’t say though whether any of the failures occurred at one of the private contract screening sites. I’m sure if they had, that would have leaked as well, because TSA has not been fond of that program for a long time.

  2. praise of Red Team members noted. My concern, are the devices and scenarios used by Red Team members representative of actual threats that the screeners have been trained to detect? This puts responsibility on the whole screening system from recruitment to training to supervision to management. It’s not fair to single out the individual who failed the test without addressing the background causes of that failure. Tom.

    • That was my first question as well Tom. If the system can only detect one thing, or if the procedure doesn’t include a certain type of search, then either the tech needs to improve, or the procedure, not the people.

Adopting an Airport Text for Your Classroom?Get it Now