(Part 5 in a 5 part series that takes a look at whether we are safer since 9/11)
Much has happened since I started this short series in August 2016: We have a new President, there’s been an active shooter at another US airport and TSA has lost its Administrator and is now floating rudderless through ever more dangerous waters.
As I write this blog, TSA and FEMA’s budgets are in danger of being cut (with the Coast Guard narrowly missing the ax) and we are now facing the known threat of terrorists being able to hide explosive devices inside of the batteries of laptops which has led to a widespread ban on carrying electronic devices in the cabin on some airlines. It has been reported that terrorists have stolen airport-screening equipment, enabling them to more accurately identify and exploit weaknesses in our screening system, circumventing the billions we’ve spent to protect the air travel system. We are definitely in more dire straits than when I started the series.
The Maginot Line and The American Wall
With the threat of a Nazi invasion, the French constructed the Maginot Line, consisting of a series of concrete fortifications, obstacles, and weapon installations meant to deter or slow down a potential invasion by the Nazis. It was considered impenetrable, yet the Germans did not play by the rules – they went to the soft underbelly through neutral Belgium (I guess Hitler didn’t get the whole “neutral” memo), where there the Maginot line did not extend, and quickly overwhelmed the French military forces.
While the new Administration focuses its time and energy on border security and building a literal wall, I can’t help but think back to the lessons of the Maginot Line. In every impenetrable system, there’s always a weakness that can be exploited, and the enemy doesn’t have to play by your rules.
Today’s primary threats to our country in general – and aviation in particular – are not from outsiders attempting to get into the country (although they most assuredly would if they could), but rather attacks by radicalized insiders and attacks to public areas. Radicalized insiders are US citizens who have self-radicalized, trained on the Internet (often through the dark web from videos filmed by al Qaeda and ISIS operatives long since deceased) and who are in a perfect position to attack from within. They have access to facilities and do not draw as much suspicion as outsiders. Perhaps it’s not much of a coincidence that this blog is posting just days after the Boston Marathon anniversary – carried out by two radicalized insiders.
The other significant threat comes in the form of attacks in public areas. As we’ve seen recently and tragically in London, and prior to that, Ft. Lauderdale, San Bernardino, Orlando, Brussels, Istanbul, LAX, Paris (the list goes on), protecting public areas is one of the most difficult missions for security and law enforcement personnel.
Attacks in public areas are deterred through good law enforcement work, employee training in workplace violence and homegrown violent extremism indicators, and a visible security and police presence in public areas and employee workplaces. Unfortunately, recent proposed budget cuts are focusing our efforts in the wrong areas. We are diverting money from the other layers of security to build a literal Maginot Line in the form of a border wall, and the hiring of thousands of border patrol and immigration agents, at the expense of programs and people that are in a far better position to spot and stop the evolving threat.
The Headless Horseman of the TSA
You may not be aware of this, but TSA is leaderless. TSA Administrator Peter Neffenger was not asked to continue in his position by the new administration in January and his replacement has not been appointed. We can’t leave TSA leaderless for too long, as we’ve all seen what occurs when that happens: Remember the scathing Inspector General’s report on TSA failing over 95% of red team tests back in June 2015? That report was issued at a time when TSA was similarly leaderless, as the Obama Administration took an unusually long time to appoint a new TSA Administrator.
TSA and the aviation industry lost a tremendous leader and visionary when they let Neffenger get away. Neffenger, a former Coast Guard Admiral and the incident coordinator on the Deepwater Horizon recovery, had taken over a government agency that no one in their right mind wanted to run. He then exercised Covey’s 5th habit, ”seek first to understand, then to be understood” (something direly missing from the Trump Administration), and studied how the aviation system worked before coming up with a diagnosis and a prescription. While I frequently criticized Neffenger for focusing too much on TSA and not enough on the rest of the industry, I also knew he needed time to get his house in order before addressing the rest of the ‘neighborhood.’
Leaving the Public an Open Target
Trump’s proposed budget cuts include cutting the airport law enforcement officers (LEO) reimbursement program, the VIPR teams and the behavior detection teams. Cutting these programs flies directly in the face of the lessons we should be learning from the Ft. Lauderdale shooting and other mass-casualty incidents.
As I’ve written about frequently, the best way to deter or respond to an active shooter or a bomber (or both) in the terminal and public area is an active, visible, armed police presence, training and exercises, and, if and when an incident occurs, immediate armed intervention.
The LEO reimbursement program provides funding to local airports to help supplement their police coverage, and cutting the LEO reimbursement program reduces an airport’s ability to keep passengers safe in the public areas by reducing the ability to deter and respond to threats.
VIPR (Visible Intermodal Prevention and Response) are teams of air marshals, bomb dogs and security screeners who move through crowds generally making a show of force as they ask few people some questions, the dog sniffs for explosives, and a plain-clothed operative stands away from the team to observe for suspicious behavior (BTW, I’m not giving away information that wasn’t already published in the New York Times). VIPR teams are often used at sporting events and other transportation venues; within the airport VIPR goes by the term Playbook, but the concept is the same.
VIPR and Playbook are part of an international security practice sometimes known as Random Anti-Terrorism Measures, which are designed to disrupt surveillance by terrorists and criminals and add a measure of uncertainty to the security process. They also serve the purpose of warning any potential attacker that this is not an easy target. NYPD does the same thing with their Hercules programs, as does the Los Angeles International Airport with their periodic vehicle checkpoints and other measures. While I’ve questioned why TSA was expanding to mission to sporting events and other areas beyond their mission I do agree with their use in airports.
VIPR has been criticized for not producing results, but this goes back to the old, nearly unanswerable question, ”How can you measure how many times a facility has NOT been attacked due to a particular security measure?” The only way to try to answer it is to eliminate the measure and watch the body count stack up.
While the TSA’s Behavior Detection Officer program has had its issues and its critics (including me and a few Israeli friends of mine), many airport directors have commented that while it’s a little annoying to see TSA personnel basically wandering around “doing nothing” it does provide a level of deterrence among the workforce and some passenger comfort. Personally, I was glad to see them redeploy back to the travel document stations as behavior detection is more effective when you can actually engage with a person, rather than just passively observe them. With the BDO funding going away, there’s the potential that the BDOs don’t reabsorb into the screening ranks and with fewer personnel working the checkpoints, the lines will start to back up – and since there won’t be any money left for adequate police protection or the deterrence provided by the Playbook or VIPR teams, passengers in the checkpoint just became sitting ducks for an active shooter or bomb attack.
Other proposed budget cuts to the Coast Guard (recently reversed), and FEMA take money away from key layers of security and resiliency in order to shore up areas that aren’t in need of the funding. Additionally, these cuts are coming from agencies that already receive a tiny portion of the current federal budget; what’s more, the shifts don’t make sense from a security perspective. If the border wall actually gets built, more people will attempt to enter the US by sea… unfortunately, we gutted the branch of the military that’s supposed to protect our shoreline: the US Coast Guard (disclosure – I’m a former Coast Guard Officer, but my argument still stands). Cutting FEMA is similarly short-sighted: What happens during the next natural disaster when no one picks up the phone at FEMA? Or worse, what happens when a massive cyberattack takes out a portion of the US power grid leaving thousands, if not millions, without food and clean water?
Our security infrastructure is a complex series of interwoven layers – these are complex systems that cannot be fixed or improved with simple solutions. If the solutions were simple, we would have done them already.
If there is an attack, it is the local first responder community (police, fire, EMS and, in aviation’s case, operations personnel), that must be ready to intercede and respond at a moment’s notice and in an effective manner. That means deployment, training, exercises, and a mindset that it can happen here, and it may just happen today. Removing the law enforcement officer’s reimbursement program weakens a critical layer of defense. While there has been much criticism of police departments acquiring military-style vehicles and equipment, the reality is that new threats must be met with new responses. ‘Officer Friendly’ walking his beat, twirling his baton and chatting it up with the locals is a quaint image, but when threats take the form of heavily armed, radicalized US citizens, the modern police force must include a paramilitary response capability to deal with those threats. Let’s not forget the officers that lost their lives in Dallas, Texas last year.
Personally, I’m an environmental dove but a military hawk, so I generally support more funding to meet the needs of our armed forces. However, allocation must reflect the current threats to the nation. It’s important to remember that ISIS is an iteration of al Qaeda; while that organization has been effectively bankrupted, they can still radicalize individuals and provide training, materials and resources for individuals who are already in the US, to carry out attacks against US citizens and infrastructure.
The question I asked at the beginning of this blog series still remains – “Are we safer than we were on 9/11?” Yes, we certainly are, but we are now headed in the wrong direction. As we have done after every major terrorist attack, we are starting to forget who the enemy is and how to effectively fight them. We are starting to become numb to the attacks to the point where we read the headlines, shrug our shoulders and say, ‘someone ought to do something about that.’
More importantly, we’re focusing on security measures that make for good sound bites instead of focusing on effective measures that actually make us safer.
And that’s not safe.
The significant problems we face cannot be solved at the same level at which they were created – Einstein.
To read more of my posts on aviation security, click HERE.