Just a couple of years ago, at an industry conference, an individual in their early 20s stood up during a panel session and asked what the big deal was about 9/11 and why we have all these security measures. As if the death of 2,977 people in the worst attack the U.S. has ever seen on our soil wasn’t a big deal. I could get upset (and did), but the real problem is a lack of education. Do we even teach history anymore? We teach about Pearl Harbor, but what about 9/11?
It has been 20 years since the terrorist attacks on September 11, 2001. During that time, I’ve done hundreds of media interviews, co-authored a textbook on aviation security, developed airport security certification programs, and trained thousands of individuals in airport and aircraft operator security procedures.
I was in aviation security before 9/11. In fact, I’ve spent 30 years of my life in some aviation security-related role, from screener to security guard, to aviation intelligence analyst, to assistant security director of the nation’s largest airport, to an airport manager on 9/11. Every time there is a security incident, or we have on another 9/11 anniversary, the number one question I’m still asked is, “are we safer?”
The best answer I can give is that our security measures are far better than before the terrorist attacks, but the threats have changed significantly. Let’s look at where we’ve improved and where there is still room for improvement. Obviously, I cannot address all the elements – if you want to see that, I know a textbook you can buy. I’m going to focus on the most significant changes. If you want the short version to see how far we’ve come, or you were too young to remember 9/11, read on.
The Transportation Security Administration
The most significant change after 9/11 is the creation of the Transportation Security Administration (TSA). Before the terrorist attacks, the FAA handled aviation security. The TSA took over aviation security from the FAA and replaced the screening workforce. The TSA now handles security in several forms of transportation, including aviation, road, rail, and maritime.
Although screening passengers and baggage is TSA’s most visible aspect, the organization does a lot behind the scenes to protect the traveling public. They have explosive experts, intelligence officers, law-enforcement officers, testing facilities, operations centers, and other elements critical to the achievement of their mission.
TSA takes over Screening
Although the 9/11 Commission did not determine that 9/11 was the result of screening failures, the industry widely agreed at the time that the airlines were not getting the job done. Up until 9/11, the airlines were responsible for screening. They fulfilled this function by hiring contractors whose employees were paid minimum wage and frequently had no benefits. At some airports, the screener turnover rate was over 100% in a year.
However, the airlines were not entirely at fault. The FAA held the contractors to ridiculously low standards, which contributed to a marginalized aviation security system. Even the FAA isn’t totally to blame as the airlines, and their trade associations frequently blocked increased security measures due to costs. But even then, there had not been a major terrorist attack in two decades on a U.S. aircraft, so it was difficult to justify increased costs to stockholders when the risk seemed to be minimal. I guess that didn’t work out so well.
Passenger and Carry-On Bag Screening Technology
Pre 9/11 technology included black and white, single-view x-ray machines, and walk-through metal detectors. Today, the x-ray machines are more advanced, multi-view, in color with methods to enhance what the screener is seeing, and with the ability to routinely test screeners (i.e., Transportation Security Officers – TSOs). However, even these x-ray machines have their weaknesses, so we’re beginning to see the Computerized Tomography (CT) machines appearing at the checkpoints. CTs are similar to Cat-Scans and are used in most cases to screen checked baggage.
Walk-through metal detectors are more advanced but still suffer from difficulties picking up metal near the floor. Unless you’re in PreCheck (another post 9/11 invention), passengers are scanned with Millimeter-Wave Imaging technology, otherwise known as Advanced Imaging Technology, or simply, body imagers.
Additionally, the K-9 bomb dog detection programs have been expanded significantly since their origin in the early 70s.
Checked Baggage Screening
Before 9/11, checked bag screening didn’t exist. The only system in place matched the checked bag to a passenger on the flight, and it applied to international flights on domestic carriers. The bag match system did nothing to stop suicide bombers, and the process itself was often ignored by the airline industry – not just here in the U.S. but throughout the world.
To pull a bag off a plane takes time, and in the airline industry, time=money and money=profit and profit=the ability for an airline to operate, pay its employees, etc.
Today, checked bags are screened using Explosive Detection Systems, either Computerized Tomography or Explosive Trace Detection (ETD).
Federal Air Marshal Program (FAMs)
Starting in 1961, FAMs represent some of the earliest aviation security measures. The original program was phased out after 1973 when we started screening passengers. It was resurrected again in 1985 after the hijacking of TWA flight 847. On 9/11, there were 33 Air Marshals employed by the FAA. The program was dying on the vine yet again.
Today, there are thousands of air marshals, but they’ve had more than their share of controversy related to their effectiveness. I believe in the program because, from a deterrence standpoint, a threat-actor (criminal or terrorist) has to account for the possibility of an Air Marshal on-board, a flight. Without the Air Marshals, this is yet another layer of deterrence the threat-actor doesn’t have to worry about.
A related in-flight security measure is the Federal Flight Deck Officer program, whereby pilots on air carrier or air cargo flights can carry firearms.
Airport Worker Credentialing Checks
This is a system rarely seen by the general public, but before 9/11, the FAA significantly minimized background checks compared to what it is now. Airport worker credentials are the identification badges, which allow them to access various doors and gates throughout the airport – and often, workers can bypass the passenger screening checkpoints. However, background checks are considered to be an acceptable level of “screening” for airport workers. Post 9/11 improved this process significantly.
From a regulatory perspective, before 9/11, an airport worker merely had to pass an access investigation through employment history verification. The premise was if there was a gap in employment, and you could not prove you were in school or some other related legitimate function, maybe you were outside the country at that time getting terrorist training. Stop laughing. I’m actually serious.
Today, there are fingerprint-based criminal-history record checks, a list of disqualifying offenses (if guilty, you don’t get to work at the airport), security threat assessments (name checks against the terrorist watch list and other government databases), verification to work in the United States lawfully, and other measures I cannot go into here because they are restricted. Put simply – we know a lot more about the people that work in our airports than we used to.
Air Cargo Screening
It pretty much didn’t exist before 9/11. The Known Shipper program (still in place) was the “security layer.” It depended upon airline cargo personnel inspecting air cargo shipping locations and determining if they were shipping unauthorized materials (like bombs). Each air carrier had its own process. Now, the TSA handles the program and requires that all air cargo being carried on a passenger aircraft be screened.
Security Measures for Air Charter Operators
Prior to 9/11, most charter operations did not have security requirements. Some security elements were tied into industry best practices, along with numerous safety requirements, but passenger screening was not one of them. Today, most charter operators still are not required to screen their passengers (depending on the nature of the operation, the size of the plane, and other factors), but are required to have security programs and other measures in place to deter or prevent a threat-actor from boarding a flight and either bombing or hijacking it.
In a nutshell, those are the primary changes. For the sake of brevity, I am skipping over a lot of the other changes along the way. Now let’s take a look at how these measures prevent or deter existing and future threats and what we need to do next.
The Traditional Threats, Hijackings, and Bombings
Passenger and baggage screening measures have improved substantially. However, both threats remain. Using an insider, or developing a bomb that is not detectable by security measures, makes it possible to blow up an airplane. Screening technologies must continue to address new threats at a much faster pace than they have been.
Although we have not seen a hijacking in the United States since 9/11 does not mean they have not occurred. There have been several hijackings throughout the world during this time, and in very few cases, did the passengers attempt to disrupt or prevent the hijack. In some instances, the passengers didn’t even know the plane was being hijacked.
Saying that passengers will not allow another hijacking is to engage in ignorance of the highest level. The subsequent hijacking may not look like the last one. Terrorists will adopt new strategies to circumvent security measures. Insiders may perform or assist the next hijacking, using automatic weapons instead of box cutters and pocketknives.
I’m not giving up anything new here – the hijacking of TWA 847 in 1985 was carried out very much the same way, with catering crews hiding weapons on board for the hijackers to use. We must increase insider threat security measures to increase the deterrence factor of another hijacking – not rely on passengers who may not be in a position to do anything or have the willpower and numbers to do so.
Existing Threats, Public Area Security, Perimeter Security, Insider Threat Security, and Surface-to-Air Missile Security
Public Area Security
Long before the murder of a TSA officer at the Los Angeles International Airport in 2013, there were numerous attacks in the public areas of airports dating back to the 1970s. These attacks included active shooters, suicide bombers, and a combination of the two in some cases. However, airport and aircraft operator regulations focus on protecting access to the aircraft, not public area security. In fact, our entire aviation security system is focused on protecting access to the aircraft, leaving public area security and perimeter security largely the problem of the airport operator.
The unfortunate truth is some airport operators will not take any protective actions above what is required by regulation. Although many airport operators have improved their public area security by implementing blast protection measures and frequent law-enforcement patrols, other airports will not do so until they are required.
There are other measures we can take to mitigate, prepare for, and respond to attacks in the public area, and as I said, some airports have implemented them. Still, they need to be implemented by all commercial service airports. Without getting into the infrastructure (i.e., glass glazing, reinforced walls, and such), here’s a quick little assessment to determine how well your airport is doing in protecting the public.
- Are there trauma bleed kits throughout the airport, mounted on the walls, and readily accessible?
- Are there readily available AEDs and first aid kits?
- Is there a visible, active, and prepared law enforcement presence? Are they adequately armed and wearing body armor?
- Are unattended vehicle and unattended baggage rules strictly enforced?
- Do TSA and security personnel look attentive and scrutinize unusual activity?
I could mention several other measures here, but those are for an inside audience and would not be readily noticeable by the general public.
There have been dozens of reports across the U.S. of intruders climbing fences and accessing airport property in the past several years. Frankly, it is not that difficult to climb a fence, so the question is not, how do they do it? The question is, why aren’t we detecting it quickly and with a rapid response? The answer is that our system is designed to protect access to the aircraft, and the perimeter fence is just one of those deterrents and delaying measures.
So far, we have been pretty lucky that most airport perimeter breaches have not resulted in a tragedy. But it is only a matter of time. Again, the security regulations do not adequately address the security of the airfield. There are absolutely security areas designated around the airport, with access control systems in place, and there are barriers such as buildings, walls, fences, and natural barriers (like water). But we need to identify an intrusion faster and respond rapidly to (a) reduce the risk of a tragedy, like someone sabotaging an aircraft or introducing weapons or explosives on board, and (b) keep the airplanes moving.
When there is a perimeter breach, the entire airport shuts down until the individual(s) is found. Both airport and aircraft operators should be interested in improving perimeter security, mainly through Perimeter Intrusion Detection Systems (PIDS). PIDS has come down in price and complexity significantly in the past two decades, and it’s time to take a serious look at their implementation at commercial service airports.
Also, airport workers, security officers, police, and others working on the airfield, need to be much more vigilant in detecting the presence of unauthorized personnel.
Surface-to-Air Missile / Rocket-Propelled Grenade
After the Soviet Union (that’s Russia to most of you under the age of 30) pulled out of Afghanistan, hundreds if not thousands of US-made surface-to-air missiles were left behind. It’s a miracle we haven’t had a significant incident (except over combat zones in most cases) of missiles being fired at a civilian aircraft in the U.S. or abroad. With the US withdrawal from Afghanistan, again, plenty of equipment has been left behind, and who is to say that does not include rocket-propelled grenades or other items that threat-actors can use to threaten airport and aircraft operations.
This threat needs to be reassessed, and determinations made about whether we should equip civilian aircraft with anti-missile defense systems, like what El Al uses on their planes. I suspect, however, unfortunately, nothing will be done until there is a tragedy.
There are two qualifiers related to the missile or rocket attack scenario. First, we have a much more robust intelligence and interdiction capability than we had before 9/11. Often planned attacks on aviation never come to fruition because they are stopped in the early phases by the FBI or another layer such as a drone strike other military action. Also, commercial aircraft are not the only flight operations at risk. General aviation (charter, private) operations may also be at risk from these attacks as they carry high-dollar clients, industry leaders, elected officials, and other VIPs.
Insider threats are always the most significant security issue because the threat actor is already “inside the house.” They know the security systems, and through their credentials, can often bypass many of the security layers currently in place. Although we have made significant progress in background checks and learning more about the people that operate at the airport, there is more work to do. More robust workplace violence training programs that crossover into suspicious awareness indicators of potential criminal or terrorist activity should be required. Also, airports should be required to implement biometrics into their employee access control systems. Many airports have already instituted this practice, but TSA has never required it, and it’s time that they should.
The airport credential is like the keys to your house. When you go on vacation, you don’t leave the keys to your house with someone you do not trust. But what if they give those keys to someone else? Without biometrics, an individual with an airport identification badge can give that bag in their PIN to another individual, who can then bypass many of the other security measures and have access to the airfield and aircraft. TSA’s primary focus in biometrics has been on the passenger screening side, and those efforts should continue. But now, it’s also time to improve employee access control systems.
Emerging Threats, Cyberattacks, Drones And . . . What We Haven’t Thought Of Or What Hasn’t Been Exploited Yet
Cybersecurity incidents are on the rise, both globally and nationally. The average cost of a security breach is upwards of 7.35 million dollars, with over 1.4 billion data records exposed every year. Over half of the attacks involved identify theft.
In 2019, the Albany County Airport was the victim of a ransomware attack, which attacked encrypted administrative files like budget spreadsheets, but hackers accessed no personal or financial traveler data. Although flight operations nor the TSA, or airline computers were affected, the airport’s insurance carrier authorized the payment of a bitcoin ransom of “under six figures.”
The “nightmare scenarios” of cyberattacks would be an attack on the air traffic control system, navigational aids, airport access control, credentialing system, or hacking into an aircraft in-flight to provide erroneous and dangerous navigational instructions.
One area of vulnerability is in the ADS-B technology. ADS-B, or Automatic Dependent Surveillance-Broadcast, is mandated for all commercial and general aviation aircraft. It provides the pilot and air traffic controllers “radar-like” surveillance. Relying on the aircraft transponder or Global Positioning System (GPS) sources, aircraft are equipped with screens to identify the position of other aircraft and weather systems. Essentially, every aircraft is constantly transmitting its location and receiving location data from all other aircraft. Air traffic controllers also rely on this data to sequence and separate instrument flight traffic. The potential exists for false information to be fed into the data streams.
Without going into the various ways of hacking into the ADS-B or ATC systems and what an intruder could do, I will note that in 2020, the Government Accountability Office advised the FAA to do more to address aircraft cybersecurity.
The threat of drones being used against aviation was largely theoretical until recently. Drones have been used in Iraq and Afghanistan as observation platforms for terrorists to observe troop movements and know when to detonate improvised explosive devices. Drones have been used to drop ordinance, fire guns, and surveil opposing forces. Syria, ISIS, and other countries and organizations are known to have and use drones in combat operations.
There was a massive swarm drone attack at the Saudi Aramco oil processing facilities at Abqaiq, Saudi Arabia, in September of 2019. However, there weren’t fatalities in the attack. The drones, along with cruise missiles, created enough damage to the oil processing capabilities to disrupt the production of 5.7 million barrels of crude oil, which is half the country’s oil output. Crude oil prices increased by nearly 10 percent following the attacks.
Until recently, airports had not been a target for drone strikes. However, in April 2021, the Erbil International Airport in northern Iraq was hit by explosive-laden drones, specifically targeting areas where U.S. military personnel are stationed. The airport was targeted again in July 2021, causing no injuries or significant damage.
There are a variety of vulnerabilities on airports and to aircraft operations related to drones, particularly swarm-drone attacks. Technologies to detect and deter drones are in the fledgling stages as manufacturers look for airports to install and test these systems. Unfortunately, detection is only one element of effective drone defense. Interception or disruption of the drone activity is the second core component, but there are numerous issues regarding counter-drone technologies.
What We Haven’t Thought Of, Or What Hasn’t Been Exploited Yet
This is the most complex category because we really don’t know what someone has in mind to do to attack aviation. Could it be the use of general aviation aircraft to conduct some sort of attack? I hear that there is not enough general aviation airport or aircraft security, but if that’s the case, why has no one exploited it in the past two decades or more? It’s not because no one has thought of it. Or will air cargo be the next target? Or agriculture aircraft to deliver a toxin over an open-air venue? (BTW, all of these types of attacks can be found in the public domain, I’m not giving anything up here that’s not already out there).
This is the fundamental challenge of the “are we safer” question. As it is often said, flying is still the safest form of transportation. The chances of you being on an aircraft that is bombed, hijacked, shot at, hit with a drone, etc., are far less than you are getting into a car accident on the way home from work tonight. No sooner than we declare that we are safer than we were before 9/11, the criminals, terrorists, and other threat actors out there come up with yet another way to circumvent our systems, measures, and procedures. Aviation security must remain flexible, agile, and rapidly responsive to these ever-changing threats if we were to truly be safer.
Some blog elements were extracted from the American Association of Airport Executives, Airport Certified Employee-Security program.
Great job Jeff!Covered the major points in one article, tough to do but you did it!
Great article and great information!I felt like I was back in your ACE Security class again!