Home » Aviation Security

Category Archives: Aviation Security

TSA airport worker vetting: a “failure” or media hype?

by

The DHS Office of Inspector General released a redacted version of a report yesterday entitled “TSA Can Improve Aviation Worker Vetting.” The report examines TSA’s performance of its responsibility to conduct background checks on the two million workers (beyond its own employees) that have access to secure areas of airports. One of the findings of the report has been the basis for some disturbing media headlines last night and today, a sampling of which are linked below:

“IG Report: TSA failed to identify 73 workers ‘linked to terrorism’.” (Fox News)
“TSA Missed 73 Workers on Terror Watchlist” (The Daily Beast)
“Investigation Finds the TSA Didn’t Catch 73 Terrorism-Linked Employees.” (Slate)

The general impression that one gets from the media stories to date is that terrorism suspects have slipped through the cracks and are working at U.S. airports, posing a significant threat to the U.S. aviation system. But that is not what the IG report actually says.

As the terrorist watchlisting system is currently implemented, the National Counterterrorism Center (NCTC) manages the detailed, classified repository of watchlisting-related identity information in its TIDE database, which is then exported to the unclassified Terrorist Screening Database (TSDB), run by the FBI, subsets of which are then used by various screening agencies (e.g. Department of State for visas, CBP for border screening, TSA for domestic aviation). There are very clear rules in place as to what types of identities in TIDE and the TSDB can be used for which screening and vetting purposes, based on factors such as the relevant threat and the impact on civil liberties.

This IG report examines TSA’s responsibility to carry out background screening of airport workers, and notes that it doesn’t carry out such screening by checking against all TIDE records:

TSA did not identify these [73] individuals through its vetting operations because it is not authorized to receive all terrorism-related categories under current interagency watchlisting policy.

The report notes that the excluded TIDE records were for certain categories of terrorism-linked individuals that TSA has not been allowed to screen against to date (details of which are redacted from the report), and that more than a year ago then-TSA Administrator John Pistole formally requested that it be able to conduct vetting against such records, a request that has yet to be approved by the interagency group that oversees watchlisting policies. Such a decision to change current policy would need to be made judiciously, weighing the threat posed by individuals that fall in these TIDE categories (who presumably present a lower relative threat than individuals in other TIDE categories that are currently used for vetting) versus the civil liberties-related impact of conducting vetting that could cause individuals to lose their jobs based on a weak or unproven association.

As a result of such a review, and taking into account current threat-related intelligence, it may be warranted to expand the scope of TSA’s airport worker vetting. But let’s be clear: the current situation is not a “failure” or “omission” on TSA’s part, but the result of a deliberate policy decision. The media coverage of this IG report to date unfortunately lacks such nuance, and is instead hyping the implications of this report in a way that unfairly foments public mistrust of TSA and could lead to rash policy decisions on this issue.

New covert tests expose TSA screening vulnerabilities

by

Yesterday ABC News broke a story about recent covert tests by the DHS Office of the Inspector General of TSA screening activities, highlighting the following results:

An internal investigation of the Transportation Security Administration revealed security failures at dozens of the nation’s busiest airports, where undercover investigators were able to smuggle mock explosives or banned weapons through checkpoints in 95 percent of trials, ABC News has learned.

The series of tests were conducted by Homeland Security Red Teams who pose as passengers, setting out to beat the system.

According to officials briefed on the results of a recent Homeland Security Inspector General’s report, TSA agents failed 67 out of 70 tests, with Red Team members repeatedly able to get potential weapons through checkpoints.

DHS Secretary Johnson responded to this media story by removing Mel Carraway from the position of acting TSA Administrator and by indicating that DHS and TSA would take a detailed set of actions in response to the results of these tests.

Neither the relevant news stories nor the responses to them have revealed the specific nature of the vulnerability (or vulnerabilities) that were tested; and hopefully this will remain a secret, given the sensitive nature of the information. But it is perhaps noteworthy that the Secretary’s statement places a great deal of emphasis on issues related to screening equipment:

Fourth, I have directed TSA, in phased fashion, to re-test and re-evaluate the screening equipment currently in use at airports across the United States. As a related matter, I personally intend to meet with senior executives of the contractors involved in the development of the equipment at issue to communicate to them the importance of their assistance in our efforts to investigate and remedy the deficiencies highlighted by the Inspector General.

….Longer term, in the coming months, I have directed TSA to ensure that all screening equipment is operating up to the highest possible standards. I have also directed TSA and the Department of Homeland Security Under Secretary for Science and Technology to examine adopting new technologies to address the vulnerabilities identified by the Inspector General’s testing.

This seems to indicate that there is a specific issue or set of issues with respect to the currently-deployed base of screening equipment at the passenger checkpoint. On a potentially related note, DHS Inspector General John Roth noted the following in testimony before a House committee last month:

We are currently conducting covert testing to evaluate the effectiveness of TSA’s Automated Target Recognition software and checkpoint screener performance in identifying and resolving potential security threats at airport checkpoints. Once that testing is completed and evaluated, we will report our results to the Secretary and Congress.

It is possible (but by no means certain) that this is the same testing on which ABC News is now reporting. If it is, it would suggest that there may be weaknesses with respect to the algorithms being used to flag potentially anomalous items in carry-on baggage and on one’s person. I expect that we will learn more as TSA pushes out information to the field in response to these covert tests.

Finally, it’s worth keeping in mind two things as this story continues to develop:

a) It is very important that DHS continues to conduct these covert tests; these types of failures in testing are embarrassing to the agency, but are necessary given the adaptive nature of aviation security threats, and can be used as the basis for making real improvements to security. If anything, there needs to be more covert testing within DHS than there is today, particularly at Customs and Border Protection (CBP), where GAO noted in 2014 that additional covert testing would be warranted.

b) Any decisions about new investments in screening equipment need to be made thoughtfully in response to this story, and not in a rush as part of a PR-driven damage control effort. Too often in its 14-year history, TSA has rushed to make large new investments in screening equipment without fully assessing the costs and benefits of such investments, factoring in the impact of such investments on other aspects of the aviation security system. We saw this most recently at TSA with the rush to acquire AIT machines following the 2009 Christmas Day plot. Given the budget-constrained environment in which TSA has operated for the past six years, and is likely to continue to operate, it is imperative that decisions on any major new investments in next-generation screening equipment be made judiciously.

Coast Guard VADM Neffenger nominated to lead TSA

by

The President has nominated Coast Guard Vice Admiral Peter Neffenger to be the next Administrator of the Transportation Security Administration (TSA), replacing John Pistole, who departed from the position at the end of 2014. Neffenger is currently the Vice Commandant of the U.S. Coast Guard (its second-ranking official), and is well-respected within DHS, in Congress, and among the Coast Guard’s stakeholders – a fact reflected in the positive comments in the media on his nomination. Given this high praise, I would expect the two relevant Senate committees (Homeland Security and Governmental Affairs, and Commerce) that have a role in his nomination to move quickly.

One question related to his nomination is whether he will retain his rank within the Coast Guard after being confirmed as TSA Administrator, akin to how former CIA Director Michael Hayden remained as a four-star General in the US Air Force for the majority of the time that he served as CIA Director. In addition, given the non-partisan nature of this nomination, it will be interesting to see whether the next Administration decides to retain Neffenger in this position for the purpose of continuity, assuming that he is confirmed and is successful at TSA in the next 18 months.

New CCHS report on PreCheck and risk-based security at TSA

by

Today CCHS released a new report that I wrote entitled “Risk-Based Security and the Aviation System: Operational Objectives and Policy Challenges”, which looks at the current challenges facing TSA’s risk-based security initiative (most notably, the PreCheck program) as it considers new options to increase program enrollment. We also held an event this morning on the event that included a very robust discussion of the issues raised in the paper. I won’t try to summarize the paper here, but you can download the full PDF at this link.

In related news, the Washington Post reports today on a letter from a bipartisan groups of Senators calling for the White House to put forward a new nominee to lead TSA. As the letter notes, it has already been more than three months since John Pistole announced his departure from TSA, which should have been sufficient time to identify and vet his potential successor. Former TSA Administrator Kip Hawley concurred with the letter’s perspective in a tweet this afternoon, and offered a strong endorsement of Acting TSA Administrator Mel Carraway:

Hopefully this is something that the White House will decide upon soon. TSA suffered from a lack of clear strategic direction during an 18-month period of acting leadership in 2009-2010, and finding a high-quality individual to nominate to lead TSA should be a priority.

John Pistole to retire from leading TSA

by

DHS Secretary Jeh Johnson issued a statement this morning announcing John Pistole’s retirement as TSA Administrator, effective at the end of 2014. From the Secretary’s release:

Since assuming his role as Administrator in June 2010, John Pistole has led the TSA workforce of over 60,000 and has overseen the security operations of more than 450 airports throughout the United States. Under John’s leadership, TSA launched its “Trusted Traveler” program, TSA Pre ✓™, which over five million passengers per week now use at 120 U.S. airports. John brought to TSA extensive experience in national security, counterterrorism and fighting organized crime.

Pistole issued his own statement, posted here on TSA’s website. Pistole will retire as the longest serving TSA Administrator since it was established in November 2001. Overall, I think Pistole has been very effective at running TSA, particularly with respect to measures taken in direct response to AQAP’s aviation plots (e.g. the Air Cargo Advance Screening pilot, a partnership with CBP) and finding ways to make the aviation screening system more efficient and risk-driven through programs like Pre-Check, which have helped TSA to weather a difficult federal budget environment.

I also think Pistole deserves credit for his candor and directness in engaging with Congress while leading TSA, which I observed on numerous occasions while working as a Senate staffer for much of his tenure. This sentiment is reflected in Chairman Michael McCaul’s statement this morning responding to Pistole’s retirement, commending Pistole for doing an “outstanding job” in leading TSA.

One open question is how long it will take the Administration to nominate someone to replace Pistole, and if the nomination is announced soon, whether it will be possible to get that person confirmed by the Senate prior to Pistole’s departure at the end of the year. Given the timeline, this may be difficult, but it should be a high priority to find a qualified nominee and get that person confirmed expeditiously, given recent concerns about aviation-related terrorist threats.

Khorasan Group… Wolf Unit… What’s in a Name?

by

So it now appears that the Khorasan Group – the al Qaeda element embedded within Jabhat al-Nusra in Syria but targeting the West, not Assad – may actually be called the Wolf Unit. This doesn’t mean anything at all, since we already knew that US officials were aware of the group or cell’s existence but didn’t know what they called themselves so they came up with the Khorasan name so as to have a way to refer to the group. But the name game is going to serve as fodder for some intent on playing down the significance of this cell and pointing to the sudden revelation of its existence (but not its true name) as evidence the U.S. government is just making stuff up to justify airstrikes. I wish it were that simply or silly.

It is indeed odd that senior US intelligence, law enforcement and counterterrorism officials who testified before Congress just before authorities went public with the group’s existence made no mention of it whatsoever – explicit or otherwise – in their testimonies on the “Worldwide Threats to the Homeland.” I don’t think that was because they intended to mislead the public, however, I think they were still trying to make heads and tails out of this group, some of whose members they’d been following for as long as one or even two years.

In fact, the Khorasan Group is the real deal, as I laid out in a recent piece, though apparently with fewer members since airstrikes hit their facility in Syria killing their leader, Mohsen al-Fadhli, and others. Even so, the collocation of experience al-Qaeda operatives from around the world, together with the know-how of AQAP’s most skilled and ingenious bomb maker, and the ready availability of Western foreign fighters in Syria, combined to present a truly unique, and officials say near-term, threat to Western interests.

For example, though it was mocked at the time it was the threat presented by this group that led the Transportation Security Administration to ban uncharged mobile phones and laptops on flights coming to the United States from Europe or the Middle East. More recently, the Pentagon informed, the U.S. had “information on specific, concrete plotting” against aviation targets by members of this network, although there was no information of an “imminent” attack against any specific flight. But that’s not all. The Khorasan Group was apparently also considering low-tech plots intended to terrorize Western society. American and British sources are now whispering to the press about British and Australian intelligence suggesting “the real possibility” of a “knife and gun” attack by Western foreign fighters fresh from the battlefield in Syria.

So, what’s in a name? Not a whole lot. Call this group, or cell, or network whatever you like. They apparently call themselves something other than the name given to them by some U.S. government bureaucrat. But whatever you call them, take the threat they pose seriously. No need for hysterics, but best not to pretend what appears to be a very real threat is made up either.

TSA announces new Pre-Check private sector vetting initiative

by

In a speech today at the Aero Club of Washington, TSA Administrator John Pistole previewed plans to establish a new “private sector vetting initiative” for the Pre-Check program, as noted in this TSA press release:

“TSA is working to establish a relationship with the private sector to enhance its continued efforts to expand the population of travelers using TSA Pre✓™. By leveraging private-sector best practices in business operations, marketing, and algorithm optimization, TSA hopes to provide a better travel experience for an increased number of ‘trusted travelers’ while focusing our attention on unknown and potentially higher-risk passengers.

These efforts will need to be developed carefully, especially with respect to privacy concerns, bearing in mind the lessons from this episode early in TSA’s history. But TSA deserves kudos for their forward leaning efforts to develop this program in the past three years, an effort which has generated significant cost savings and operational efficiencies without diminishing aviation security. Confirming this, the FY 2015 Senate appropriations committee report for DHS noted that TSA has been able to reduce its headcount of screening personnel by 3,186 FTEs due to its “risk-based approach to passenger screening and the deployment of improved screening technologies.”