Entries Tagged "homeland security"

Page 23 of 37

Government Employee Uses DHS Database to Track Ex-Girlfriend

When you build a surveillance system, you invite trusted insiders to abuse that system:

According to the indictment, Robinson, began a relationship with an unidentified woman in 2002 that ended acrimoniously seven months later. After the breakup, federal authorities allege Robinson accessed a government database known as the TECS (Treasury Enforcement Communications System) at least 163 times to track the travel patterns of the woman and her family.

What I want to know is how he got caught. It can be very hard to catch insiders like this; good audit systems are essential, but often overlooked in the design process.

Posted on October 3, 2007 at 3:02 PMView Comments

The Technology of Homeland Security

Reuters has an article on future security technologies. I’ve already talked about automatic license-plate-capture cameras and aerial surveillance (drones and satellites), but there’s some new stuff:

Resembling the seed of a silver maple tree, the single-winged device would pack a tiny two-stage rocket thruster along with telemetry, communications, navigation, imaging sensors and a power source.

The nano air vehicle, or NAV, is designed to carry interchangeable payload modules—the size of an aspirin tablet. It could be used for chemical and biological detection or finding a “needle in a haystack,” according to Ned Allen, chief scientist at Lockheed’s fabled Skunk Works research arm.

Released in organized swarms to fly low over a disaster area, the NAV sensors could detect human body heat and signs of breathing, Allen said.

And this:

Airport screening is another area that could be transformed within 10 years, using scanning wizardry to pinpoint a suspected security threat through biometrics—based on one or more physical or behavioral traits.

“We can read fingerprints from about five meters…all 10 prints,” said Bruce Walker, vice president of homeland security for Northrop Grumman Corp (NOC.N). “We can also do an iris scan at the same distance.”

For a while I’ve been saying that this whole national ID debate will be irrelevant soon. In the future you won’t have to show ID; they’ll already know who you are.

Posted on September 26, 2007 at 6:13 AMView Comments

Mission Creep at Counterterrorism "Fusion Centers"

Fusion centers are state-run, with funding help from the Department of Homeland Security. It’s all sort of ad hoc, but their purpose is to “fuse” federal, state, and local intelligence against terrorism. But—no surprise—they’re not doing much actual fusion, and they’re more commonly used for other purposes.

From a Congressional Research Service report dated June 6, 2007:

Fusion centers are state-created entities largely financed and staffed by the states, and there is no one “model” for how a center should be structured. State and local law enforcement and criminal intelligence seem to be at the core of many of the centers. Although many of the centers initially had purely counterterrorism goals, for numerous reasons, they have increasingly gravitated toward an all-crimes and even broader all-hazards approach. While many of the centers have prevention of attacks as a high priority, little “true fusion,” or analysis of disparate data sources, identification of intelligence gaps, and pro-active collection of intelligence against those gaps which could contribute to prevention is occurring. Some centers are collocated with local offices of federal entities, yet in the absence of a functioning intelligence cycle process, collocation alone does not constitute fusion.

The federal role in supporting fusion centers consists largely of providing financial assistance, the majority of which has flowed through the Homeland Security Grant Program; sponsoring security clearances; providing human resources; producing some fusion center guidance and training; and providing congressional authorization and appropriation of national foreign intelligence program resources, is well as oversight hearings. This report includes over 30 options for congressional consideration to clarify and potentially enhance the federal government’s relationship with fusion centers. One of the central options is the potential drafting of a formal national fusion center strategy that would outline, among other elements, the federal government’s clear expectations of fusion centers, its position on sustainment funding, metrics for assessing fusion center performance, and definition of what constitutes a “mature” fusion center.

Honestly, the report itself is kind of boring, even for this sort of thing. There’s an interesting section on proactive vs. reactive security (p. 25):

Most fusion centers respond to incoming requests, suspicious activity reports, and/or finished information/intelligence products. This approach largely relies on data points or analysis that are already identified as potentially problematic. As mentioned above, it could be argued that this approach will only identify unsophisticated criminals and terrorists. The 2007 Fort Dix plot may serve as a good example—would law enforcement have ever become aware of this plot if the would-be perpetrators hadn’t taken their jihad video to a video store to have it copied? While state homeland security and law enforcement officials appear to have reacted quickly and passed the information to the FBI, would they have ever been able to find would-be terrorists within their midst if those individuals avoided activities, criminal or otherwise, that might bring to light their plot?

It is unclear if a single fusion center has successfully adopted a truly proactive prevention approach to information analysis and sharing.

Here’s another article on the topic.

Posted on August 28, 2007 at 6:30 AMView Comments

First Responders

I live in Minneapolis, so the collapse of the Interstate 35W bridge over the Mississippi River earlier this month hit close to home, and was covered in both my local and national news.

Much of the initial coverage consisted of human interest stories, centered on the victims of the disaster and the incredible bravery shown by first responders: the policemen, firefighters, EMTs, divers, National Guard soldiers and even ordinary people, who all risked their lives to save others. (Just two weeks later, three rescue workers died in their almost-certainly futile attempt to save six miners in Utah.)

Perhaps the most amazing aspect of these stories is that there’s nothing particularly amazing about it. No matter what the disaster—hurricane, earthquake, terrorist attack—the nation’s first responders get to the scene soon after.

Which is why it’s such a crime when these people can’t communicate with each other.

Historically, police departments, fire departments and ambulance drivers have all had their own independent communications equipment, so when there’s a disaster that involves them all, they can’t communicate with each other. A 1996 government report said this about the first World Trade Center bombing in 1993: “Rescuing victims of the World Trade Center bombing, who were caught between floors, was hindered when police officers could not communicate with firefighters on the very next floor.”

And we all know that police and firefighters had the same problem on 9/11. You can read details in firefighter Dennis Smith’s book and 9/11 Commission testimony. The 9/11 Commission Report discusses this as well: Chapter 9 talks about the first responders’ communications problems, and commission recommendations for improving emergency-response communications are included in Chapter 12 (pp. 396-397).

In some cities, this communication gap is beginning to close. Homeland Security money has flowed into communities around the country. And while some wasted it on measures like cameras, armed robots and things having nothing to do with terrorism, others spent it on interoperable communications capabilities. Minnesota did that in 2004.

It worked. Hennepin County Sheriff Rich Stanek told the St. Paul Pioneer-Press that lives were saved by disaster planning that had been fine-tuned and improved with lessons learned from 9/11:

“We have a unified command system now where everyone—police, fire, the sheriff’s office, doctors, coroners, local and state and federal officials—operate under one voice,” said Stanek, who is in charge of water recovery efforts at the collapse site.

“We all operate now under the 800 (megahertz radio frequency system), which was the biggest criticism after 9/11,” Stanek said, “and to have 50 to 60 different agencies able to speak to each other was just fantastic.”

Others weren’t so lucky. Louisiana’s first responders had catastrophic communications problems in 2005, after Hurricane Katrina. According to National Defense Magazine:

Police could not talk to firefighters and emergency medical teams. Helicopter and boat rescuers had to wave signs and follow one another to survivors. Sometimes, police and other first responders were out of touch with comrades a few blocks away. National Guard relay runners scurried about with scribbled messages as they did during the Civil War.

A congressional report on preparedness and response to Katrina said much the same thing.

In 2004, the U.S. Conference of Mayors issued a report on communications interoperability. In 25 percent of the 192 cities surveyed, the police couldn’t communicate with the fire department. In 80 percent of cities, municipal authorities couldn’t communicate with the FBI, FEMA and other federal agencies.

The source of the problem is a basic economic one, called the collective action problem. A collective action is one that needs the coordinated effort of several entities in order to succeed. The problem arises when each individual entity’s needs diverge from the collective needs, and there is no mechanism to ensure that those individual needs are sacrificed in favor of the collective need.

Jerry Brito of George Mason University shows how this applies to first-responder communications. Each of the nation’s 50,000 or so emergency-response organizations—local police department, local fire department, etc.—buys its own communications equipment. As you’d expect, they buy equipment as closely suited to their needs as they can. Ensuring interoperability with other organizations’ equipment benefits the common good, but sacrificing their unique needs for that compatibility may not be in the best immediate interest of any of those organizations. There’s no central directive to ensure interoperability, so there ends up being none.

This is an area where the federal government can step in and do good. Too much of the money spent on terrorism defense has been overly specific: effective only if the terrorists attack a particular target or use a particular tactic. Money spent on emergency response is different: It’s effective regardless of what the terrorists plan, and it’s also effective in the wake of natural or infrastructure disasters.

No particular disaster, whether intentional or accidental, is common enough to justify spending a lot of money on preparedness for a specific emergency. But spending money on preparedness in general will pay off again and again.

This essay originally appeared on Wired.com.

EDITED TO ADD (7/13): More research.

Posted on August 23, 2007 at 3:23 AMView Comments

Airport Security Breach

One of the problems with airport security checkpoints is that the system is a single point of failure. If someone slips through, the only way to regain security is for the entire airport to be emptied and everyone searched again. This happens rarely, but when it does, it can close an airport for hours.

It happened today at the Charlotte airport.

One sentence struck me:

Passengers on another 15 planes that took off after the breach will have to go through screening again when they reach their destinations, the TSA said.

It’s understandable why the TSA would want to screen everybody once someone evades security: that person could give his contraband to someone else. And since the entire airport system is a single secure area—once you go through security at one airport, you are considered to be inside security at all airports—it makes sense for those passengers to be screened if they’re changing planes.

But it must feel weird to have to go through screening after flying, before being able to leave the airport.

Posted on August 10, 2007 at 11:12 AMView Comments

Gun-Shaped Laptop Battery

Seems like bad design:

My laptop bag has scared TSA security personnel at several airports recently, requiring manual bag inspections each time. And when it happened again this week I finally figured out what it is that was freaking them out when the bag went through the x-ray machine—it’s the spare laptop battery I always carry. This would never be an issue if the battery were inside the laptop, but the spare battery (depending on how it is laying in the back) can catch attention. But, TSA issues aside, look at the shape of the battery. You just have to wonder—what on earth was IBM thinking?

The answer, of course, is obvious: it never occured to them.

Posted on August 8, 2007 at 2:12 PMView Comments

Details on the UK Liquid Terrorist Plot

U.S. Homeland Security Secretary Michael Chertoff is releasing details about last summer’s liquid-bomb plot:

Sources tell ABC News that after studying the plot, government officials have concluded that without the tip to British authorities, the suspects could have likely smuggled the bomb components onboard using sports drinks.

The components of that explosives mixture can be bought at any drugstore or supermarket; however, there is some question whether the potential terrorists would have had the skill to properly mix and detonate their explosive cocktails in-flight.

But they can work—scientists at Sandia National Laboratory conducted a test using the formula, and when a small amount of liquid in a container was hit with a tiny burst of electrical current, a large explosion followed. (Click on the video player on the right side of this page to view the video.)

The test results were reviewed today by ABC terrorism consultant Richard Clarke, who said that while frequent travelers are upset by the current limits on liquids in carry-on baggage, “when they see this film, they ought to know it’s worth going through those problems.”

There has been a lot of speculation since last year about the plausibility of the plot, with most chemists falling on the “unrealistic” side.

I’m still skeptical, especially because the liquid ban doesn’t actually ban liquids. If they’re so dangerous, why can anyone take 12 ounces of any liquid on any plane at any time? That’s the real question, which TSA Administrator Kip Hawley deftly didn’t answer in my conversation with him last week. (I brought it on a plane again yesterday: an opaque 12-ounce bottle labeled “saline,” emptied and filled with another liquid, and then resealed. I held it up to the TSA official and made sure it was okay. It was.)

Another quote:

One official who briefed ABC News said explosives and security experts who examined the plot were “stunned at the extent that the suspects had gamed the system to exploit its weaknesses.”

“There’s no question that they had given a lot of thought to how they might smuggle containers with liquid explosives onto airplanes,” Chertoff said. “Without getting into things that are still classified, they obviously paid attention to the ways in which they thought they might be able to disguise these explosives as very innocent types of everyday articles.”

Well, yeah. That’s the game you’re stuck playing. From my conversation with Hawley (that’s me talking):

But you’re playing a game you can’t win. You ban guns and bombs, so the terrorists use box cutters. You ban small blades and knitting needles, and they hide explosives in their shoes. You screen shoes, so they invent a liquid explosive. You restrict liquids, and they’re going to do something else. The terrorists are going to look at what you’re confiscating, and they’re going to design a plot to bypass your security.

Stop focusing on the tactics; focus on the broad threats.

Posted on August 6, 2007 at 11:34 PMView Comments

Conversation with Kip Hawley, TSA Administrator (Part 5)

This is Part 5 of a five-part series. Link to whole thing.

BS: So far, we’ve only talked about passengers. What about airport workers? Nearly one million workers move in and out of airports every day without ever being screened. The JFK plot, as laughably unrealistic as it was, highlighted the security risks of airport workers. As with any security problem, we need to secure the weak links, rather than make already strong links stronger. What about airport employees, delivery vehicles, and so on?

KH: I totally agree with your point about a strong base level of security everywhere and not creating large gaps by over-focusing on one area. This is especially true with airport employees. We do background checks on all airport employees who have access to the sterile area. These employees are in the same places doing the same jobs day after day, so when someone does something out of the ordinary, it immediately stands out. They serve as an additional set of eyes and ears throughout the airport.

Even so, we should do more on airport employees and my House testimony of April 19 gives details of where we’re heading. The main point is that everything you need for an attack is already inside the perimeter of an airport. For example, why take lighters from people who work with blowtorches in facilities with millions of gallons of jet fuel?

You could perhaps feel better by setting up employee checkpoints at entry points, but you’d hassle a lot of people at great cost with minimal additional benefit, and a smart, patient terrorist could find a way to beat you. Today’s random, unpredictable screenings that can and do occur everywhere, all the time (including delivery vehicles, etc.) are harder to defeat. With the latter, you make it impossible to engineer an attack; with the former, you give the blueprint for exactly that.

BS: There’s another reason to screen pilots and flight attendants: they go through the same security lines as passengers. People have to remember that it’s not pilots being screened, it’s people dressed as pilots. You either have to implement a system to verify that people dressed as pilots are actual pilots, or just screen everybody. The latter choice is far easier.

I want to ask you about general philosophy. Basically, there are three broad ways of defending airplanes: preventing bad people from getting on them (ID checks), preventing bad objects from getting on them (passenger screening, baggage screening), and preventing bad things from happening on them (reinforcing the cockpit door, sky marshals). The first one seems to be a complete failure, the second one is spotty at best. I’ve always been a fan of the third. Any future developments in that area?

KH: You are too eager to discount the first—stopping bad people from getting on planes. That is the most effective! Don’t forget about all the intel work done partnering with other countries to stop plots before they get here (UK liquids, NY subway), all the work done to keep them out either through no-flys (at least several times a month) or by Customs & Border Protection on their way in, and law enforcement once they are here (Ft. Dix). Then, you add the behavior observation (both uniformed and not) and identity validation (as we take that on) and that’s all before they get to the checkpoint.

The screening-for-things part, we’ve discussed, so I’ll jump to in-air measures. Reinforced, locked cockpit doors and air marshals are indeed huge upgrades since 9/11. Along the same lines, you have to consider the role of the engaged flight crew and passengers—they are quick to give a heads-up about suspicious behavior and they can, and do, take decisive action when threatened. Also, there are thousands of flights covered by pilots who are qualified as law enforcement and are armed, as well as the agents from other government entities like the Secret Service and FBI who provide coverage as well. There is also a fair amount of communications with the flight deck during flights if anything comes up en route—either in the aircraft or if we get information that would be of interest to them. That allows “quiet” diversions or other preventive measures. Training is, of course, important too. Pilots need to know what to do in the event of a missile sighting or other event, and need to know what we are going to do in different situations. Other things coming: better air-to-ground communications for air marshals and flight information, including, possibly, video.

So, when you boil it down, keeping the bomb off the plane is the number one priority. A terrorist has to know that once that door closes, he or she is locked into a confined space with dozens, if not hundreds, of zero-tolerance people, some of whom may be armed with firearms, not to mention the memory of United Flight 93.

BS: I’ve read repeated calls to privatize airport security: to return it to the way it was pre-9/11. Personally, I think it’s a bad idea, but I’d like your opinion on the question. And regardless of what you think should happen, do you think it will happen?

KH: From an operational security point of view, I think it works both ways. So it is not a strategic issue for me.

SFO, our largest private airport, has excellent security and is on a par with its federalized counterparts (in fact, I am on a flight from there as I write this). One current federalized advantage is that we can surge resources around the system with no notice; essentially, the ability to move from anywhere to anywhere and mix TSOs with federal air marshals in different force packages. We would need to be sure we don’t lose that interchangeability if we were to expand privatized screening.

I don’t see a major security or economic driver that would push us to large-scale privatization. Economically, the current cost-plus model makes it a better deal for the government in smaller airports than in bigger. So, maybe more small airports will privatize. If Congress requires collective bargaining for our TSOs, that will impose an additional overhead cost of about $500 million, which would shift the economic balance significantly toward privatized screening. But unless that happens, I don’t see major change in this area.

BS: Last question. I regularly criticize overly specific security measures, because forcing the terrorists to make minor modifications in their tactics doesn’t make us any safer. We’ve talked about specific airline threats, but what about airplanes as a specific threat? On the one hand, if we secure our airlines and the terrorists all decide instead to bomb shopping malls, we haven’t improved our security very much. On the other hand, airplanes make particularly attractive targets for several reasons. One, they’re considered national symbols. Two, they’re a common and important travel vehicle, and are deeply embedded throughout our economy. Three, they travel to distant places where the terrorists are. And four, the failure mode is severe: a small bomb drops the plane out of the sky and kills everyone. I don’t expect you to give back any of your budget, but when do we have “enough” airplane security as compared with the rest of our nation’s infrastructure?

KH: Airplanes are a high-profile target for terrorists for all the reasons you cited. The reason we have the focus we do on aviation is because of the effect the airline system has on our country, both economically and psychologically. We do considerable work (through grants and voluntary agreements) to ensure the safety of surface transportation, but it’s less visible to the public because people other than ones in TSA uniforms are taking care of that responsibility.

We look at the aviation system as one component in a much larger network that also includes freight rail, mass transit, highways, etc. And that’s just in the U.S. Then you add the world’s transportation sectors—it’s all about the network.

The only components that require specific security measures are the critical points of failure—and they have to be protected at virtually any cost. It doesn’t matter which individual part of the network is attacked—what matters is that the network as a whole is resilient enough to operate even with losing one or more components.

The network approach allows various transportation modes to benefit from our layers of security. Take our first layer: intel. It is fundamental to our security program to catch terrorists long before they get to their target, and even better if we catch them before they get into our country. Our intel operation works closely with other international and domestic agencies, and that information and analysis benefits all transportation modes.

Dogs have proven very successful at detecting explosives. They work in airports and they work in mass transit venues as well. As we test and pilot technologies like millimeter wave in airports, we assess their viability in other transportation modes, and vice versa.

To get back to your question, we’re not at the point where we can say “enough” for aviation security. But we’re also aware of the attractiveness of other modes and continue to use the network to share resources and lessons learned.

BS: Thank you very much for your time. I appreciate both your time and your candor.

KH: I enjoyed the exchange and appreciated your insights. Thanks for the opportunity.

Posted on August 3, 2007 at 6:12 AMView Comments

Security Hole at Phoenix Airport

The news:

We’ve discovered a 4.5 hour time frame each night when virtually anything can be brought into the secure side of Phoenix Sky Harbor Airport. There’s no metal detector, no X-ray machine, and it’s apparently not a problem.

Afraid to show her face, one long time Sky Harbor employee talks about the security most people don’t see.

Lisa Fletcher: “You’re telling me Sky Harbor’s not safe?”

Employee: “I’m telling you Sky Harbor’s not safe and hasn’t been for a long time.”

It’s what we discovered in the middle of the night—TSA agents going away, and security guards taking over. It’s 4.5 hours—every night—when an employee badge becomes an all-access pass.

I have mixed feelings about this story. On the one hand, it’s a big security hole that not everyone knew was there. On the other hand, airport employees are allowed to bring stuff in and out of airports without screening all the time. So yes, the airports aren’t secure—but they never have been, so what’s the big deal?

The real issue here is that people don’t understand that an airport is a complex system and that securing it means more than passenger screening.

Posted on August 2, 2007 at 11:35 AMView Comments

1 21 22 23 24 25 37

Sidebar photo of Bruce Schneier by Joe MacInnis.