Summary

This document is a module on security issues management related to terrorism, including various types of CBRNE weapons and countermeasures. It discusses the tactics used by terrorist groups and the challenges faced in fighting terrorism.

Full Transcript

ACE p l o y e e C e r t i fi ed Em Airpor t C U R I T Y O RT S E AIRP Modules 4 Security...

ACE p l o y e e C e r t i fi ed Em Airpor t C U R I T Y O RT S E AIRP Modules 4 Security © 2005 (first edition) © 2009 (second edition) © 2011 (third edition) © 2015 (fourth edition) Copyright American Association of Airport Executives 2 of 36 / American Association of Airport Executives Module 4 Airport Certified Employee (ACE) – Security Module 4: Security Issues Management Authored by: Jeffrey C. Price, M.A., C.M. Owner – Leading Edge Strategies Professor – Metropolitan State University of Denver ACE Security – Module 4 / 3 of 36 Security 4 of 36 / American Association of Airport Executives Module 4 TABLE OF CONTENTS Contents Module 4 – Objectives.................................................................................................................................................................................. 6 Introduction to Module 4............................................................................................................................................................................... 7 Abbreviations.................................................................................................................................................................................................. 8 International Terrorist Groups..................................................................................................................................................................... 10 Domestic Terrorist Groups........................................................................................................................................................................... 11 Gangs........................................................................................................................................................................................................... 11 The Lone Wolf Terrorist............................................................................................................................................................................... 12 The Terrorist Cycle....................................................................................................................................................................................... 13 Random Anti-Terrorism Measures (RAM)................................................................................................................................................... 14 Spotting Suspicious Activity........................................................................................................................................................................ 14 Explosives and Weapons of Mass Destruction (WMD)........................................................................................................................... 16 Explosives.................................................................................................................................................................................................... 16 Improvised Explosive Devices (IED)........................................................................................................................................................ 16 Unattended Bag / Suspicious Bag.......................................................................................................................................................... 17 Chemical, Biological, Radiological and Nuclear (CBRN) Weapons............................................................................................................ 18 Notable Bio/Chem Attacks...................................................................................................................................................................... 19 Biological Weapons................................................................................................................................................................................ 19 Nuclear/Radiological............................................................................................................................................................................... 21 Countermeasures........................................................................................................................................................................................... 22 TSOC and HSOC........................................................................................................................................................................................... 22 Special Security Incident Considerations.................................................................................................................................................... 23 Hijackings............................................................................................................................................................................................... 24 Bombings and Bomb Threats.................................................................................................................................................................. 24 Suicide Bombers...................................................................................................................................................................................... 25 Hazardous Material Incidents................................................................................................................................................................. 29 Sabotage................................................................................................................................................................................................. 29 MANPAD Attacks.................................................................................................................................................................................... 29 Preventative Security Measures Summary Guidance................................................................................................................................. 30 Business Continuity Planning.................................................................................................................................................................. 30 Security Policy............................................................................................................................................................................................. 32 Security Risk Management........................................................................................................................................................................ 32 Summary.......................................................................................................................................................................................................... 34 Endnotes........................................................................................................................................................................................................... 34 ACE Security – Module 4 / 5 of 36 Security Module 4 – Objectives Explain security incident management measures related to terrorism Know the various types of CBRNE Explain the principles of responding to security incidents and implementing countermeasures Know the elements of the Security Management System 6 of 36 / American Association of Airport Executives Module 4 Introduction to Module 4 Individuals and groups use terrorism to fight against a numerically and technologically superior enemy. Tactics such as these pro- vide a way for individuals and small organizations to cause damage to hurt large organizations and countries. Terrorism has been effectively used against stronger enemies since the days of the Byzantine Empire where the term “assassin” was first coined. Terrorism was also used during the French Revolution and numerous other times throughout history – too many times in fact to recount here. Terrorism works in some cases and not in others. It has succeeded enough times, however, that it is still considered an effective tactic in many conflicts and, therefore, is not likely to go away anytime soon. In 1983, when the Hizbollah terrorist organization bombed the U.S. Marine barracks in Lebanon, the U.S. withdrew their troops. For 30 years, the Irish Republican Army fought an insurgent war against the United Kingdom, with the IRA eventually reaching enough concessions from the U.K., along with a vicious U.K., counterinsurgency that the fighting stopped, but not before 3,000+ citizens had died. In 1993, when the U.S. lost 18 servicemen in Mogadishu (the Blackhawk Down incident), the U.S. withdrew its troops. In 2004, when Al-Qaeda operatives bombed several trains in Madrid, Spain, the government of Spain withdrew its forces from Iraq. As Al-Qaeda’s effectiveness waned post 9/11 in Afghanistan, it sprung up new roots in Yemen. In the post Iraq conflict and under the shadow of destabilization in Syria, ISIL and ISIS continue to grow in numbers. The US now faces a Homegrown terrorist threat such as the Boston Marathon bombings and several active shooter incidents, from the Navy Yard to Ft. Hood. Terrorists are often seen as insane; however, considerable study on terrorist organizations and groups finds that very few truly insane people exist within the ranks of the terrorists. It does not serve the terrorists’ cause to have unstable individuals within their operation. However, this is not to say that terrorists do not possess some deeply rooted motivations, in some cases enough motivation to commit suicide for their cause. A significant challenge to fighting terrorism is often that the terrorist enjoys the protections of the very laws that they are fighting to destroy, such as in the case of the Oklahoma City bombing and the bombings of several busses and a subway station in the U.K. in 2005. Additionally, governments respond differently to acts of terror. When the subway and bus bombings occurred in London in 2005, and the Madrid train bombings happened, neither the U.K. nor the Spanish government called off the 100% screening of all train and bus passengers. Their response was to step up law enforcement and intelligence actions to interdict future events. In some cases, a response to a terrorist action is expected, but citizens often disagree on the right response. Shortly after the bombing of Pan Am Flight 103, the airline employed ICTS agents (U.K. based security firm) to conduct behavioral assessment on passengers as an increased security measure. The program was terminated shortly after it began due to passenger complaints. While the intent of terrorism may seem to be to kill and destroy, the real intent of terrorism is to intimidate an opponent and coerce that entity into changing a particular policy, posture, or sometimes an entire governmental structure. The primary targets of terror- ism are a nation’s economy and it’s way of life. Today’s terrorist knows that “the main benefit of their attacks is the economic costs they can generate” [3, pp xvi], as the defend- ing government spends more and more money to implement counterterrorism strategies and to deploy counterterrorism technol- ogies, and restricts civil liberties in the process. Shortly after the Yemen air cargo bomb attempts, Inspire magazine, an Al-Qaeda propaganda publication, ran an article flaunting the fact that the bombs only cost about $4,000 to construct; however, the world response to increased screening of air cargo would run into the billions. That’s an incredible return on a small investment. Break- ing a country’s economic backbone has worked in the past – most recently with the end of the Cold War, when the U.S. outspent the Soviet Union to the point when the Soviet Union could no longer keep up with the arms race. ACE Security – Module 4 / 7 of 36 Security Abbreviations AIT Automated Imaging Technology EDS Explosives Detection System Aircraft Communications Addressing and EOC Emergency Operations Center ACARS Reporting System EOP Emergency Operations Plan AC Advisory Circular ETD Explosives Trace Detection ASAC Aviation Security Advisory Committee FAA Federal Aviation Administration ADASP Aviation Direct Access Screening Program FAM Federal Air Marshal AFSD Assistant Federal Security Director FIO Field Intelligence Officer AOA Air Operations Area FBI Federal Bureau of Investigation AOPA Aircraft Owners and Pilots Association FBO Fixed Base Operator AOSC Aircraft Operator Security Coordinator FFDO Federal Flight Deck Officer ASC Airport Security Coordinator FPS Federal Protective Service ASIS American Society of Industrial Security FSD Federal Security Director ASP Airport Security Program FSP Full Standard Security Program ATR Automated Threat Recognition GA General Aviation ATSA Aviation and Transportation Security GSC Ground Security Coordinator 2001 Act of 2001 HRT Hostage Rescue Team ATSP Airport Tenant Security Program IAC Indirect Air Carriers AVSEC Aviation Security Contingency Plan IAP Incident Action Plan BAO Bomb Appraisal Officer IATA International Air Transport Association BATF Bureau of Alcohol, Tobacco and Firearms ICE Immigration and Customs Enforcement BCP Business Continuity Planning ICAO International Civil Aviation Organization BDO Behavior Detection Officer IED Improvised Explosive Device Computer Assisted Passenger Pre-Screen- CAPPS ing System IFSC In Flight Security Coordinator CASFO Civil Aviation Security Field Office IMS Ion Mobility Spectrometry Nuclear/Biological/Chemical/Explosive Indirect Air Carrier Standard Security CBRNE IACSSP Weapons Program CBP Customs and Border Protection IPP Isolated Parking Position CCSP Certified Cargo Screening Program JTTF Joint Terrorism Task Force CERT Community Emergency Response Team LEO Law Enforcement Officer CIRG Critical Incident Response Group LRBL Least Risk Bomb Location CHRC Criminal History Records Check MANPAD Manned Portable Air Defense System Crime Prevention Through Environmental National Explosives Detection Canine CPTED NEDCP Design Program DAC Designated Aviation Channeler NIMS National Incident Management System DEA Drug Enforcement Administration NTSB National Transportation Safety Board DHS Department of Homeland Security PCSSP Private Charter Standard Security Program EAA Exclusive Area Agreement PIC Pilot in Command 8 of 36 / American Association of Airport Executives Module 4 PIV Personal Identity Verification PNR Passenger Name Record PPBM Positive Passenger Bag Match RAM Random Anti-terrorism Measures RT Registered Traveler SAM Surface to Air Missile SARP Standards and Recommended Practices SeMS Security Management Systems SD Security Directive SIDA Security Identification Display Area SOC Security Operations Center Screening of Passengers by Observation SPOT Techniques SPP Screening Partnership Program SSI Sensitive Security Information SSCP Security Screening Check Point STA Security Threat Assessment TDC Travel Document Check TFSSP Twelve-Five Standard Security Program TLO Terrorism Liaison Officers TSC Terrorist Screening Center TSA Transportation Security Administration TSI Transportation Security Inspector TSO Transportation Security Officer TSOC Transportation Security Operations Center TSR Transportation Security Regulations Transportation Worker Identification TWIC Credential USAR Urban Search and Rescue VBIED Vehicle Born Improvised Explosive Device WMD Weapon of Mass Destruction WTMD Walk Through Metal Detector ACE Security – Module 4 / 9 of 36 Security The Terrorist Threat to Aviation Of importance to remember is that terrorist threats are not restricted to Al-Qaeda. Threats can come from ecological and animal rights organizations, domestic terrorist organizations, or from individuals or small groups acting solely on their own and pursuing either their own or an adopted ideology. Airport Security Coordinators must be open-minded in their response to these threats and rather agnostic in their approach. It is not so important to focus on one particular type of terrorist group as it is to develop and implement strategies to defend against a variety of threats. Terrorism has changed over the past twenty years, with terrorist organizations now using highly educated and highly trained individuals. The Internet has made the spreading of an ideology much easier, along with the ability to train and communicate with confederates throughout the world. Terrorist attacks today are increasingly lethal and devastating. While the focus since 9/11 seems to have been on international terrorist groups, such as Al-Qaeda, Al-Qaeda in the Arabian Peninsula, and ISIS/ISIL, there has been a resurgence of domestic terrorist organizations, sovereign citizen, and “radicalized” so called home grown terrorists – individuals from the U.S. that have been recruited or persuaded, most often through the Internet along with other influences, to join a terrorist cause. The Boston Marathon bombers are suspected of fitting this profile. When considering threats to aviation, terrorism is certainly at the top of almost any list, but the U.S. Department of State lists four areas of major concern in transnational crimes: (a) narcotics trafficking, (b) human trafficking, (c) money laundering and corruption[4, p 32]. In all four cases, aviation is involved. Drugs and humans are trafficked through airports extensively. According to the State Department, there are now over 27 million men, women and children being held against their will in forced labor, prostitution or for sale as sex slaves[4, p 35]. The era of modern terrorism has its roots in aviation, beginning in 1968 with the hijacking of an El Al flight en-route from Rome to Tel Aviv, by the Popular Front for the Liberation of Palestine[4, p 55]. The goal of the PFLP was to establish the Palestinian state and for five weeks, 21 passengers and 11 crew were held hostage in Algiers. The hostages were eventually released in exchange for 16 Arab prisoners[4, p 55]. Terrorism is different from other crimes and does not lend itself to the same disincentives as other crimes do [4, p 55]. Terrorism is an elaborate marketing campaign and publicity adds to the legitimacy of the group – it is also much more effective against democracies that have more generally open societies[4, p 56]. Terrorist groups have different goals but history shows that religious groups, such as Al-Qaeda and Aum Shinryko1, have longer staying power than others, such as those with political ideologies[4, p 58]. Most terrorist are also not insane[4, p 58] – in fact, they are many times rational individuals who may otherwise go unnoticed in the general population. International Terrorist Groups Terrorist groups come and go but presently the big four are Al-Qaeda and its affiliates such as Al-Qaeda in the Arabian Peninsula, and al Qaeda in Syria, Hezbollah, FARC and ISIS/ISIL. Al-Qaeda: the organization responsible for the attacks on 9/11 is still in business, despite the death of its leader, Osama bin Laden, at the hands of U.S. Navy SEALs in May 2011. Al-Qaeda, while displaced slightly from their base in Afghanistan, has sprouted roots in Syria, Yemen, Iraq and other places throughout the world – even successfully radicalizing US citizens to the cause. According to terrorism expert Bruce Hoffman, Al-Qaeda is increasingly focused exhausting the United States, stepping up its attack on our economy through a “death by a thousand cuts” strategy and seeking non-Muslim recruits who can be easily deployed to Western countries[4, p 73]. Hezbollah, which operates primarily in the formerly Syrian-controlled Bekaa Valley, Beirut and southern Lebanon. In 2014, the shelling of Israel by Hezbollah militants caused the FAA to temporarily suspend flights to Israel for a short period of time. Hezbollah however, has continued to expand its global operations around the world, receiving weapons and training from Iran and Syria, and has established a stronghold in South America[4, p 80]. In 2010, there were arrests of Hezbollah activists in Philadelphia, New York and Detroit – the group has also attempted to obtain Stinger surface-to-air missile, automatic weapons and night vision equipment in the U.S[4, p 84]. 1 In 1995 this group released Sarin gas into the Tokyo subway system, killing 11 and injuring nearly a thousand people. 10 of 36 / American Association of Airport Executives Module 4 FARC: the Revolutionary Armed Forces of Colombia (known as FARC), started out as small Communist insurgency group and now controls 40% of Colombia through a negotiated agreement with the government[4, p 86]. Their illegal activities, mostly narcotics, net over $600 million per year and have increased their cooperation with the Russian Mafia [4, p 86]. ISIS/ISIL: The self-described Islamic State known variously as ISIS or ISIL, (i.e. The Islamic State of Iraq and the Levant also translated as the Islamic State of Iraq and Syria), is a Sunni, extremist, Jihadist, and self-proclaimed Caliphate. It emanated from Al-Qaeda in Iraq and is responsible for the brutal executions of several Western journalists and aid workers. The total threat from this group continues to grow and its threat to the U.S. continues to be evaluated, but in 2014, as part of a military campaign to attack elements of ISIS/ISIL in Syria, U.S. aircraft also bombed the location of suspected militant who may have been plotting to smuggle bombs in small electronic devices onto aircraft, for the purposes of blowing them up. Domestic Terrorist Groups Timothy McVeigh, convicted of destroying the Murrah Federal Building in Oklahoma City in 1995, called the 19 children he killed in the attack “collateral damage.” McVeigh was associated with certain violent “militia” groups, many of which were incensed by the FBI assault on Ruby Ridge, in Idaho and the ATF assault of a compound in Waco, Texas. Domestic terrorism seemed to drop off considerably after the 9/11 attacks, but seems to have found new life in recent years. Many of the same motivations of international terrorists are also found in domestic terrorist groups and individuals – extreme religious or political ideology and the ability to find inspiration, encouragement, tactical training and techniques on the Internet, all with relative anonymity[4, p 92]. The FBI reports over 345 domestic terrorism attacks between 1980-2001, and the Southern Poverty Law Center reported the incredible rise in the number of Patriot groups, including armed militias, following the election of President Obama in 2008 – rising 813 percent, from 149 groups in 2008 to an all-time high of 1,360 in 2012. The number fell to 1,096 in 2013. Violent extremism has been a part of the United States for over 100 years, going back to 1919 when 36 bombs were mailed to high-ranking US officials. In 1920, the first “car bomb,” was detonated on Wall Street when a horse-drawn cart loaded with explosives detonated, killing 38 people. More recent domestic terrorist groups have included The Weather Underground in the 1960s, the Ku Klux Klan, the Symbionese Liberation Army, and the Black Panthers. Chemical, biological and radiological weapons are also options for domestic terrorist groups – in a study at Syracuse university, 114 cases of domestic terrorist acts and plots since 9/11 were examined – from neo-Nazism, to Christian fundamentalism to anarchism and violent environmentalism[4, p 99]. The study identified five cases involving chemical, biological and radiological agents, where if successful, would have killed thousands[4, p 99]. An offshoot of the domestic terrorism discussion and an offshoot of the defunct Posse Comitatus, white-supremacist anti-Semitic group of the 1980s (and its famous member Terry Nichols, McVeigh’s co-conspirator) are the Sovereign Citizens[4, p 103]. The group essentially doesn’t believe in the authority of the U.S. government and often creates and sells fraudulent documents such as driver’s licenses, police officer credentials, and concealed carry permits. Particularly dangerous is that any confrontation between this group and law enforcement is likely to end in violence[4, p 103]. Some airport police officers have reported encounters with Sovereign Citizens, particularly at the Travel Document Checkpoint. In 2011 and 2012, several police officers were attacked by those identified as being connected to the Sovereign Citizen group. Gangs Although not considered or labeled as a terrorist group, gangs are a threat to society and to airport operations – gang members work in the aviation system, at air carriers, airports, vendors, contractors and tenants. The Los Angeles International Airport Police Department has a Gang Intelligence Unit that identifies and investigates persons engaged in gang or criminal activity at LAX. Team members obtain information and intelligence regarding gang member relationships and how they may link to terrorism or other criminal activity on the LAX Airfield Operations Area and other airport property2. 2 LAXPD’s patrol areas include several blocks surrounding airport property. ACE Security – Module 4 / 11 of 36 Security The FBI estimates there are 33,000 or more street, prison and outlaw motorcycle gangs with over 1.4 million active members and they are responsible for 48% of the violent crime in the country[4, p 122-123]. The former notorious drug lord Pablo Escobar was well-known to use commercial and general aviation to transport narcotics, and on at least one occasion arranged for the destruction of a commercial airliner in order to eliminate competition. Gangs can be viewed through their generational growth: first generation gangs were traditional street gangs with a turf orientation[4, p 123]3. Second generation gangs are entrepreneurial and drug centered, using violence to protect their markets[4, p 123]4. Third generational gangs have evolved into having political goals and engage in mercenary type activities, using technology to recruit, spread their ideology and communicate through chat rooms and websites, such as MS-13[4, p 123]5. Their influence is now political and in some cases the gang controls significant areas of a country, such as in the case of the FARC in Colombia. Additionally, the National Gang Intelligence Center had identified at least 53 gangs whose members have served in or are affiliated in some way with the US military[4, p 127], which may allow gang access to military installations, weapons, and bomb- making related knowledge [4, p 127]. In one case the FBI’s most wanted list included an Al-Qaeda terrorist6 may have been in a meeting with the leader of the El Salvador’s MS-13 organization7. Also known as “Jafer the Pilot,” the terrorist completed commercial flight school in the United States and earned an Associates degree in community college in Broward County, Florida[4, p 125]. The individual also attempted to obtain material in Canada to build a radiological “dirty” bomb and was complicit in assisting with a plot to bomb the fuel tanks at JFK airport[4, p 125]. Drug smugglers have routinely smuggled narcotics in commercial aircraft for several years, thus it would not have been difficult to place a bomb onboard the aircraft where it could not be detected. The lessons learned in this case are strict control of the airfield, specifically monitoring who has access to aircraft, performing background checks, and the need to warn U.S. citizens traveling abroad of airports that do not meet minimum ICAO security requirements. By regulation, these warnings are to be posted at screening checkpoints. The Lone Wolf Terrorist There are a variety of terrorist organizations from state-sponsored, where the terrorists are supported by a nation, cults such as the Aum Shinryko cult who carried out a Sarin gas attack on the Tokyo subway system, groups like Al-Qaeda and ISIS/ISIL that have arisen on their own to support various beliefs or causes, and lone wolves. Lone wolves can be particularly difficult to defend against as their planning pattern doesn’t always follow the aforementioned terrorist planning cycle. Lone wolves are best handled with (a) workplace violence training8, (b) vigilant staff on the lookout for personnel exhibiting unusual behaviors, and (c) rapid response once the incident begins, (d) panic alarms and (e) employee training on what to do during an incident and (f) police, fire and EMS prepared to respond to an incident. One of the unique characteristics that separates terrorism from other types of conflicts is the ability of a single incident, and sometimes just a single person, to throw an entire nation, or the world, into crisis[6, p 97]. While nation-states, cults and international terrorist cells will exercise certain levels of restraint9, author Jeffrey Simon posits that it is the “lone wolf” that is most likely to use a weapon of mass destruction over other, more organized terrorist groups [7, p 81], and in a speech in 2011, President Barack Obama said that the biggest concern we have right now is the lone wolf terrorist[7, p 85]. Simon suggests the following strategies to try to prevent lone wolf terrorists (modified for airport use). Improved detection devices such as bio detectors, radiation detectors, and checkpoint technologies. Expanded use of CCTV, which are effective after the attack at identifying the attackers. Biometrics to reduce the ability of an lone wolf stealing an aviation employee’s identification. Monitor lone wolf use of the Internet[7, p 23]. While monitoring personal Internet usage is clearly beyond the ASC’s role, 3 Characterized in the 1979 movie The Warriors. 4 Characterized in the 1988 movie Colors. 5 Characterized in the 2012 movie End of Watch. 6 Adnan El Shukrijumah 7 US officials neither confirmed or denied the meeting. 8 Some lone wolves also work for the location they attack. 9 In larger terrorist organizations there are often voices of dissent or disagreement about how far the group should “push,” the country they are attacking. Nation-state sponsored groups are also careful to keep the terrorist groups they are funding in-check, with the understanding the crossing the line, such as the use of a WMD, could result in the elimination or vaporization of a large percentage of their own populace in a retaliatory attack. 12 of 36 / American Association of Airport Executives Module 4 there may be times when an ASC is notified by their information technology department that aviation employee is visiting Internet sites that may promote violent extremist), or may be notified by the FBI that an individual working at the airport is under investigation and has been viewing websites with content consistent with violent behavior. W atch for early warning signs: troubled past, individuals that have broken away or been thrown out of a fringe-group, exhibiting psychological or personality disorders, purchases of materials used in constructing bombs or lots of automatic weapons, and travel to regions known for terrorist activity[7, p 23]. Any outright threats to an airport, airline or individual should be immediately reported and investigated. While not a terrorist in the traditional sense, it is appropriate to note that Aldrich Ames, a 31-year Central Intelligence Agency counterintelligence officer and analyst who committed treason against his country by spying for the Soviet Union and Russia, lived way beyond his declared means, driving a Jaguar and buying a half-million dollar house with cash[8, p 26]. It seems after- the-fact, the indicators that an individual was plotting or committing criminal or terrorist activities were noticeable to those who were paying attention or knew what to look for. The Terrorist Cycle Terrorists have their choice of targets in the aviation community. Common tactics are Improvised Explosive Devices (IED) placed on board aircraft or in airport facilities; Vehicle-Borne Improvised Explosive Devices (VBIED) like those used to attack the Murrah building in Oklahoma City, the U.S. Air Force barracks in Saudi Arabia, and the car bomb intended for the LAX terminal in 1999. VBIED’s are also widely used in Iraq and pose possibly a serious threat to Airport Operators. A large VBIED could destroy an entire airport terminal building. In Iraq, insurgents are now also including chlorine in some of their IED’s, which turns a deadly bomb into an even more deadly device with a chemical element. In addition to the traditional forms of attack, bombings and hijackings, surface-to-air missile attacks, suicide bombers and active shooters are also threats to aviation. Fortunately, the terrorist attack cycle and their operational constraints favor the Airport Operator and the law enforcement community. The planning cycle for a major attack can take place over the course of several weeks, months or even years. While terrorists may be highly motivated, they are not stupid and even a suicide bomber will not throw their life away cheaply. Therefore, extensive plans, dry runs and acquisition of arms and equipment, are conducted thoughtfully and carefully. While some terrorist attacks have not gone as planned, such as the failed attempt by the “underwear bomber” and the failed Times Square bombing, this should not simply be taken that the individuals who attempted the attacks were just unlucky. Author Mark Bowden, who wrote Blackhawk Down and The Finish: The killing of Osama Bin Laden, argues that intelligence, interdictions, drone strikes, military and law enforcement efforts post 9/11, have reduced the number of “smart” terrorists, and now organizations are forced to select from a shallower gene pool[4, p 58]. Terrorists select their targets based on access to the target, the potential damage and the target’s “softness.” Softness is a term used to indicate the level of protections that are in place. A military air base with armed MPs, high fencing, CCTV cameras covering access areas, barricades and other defenses is a harder target than a publicly accessible shopping mall, with one or two lightly armed police officers making rounds. Initial surveillance is then conducted, which takes the majority of the operational cycle. During this phase, law enforcement personnel and aviation security and operations personnel have the best opportunity to spot and deter a potential terrorist attack. Terrorists will frequently try to make their next attack more spectacular than the last one. More spectacular, however, generally means more complex, and the more “moving parts” in an operation the more likely the operation will be compromised. Terrorists do not fear death or a lifetime prison sentence, but they do fear getting caught before they make it out of the safe house and successfully execute their attack. Another constraint on terrorists attempting to attack a U.S. target is the expertise of the U.S. law enforcement community in tracking down assailants, and, of particular note, is our forensic expertise. Knowing they will likely die or be caught either during or after the attack, a particular terrorist cell or individual will likely get just one attempt at a particular target. If it is unsuccessful, the forensic abilities of the United States will be brought to bear in tracking down those behind the attack. ACE Security – Module 4 / 13 of 36 Security Next in the attack planning phase is final target selection. Based on the feedback from the surveillance team, the final target is selected (or changed and new surveillance is conducted), and planning for the attack begins. For the 9/11 attacks, the hijackers had previously flown on the flights they would later hijack and had also flown general aviation aircraft down similar flight corridors that they would use on 9/11. Rehearsals may also be conducted during this time, as materials and personnel are recruited and organized for the attack. A final surveillance phase may be included to ensure that the target has experienced no significant changes that would affect the attack. This phase is when Playbook and the use of random security measures can still deter an attack. Once the final attack begins, it is very difficult to stop. Random Anti-Terrorism Measures (RAM) An effective strategy to deter terrorist attacks is to implement Random Anti-terrorism Measures (RAM). RAM procedures focus on conducting random, but planned and publicly visible, anti-terrorism measures. The random measures can create uncertainty in the minds of criminal and terrorist organizers. To be effective, these measures must be visible to the public and must appear to be random. These measures could include: 1. Increased vehicle searches at airfield access points. 2. Increased vehicle searches at public entry points. 3. Uniformed police or security officers conducting additional foot patrols throughout the terminal areas. 4. Searching waiting passengers and their baggage using K-9 teams at the ticket and bag drop areas. 5. Blocking off certain lanes of traffic or closing certain access points. Even active police presence can be an effective deterrent. In 2009, an individual was attempting to commit an act of domestic terrorism in Dallas. While assessing various target sites, the individual determined too high of a police presence at the Dallas/ Love Field Airport and DFW[7, p 181-189], and ultimately selected a fountain in downtown Dallas as his target. He was arrested prior to bombing the fountain. Spotting Suspicious Activity Also in 1986, El Al airline security officials at London/Heathrow Airport discovered an attempt by an individual to place explosives on board an aircraft. The security officials uncovered the plot during a routine security questioning of passengers prior to the flight. Anne Marie Murphy, who was five months pregnant at the time, was carrying explosives in her suitcase, unbeknownst to her. Investigators later discovered that her boyfriend, who had placed the explosives in her bag, was a Syrian intelligence agent. Shortly thereafter, U.S. airlines began the process of asking “security questions,” such as, have you packed your own bags, and have your bags been out of your control since you packed them? While it is unlikely that these questions ever deterred a criminal from taking an explosive or weapon on board, in the U.S., the questions were asked by ticket agents, not security personnel trained in detecting deceptive responses and body language. The lesson learned here is, when adopting successful security procedures, the procedures must retain the key elements that make the process successful, which in this case, would be the use of trained security personnel. Much has been made of the ability to spot suspicious activity and report such activity to the proper authorities, but what exactly constitutes suspicious activity? The complete art or science of detecting suspicious and deceptive activity is far beyond the scope of this text and there are several consulting companies that can train personnel on various levels of behavior assessment. This section will however, introduce the fundamentals and provide information for Airport Security Coordinators to use in assessing whether to implement behavior detection training into their security programs. The fundamentals of detecting suspicious activity is to first understand that every activity has a baseline. If you were to observe a ticket counter for any period of time, you would notice certain patterns; individuals generally behave in rather predictable ways when undergoing the ticketing/bag check-in process. Within a period of time, you will notice the set of behaviors that most people exhibit. You will be able to tell the difference between a nervous, first-time flyer and a seasoned road warrior. With more time, you will be able to distinguish between an upset passenger and one that exhibits unusual behavior for that particular set of circumstances. 14 of 36 / American Association of Airport Executives Module 4 Suspicious activity is a shift away from the baseline. Airport Operations, security and law enforcement personnel who spend much of their time at the airport quickly learn the baseline for the various activities around the airport, and they can often spot when someone deviates from the baseline. For example, individuals checking in for a flight to Orlando are likely families, traveling with a lot of checked baggage and wearing vacation style clothing. In contrast, passengers checking in for a flight to Reagan National Airport in Washington, D.C. are more likely to be wearing business attire, and most of their baggage will be carry-on. Second, suspicious activities tend to come in clusters. While any one suspicious indicator could indicate any number of activities, emotions, or intentions, one should pay particular attention when those activities come in clusters. In the case of Richard Reid, the “show bomber,” he was acting nervous (not uncommon for most flyers), but also had a passport in a country other than his birthplace, was not carrying cash, nor credit cards (i.e. no visible means of financial support on an international flight), had little carry on luggage, not so much as a toothbrush and no checked baggage. For an international flight, combined, this creates a lot of suspicion. Outright suspicious indicators may be10: Questions about the security systems at the airport Note taking, videotaping or photographing screening checkpoints and airfield access points Drawing diagrams or maps of airport facilities People who avoid eye contact, or who depart quickly when approached by authority figures Visitors to facilities arriving or leaving at unusual hours Individuals seen in various locations with no apparent purpose Individuals parking in area to observe security activities (Note: it is common for individual’s to park in areas to observe flight operations) Individuals who seem to be under the control of others Unusual or soiled mail – letters, envelopes or packages Unattended bags or vehicles Unusual interest in attempting to obtain chemicals, large quantities of explosives, household cleaners, official vehicles, uniforms, badges or official identification Unusual questions or circumstances surrounding the possession or reported theft of passports, visas, and other travel documents Interest in or recent completion of “commando” training Attempts to test or penetrate security or response procedures Unusual money transfers or transactions involving overseas persons or business When reporting suspicious activity, the reporting party should provide the location and the time of the activity, a description of the individuals involved, including race, approximate height and weight, clothing and any unusual characteristics (bulky clothing in warm weather, or any of the indicators presented above). Also report any distinguishing characteristics such as hair, sex, visible scars or tattoos, disabilities, facial hair, wearing a hat or other clothing item that stands out. When reporting a suspicious vehicle, report the make, model, color, any damage to the vehicle, any odors associated with the vehicle, or signs of smoke, bumper stickers and the license plate. If the vehicle may contain a potential bomb, move away from the vicinity and attempt to notify law enforcement via a land line, as opposed to a cell phone, which may trigger a detonation. Have a way to remember the identifying information such as the journalists’ method of gathering information for an article: who, what, when, where, why and how. Or, the website www.nationalterroralert.com provides this list of activities to do when you spot suspicious activity – they call it SALUTE: S – Size (Number of people, gender, ages, and physical descriptions) A – Activity (Describe exactly what they are doing) L – Location (Provide exact location) U – Uniform (Describe what they are wearing, including shoes) T – Time (Provide date, time, and duration of activity) E – Equipment (Describe vehicle, make, color, etc., license plate, camera, guns, etc). 10 Note: some of these may be exhibited by passengers, or by those in the workplace. Ex: an airline employee may notice that a co-worker is suddenly buying expensive cars or other materials that is non consistent with their salary, or they are making comments that indicate they are going overseas for some sort of unusual combat training. ACE Security – Module 4 / 15 of 36 Security Anyone spotting suspicious activity should make the appropriate notifications as soon as possible. If you are not law enforcement, do not approach the individual – try to keep them in sight and get to a phone or radio. If you are law enforcement, consider immediately calling for back-up. The individual may be armed and very dangerous. Explosives and Weapons of Mass Destruction (WMD) Numerous types of weapons, explosives and incendiaries are available to criminals and terrorists alike, so this section will not attempt to cover all of them. However, airport and aircraft operator personnel should be aware of the common types of weapons and explosives, and should have a basic understanding of how explosive detection equipment operates. About thirty different types of explosive materials are used today. Below is a list of a few of the types of explosives that an airport or aircraft operator may encounter. Do not always go into a state of alarm when these explosive elements are detected at screening checkpoints, as many times these elements are being carried legally, or there is a legitimate non-criminal reason why individuals may have some of these elements on their person or property. Explosives A variety of materials used in explosives are also in use for non-threatening or dangerous reasons. Airport operators and security personnel may encounter explosive elements in the normal course of their duties, so it is advantageous to understand the most common elements and who and why those elements may be in the possession of an air traveler. The explosives most likely to discover for legitimate use: N G (nitroglycerin) used in mining and the demolition industry, as an Rx by heart patients, and may be carried by nurses, pharmacists, cardiologists and other physicians TNT (trinitrotoluene): used by miners, demolition experts, the military and farmers DNT (dinitrotoluene): a smokeless gunpowder used by law enforcement officers and hunters that might be discovered on hunters traveling to and from their hunting sites Farmers and landscapers use nitrates, but when combined with fuel oil, as in the Oklahoma City bombing, thereby creating an Ammonium Nitrate Fuel Oil mixture (ANFO), the results can be devastating The explosives least likely to be discovered for legitimate use: H MX (octogen) is a military grade high explosive and should only be in the possession of the military, which will have appropriate orders and documentation – however, explosives are prohibited from being carried on board a commercial aircraft. RDX (cyclotrimethylene-trinitramine), also known as C4, is a military explosive and should only be carried by members of the U.S. military. SEMTEX is another high explosive more common to the European military and was the primary element used to bring down Pan Am Flight 103 over Lockerbie, Scotland in 1988. PETN (pentaerythritol tetranitrate), also known as “Det-cord”, is a military plastic explosive but does have some medicinal uses for heart patients, so this may occasionally be found on passengers Trace elements of HMX, RDX and PETN may be found on members of the U.S. military returning from deployment. Ground Security Coordinators are also trained in the various types of explosive elements and would normally be authorized to be in possession of such elements. Improvised Explosive Devices (IED) Improvised Explosive Devices (IED) proved to be among the most destructive devices of the wars in Iraq and in Afghanistan. Analysts estimate that some 50-60% of all attacks in Iraq involve an IED. They are responsible for a significant number of the casualties in both conflicts and have also been used against aviation targets for decades. An IED is any “homemade” explosive device. It features an explosive element, such as dynamite or plastic explosive, an initiating device, such as a fuse or electronic signal, a detonator such as a blasting cap along with a battery of some sort to trigger the detonation and a container. 16 of 36 / American Association of Airport Executives Module 4 IEDs can be placed in nearly any type of container, including ground vehicles, airplanes, boats, suitcases, briefcases, pipes, and backpacks, among others. Many IEDs are disguised as a legitimate item, or in some cases are booby-trapped with a bait item, which entices an individual to trigger an IED. For example, leftover military hardware or deceased individuals are sometimes booby trapped with an IED. Contained within a vehicle, an IED is known as a Vehicle-borne Improvised Explosive Device (VBIED). VBIEDs were used in 1983 to attack the U.S. Marine barracks in Lebanon, then again in 1993 to attack the World Trade Center and in Oklahoma City in 1995 to attack the Murrah federal building. They have been used extensively in Iraq and Afghanistan. IEDs are command-detonated, detonated by movement or a timer, or placed on an individual who is intent on being a suicide bomber. At an airport, an unattended bag is a natural hiding place for an IED and should be treated with special consideration. An excellent training program for ASCs and other involved in airport security, particularly IED response to attend are the course offerings at New Mexico Tech. The college offers courses in Incident Response to Terrorist Bombings (IRTB), Prevention of Suicide Bombing Incidents, and others. Unattended Bag / Suspicious Bag Unattended bags continually challenge airport police and security personnel. It could be lost, or misplaced, or could be concealing an IED. An unattended bag or item is an object that does not have an obvious owner nearby. Although the bag may simply be lost or misplaced, it may also contain an IED. If an item is unattended, it is not usually possible to tell if it contains an IED simply by looking at it, so caution must be used in resolving the problem. Whatever you do, DO NOT TOUCH THE ITEM!!! Upon spotting an unattended bag, first ask people in the immediate area if it is theirs, or if they know where the owner is. If the abandoned item is a vehicle, look for the driver and ask others if they have seen the driver. Also, know where the item is located – is it in the Sterile Area or the Public Area? Does it have any identification or bag tag? Are there visible wires, or large stains on the item? Once you have established that this is an unattended bag and no owner is present to claim it, notify law enforcement11. However, since some IEDs are detonated by cell phone or radio frequencies, try to find a landline or move to a position of cover before calling. If there are visible indicators, such as wires protruding or a noxious smell, you may wish to advance the incident from “unattended” to suspicious. The item or vehicle may also qualify as being suspicious rather than unattended if an individual exercising good judgment, combined with their experience and the facts, would come to a reasonable conclusion that an item is suspicious. If you are uncertain whether the bag is unattended or suspicious, err on the side of caution. If the item does not trigger an alarm, a police officer will likely make the decision as to whether to continue treating the item as suspicious or to take it to lost and found. If the dog or the electronic device alerts on the item, then it may be elevated to a possible IED. Possible IED Once the police respond and the bag alerts either with K-9 or some other method of explosive test, such as a portable ETD device or portable x-ray, the item may be an IED. At this point, the area must be immediately evacuated and the proper response as called for in the incident command section of the Airport Security Program should be initiated. If it is a potential VBIED, then a much larger area needs to be evacuated. The Bureau of Alcohol, Tobacco and Firearms provides an explosives standard chart to help determine appropriate standoff distances based on the size of the item or vehicle. The following steps should be taken or procedures conducted: E stablish a perimeter around the device. Do not forget to evacuate above and below the level the device is on. The FBI, ATFE and other agencies have published blast stand-off distances. There is also an app available from First Responder Support Tools 11 Or if you are law enforcement initiate the appropriate protocols. ACE Security – Module 4 / 17 of 36 Security (FiRST) that shows graphically the proper stand-off distances from various devices, including suggested sites of road blocks and other features. The app also addresses Hazardous Materials release stand-off distances. 1. Notify Explosive Ordinance Disposal (EOD); locate bomb containment unit nearby and arrange for its transport to the incident site. 2. Notify Airport Operations to initiate the incident management bomb threat plan and to activate the Incident Command System. 3. Notify the affected tenants. 4. Notify the fire department and EMS (this may also be part of the incident management bomb threat plan). 5. Establish entrance and extrication routes to the device for responding EOD teams. Depending on the circumstances, be prepared to widen the perimeter and establish new entrance and extrication routes. AGAIN, DO NOT TOUCH THE ITEM. Understandably, this advice should be tempered based on your particular role. If you are a Bomb Appraisal Officer or member of the bomb squad, Explosives Ordinance Disposal unit, K-9 unit or similarly organized operation, then follow your own standards and protocols for handling a potential IED. Keep people away from the area. Look for signs of other unattended bags, as there may be additional devices. Look for suspicious people who may have placed the device and may even be waiting to detonate it. Airport and airline tenants should provide for continuity of business during this time as best as possible. Keep in mind also that IEDs can contain chemical, radiological and biological elements, which increases their lethality. Post IED Blast If an IED detonates, continue implementing the appropriate incident management section of the Airport Security Program and continue to watch for secondary devices. Some devices are placed specifically to target first responders. Watch for unauthorized personnel attempting to access the blast site. Some of these people may be friends and family of the victims, but others may be attackers. In Iraq, IEDs are often used to start an attack, which is followed up with shooters or more explosives. \ If the blast was from a VBIED, there may be large structural collapse and potential structural instability. The Urban Search and Rescue (USAR) team should be called immediately to render assistance in trying to recover victims from the rubble, which, depending on the building type, could be thousands of pounds of cement and bricks, or glass and scaffolding. Hazmat teams should also be called in to determine if the device contained any chemical, biological or radiological elements. Chemical, Biological, Radiological and Nuclear (CBRN) Weapons CBRNs are generally considered weapons of mass destruction. Included in these weapons of mass destruction are radiological weapons or so called “dirty bombs.” Al-Qaeda and sympathetic terrorists groups continue to demonstrate their interest in mass- casualty attacks using chemical, biological, radiological, and nuclear (CBRN) weapons. Although there is no specific information indicating that Al-Qaeda or other groups are currently planning a CBRN attack in the United States, such an attack should not be ruled out. This section will familiarize airport security personnel with the fundamentals of CBRN attacks. The symptoms, effects, causes, and treatment options are too extensive to be covered in this text and there are plenty of field guides available that will allow first responders to quickly ascertain the type of CBRN attack and the appropriate response. For more information, go to the Centers for Disease Control (CDC) website at http://www.cdc.gov/. There are a few dangerous assumptions to make regarding the defense of CBRN weapons. The first is that there is no defense, and that their use is so deadly that there is nothing first responders can effectively do to mitigate fatalities. The second is that it cannot happen “here.” The events of 9/11 showed the United States that it can happen anywhere. Biological and chemical attacks have already happened in the U.S. and abroad and, in all likelihood, it’s not a matter of “if” but “when.” Terrorists have the means, the motive and plenty of opportunity. But there is a defense – airport security professionals can take measures to mitigate, deter and even prevent the use of a CBRN weapon at their facility. 18 of 36 / American Association of Airport Executives Module 4 Notable Bio/Chem Attacks Probably the most surprising news is that chemical and biological attacks have already occurred several times in the United States. 1. In 1972, a United States-based fascist group called the “Order of the Rising” attempted to contaminate the Chicago and St. Louis water supplies with 30 to 40 kg of Typhoid. The group was betrayed by recruits within the organization and the attack never manifested 2. In 1984, followers of the Indian guru Bhagwan Shree Rajneesh spiked salad bars at 10 restaurants in Sheninico, Oregon with salmonella and sickened about 750 people. The cult members had hoped to incapacitate so many voters that their own candidates in the county elections would win. 3. In 1985, federal law enforcement authorities discovered that a small survivalist group in the Ozark Mountains of Arkansas, known as The Covenant, the Sword, and the Arm of the Lord (CSA), had acquired a drum containing 30 gallons of potassium cyanide, with the apparent intent to poison water supplies in New York, Chicago, and Washington, D.C. 4. In 1995 the FBI thwarted a possible Sarin attack at Disneyland. 5. In May 1995, a member of the Aryan Nation was arrested for ordering plague bacteria. 6. Also in 1995, an Arkansas man was arrested possessing 130 grams of Ricin. Outside the U.S., four significant incidents have occurred (with the exception of war time actions such as Iraq’s use of chemical weapons on their own citizens and during the war with Iran). In 1984, the West German “Red Army Faction” was discovered trying to make botulism in a laboratory for use in a potential attack. In 1992, German police thwarted the release of cyanide in a synagogue by neo-Nazis. O  n March 20, 1995, members of Aum Shinrikyo, a quasi-Buddhist cult in Japan, released the chemical nerve agent Sarin on the Tokyo subway, killing 12 people and injuring more than 1,000. The cult had earlier manufactured the Sarin in a laboratory at its main compound in the foothills of Mount Fuji. From April through June of 1995, there were several copycat attacks in Japan of the Aum Shinrikyo attack, using cyanide, phosgene and pepper spray. While a thousand individuals were treated for symptoms, over a thousand more reported to local hospitals believing they had been exposed. I n 1997, two chlorine bombs were activated in a crowded shopping mall in Australia, injuring 14 and causing the evacuation of 500 shoppers. C  hemical/biological terrorism has become more popular due to its heightened fear factor. The Ebola spread in 2014 demonstrates how effective a biological agent is in causing fear and even adjusting travel habits. Biologics are difficult to detect, most often easily, effectively and often anonymously spread by air, and requires extensive decontamination, thus rendering facilities unusable for long periods of time. Some agencies believe that chemical/biological devices are easier to manufacture; however, there is debate on this point. While Nation-States often have the facilities and resources to produce weapons of mass destruction in larger quantities, the Anthrax attacks via the mail shortly after 9/11 demonstrate a lower cost approach to chemical/biological attacks. Terrorists do not need large quantities of chemicals or biological agents, particularly if their target is in an enclosed space such as a shopping mall, convention hall or airport. In fact airports are ideal targets for chemical and biological agents, as they are a high profile enclosed space where there are large transient crowds. Biological Weapons The primary route of entry for a biological weapon is through inhalation, causing disease that overcomes the body’s immune system. Self-contained breathing apparatus and structural firefighting clothing provides adequate protection for first responders, but biological weapons should be treated with the utmost care. Several biological agents, such as the plague, skin anthrax or salmonella (ingestion), are transmitted by skin contact, so first responder equipment should be decontaminated as soon as possible. ACE Security – Module 4 / 19 of 36 Security A biological weapon uses a bacteria or virus, or in some cases toxins that come directly from bacteria, to kill people. Dumping a load of manure or human waste into a town’s water supply would be a simple form of biological warfare – human and animal manure contain bacteria that are deadly in a variety of ways. However, today’s modern filtration systems should require that a significantly large amount of toxins would need to be used to overwhelm the filters. In the 19th century, some American Indians were infected with smallpox through contaminated blankets. A modern biological weapon could use a strain of bacteria or a virus to kill thousands of people. Tom Clancy has explored the idea of biological terrorism in two books: Executive Orders and Rainbow Six. In both books, the source of infection was the Ebola virus. In these plot lines, the infection is spread through small aerosol cans (like those used by insecticide products to create “bug bombs”) released at conventions, through misting systems used to cool sports venues, or by an agricultural aircraft. With hundreds of thousands of passengers coming from all over the world, airports are excellent locations for spreading a biological virus. In 2003, after the outbreak of the SARS virus in China, some countries and airports refused to accept passengers from the host country. A similar scare was brought back again in 2009 with the bird flu pandemic. Even as a hoax, a biological weapon can have a significant negative economic impact. Unfortunately, the elements of biological weapons are available through the pharmaceutical community. The most common types of biological weapons are Anthrax, Smallpox, Botulin Toxin, Ebola, Ricin and Bacillus Anthracis. Chemical Weapons Terrorists have considered a wide range of toxic chemicals for attacks. Typical plots focus on poisoning foods or spreading the agent on surfaces to poison via skin contact, or spreading chemical weapons by using agricultural aircraft. A chemical weapon is any weapon that uses a manufactured chemical to kill people. Chemical weapons are broken down into four categories: 1. Nerve agents disrupt the communications between the body’s nerves and brain, causing continual nerve over-stimulation. 2. Blistering agents cause waste-filled blisters on the skin or internal organs (like the lungs). 3. Blood agents prevent the transfer of oxygen from the bloodstream to body tissue. 4. Choking agents cause the victim to choke, and often create internal blisters and water-filled lungs. Of these four different types of agents, nerve agents are considered to be the most deadly. It would take 40 times more blood agent to equal the same effect of a shot glass full of a nerve agent. Another chemical agent, called an irritant agent, is not considered a weapon of mass destruction, but could cause panic if used in a public area. Tear gas, mace and pepper spray are most often used for riot control, and in small doses, have non-lethal effects unless the victim suffers from other ailments such as heart or respiratory problems. Many modern airports use mass transit systems or trains of one form or another to move passengers from the terminal buildings to the concourses, or from concourse to concourse. These confined spaces, unfortunately, make excellent delivery points for a chemical weapon. A benefit to chemical weapons from a first responder perspective is that they generally dissipate quickly in the open air. Therefore, chemical weapons are most deadly in a confined environment. The most common types of chemical weapons are Sarin, VX (nerve agent), Mustard Gas and Lewisite. There are essentially three ways to distribute a biological or chemical weapon: 1. Through the air (most effective) 2. Through a municipal water supply 3. Through the food supply Airborne delivery is generally considered to be the most deadly, and can be delivered in a variety of ways including: 1. A bomb or a missile explodes, spreading the chemical or biological agent over a wide area 2. A crop-duster or other aircraft sprays the agent over a city 3. A car or truck drives through the city, spraying a fine mist along city streets in crowded areas 4. Small bombs or aerosol canisters are released in crowded areas like subways, sports arenas or convention centers 20 of 36 / American Association of Airport Executives Module 4 Nuclear/Radiological Most security experts agree that the most devastating terrorist attack would be a nuclear explosion. The world lived with the threat of nuclear weapons throughout the Cold War. However, when the Cold War ended, many people falsely believed it also meant the end of the threat of nuclear attack. Unfortunately, this could not be farther from the truth. In fact, the end of the Cold War brought about new concerns with regards to the security of the nuclear weapons, and nuclear weapon material already existing in the world. One threat is the delivery of a nuclear weapon aboard a general aviation aircraft. Most nuclear weapons are large devices and would not easily be carried in checked baggage or cargo areas of commercial aircraft. Due to the size of most nuclear devices, there is a higher probability of a terrorist attempting to deliver a large nuclear weapon on board a ship (to detonate in one of the many port cities in the United States), or on a train. There is, however, considerable evidence of the loss of “backpack nukes,” by the former Soviet Union. Backpack nukes are small 1-10 kiloton nuclear devices that were developed during the Cold War. The Defense Nuclear Detection Office (DNDO), a division of the Department of Homeland Security, is charged with the detection of attempts to import, possess, store, develop, or transport nuclear or radiological material for use against the United States. Both the FBI and the DNDO have assessed the possibility and likelihood of a risk of a terrorist group using a general aviation aircraft to deliver a nuclear device over a target population. During the Cold War, a nuclear airburst was designed to cause the widest amount of destruction. While a ground burst detonated at ground level would certainly create a massive amount of destruction, an air burst has the capacity to spread radiation much further and extends the electromagnetic pulse, which would knock out virtually anything electrical for miles around. Cell phones and radios would be completely inoperable, as would most vehicles and anything requiring electrical power. If a nuclear explosion occurred at an airport of a magnitude of at least 10 kilotons, the airport, and everything else within a 1/3 mile radius, would be vaporized or completely destroyed. Buildings out to 3/4 of a mile would resemble the Murrah building in Oklahoma City, with fatal doses of radiation to everyone in the area. Out to a mile away from the ground zero blast point, there would be massive fires and radiation (Source: www.nuclearterror.org). The only recovery would be rebuilding the airport in a different location so as to avoid the lingering radiation in the soil. There is little an Airport Operator can do to prevent such an attack. Radiation detectors can be installed on incoming access roads, but the response to such an alarm would have to be immediate. One recovery option for restoring commercial service operations may be to enlist the aid of the general aviation airports or other nearby commercial service airports. In a 1981 article published in the Air University Review, the authors suggested that part of the recovery of commercial air operations after a nuclear attack on the U.S. would be to employ the general aviation fleet and its pilots, to first fly essential missions, and then eventually, commercial operations until normal commercial ops could be restored. Airport Operators must also consider that a nuclear attack may be directed at a city or metropolitan area, not necessarily at the airport itself. In fact, depending on the location of the attack, the airport may be spared any significant damage. In that case, Airport Operators must be ready to shift their airport’s operation to assisting with rescue, recovery and restoration efforts. When Hurricane Ivan hit Pensacola, Florida in 2004 and eliminated the capability of the U.S. Navy to use their numerous bases in the area for rescue and recovery operations, Pensacola Regional Airport fulfilled the role. When Hurricane Katrina struck New Orleans in 2005, Louis B. Armstrong International Airport fulfilled a similar role, as did numerous other airports in the region. A dirty bomb or Radiological Dispersal Device (RDD) combines a conventional explosive, such as dynamite, with radioactive material. In most instances, the conventional explosive itself would have more immediate lethality than the radioactive material. According to the Nuclear Regulatory Commission, with the levels created by most probable sources, there would not be enough radiation present in a dirty bomb to kill people or to cause severe illness. For example, most radioactive material employed in hospitals for diagnosis or treatment of cancer is sufficiently benign that about 100,000 patients a day are released with this material in their bodies. However, certain other radioactive materials, dispersed in the air, could contaminate up to several city blocks, creating fear and possibly panic and costly cleanup. Prompt, accurate, non-emotional public information might prevent the panic sought by terrorists. A second type of RDD might involve a powerful radioactive source hidden in a public place, such as a trash receptacle in a busy train or subway station, where people passing close to the source might get a significant dose of radiation. A dirty bomb is in no way similar to a nuclear weapon. The presumed purpose of its use would be, therefore, not as a Weapon of Mass Destruction but rather as a Weapon of Mass Disruption. ACE Security – Module 4 / 21 of 36 Security Countermeasures Airport Security Coordinators should desire to make their particular facility so unattractive to terrorist acts that the terrorist selects another target. If that other target is also an airport, hopefully the airport security professional at that facility has done his/ her job well enough to make that facility unattractive to attack. Ideally, this trickle-down effect would lead the terrorist to a non- aviation target, whereby other transportation security professionals would be responsible for making their facilities unattractive to attack. This concept is known as: Not on My Watch. This slogan acknowledges that while you personally cannot stop all terrorist attacks, even at your own facility, you should focus on those areas of the system, which you can control. One of the most effective countermeasures is communication. To ensure airport tenants and aircraft operators have the correct emergency contact information, the airport can create plastic credit-card sized phone number cards. These can be attached near a phone or issued to personnel to attach to their airport ID badge lanyard (or similar fastener). The card can include the phone numbers for the police, fire/rescue dispatch (since not all 911 calls will go to an airport’s dispatch center), airport administration, operations and maintenance, Customs and Border Protection Office and Air Traffic Control Center. Another highly effective countermeasure is the cooperation of agencies with aviation security responsibilities. Each agency, the TSA, the FBI, the airport, the aircraft operator, etc., has a role to play within the system. Working with, instead of against, each other provides a unified front against the terrorist threat. ASC’s should become very involved and have an understanding of the intelligence agencies, resources and organizations that are available. The TSA, FBI and industry trade associations all provide intelligence and information through a variety of channels. From the AAAE’s daily SmartBrief on aviation security issues and their Transportation Security Policy committee, to the local airport security consortium, ASC’s cannot effectively operate in a vacuum of information. Knowing your resources, both informational and specialized units, will help the mission of the ASC to not allow the attack to happen on their watch, and if it does, to rapidly mitigate the effects of an attack. TSOC and HSOC The Homeland Security Operations Center is the central command center for the Department of Homeland Security. HSOC is charged with the collection and assessment of intelligence information related to preventing terrorist attacks and with, sharing such information with other federal, state and local law enforcement agencies. Much of the intelligence traffic that is disseminated to airports comes through the HSOC, and when a major security incident happens, HSOC can activate their Interagency Incident Management Group (IIMG) to provide support to that event. The IIMG provides strategic situational awareness, synthesizes key intelligence and operational information, frames operational courses of action and policy recommendations, anticipates evolving requirements, and provides decision support to the Secretary of Homeland Security and other national authorities during periods of elevated alert and national domestic incidents (Source Department of Homeland Security). Additionally, the HSOC provides event information to the White House Situation Room, constantly compares threats with existing vulnerabilities and can thus raise the threat condition accordingly. Using satellite imaging and other technologies, the HSOC can develop a real-time operational picture on 16 flat-panel, 50-inch display screens. TSOC stands for the Transportation Security Operations Center, which serves as an operations watch center for transportation security issues. When a security incident occurs at an airport or on an aircraft, the TSOC should take an active incident management role in those events. The TSOC also monitors the status of passengers traveling on commercial flights, such as those on the No Fly or Selectee lists. TSOC maintains a 24-hour watch. For the current phone number check with the Federal Security Director, as the numbers may change from time to time. At some airports, only the TSA makes contact with the TSOC; however, other airports allow their ASC or even airport operations or communications center personnel – under the direction of the ASC – to contact TSOC. 22 of 36 / American Association of Airport Executives Module 4 Special Security Incident Considerations The TSA requires airports to address each of the following in their emergency plans: 1. Hijacking 2. Bombings and Bomb Threats 3. Shooting 4. Sabotage 5. HazMat Incident 6. Airport Attack 7. MANPAD Attack (not specifically in ASP, but TSA is required to have a plan). 8. Airplane crash (cause unknown) By no means is this section meant to be a comprehensive guide for specific actions that should be taken for each of these incidents, but only provides general guidance. Airport security professionals should consult with local law enforcement, the FBI, the TSA, FEMA and other agencies when developing specific incident response plans. Despite numerous Hollywood portrayals of the good guys taking down the bad guys during a hijacking or similar event, in the real world of incident response, not everyone follows the script – equipment that is supposed to work doesn’t, communications break down at the worst times, people aren’t where they are supposed to be when they are supposed to be there, the bad guys don’t just voluntarily line up to get shot, and generally, if anything can go wrong it will. Case in point, the 1994 hijacking of Air France 8969– the takedown of which can be see on YouTube and should be part of any ASC film library. During the incident, the hijackers were dressed as customs agents, they ordered the aircraft to park next to the tower so that if they blew up the plane, they would take the tower with it – they shot several hostages and generally didn’t cooperate at all. When the French special forces troops began their takedown, the airstairs were misaligned with the aircraft door which jammed the door shut, hijackers fired out through the fuselage of the jet, the First Officer blocked the sniper’s shot of the hijacker in the cockpit, and when passengers began evacuating, they came from multiple doors and scattered everywhere, with French police trying to corral everyone on the ramp. Contingency plans, as well as incident management responses and plans, should be routinely evaluated, and every plan should be exercised as frequently as possible. Numerous scenarios should be explored. Arrival of FBI may be several hours away, which means that local airport law enforcement will be the first responders to a hijacking or similar event and must understand how to handle the situation until federal authorities arrive. In cases involving the unlawful interference with aircraft, ICAO recommends the following: The safest place for an aircraft under an unlawful act is on the ground. The aircraft should be parked in an isolated area to minimize disruption to normal airport operations. The overriding objective is the safe release of passengers and crew. Confront the perpetrators with an organized and effective response to minimize damage or injury. Negotiations should prevail over force until all other options are exhausted. Trained negotiators should only conduct negotiations. Decision-makers who can make decisions regarding the perpetrator’s demands should not be negotiators. Secure communications equipment available for negotiators and perpetrators should be readily available. In the attempted bombing of the Northwest Airline flight into Detroit in 2009, due to communications breakdowns, the aircraft was not taxied to the isolated parking position but instead to the gate. All agencies and personnel who are part of any contingency plan should clearly understand their duties and responsibilities within the plan. Others are relying on each agency or individual to fulfill a particular role or function and not understanding your role or function, lets someone else down and may even have catastrophic consequences. Further, any entity that must be notified during the activation of a contingency plan should ensure that its contact information is up to date and on file with the appropriate entity (airport or aircraft operator security personnel). ACE Security – Module 4 / 23 of 36 Security Hijackings Hijackings have taken on a new meaning since 9/11. No longer can ASC’s make the assumption that hijackers are merely interested in having some government or organization meet their demands, like the release of prisoners. With the demonstrated willingness of the Al-Qaeda terrorist organization to conduct suicide attacks with commercial airliners, it is critical in any hijack situation to keep the aircraft on the ground. Hijack training and exercises for airport security personnel should focus on how to keep an aircraft from taking off, and what other actions to take while waiting for the appropriate law enforcement authorities to arrive. An additional consideration is that, in most cases, airport police or sheriff’s deputies are the first to arrive on scene and will often set up a security perimeter around a hijacked aircraft. Upon arrival of the FBI and potentially the FBI’s Hostage Rescue Team, provisions must be made by the airport to changeover local law enforcement coverage to the FBI, set up a staging area for FBI personnel, and establish an area for the FBI hostage negotiation team. Airports should also work with local law enforcement, FBI and TSA personnel to designate an area where hijacked aircraft should be parked. This location should include vehicle access roads and ideally some protected staging areas, such as a firehouse. On November 26, 1985, an EgyptAir Boeing 727 was hijacked on a flight from Greece to Cairo, Egypt. Three terrorists hijacked the flight 22 minutes after takeoff. Egyptian sky marshals engaged in a shootout with the hijackers. The flight landed in Malta. Ten hours later, Egyptian troops stormed the aircraft, killing 56 out of 88 remaining passengers and one terrorist. One lesson that seems clear from this incident is that only specially trained troops should be used to storm a hijacked aircraft. Some criticized the troops for storming the aircraft, but others pointed out that terrorists already were killing hostages; so storming the aircraft was an acceptable risk. In the United States in April of 1999, law enforcement agencies were criticized for not immediately rushing inside Columbine high school during student shootings that left 15 dead and over 30 wounded. The question for incident commanders remains: is it better to use ill-prepared and ill-trained personnel when lives are threatened, or will their use cause more damage? Fortunately, the Columbine shootings allowed law enforcement agencies to develop tactical response strategies to rapidly developing incidents. Airport security personnel should ensure their law enforcement officers are trained in these tactics and conduct exercises to be able to rapidly respond to a hijacking or shooting in the airport. Despite the traditional TV method of “trading hostages”, airport security personnel should absolutely avoid the role of hostage negotiator, and definitely should never “trade” themselves or allow other personnel to trade themselves for other hostages. Law enforcement and FBI personnel can respond rapidly to virtually any location in the United States, and even the FBI Hostage Rescue Team can respond just about anywhere within the U.S. in a few hours. Bombings and Bomb Threats One of the most interesting statistics regarding bomb threats is that, to date there are few recorded incidents in the United States of a bomb threat being made prior to an actual device exploding at a US airport. More often than not, a bomb threat caller desires to create anxiety and panic and to disrupt normal operations. It is important to pay attention to such threats, as this disruption may be to cover other nefarious activity. Additionally, simply because the statistics say that most bomb threats do not turn out to be actual bombs does not mean that this will be the case in the future. Sometimes, individuals call in bomb threats and have actually planted a bomb, but they desire to minimize personal injuries. Bomb threats called into airports should evaluated, responded to and then immediately reported to the TSA and the FBI. Airports should also develop contingency plans to evacuate critical facilities. Most bomb threats at airports are made directly to the airlines, who are also obligated to immediately contact the TSA, the FBI, and the airport operator. Part of bomb threat management is searching the facility, and, ironically enough, the individuals most qualified to search a facility are the individuals who work in the building, as they are the first to notice something that is out of place. Airport operators may want to consider implementing into their bomb threat contingency plan a request for employees to immediately search their workspace and leave a note on their desk or office door noting that they found nothing out of place (or that they did find something out of place) prior to evacuating their location. Additionally, employees with office windows should leave those windows open whenever possible to mitigate pressure blast effects. Employees must, of course, never touch anything they suspect to be an explosive device. 24 of 36 / American Association of Airport Executives Module 4 Essentially there are three types of bomb threats: telephone, written threats (including e-mail, text, Twitter, Facebook or other social media posting), and mail or package bombs. Personnel at the airport postal facility should be trained in the identification of suspicious packages. This is often the responsibility of the U.S. Post Office, but extra training for airline personnel handling U.S. mail is an additional countermeasure. All personnel in a public contact capacity, including communications center and paging center personnel, should be provided with training and materials on how to handle a bomb threat. The FBI provides a Checklist Bomb Threat Card, which is placed near a telephone and provides questions to ask and places to write information about the caller (male or female voice, rapid or slow talker, nasally or raspy voice, background noises, spoken language, etc). Employees should also be trained not to use airport radios, cell phones or two-way pagers near a suspicious explosive device, as the radio frequencies used by those devices may trigger a bomb. Bomb threats most often come in two forms at an airport, either a potential bomb in checked baggage and already on board an aircraft, or in an unattended bag somewhere in the airport. In the case of an unattended bag, the immediate area should be evacuated and the bag not touched by anyone other than trained law enforcement personnel. Bomb and unattended bag quick reference procedures include: 1. Take all threats and calls seriously. 2. If an unattended bag, repeatedly page the owner (if known). 3. Regard any unidentified or abandoned bag as a potential explosive. 4. Evacuate and cordon off the surrounding areas. 5. Contact the police and do not use cellular phones or radios near the bag. Bomb threats onboard an aircraft while on the ground include: Disembark all passengers (avoid using the emergency slides unless in an extreme emergency). Move the aircraft to a remote location. Re-screen all baggage and passengers. Re-screen all cargo. Check catering supplies. Search the aircraft (usually can be done quickly and effectively with a K-9 team). Vehicle-Born Improvised Explosive Device attacks have been used throughout history, but two incidents affected aviation, the bombing of the Murrah Federal Building in Oklahoma City in 1995 and the bombing of the World Trade Centers in 1993. The attacks pushed forward the “300-foot” rule, which required vehicles to park at least 300 feet away from an airport terminal building. The rule was used sporadically throughout the 1990s – blast assessments and building blast mitigation designs has eliminated the use of the rule in many cases but it is still occasionally used and is a good “rule of thumb” for estimating the stand-off distance of a VBIED. Note that 300 feet is the stand-off for a vehicle loaded with an estimated 3000-4000 pounds of ammonium nitrate and fuel oil but should NOT be used as a “safe” distance for the purposes of evacuation. The FBI and ATF publishes an evacuation card that is open-source and easily available on the Internet for such purposes While it is difficult to deter a VBIED attack, particularly a suicide bomber attack driving a truckload full of explosives, from hitting the terminal building, there are some basic strategies. The Glasgow Airport successfully mitigated just such an attack in 2007 by installing bollards in front of their terminal building. Other technologies, include smart CCTV systems that can watch for unattended vehicles, undercarriage CCTV systems to search underneath vehicles approaching the landside areas, and weight detecting systems installed on terminal inbound approach lanes to determine if a vehicle is carrying more weight than should be expected. Suicide Bombers Although it may seem that suicide bombers are fairly new phenomena, they have been around in aviation since 1961, when Julian Frank took out an insurance policy on himself, then stepped onto an airliner with a suitcase loaded with dynamite. Afterwards, ACE Security – Module 4 / 25 of 36 Security there were several other instances including in 1973 and 1976, when suicide bombers detonated bombs made with dynamite in the lavatory of a commercial service aircraft (oddly, enough, the same plane twice – it was not destroyed either time). The main difference with Frank is that his apparent purpose was to kill himself in a way that would leave insurance proceeds to others. His motive was not terrorism in the traditional sense. According to Robert A. Pape and James K. Feldman, authors of Cutting the Fuse: The Explosion of Global Suicide Terrorism and How to Stop It (The University of Chicago Press, Chicago, IL, 2010), foreign occupation (perceived or real) of a land ignites suicide terrorism. Their research indicates that for the last 30 years, the reason for the vast majority of suicide attacks has been foreign occupation. The 9/11 attacks were also part of this theory, with Al-Qaeda’s perception that the U.S. has occupied several countries in the Middle East throughout history. According to Pape/Feldman, suicide terrorist attacks propelled anxiety and fear to levels few Americans had experienced in their lifetimes. Terrorists have learned that suicide terrorism can work. Combine suicide terrorism with an active shooter attack and the results can be devastating. In August 2004, two suicide bombers boarded two Russian airliners and downed both of the aircraft. In Iraq and Afghanistan, suicide bombings have been carried out against civilian and military targets numerous times. In 2007, an individual attempted a suicide bombing at the Islamabad Airport in Pakistan, but he was shot by police before he could detonate the

Use Quizgecko on...
Browser
Browser