Cover Page
ACE – Security
Module 1
Page 2
American Association of
Airport Executives
Accreditation Module 1
Airport Certified Employee (A.C.E.) Security
The History of Aviation Security
Aviation Security Policy Development
Roles and Responsibilities
Jeffrey C. Price, M.A., C.M.
Owner - Leading Edge Strategies
Associate Professor – Metropolitan State College of Denver
Table of Contents
Introduction ..................................................................................................................................... 1
Introduction ................................................................................................................................. 1
Module 1 Objectives ....................................................................................................................... 2
Abbreviations Used in this Module ................................................................................................ 3
The History of Air Terrorism and the Development of Policy and Procedures ............................. 4
The History of Air Terrorism ...................................................................................................... 4
The International Civil Aviation Organization (ICAO).............................................................. 6
The Tokyo Convention, 1963 ................................................................................................. 8
The Hague Convention, 1970 ................................................................................................. 8
The Montréal Convention, 1971 ............................................................................................. 8
Post 9/11 and Today................................................................................................................ 9
The Beginning of Air Terror ....................................................................................................... 9
The U.S. Government Responds ............................................................................................... 11
Air Terror in the 1970s ............................................................................................................. 12
Air Terror in the 1980s ............................................................................................................. 13
Air India Flight 182 – PPBM and Checked Bag Screening.................................................. 13
TWA Flight 847 – Flight Crew Training and Grounded Aircraft ........................................ 14
Rome and Vienna – Airport Attacks ..................................................................................... 15
EgyptAir 648 – Sky Marshals and Commandoes ................................................................. 16
Air Lanka – Employee Facilitated Attack ............................................................................ 16
Pan Am Hijacking – Disable Aircraft and Ramp Security ................................................... 17
El Al Attempted Bombing – Passenger Profiling ................................................................. 17
Korean Airliner Bombing – State Sponsored Air Terror ...................................................... 17
PSA Flight 1771 – Employee Identification ......................................................................... 18
Pan Am Flight 103 – Lockerbie, Scotland ............................................................................ 18
Avianca Flight 103 Bogotá, Colombia – Narco Terrorism................................................... 21
Aviation Security Improvement Act of 1990........................................................................ 21
Air Terror in the 1990s ............................................................................................................. 22
The World Trade Center Bombing and the Oklahoma City Bombing – non aviation events
with impacts on aviation security ......................................................................................... 22
FedEx Flight 705 – Employee Hijack Attempt..................................................................... 23
Air France Flight 8969 .......................................................................................................... 23
The Manila Air Plot – Operation Bojoinka........................................................................... 25
TWA Flight 800 .................................................................................................................... 25
Aviation Security and Anti-terrorism Act of 1996 ............................................................... 26
Millennium Bomber – Airport Attack .................................................................................. 27
Problems in Aviation Security Continue .............................................................................. 28
The Airport Security Improvement Act of 2000................................................................... 28
September 11, 2001 .................................................................................................................. 29
Introduction ............................................................................................................................... 33
The Aviation and Transportation Security Act of 2001............................................................ 33
Key Issues ............................................................................................................................. 36
Aviation Security Events since 9/11 ............................................................................................. 42
LAX Airport Shooting – Terminal Attack ............................................................................ 42
Russian Airliner Bombings ................................................................................................... 43
Liquid Bomb Plot – Again .................................................................................................... 43
Attacks on Aviation Continue into the 2010’s ...................................................................... 44
Summary ................................................................................................................................... 46
The Aviation Security System: Agencies, Entities and Responsibilities ...................................... 47
The Department of Homeland Security .................................................................................... 47
The Transportation Security Administration ............................................................................ 47
The Federal Security Director ............................................................................................... 48
Federal Air Marshals............................................................................................................. 50
The Canine and Explosives Program .................................................................................... 51
Explosives Unit ..................................................................................................................... 51
Screening Passengers by Observation Techniques (SPOT).................................................. 51
Aviation Direct Access Screening Program (ADASP) ......................................................... 52
Other Government Agencies................................................................................................. 52
Airport Security ........................................................................................................................ 53
The Airport Security Coordinator ......................................................................................... 53
Law Enforcement .................................................................................................................. 53
Airport Operations ................................................................................................................ 54
Air Carrier Security................................................................................................................... 54
The Airline Station Manager ................................................................................................ 54
Aircraft Operator Security Coordinator (AOSC) .................................................................. 55
Ground Security Coordinator (GSC) .................................................................................... 55
In-Flight Security Coordinator .............................................................................................. 55
Corporate Security and Loss Prevention............................................................................... 55
Industry Organizations .................................................................................................................. 56
Summary ................................................................................................................................... 56
References ..................................................................................................................................... 57
From the Author
Ten years after 9/11, we have updated the ACE-Security modules for the third, and not
likely the last, time. Many events in aviation security occurred during the past decade and
the modules have evolved as well. This module update includes information about the
attacks on aviation since the 2007 update, as well as policy and procedural changes. The
modules are also becoming focused on the role of the Airport Security Coordinator and
the responsibilities of the airport operator in aviation security, rather than a broad-based
look at all things avsec. Consider this the Expert ASC course. This module update has
reduced some of the details in the history, policy development and airline security areas
to make room for more information related to the ASC.
While these modules will be as up-to-date as possible upon publication, the industry
never stops evolving, and threats and attacks on aviation are ongoing. If you see
something out of date, please write to me at jcprice@leadingedgestrategies.com so I can
correct it in future versions.
While Airport Security Coordinators and airport directors have different perspectives on
the role of the TSA and the Federal Security Director at their airports, it is the position of
AAAE that the best practices approach to airport security is to work cooperatively rather
than uncooperative with the federal government.
Additionally, although regulations and certain guidance documents, such as the TSA’s
Complete Airport Security Program guide, delineate what actions must be taken to
ensure compliance, Federal Security Directors and others have differing interpretations of
the regulations and the guidance. Therefore, what may be approved (or not approved) at
one airport may not be the case at another simply due to different interpretations from the
FSD’s at those locations.
Thank you,
Jeffrey C. Price, M.A., C.M.
Owner, Leading Edge Strategies
Associate Professor, Metropolitan State College of Denver
Lead Author: Practical Aviation Security: Predicting and Preventing
Future Threats, Butterworth Heinemann, 2009.
April 1, 2011
ACE – Security
Module 1
Page 6
Introduction
Introduction
The purpose the ACE-Security program is to enhance the knowledge of individuals who
operate on an airfield and share in the responsibility for the safety, operation, security and
maintenance of airports. A secondary goal is to prepare individuals for the AAAE
Certified or Accredited Member programs.
Successful study and completion of an examination over this module and three others
will result in recognition as an Airport Certified Employee – Security (ACE–Security).
The certification represents that each individual has received focused instruction on the
current operating practices and knowledge requirements of Title 49 Code of Federal
Regulations (CFR) Section 1500 (and associated parts). This course covers all sections
during a three-day period. A comprehensive, multiple-choice exam is administered on the
fifth day. A score of 70 or higher will result in certification as an ACE–Security.
The A.C.E. – Security course is designed to raise the level of awareness and
understanding of security to an airport staff member, allowing that individual to make
better decisions and judgments when assessing hazards and risks at the airport.
The program also allows the individual to implement the requirements of the
Transportation Security Administration’s regulations and best security practices.
ACE – Security
Module 1
Page 1
Module 1 Objectives
•
Explain the role of ICAO and it’s impact on aviation security regulations and
practices
•
Know the lessons learned in regards to the key terrorists and criminal attacks on
aviation
•
Explain the impact of legislation on aviation security
•
Know the roles and responsibilities of individuals and entities within the aviation
security system
ACE – Security
Module 1
Page 2
Abbreviations Used in this Module
AOA – Air Operations Area
AOSC – Aircraft Operator Security Coordinator
ASC – Airport Security Coordinator
BATF – Bureau of Alcohol, Tobacco and Firearms
CASFO – Civil Aviation Security Field Office
CHRC – Criminal History Records Check
DHS – Department of Homeland Security
EDS – Explosives Detection System
ETD – Explosives Trace Detection
FAA – Federal Aviation Administration
FBI – Federal Bureau of Investigation
FSD – Federal Security Director
GSC – Ground Security Coordinator
IATA – International Air Transport Association
IED – Improvised Explosive Device
ICAO – International Civil Aviation Organization
LEO – Law Enforcement Officer
NTSB – National Transportation Safety Board
SARP – Standards and Recommended Practices
TSA – Transportation Security Administration
WMD – Weapon of Mass Destruction
WTMD – Walk Through Metal Detector
ACE – Security
Module 1
Page 3
The History of Air Terrorism and the Development
of Policy and Procedures
The History of Air Terrorism
The development of policy and procedures within the aviation security
system are most often traced back to specific terrorist or criminal acts.
Unfortunately, many of today’s security measures have been paid for with
the deaths of innocent lives. Aviation security policy has, unfortunately,
been highly reactive. However, one is hard pressed to imagine that the
U.S. could have implemented today’s security measures if the events of
9/11 had never occurred. While there were gaps in the system, it was not
for a lack of trying to close those gaps on the part of many aviation
security practitioners who were in the industry prior to 9/11 – many of
whom are still in the industry today, still trying to keep our nation’s
airways safe.
For many Americans, the terrorist attacks on 9/11 were a shock due to the
enormity of the crime but also because no one had ever considered that
style of attack. The U.S. aviation security system, and for that matter,
much of the world’s aviation security system, was designed to prevent or
deter bombings and “traditional” hijackings, such as those conducted for
political or financial motives. Few recognized the possibility of using an
aircraft as a weapon of mass destruction.
However, versions of the aircraft-as-WMD scenario have occurred or been
attempted several previous times, both in reality and in fiction. A few are
noted here:
•
In 1970, Eastern Airlines passenger John Devivo stormed
the cockpit with a gun, ordering the pilot and first officer to
fly around until the plane ran out of fuel and crashed. Shots
were fired, wounding the copilot, and Devivo was shot
twice as bullets flew out the cockpit door into the passenger
cabin. Devivo was subdued, and the plane landed safely.
•
In 1972, three accused rapists took over a commercial
flight and threatened to crash the plane into a U.S. nuclear
power plant.
•
In 1974, Samuel Byck, armed with a handgun and a
gasoline bomb, shot his way onto a Delta Airlines jet at the
Baltimore Airport intending to crash the plane into the
White House. A police officer and the aircraft’s First
Officer were both killed. The aircraft never left the gate
before Byck himself was shot by a responding officer.
ACE – Security
Module 1
Page 4
•
Also in 1974, Army Private Robert Preston flew a stolen
helicopter to the White House, hovering for several minutes
before landing on the South Lawn.
•
In 1987, disgruntled airline employee David Burke on PSA
Flight 1771 stormed the cockpit over San Luis Obispo,
California, shot a passenger, then stormed the cockpit and
killed both pilots. He then committed suicide as the plane
plummeted out of control, crashing and killing all 43
onboard.
•
In 1994, Federal Express employee Auburn Calloway was
jump-seating on a FedEx flight when he attacked both
pilots with hammers, planning to kill the pilots and crash
the plane. Despite severe injuries to the Captain, First and
Second Officer, they were able to prevent Calloway from
taking over the plane and landed safely.
•
Also in 1994, the Armed Islamic Group took over an Air
France jetliner and planed to crash it into the Eiffel Tower
in Paris. French commandoes stormed the plane and killed
the hijackers while the plane was on the ground refueling.
•
Again in 1994, Frank Corder crashes a Cessna 150 into the
White House.
•
Even in fiction, using an aircraft as a Weapon of Mass
Destruction had been imagined. In the Tom Clancy novel,
Debt of Honor, an airline captain is himself the hijacker;
he intentionally crashes his Boeing 747 into the U.S.
Capitol. In 1999, the diary of Columbine killer Eric Harris
contains a plot to hijack an aircraft and crash it into New
York City.
However, the lack of success and an overwhelming number of bombings
and hijackings (at least 700 hijackings throughout the world since the
beginning of aviation) helped form the policies that would prevent more
casualties from these types of attacks, but may have also kept our attention
focused on a particular style of hijacking, while ignoring, or not realizing,
other options available to hijackers.
While there have been a few incidents prior to 9/11 in which hijackers
attempted to crash an aircraft into the ground, in virtually all instances,
few believed that the hijackers themselves would pilot the aircraft. In all
of the previous actual incidents, the hijackers attempted to force the pilots
to fly into the ground – which is an unlikely expectation. There are only
three exceptions – two incidents in which the aircraft captain crashed his
ACE – Security
Module 1
Page 5
own plane, and in the fictional Clancy novel above, the captain was also
the “hijacker.”
Air terrorism historically has been reflected in acts of hijacking and
bombings. There have been a handful of surface-to-air missile attacks, a
few airport shootings and bombings, and even a couple of mortar attacks
on airports, but primarily, aviation policy has been built on the premise of
preventing hijackings and bombings.
Criminal acts are also part of our aviation security record. Assaults on
airport employees, airline crewmembers and other passengers (air rage),
and sabotage of aircraft and airport facilities are on the list of common
criminal activity.
The International Civil Aviation Organization (ICAO)
The International Civil Aviation Organization (ICAO) was established in
Chicago on December 7, 1944, at the Convention on International Civil
Aviation to “…secure international co-operation and highest possible
degree of uniformity in regulations and standards, procedures and
organization regarding civil aviation matters,” which include aviation
security measures.
ICAO is a specialized agency of the United Nations charged with ensuring
the safe and orderly growth of international civil aviation throughout the
world.
The assembly meets at least once every three years. Each Contracting
State is entitled to one vote, and the majority rules. ICAO now consists of
188 member States.
ICAO’s Council adopts Standards and Recommended Practices
(SARPs) contained in Annex 17 to the Chicago Convention in 1974 for
the safeguarding of international civil aviation. The ICAO Security
Manual contains guidance material on the interpretation and
implementation of the SARPs of Annex 17.
In the wake of terrorist attacks on September 11, 2001, ICAO developed
an Aviation Security Plan of Action for strengthening aviation security
worldwide. ICAO has developed a training program to assist States in
implementing the Annex 17 aviation security standards.
ICAO’s security-related work is carried out in three inter-related areas:
policy initiatives, security audits and assistance to States that are unable to
address serious security deficiencies.
Security audits are performed under the Universal Security Audit Program
and are managed by the Aviation Security Audit (ASA) Section.
Short-term or urgent, security-related assistance to countries is available
through the Implementation Support and Development (ISD) Program,
ACE – Security
Module 1
Page 6
managed by the ISD-Security Section. Long-term project assistance is
available from the ICAO Technical Co-operation Bureau.
Security policy is the responsibility of the Aviation Security and
Facilitation Policy (SFP) Section1, which promotes the implementation of
Annex 17 through seminars and workshops from airports, airlines and law
enforcement agencies, as well as through the dissemination of guidance
material.
In addressing the evolving threat to civil aviation, ICAO relies on the
advice of experts who sit on the Aviation Security Panel. Established in
the late 1980s, the Panel is comprised of 27 members nominated by States,
and five observers from industry. The Panel develops ICAO security
policy, responses to emerging threats, and strategies aimed at preventing
future acts.
ICAO also oversees the tagging of commercial explosives by their
manufacturers, develops programs to enhance the security of travel
documents, and develops training and course material for use by civil
aviation personnel in topics such as airline and cargo security and crisis
management.
ICAO documents offer guidance and information on:
•
•
•
•
•
•
•
•
•
•
•
The protection of aircraft, including pre-flight precautions,
aircraft searches and control of access to aircraft.
Airport access control systems, physical security measures,
background checks, personnel identification systems
design, and vehicle permits.
Quality control, including security inspections and audits,
security tests and training of security staff.
Airport design as it relates to security, including
minimizing the effects of an explosion on people and
facilities.
Managing responses to unlawful acts against aviation.
Security equipment (WTMDs, X-Ray) and explosives.
Search and evacuation guidelines.
Surface to air missiles defenses that are available on
aircraft and procedures airport operators can take to
minimize the threat of surface to air missiles.
Incident command and emergency operations.
Model airport and aircraft operator security programs.
Transportation of dangerous goods.
1
In addressing the evolving threat to civil aviation, ICAO relies on the advice of experts
who sit on the Aviation Security Panel.
ACE – Security
Module 1
Page 7
To identify and correct deficiencies in the implementation of ICAO
standards, mandatory, consistent, systematic audits are central to ICAO’s
Aviation Security Plan of Action. The plan also includes methods to:
•
•
•
•
•
Identify and assess global responses to new threats and
take action that includes the protection of airports, aircraft
and air traffic control centers.
Strengthen security-related provisions in the annexes to the
Convention on International Civil Aviation to protect the
flight deck.
Coordinate with security audit programs.
Publish results of security audits but protect confidentiality
of those results.
Develop follow-up programs to assist states (countries) in
fixing deficiencies in their AVSEC (Aviation Security)
capabilities.
ICAO has held several conventions affecting aviation security including:
Tokyo, The Hague and Montreal 1971.2
The Tokyo Convention, 1963
The Tokyo Convention addressed offenses and other acts committed
onboard an aircraft that affect the safety of the flight, or individuals on the
flight.
The Hague Convention, 1970
The Hague Convention required states to make hijackings punishable by
severe penalties and to either extradite or prosecute offenders.
Additionally, it required government and countries in which a hijacked
aircraft landed to take measures to restore control of the aircraft to its
owner and “facilitate the continuation of the journey of the passengers and
crew as soon as practical…without delay return the aircraft and its cargo
to the persons lawfully entitled to it. ”
The Montréal Convention, 1971
The Montreal Convention covered attacks on aircraft, whether in-flight or
on the ground, and defined three types of offenders:
1. One who commits an act of violence against a person
onboard an aircraft in-flight that endangers the safety of the
flight.
2. A person who destroys an aircraft or causes damage to the
aircraft rendering it incapable of flight or endangers its
safety while in-flight.
2
ICAO is now headquartered in Montreal where all conferences are now held.
ACE – Security
Module 1
Page 8
3. A person who places (or causes to be placed) a device or
substance likely to destroy or damage an aircraft. In 1988,
the scope of the Montréal Convention was broadened to
cover attacks on airports.
Throughout the history of air terrorism, ICAO has made numerous
recommendations, many of which are highlighted in the text that follows
each of the security incidents outlined below.
Post 9/11 and Today
Following 9/11, the 33rd Session of the ICAO Assembly conducted in
Montreal in February of 2002, adopted Resolution A33-1, Declaration on
Misuse of Civil Aircraft as Weapons of Destruction and other
Terrorist Acts Involving Civil Aviation. As a result, ICAO recommends
a uniform approach to aviation security, including an ICAO Aviation
Security Plan of Action requiring regular, mandatory, systematic and
harmonized audits to enable the evaluation of aviation security in member
states. The program is known as the ICAO Universal Security Audit
Program (USAP) and is addressed in Module 4.
The Beginning of Air Terror
The first recorded aircraft hijacking was on February 21, 1931, in
Arequipa, Peru. Byron Rickards, flying a Pan American Ford Tri-Motor
mail plane, was approached on the ground by armed revolutionaries who
demanded to use the plane to drop propaganda leaflets over Lima, Peru.
The pilot refused to fly them anywhere and, after a ten-day stand-off, was
released after agreeing to fly one of the hijackers to Lima.
Between 1947 and 1958, 23 hijackings mostly committed by eastern
Europeans seeking political asylum were reported. The world’s first fatal
hijacking took place in July 1947, when three Romanians killed a flight
crew member (Rumerman 2007).
Another new threat started to emerge in the 1950s. The first bombing of a
commercial U.S. airliner occurred on a DC-6 as it departed Stapleton
International Airport in Denver, Colorado, on November 1, 1955.
Jack Graham placed a bomb in his mother’s luggage, hoping to cash in on
her life insurance policy. The bomb exploded shortly after takeoff and
killed all 44 people on board. Graham was executed in the Colorado gas
chamber for the crime, in what was also the first example of the
“passenger-dupe” scenario.
In 1959, Fidel Castro came to power in Cuba, and, soon after the number
of hijackings began to rise in the United States. At first, those wishing to
escape from Cuba hijacked flights; later, many hijackings were executed
by people wanting to return. In May 1961, the first American airliner was
hijacked from Miami to Cuba. Throughout the 1960s, the number of
ACE – Security
Module 1
Page 9
hijackings mostly committed by those seeking political asylum, or
criminals trying to escape a criminal act in the States continued to rise.
Throughout the 50s and 60s, other bombings occurred many times to
collect on insurance policies. As the frequency of hijackings grew, the
government began putting armed guards on aircraft when requested by the
air carriers. Thus began the first use of “air marshals,” called Sky
Marshals at the time. In September 1961, President John F. Kennedy
signed legislation that approved prison sentences of 20 years or more, or
the death penalty, for air piracy.
After Kennedy’s legislation passed, the frequency of hijackings in the U.S.
reduced, until the late 1960s, when a rash of hijackings occurred, starting
in 1968 and lasting through 1972. Hijackings also started overseas in
mostly the Middle East and were frequently tied to the Palestinian – Israeli
conflicts. During this time, the U.S. Department of Transportation placed
the total number of hijackings between 1968 and 1972 at 364, worldwide.
In August of 1969, Arab terrorists carried out the first hijacking of a U.S.
aircraft flying overseas, by diverting an Israel-bound TWA flight to Syria
(Rumerman 2007).
The late 60s also saw the first and only successful hijacking of an Israeli
El Al aircraft, although numerous subsequent attempts have occurred.
Three members of Popular Front for the Liberation of Palestine (PFLP)
hijacked an El Al plane to Rome. The aircraft diverted to Algiers, and
negotiations extended over forty days, with both the hijackers and the
hostages ultimately set free.
Following the hijacking of eight airliners to Cuba in January 1969, the
Federal Aviation Administration (FAA) created the Task Force on the
Deterrence of Air Piracy, developing a hijacker profile that could be used
along with metal detectors (magnetometers) in screening passengers. In
October of that year, Eastern Airlines began using the system, with four
more airlines following in 1970.
In 1970, the PFLP staged one of the most extraordinary hijackings ever
attempted prior to 9/11. On September 6, 1970, multiple hijackers
attempted to hijack four aircraft simultaneously, succeeding with only
three. Two of the planes were forced to fly to the Jordanian desert, while
the third went to Egypt. The pilot of the third jet, a B-747, convinced the
hijackers that the plane was too big to land in Jordan.
Two aircraft landed at Dawson’s Field, which was a former Royal Air
Force airstrip, in Jordan. The planes were evacuated, and, after a standoff
that lasted several days, the aircraft were destroyed by explosives and the
hostages released. The B-747 that landed in Egypt was wired with
explosives on approach into Cairo. Upon landing, the aircraft was
evacuated and destroyed by the hijackers, who were then taken into
custody by Egyptian officials.
ACE – Security
Module 1
Page 10
PFLP member Leila Khaled, who had previously, succeeded in hijacking
another plane, was the only attempted hijacker that failed that day. Khaled
and associate Patrick Arguello, a Nicaraguan, boarded an El Al Boeing
707 bound for Amsterdam, but two of their fellow hijackers were not
allowed on the flight as they had sequential passport numbers, which
Israeli security officials and the pilot thought to be suspicious. She and
Arguello stormed the cockpit in mid flight but were confronted by air
marshals. Arguello was shot and killed, and Khaled was wrested to the
ground out of fear she might drop one of the two hand grenades she held
in each hand. A passenger hit her on the back of her head. She soon awoke
to a vicious beating by other passengers.
Khaled claims that her intent, and in fact her orders from the PFLP, were
not to hurt any passengers, only to threaten them. This is a dangerous
assumption in the post-9/11 world, but the concept of a hostage-taker not
wanting to severely hurt or kill hostages (essentially, hostages are
bargaining “currency”) has been the basis for most hostage negotiation
strategies.
The plane landed at Heathrow Airport, and Khaled was taken into custody
by authorities. She was held for 28 days until released in a hostage
exchange with the PFLP. Six days after the initial hijacking, another
aircraft was hijacked by a Palestinan faction sympathetic to, but not part of
the PFLP, in order to be used as a bargaining tool to negotiate Khaled’s
release. In a prisoner trade with Syria, she was allowed to go free. The
growing number of hijackings overseas did not go unnoticed in the United
States.
The U.S. Government Responds
After numerous hijackings in 1970, and the discovery of three bombs on
commercial airliners that year on September 11, 1970, President Richard
Nixon announced a comprehensive anti-hijacking program, which would
become the Anti Hijacking Act of 1971. The Act created a formal federal
air marshal program (Rumerman 2007) and required the inspection of
passengers, but not their carry-on bags. Some airlines were already
screening both passengers and carry-on bags on a voluntary basis.
•
•
•
Created Title 14 CFR Part 107 Airport Security.
Brought the U.S. up to ICAO aviation security standards.
Provided for punishment of death or life imprisonment for
hijacking, which could be reduced to a maximum penalty of
five years imprisonment if the hijackers gave themselves up.
Three years later, the Anti-Hijacking Act of 1974 mandated the screening
of passengers and their carry on bags by weapons-detecting technology
and also put the responsibility of screening onto the airlines.
ACE – Security
Module 1
Page 11
Air Terror in the 1970s
With all the new security requirements in place, hijackers had to look for
new ways to hijack aircraft and to get away with it. While overseas, many
hijackings would end with the negotiated release of both the hostages and
the hijackers, in the U.S., hijackings usually ended with the death or arrest
of the hijackers at the hands of police or federal agents, as well as the
release of the hostages.
With passenger and carry-on baggage screening in place making it more
difficult to smuggle weapons on board, a rash of hijackers simply bluffed
their way along. In these incidents, a hijacker would hold an inanimate
object, such as a TV remote control, or other electronic device, and claim
to have a bomb on him or placed in the cargo hold. These types of
hijackings did not last for very long and hijackers switched to other
means, such as having airport or airline employee’s pre-place weapons
onto the aircraft they intended on hijacking.
Also, with most hijacks in the U.S. ending on airport taxiways with the
death or arrest of the hijackers, one intrepid hijacker devised a new plan.
Whether it was his real name or not, Dan Cooper, alias D.B. Cooper,
hijacked an aircraft and forced it to land in Seattle, Washington, where he
demanded $200,000 in cash and several parachutes. He released the
passengers and flight attendants, and then ordered the pilots to fly to Reno,
Nevada, and to stay below 10,000 feet. At one point during the flight, he
ordered the pilots to deploy the rear air stairs. When the plane touched
down in Reno, Cooper was not on it. The incident remains a mystery to
this day, although some of the money (marked by the FBI) was discovered
years later in a riverbed in Washington State.
After Cooper’s “escape,” approximately 20 more hijackers attempted the
same feat. Boeing aircraft manufacturers eventually invented the “Cooper
Vane,” which would prevent the rear air stairs from being deployed while
in flight.
Regardless of the methods that have been put into place to prevent, deter
or mitigate hijackings and bombings, criminals and terrorists have
always come up with other methods to circumvent these preventative
measures. This face demonstrates that aviation security is a game of
constant and never ending improvement – on both sides.
While aircraft have been the most popular targets for air terrorism, airports
and airline facilities have also been attacked. In the 1960s and 1970s,
internationally, bombers targeted some airline offices. In 1973, a bomb
went off in the international terminal building at Los Angeles International
Airport. A second bomb exploded in a locker two years later, at New
York’s LaGuardia Airport, killing 11 people. Today, locker storage is not
allowed in public areas unless the items are first searched or screened.
ACE – Security
Module 1
Page 12
Since their inception in the 1950s, surface to air missiles, also
known as Manned Portable Air Defense Systems (MANPADS)
have occasionally been used against commercial aircraft. Usually
these incidents happened in war zones, such as in the Sudan, when
Rhodesian dissidents used Russian made SAM-7 surface-to-air
missiles to bring down Air Rhodesia commercial airliners. Most
surface-to-air missile attacks have been against commercial prop
aircraft, but about seven or so have been against commercial jets.
Air Terror in the 1980s
In the early 1980s, hijackings continued to be a common occurrence,
particularly in the Middle East. In 1985, two events, the hijacking of TWA
Flight 847 and the bombing of Air India Flight 182 would make a
significant impression upon the aviation community. By the late 1980s,
two other attacks on aviation would occur and set the stage for policy
making and industry focus for the next decade. The first took place when
an employee killed the flight crew of PSA 1771 over San Diego,
California. The other killed 270 people when a bomb detonated on Pan
Am Flight 103, over Lockerbie, Scotland.
Air India Flight 182 – PPBM and Checked Bag Screening
On June 22, 1985, Air India Flight 182 exploded off the coast of Ireland,
killing 359 people. At the same time, two baggage handlers were killed
when a bomb exploded as they transferred baggage from Canadian Pacific
Flight 003 to Air India Flight 301 bound for Thailand. Both flights had
originally departed from Vancouver. If 9/11 was a watershed event that
prompted sweeping changes in a nation’s aviation security system, then
the bombings of these Air India flights could be considered Canada’s
“9/11”.
Authorities believed that both bombs were loaded onto flights that
originated in Vancouver, placed on board by a man who purchased tickets
on both flights, but boarded neither. Flight 182 had a stopover in Toronto,
before heading over the Atlantic Ocean, where it exploded just off the
Irish coast. After the bombings, ICAO called a special meeting in
Montreal, Canada, and developed an amendment to Annex 17 mandating
the reconciliation of passengers with their bags, commonly referred to as
positive passenger bag matching (PPBM). Although the PPBM process
was already in effect at the airline, it may not have been conducted on
either of these flights.
Canada also implemented the process of checked baggage screening. The
process entailed using conventional x-ray machines to conduct the
majority of the screening electronically, with questionable baggage being
diverted to personnel for individual inspection.
ACE – Security
Module 1
Page 13
Even though both ICAO and the International Air Transport
Association (IATA) mandated that PPBM be put into effect, many
countries and air carriers ignored the practice as being inefficient to flight
operations.
TWA Flight 847 – Flight Crew Training and Grounded Aircraft
On July 14, 1985, Shiite Muslim terrorists (Hezbollah) hijacked TWA
Flight 847 en-route from Athens to Rome. With 145 passengers and
crewmembers onboard the Boeing 727, the aircraft departed Athens
Hellinikon Airport bound for Rome, Italy. Shortly after takeoff, two
gunmen carrying guns and grenades seized control of the aircraft and
ordered Captain John Testrake to fly to Beirut. A third terrorist, Ali
Atwa, was supposed to be on board but missed the flight and was arrested
in Greece. The guns and grenades were already on board the aircraft,
hidden behind panels in the plane’s lavatories and likely placed there by
individuals posing as airline catering personnel.
The aircraft began a journey between Lebanon and Algiers. Passengers
and flight crewmembers were beaten in order to obtain compliance from
both Captain John Testrake and ground controllers. At each touchdown
point, some passengers were allowed to leave. Controllers at both airports
created additional problems by not allowing the aircraft to immediately
land.
Air traffic controllers in Algiers tried to close the airport, and Beirut tower
controllers shut off the runway lights during a night landing. Terrorists
threatened to crash the aircraft into the presidential palace, if they were
not given permission to land, and the runway lights came back on.
U.S. Navy diver Robert Stethem, who had been subjected to numerous
beatings during the ordeal, was shot and killed, his body thrown onto the
tarmac in Beirut. The terrorists demanded the release of Shiites in Israeli
custody, along with the third hijacker, who had been arrested at the Athens
airport.
In Algiers, fourteen more terrorists from the Amal organization along with
Ali Atwa, the hijacker who was supposed to be on the flight back in
Athens, boarded the aircraft as reinforcements. Passengers were
segregated on the basis of American or Jewish-sounding names. Among
the women was flight attendant Uli Derickson, who was credited with
saving the lives of many on board. Derickson spoke German, as did one of
the terrorists, enabling communication between the hijackers and the
hostages. The only English-speaking hijacker, Ali Atwa, missed the flight.
Derickson would intercede during passenger beatings, attempted to hide
ACE – Security
Module 1
Page 14
American, U.S. Military and Jewish identities of passengers, and
eventually negotiated the release of her crew and the women passengers.3
Captain Testrake also demonstrated leadership and courage throughout the
hijacking. As the flight headed back to Beirut for the third time, he and his
crew worked out a plan to disable the aircraft. The flight crew shut down
two of the plane’s three engines and convinced the hijackers that the
aircraft could no longer fly. Testrake also worked with mechanics and
crewmembers from Middle East Airlines to provide food and medical
assistance to his flight crew and remaining passengers.
The example of Testrake and Derickson’s bold actions throughout the
incident are a testament to the important role flight crew play in the
aviation security system. TWA 847 reiterates the need for flight crew to
be trained in how to handle volatile, and sometimes violent, situations.
The standoff continued for 18 more days, after which all of the hostages
were released. Ali Atwa, the terrorist held responsible for the hijacking, is
reportedly dead. The hijacking also was significant as the press covered it
so extensively. Media representatives were able to interview the hijackers
as the aircraft sat on the ground in Beirut and Algiers, and new satellite
technology enable the mass media to bring the images immediately into
living rooms all over the world. Video images of Captain Testrake and a
hijacker holding a gun to Testrake’s head as both peered out the cockpit
window of the plane are now a part of aviation security history.
An important lesson learned from Flight 847 is that once an aircraft is on
the ground, it must be kept on the ground. The use of aircraft as weapons
of mass destruction after 9/11 drives this point home.
Rome and Vienna – Airport Attacks
In December of 1985, the airports in Rome and Vienna were
simultaneously attacked by groups of young men armed with automatic
weapons and grenades (Wallis 1993, pp 11-12). There was much debate
over whether these groups were so-called “suicide squads,” due to the lack
of a clear escape plan. However, evidence does not substantiate this claim.
The primary targets of the attacks were passengers at the El Al ticket
counter. In the case of the Vienna attack, erratic gunfire turned out to be
the downfall of the terrorists, as a bullet pierced the glass of an airport
bank, triggering an alarm in a nearby police station.
The response from the airports was to create a common check-in counter
to protect the identity of passengers traveling to Tel Aviv. This
requirement would result in lengthy design modifications at many large
3
Derickson’s name would become a household word for the courage and strength she
showed throughout the ordeal, and her story was portrayed in a 1980s made-for-TV
movie, “The Taking of Flight 847: The Uli Derickson Story.”
ACE – Security
Module 1
Page 15
U.S. airports, as well as passenger inconvenience. However, the real
concern was the ability of airport law enforcement personnel to respond to
heavily armed gunman storming the terminal building. Airport police are a
required part of every commercial service airport security program, but,
depending on the size of the airport, they may not always be on site.
To this day at the airport in Rome, a catwalk surrounds the check-in area
of the terminal. Police officers armed with submachine guns patrol the
area. They wear body armor and are constantly vigilant, watching the
passengers in the terminal intensely. The catwalk has bulletproof glass and
hard points to provide a level of protection for the officers.
EgyptAir 648 – Sky Marshals and Commandoes
On November 26, 1985, an EgyptAir Boeing 727 was hijacked on a flight
from Greece to Cairo, Egypt. Three terrorists hijacked the flight 22
minutes after takeoff.
Egyptian sky marshals engaged in a shootout with the hijackers. The
flight landed in Malta, where some women passengers were released, but
the hijackers soon began shooting passengers with Israeli or Jewish
identities, followed by passengers with U.S. citizenship (Wallis 1993, pp
9/11).
Ten hours later, Egyptian troops stormed the aircraft, killing 56 out of 88
remaining passengers and one terrorist. One lesson that seems clear from
this incident is that only specially trained troops should be used to
storm a hijacked aircraft.
Some criticized the troops for storming the aircraft, but others pointed out
that terrorists already were killing hostages; so storming the aircraft was
an acceptable risk.
In the United States in April of 1999, law enforcement agencies were
criticized for not immediately storming Columbine high school during
student shootings that left 15 dead and over 30 wounded. The question for
incident commanders remains: is it better to use ill-prepared and ill-trained
personnel when lives are threatened, or will their use cause more damage?
Fortunately, the Columbine shootings allowed law enforcement agencies
to develop tactical response strategies to rapidly developing incidents.
Airport security personnel should ensure their law enforcement
officers are trained in these tactics and conduct exercises to be able to
rapidly respond to a hijacking or shooting in the airport.
Air Lanka – Employee Facilitated Attack
On May 3, 1986, a bomb destroyed a Lockheed L1011 belonging to the
national airline of Sri Lanka, while the plane was on the ground at
Colombo Airport. Of the 128 passengers onboard, 20 were killed and the
aircraft was destroyed. A customs officer sympathetic to a separatist
ACE – Security
Module 1
Page 16
movement was arrested and charged with sabotaging the aircraft,
emphasizing the need for employee background checks. (Wallis 1993,
pp 14).
Pan Am Hijacking – Disable Aircraft and Ramp Security
On September 5, 1986, 17 people died on Pan Am Flight 73, a 747, during
an attempted hijacking by terrorists dressed to resemble airport security
guards. With 379 passengers onboard, the aircraft sat on the tarmac of a
Karachi airport. Eventually, 22 people, including two Americans, would
die during the standoff.
This case sparked an important debate due to the actions of the flight crew.
When the first shots were fired, the captain and his flight crew used the
emergency escape ropes to leave the aircraft, following recommendations
developed in the 1970s by the Federal Aviation Administration (Wallis
1993, 15). This is also concurrent with one of the earlier lessons learned
about keeping a hijacked aircraft on the ground.
One of the terrorists had wrapped explosives around himself with the
intent to blow up himself and the aircraft over Jerusalem.
Ensuring good ramp security and thorough employee background checks
are lessons learned from this incident.
El Al Attempted Bombing – Passenger Profiling
Also in 1986, El Al airline security officials at London/Heathrow Airport
discovered an attempt by an individual to place explosives on board an
aircraft. The security officials uncovered the plot during a routine security
questioning of passengers prior to the flight. Anne Marie Murphy, who
was five months pregnant at the time, was carrying explosives in her
suitcase, unbeknownst to her.
Investigators later discovered that her boyfriend, who had placed the
explosives in her bag, was a Syrian intelligence agent. Shortly thereafter,
U.S. airlines began the process of asking “security questions,” such as,
have you packed your own bags, and have your bags been out of your
control since you packed them? While it is unlikely that these questions
ever deterred a criminal from taking an explosive or weapon on board, in
the U.S., the questions were asked by ticket agents, not security personnel
trained in detecting deceptive responses and body language. The lesson
learned here is, when adopting successful security procedures, the
procedures must retain the key elements that make the process successful,
which in this case, would be the use of trained security personnel.
Korean Airliner Bombing – State Sponsored Air Terror
In 1987, a Korean Airliner exploded enroute from Baghdad to Bangkok,
killing all 115 on board. A North Korean woman was found guilty of the
crime and said she was ordered by North Korean leader Kim Il-Sung to
ACE – Security
Module 1
Page 17
bomb the aircraft in order to deter people from attending the 1988 Summer
Olympics in Seoul, South Korea. The United States placed North Korea
on the list of countries that sponsor terrorism.
PSA Flight 1771 – Employee Identification
On December 7, 1987, USAir employee David Burke, who was placed on
investigatory leave by his supervisor due to a theft charge, boarded a
Pacific Southwest Airlines flight from San Diego to Los Angeles. Burke’s
supervisor, Raymond Thompson, was onboard the flight. What happened
next would become a landmark case and would be partially responsible for
the expansion of Federal Aviation Regulation Part 107.14 regarding
Access Control and employee credentialing.
At the time of this event, airline and airport employees were not
required to go through screening checkpoints. They needed only to
display their airport-issued identification badge or airline identification to
security screeners, and they would pass through security without being
screened. Burke, who still had his airline ID, carried a loaded .44 Magnum
pistol onto the BAE-146 aircraft. Once in flight, Burke killed his
supervisor, and then walked into the cockpit, killed both pilots and then
himself.
All 44 passengers and crew aboard died as the aircraft crashed into a
farmer’s field in California’s Santa Ana Hills.
In response, a federal law was passed requiring the “immediate seizure of
all airline employee credentials” upon termination from an airline
position. Most importantly, however, the FAA adopted a rule requiring
that all members of any airline flight crew, including the captain, be
subjected to the same security measures as the passengers. However, these
measures would only apply if the employee accessed the airport concourse
(i.e. the Sterile Area) through the security-screening checkpoint. Personnel
who accessed the sterile area through airfield access doors would bypass
the screening process.
This case reinforces the point that any airport security program should
require airport access media to be confiscated anytime an employee is
placed on leave, or when the employer perceives that the employee may
be a potential threat.
Pan Am Flight 103 – Lockerbie, Scotland
Prior to 9/11, Pan Am 103 was the most analyzed and discussed aviation
security incident. Resulting in 270 deaths, it caused a legacy airline to go
bankrupt and led to an overhaul of the U.S. aviation security system.
On December 21, 1988, a bomb destroyed a Pan Am Boeing 747 over
Lockerbie, Scotland, killing 259 passengers and crew, plus 11 citizens of
Lockerbie on the ground from falling debris.
ACE – Security
Module 1
Page 18
Investigators discovered that terrorists, employed by Libyan Airlines,
planted a bomb in checked baggage on a Boeing 727 in Malta, which then
flew to Frankfurt, Germany and then to London as Pan Am Flight 103A.
At London’s Heathrow Airport, the baggage and passengers were
switched to a Boeing 747 and the flight designated Flight 103. The
terrorists who planted the bomb never boarded the airliner, even though
Pan Am and all U.S. air carriers were required to conduct the positive
passenger bag match prior to departure. A report later issued by President
George Bush’s Commission on Aviation Security and Terrorism stated,
“passenger/baggage reconciliation is the bedrock of any heightened
civil air security system” (Wallis 1993, 33).
Intelligence agencies had knowledge that bombs had been manufactured
in West Germany for intended use against aircraft, a specific threat had
been made against Pan Am, and an ICAO study into the accidental shoot
down by the USS Vincennes of an Iranian Airbus had just been published.
The ICAO findings were unsatisfactory to Iran; they wanted the United
States to be condemned as aggressors (Wallis 1993, 27). Although the
final investigation concluded that Libya, not Iran, sponsored the terrorist
attack, U.S. airlines should have been at a heightened state of alert due
to the aforementioned situations and events.
For instance, two weeks prior to the bombing, the United States Embassy
in Helsinki received a telephone call warning that a bombing attack would
take place against a Pan-American aircraft operating between Frankfurt
and the United States. It gave details as to who would carry out the crime
and their proposed methodology (Wallis 1993, 27). Although the United
States later decided the call was phony, a judgment made even after the
bombing, the FAA did pass on details of the threat to Pan Am and
other U.S. air carriers, although it was not relayed to the passengers.
The improvised explosive device was a cassette radio player (called a
“boombox”) containing the explosive material Semtex and a timing
device. The bombing was allegedly supposed to take place over water,
which would have left little evidence of a terrorist attack. However, the
terrorists apparently did not understand how long the aircraft would be on
the ground at London’s Heathrow Airport, particularly as baggage was
moved off the 727 onto the 747, which may have resulted in the bomb
detonating before the aircraft flew over water. Also, the flight path was not
directly east, but over Scotland on a Great Circle route designed to shorten
the distance, the aircraft had to fly over the Atlantic Ocean.
The device on 103 was set to go off based on a timer, not barometric
pressure. However, some explosives are designed to go off when the
aircraft reaches a certain altitude – they are triggered with a barometric
pressure switch, which has led to luggage being screened in certain
countries, such as Israel, with pressure chambers. In 1989, shortly after the
Pan Am bombing, a French UTA DC-10 (a subsidiary of Air France)
exploded over Niger, killing 170 people on board. The bomb elements
ACE – Security
Module 1
Page 19
discovered in that attack matched the elements found in the Pan Am
bombing, which linked Libya directly to the attack. At the time of the
bombing Libya was in a territorial war with Chad, which was backed by
France.
One hotly debated issue is that the passengers were not warned that the
airline had received a bomb threat. Some argue that warning passengers
of a bomb threat hands the terrorists another tool to use against aviation.
With hundreds of hoax bomb threats made to airlines every year, thenPresident Ronald Reagan said that notifying passengers of the threats
would effectively shut down the national airspace system. However, some
of the victims advocacy groups that formed after the Lockerbie tragedy
support the notification of passengers of any threats against a particular
flight. In fact, one Pan Am victims advocacy group, the Victims of Pan
Am Flight 103, are so influential that they continue to lobby for changes
in aviation security policy and even provided input after the 9/11 terrorist
attacks.
The Pan Am bombing resulted in a United States presidential commission
on aviation security, which determined that:
1. The aviation system is seriously flawed.
2. The FAA is highly reactive.
3. There were security lapses by Pan Am and a failure to
enforce its own procedures.
4. Stricter positive passenger bag matching would have
deterred the tragedy.
The commission also resulted in the creation of the Assistant Secretary for
Transportation Security for the Federal Aviation Administration, which
would later become known as the Associate Administrator for Aviation
Security. The commission determined that the x-ray machines currently in
use at U.S. airports could not reliably detect the explosive Semtex.
The sheriff of South Strathclyde, Dumfries, and Galloway, Scotland, John
S. Mowar generated much of the evidence and information that came out
of the Lockerbie crash. Mowar’s principal findings determined that the
747 was under constant guard until it left Heathrow as Flight 103.
Baggage transferred from the Boeing 727, Flight 103 from Frankfurt, was
taken directly to the 747, but passengers were not counted to ensure that
all the passengers who boarded the 747 matched the baggage that
transferred over from the 727. The sheriff also concurred that positive
passenger bag match procedures could have prevented the crash.
Regardless, two Libyan nationals were charged with destroying the flight;
however, only Abdel-Basset al-Megrahi, former chief of security for
Libyan Airlines, would be convicted. In 2003 Libya took responsibility for
the bombing and arranged to pay compensation to the families of the
victims. Abdel-Basset al-Megrahi was convicted of murder and was
ACE – Security
Module 1
Page 20
serving a life sentences; however he only served eight years and was
released by Scottish authorities in 2009 based on compassionate grounds.
He had been diagnosed with advanced prostate cancer and was not
expected to live more than 3 months. As of this writing he is still alive
(2011) and living in Libya. Also note that this is another incident where
airline or airport employees were involved in a terrorist or criminal
act.
Avianca Flight 103 Bogotá, Colombia – Narco Terrorism
One terrorist act that was not politically motivated is worthy of note. On
November 27, 1989, a Boeing 727 operated by the Colombian national
carrier Avianca blew up while flying between Bogotá and Cali, Columbia,
killing all 107 onboard. The unusual suspect of this case is the notorious
(and the late) drug trafficker Pablo Escobar, who was alleged to have
ordered the bombing in order to kill a Colombian presidential candidate.
He also was suspected of bombing other Avianca flights in the 80’s.
There are few details regarding this crash. Drug smugglers have routinely
smuggled narcotics in commercial aircraft for several years, thus it would
not have been difficult to place a bomb onboard the aircraft where it could
not be detected. The lessons learned in this case are strict control of the
airfield, specifically monitoring who has access to aircraft, performing
background checks, and the need to warn U.S. citizens traveling abroad
of airports that do not meet minimum ICAO security requirements. By
regulation, these warnings are to be posted at screening checkpoints.
Aviation Security Improvement Act of 1990
The Pan Am bombing, along with the PSA crash, resulted in the Aviation
Security Improvement Act of 1990, which required the development of
better explosives detection systems capable of detecting common
commercial and military explosives and created FAR Parts 107.14 (Access
Control).
Prior to 1990, many airport identification badges were crudely
constructed, often created with a typewriter, a Polaroid camera and a
lamination machine, making them very easy to duplicate. Identification
badges also were not often encoded to enable the badge to access a
security door, so there were few computer records of whose identification
badge accessed a door at a particular time. Many passenger boarding
bridge doors and airfield access doors contained a simple cipher lock, and
often the combination to the lock was known both to people with and
without authorized access. The combinations to such doors were
sometimes even etched into the lock or door itself, or were so commonly
known as to be completely ineffective as a locking device.
Federal Aviation Regulation Part 107.14 Access Control was responsible
for the implementation of the comprehensive access control systems in use
at airports today. The legislation required computerized access control
ACE – Security
Module 1
Page 21
systems that maintain a record of who has access to doors and gates. The
system can immediately deny access to individuals not having authorized
access, distinguish access privileges on the airfield, and prevent
individuals without approved access media from accessing the airfield.
CCTV cameras were installed at alarmed doors and throughout airports,
and security control centers were constructed at airports. Airport
identification badges were then coded for access to certain doors based on
the individual’s access authority and need for access. Through a
computerized system, records were kept for each door or gate accessed
and by which individual’s access card.
Air Terror in the 1990s
Although the 1990s had relatively few terrorist attacks on aviation, several
other events, including the first Gulf War in Iraq, caused U.S. airports to
go on high alert. The crash of TWA 800 also affected aviation security
policies and procedures.
In addition, over the course of four days in 1994, the Irish Republican
Army lobbed mortar shells onto the airfield at the London/Heathrow
Airport. Many of the shells did not explode, no aircraft were damaged, and
no injuries were reported; however, the attack did create chaos for several
days at the airport.
The World Trade Center Bombing and the Oklahoma City
Bombing – non aviation events with impacts on aviation security
On February 26, 1993, a vehicle-borne improvised explosive device
containing 1,500 pounds of urea nitrate and fuel oil was detonated beneath
Tower One of the World Trade Center. The attack killed six and injured
over 1,000, but the terrorists’ attempt at destroying the WTC was
unsuccessful. The plotter of the attack was Ramzi Yousef, who would
later be part of the Operation Bojinka plot, to down several U.S.
commercial aircraft using liquid based explosives.
On April 19, 1995, at 9:03 a.m., a massive, vehicle-borne improvised
explosive device contained inside a Ryder rental truck detonated in front
of the Murrah Federal Building in Oklahoma City, Oklahoma, killing 168,
including several children who were in a daycare facility in the building.
U.S. citizens Timothy McVeigh and Terry Nichols were both arrested and
tried for the crime. Both were found guilty, and McVeigh was sentenced
to death. He was executed on June 11, 2001. Nichols was found guilty on
federal charges and is serving a life sentence in prison.
Both incidents impacted airport security that year. The FAA would require
the 300-foot rule to be implemented in October 1995 during heightened
security measures. The 300-foot rule prohibits vehicles from being parked
within 300 feet of the terminal building. The distance is based on bomb
blast assessments, most specifically the Oklahoma City-sized bomb, which
ACE – Security
Module 1
Page 22
was a combination of an estimated 4,000 pounds of ammonium nitrate and
fuel oil.
The 300-foot rule has been a source of consternation to airport managers
ever since. Subsequently, some airports have implemented a Bomb
Incident Prevention Plan (BIPP) or other forms of blast analysis in order to
develop strategies for protecting the terminal building and other facilities
affected by the 300-foot rule. Prevention plans generally include
reinforced structures and glazing of the glass on the terminal facility. In
some cases, these actions have resulted in airports having the 300-foot rule
reduced, reclaiming lost parking spaces.
FedEx Flight 705 – Employee Hijack Attempt
In April of 1994, FedEx second officer Auburn Calloway attempted to
hijack Flight 705. Calloway was originally scheduled to be a crewmember
on the flight, but due to crew rest requirements (his crew “timed out”), he
elected to occupy a spare seat in the cargo area.
Calloway, a former Naval Aviator, had recently been called in by airline
management to respond to discrepancies in his flight time. He was also
experiencing several personal issues, including trouble supporting his exwife and children. Upon leaving an insurance policy on his bed, he took
several hammers and a spear gun, loaded them into a guitar case, and
boarded Flight 705. Once en route, Calloway invaded the cockpit and
attempted to take over the flight.
Calloway fought with all three crewmembers while the Captain initiated
aggressive flight maneuvers to keep the hijacker off balance. The captain
was able to successfully land the aircraft, and Calloway was subdued
during the landing; however, all three flight crew members suffered
debilitating injuries, which have since prevented them from flying
commercially again.
There was speculation that Calloway wanted to crash the aircraft and
allow the insurance company to provide the payoff to his ex-wife and
children, but there has also been some speculation that Calloway intended
to crash the aircraft into FedEx headquarters in Memphis, Tennessee.
Calloway was convicted of attempted air piracy and is serving a life
sentence in a federal penitentiary. This case reinforces the need for
management to immediately revoke airport and airline access
privileges for personnel suspected of violating employee policies or the
law.
Air France Flight 8969
The Armed Islamic Group took over Air France Flight 8969 in December
1994 at Algiers. The aircraft flew to Marseille, France, where a group of
GIGN (French commandoes) stormed the aircraft and killed all four
ACE – Security
Module 1
Page 23
hijackers. This incident provides a wealth of information for airport
operators on managing a hijacking.
The hijackers were armed and dressed in the uniforms of the Algerian
presidential police. They boarded the aircraft and began checking
passengers’ passports. Flight attendants were used to this process but
noted that Algerian police were not normally armed during such
inspections.
Using assault rifles, Uzi pistols, and hand grenades, the hijackers took
over the aircraft while it was still on the tarmac. They also placed a
package of dynamite in the cockpit and another in the center of the aircraft
and wired them together. In order to confuse law enforcement snipers,
they took the uniforms of the cabin crew.
The aircraft remained on the ground in Algiers for two days, during which
time, a police officer, an embassy employee and a chef were all killed by
the hijackers, before being allowed to fly to Marseille. However, a total of
63 passengers had been freed during this time, mostly women, young
children and those with medical conditions.
Upon arrival in Marseille, the airport directed the pilot to park in a remote
area. The hijackers ordered more fuel for the plane and rigged it with
explosives, as their true motive was to crash the plane into the Eiffel
Tower. GIGN operatives, dressed as airline catering and service personnel,
inspected the aircraft, determined access points and ensured that those
points were not booby-trapped.
The hijackers requested a press conference, then ordered that the plane be
moved to the base of the tower, which put the tower in danger if the
aircraft exploded. The negotiators were also in the control tower. The
aircraft location was a disadvantage to the GIGN, who quickly reorganized their plans and assaulted the aircraft.
The firefight ensued as the airstairs carrying GIGN forces approached the
aircraft. The hijackers fired through the thin skin of the aircraft fuselage.
The front airstairs were placed too high, initially blocking the door from
coming open. Hundreds of rounds were exchanged, and grenades were
thrown. Snipers could not get a clear shot at the lead hijacker in the
cockpit until the first officer got out of the way. The first officer managed
to jump out the cockpit window, breaking his leg in the fall to the tarmac.
Snipers then shot the lead hijacker.
During the shoot-out, passengers began escaping out the rear exits. The
final hijacker held off GIGN forces for 20 minutes until being killed by
gunfire. Of the 166 passengers that were still on the flight at the time of
the raid, 13 were injured but none were killed. Some GIGN forces were
also injured but none fatally. All four hijackers were killed.
Many lessons were learned from this event. Whenever possible, raids on
aircraft should only be conducted by trained operatives, as were the
ACE – Security
Module 1
Page 24
French GIGN in this case. Also, the aircraft should be kept on the ground.
The aircraft was allowed to takeoff in this situation, as Algieran officials
would not allow French operatives onto Algerian soil and wanted the
airplane out of their country. However, in light of the true intent of the
hijackers, crashing into the Eiffel Tower, and the events of 9/11, keeping a
hijacked aircraft on ground is critically important.
Hijackers used the uniforms of police personnel to bypass security
measures. There have been numerous incidents of theft of TSA uniforms,
and police and airline uniforms are readily available on the open market,
which makes proper credentialing, even of law enforcement personnel,
even more important on an airport. A final lesson to take from this
incident is that not all hijackings end in a Hollywood style shoot out,
where nothing goes wrong for the good guys and everything goes wrong
for the bad guys. The situation continued to change throughout the event
with airport, airline, flight crew, passengers, air traffic control, negotiators
and GIGN forces constantly adjusting their perspectives and tactics.
The Manila Air Plot – Operation Bojoinka
In 1994, Ramzi Yousef, who is associated with the Al Qaeda terrorist
organization, plotted to destroy 12 U.S. airliners on international routes,
using liquid-based explosive devices, smuggled aboard in contact lens
solution containers. This was a lead-in to the second attempted attack on
aviation of this nature, which occurred in August 2006 in London. The
attack itself was part of a larger strategy called Operation Bojoinka.
Bojoinka, which also included an assassination attempt on Pope John Paul
II and President Bill Clinton, as well as an attack on the CIA headquarters
building, used a small general aviation aircraft loaded with explosives.
None of the attacks ultimately succeeded, but the plot does have
interesting similarities to attacks being attempted or discussed today.
Yousef is currently in federal custody serving a life sentence for his role in
the Bojinka plot and the bombing of the WTC in 1993. The 9/11
Commission used Yousef’s tests of airport security as an example of the
inadequacy of current technology, including metal detectors and x-ray
machines to detect components such as those that Yousef planned to use.
The attack also reinforces the need for flight crews to search aircraft
during stopovers when passengers change out.
TWA Flight 800
While not declared an aviation security incident, the crash of TWA 800
did have a significant effect on aviation security policy.
On July 17, 1996, a Boeing 747 departed John F. Kennedy Airport, New
York, bound for Paris, France. It exploded shortly after takeoff, killing all
230 people onboard. Since the explosion took place over water much of
the evidence was lost. Initially, the crash of TWA 800 was thought to
be a terrorist bombing. Later theories included speculation that the
ACE – Security
Module 1
Page 25
aircraft was shot down by a surface-to-air missile. In fact, both theories are
still widely debated by many experts in both the aviation security and
aviation safety industries. Conspiracy theories abound on the Internet, as
well.
The National Transportation Safety Board (NTSB) never determined the
exact cause of the crash but did issue airworthiness directives to examine
the wiring on all 747s. Later, mechanics would discover a fuel leak in a
Boeing 737, and the mechanics drew the conclusion that an electrical arc
onboard TWA 800, a 747, may have triggered the explosion.
What did result from the TWA 800 crash was the White House
Commission on Aviation Safety and Security, commonly referred to as
the “Gore Commission.” President Clinton ordered Vice President Al
Gore to study the issue of aviation security, specifically to enhance the
partnership between the FAA and regulated aviation parties (airlines and
airports), and report back on how to employ the latest technology to detect
explosives and weapons.
Aviation Security and Anti-terrorism Act of 1996
The Gore Commission’s recommendations resulted in the Aviation
Security and Anti-terrorism Act of 1996. The act called for the first
automated passenger-profiling program, known as “CAPPS” (computer
assisted passenger pre-screening) and changes to checked baggage
security procedures.
Part of the profiling system included additional security scrutiny for
passengers who purchase tickets with cash, had their tickets purchased by
another party, or purchased one-way tickets on the same day of their
flight. Some passengers also were selected at random.
The Act also required changes to checked baggage through the
implementation of Explosives Detection Systems (EDS)4 at all Category
X airports.5 The EDS equipment would be used for passengers who had
been profiled under the CAPPS program or for passengers whose bags had
been out of their control between the time they had packed them and
checked them in at the ticket counter.
Additional changes were made to screen carry-on baggage with the
implementation of Explosives Trace Detectors (ETD)6 at all Category X
and Category I7 airports. The Act also required the expansion of K-9
explosives ordinance detection and disposal teams at the nation’s 50
4
EDS devices work like medical CAT scan machines, x-raying each bag and “slicing” certain
questionable areas for analysis by the onboard computer.
5
Category X airports are the largest in the nation and include Los Angeles International, Chicago
O'Hare, Atlanta International, Denver International, JFK, Dallas-Fort Worth and others similarly
sized.
6
ETD uses trace particles or vapors to "sniff" narcotic or explosive elements.
7
Category I airports are the second-largest commercial service airports in the US.
ACE – Security
Module 1
Page 26
largest airports and the creation of fingerprint-based criminal history
background checks.
The regulation also introduced the Access Investigation, whereby
applicants for airport or airline identification media were required to
provide 10 years of employment history. The airport or airline then had to
verify the most recent five years of employment history. If there were
unexplained gaps in the five years, (or the ten) then the employee would
undergo a Criminal History Record Check (CHRC).8 If he or she
cleared this check, airport or airline access media could be issued. The
purpose of the 10-year check was supposed to point out areas of time in
which the applicant may have been out of the country or to determine if
the person had served time in prison. Time spent in school, or owning a
business, which could be proven with transcripts and tax forms,
respectively, counted as “employment.”
The FBI often took two to three months before findings were returned to
the airport. When a CHRC would find that the applicant was guilty of
other crimes that were not included on the disqualification list, such as
burglary or simple assault, the airport was banned from advising the
applicant’s future employer of these convictions, which meant convicted
felons worked at the nation’s airports and airlines.
Other requirements of the 1996 Act were to conduct mandatory aircraft
searches for all international flights, the establishment of an airport
consortium to discuss aviation security issues, performance standards
for screeners, and a requirement that companies and the FAA address
high turnover rates of screening personnel. However, despite the
regulation, no significant changes were made with respect to screening
standards during that time.
The establishment of the airport consortia benefited several major
commercial service airports. The consortia often consisted of airport
management and airport security managers meeting with local Federal
Bureau of Investigation (FBI), Bureau of Alcohol, Tobacco and Firearms
(BATF), FAA security, and other law enforcement agencies to discuss
aviation security issues and develop contingency plans.
The Gore Commission also concluded that attacks on airlines are
attacks on the country, not necessarily the company. This conclusion
would later be used to help justify the creation of the Transportation
Security Administration and the Department of Homeland Security, to
support the argument that security is an inherently governmental function.
Millennium Bomber – Airport Attack
In December of 1999, Ahmed Ressam was arrested at the Port Angeles,
Washington dock when he attempted to smuggle a vehicle-borne
8
Explained in detail in Module 2
ACE – Security
Module 1
Page 27
improvised explosive device (VBIED) through the Customs area. He
intended to set off the device at the International Arrivals Bradley
Terminal Building at Los Angeles International Airport.
He was caught when a suspicious Customs agent, Diana Dean, noticed
that Ressam was acting “hinky.” As inspectors took a closer look at his
vehicle, they noticed several green bags filled with a white powdery
substance.
Although the 300-foot rule was instituted in the 1990s in response to the
Oklahoma City and WTC bombings, Ressam’s attempt demonstrates that
the use of a VBIED against an airport has been considered and attempted.
To this day, the entry lanes to LAX are guarded with armed LAX police
officers that conduct targeted and random searches of vehicles. This
practice is common at Ben Gurion Airport in Israel; however, the practice
has not been adopted at most other U.S. airports, nor is it required by
regulation during normal security conditions.
Problems in Aviation Security Continue
In the 1990s, the FAA’s Red Team, a group of specially trained
operatives who are not subject to standard FAA testing protocols,
repeatedly breached airport and airline security systems across the United
States (Thomas 2003, 58). After numerous failed tests in Frankfurt,
Germany, the FAA ordered the Red Teams to quit testing because none of
the concealed items were ever found. Since the Red Team did not use
standard FAA protocol in its tests, it could not use its findings in civil
enforcement against the airlines or airports (Thomas 2003, pp 58).
ICAO also discussed chemical attacks, particularly after cult members
associated with Aum Shinrikyo released Sarin gas into the Tokyo subway
system, killing 11 and wounding over 5000, in 1995. However, again it
was considered by security agencies that a chemical weapon attack from
an aircraft would be far too complex. A terrorist could more easily
conduct a chemical gas attack inside an airport terminal, a thought that
sent airport security managers at airports such as Atlanta Hartsfield,
Seattle-Tacoma, Denver International, and others that operate
underground train systems, scrambling for contingency plans to respond to
such an attack.
The Airport Security Improvement Act of 2000
Passed just one year before the September 11th attacks, the Act
concentrated on maximizing the use of EDS machines, noting that the
machines that had been deployed were screening fewer bags in a day than
they were designed to screen in an hour. The Act also required the FAA to
enact rulemaking that would hold individuals directly accountable for
noncompliance with access control requirements, issue regulations
requiring airport operators to have a security compliance program that
rewards compliance, and ensure that airports and air carriers provide
ACE – Security
Module 1
Page 28
comprehensive and recurrent training, teaching employees their role in
airport security. The Act also required all employees at Category X and I
airports to undergo the CHRC process.
The legislation reiterated the 1996 legislation by calling for certification of
airline screeners and screening companies, strengthening background
checks and providing a better accounting of airport access media. For
several years, the FAA had been working on a rewrite of FAR Part 107
and was just wrapping up that project in the summer of 2001.
Unfortunately, many of these initiatives were still in the works on
September 11, 2001.
September 11, 2001
On 9/11, at 7:55 a.m., American Airlines Flight 11, a Boeing 767,
departed Boston bound for Los Angeles. It was hijacked and flown into
the North Tower of the World Trade Center, destroying it. At 8:05 a.m.,
United Airlines Flight 93, a Boeing 757, departed Newark bound for San
Francisco was hijacked; however, passengers fought back and the aircraft
crashes into a field in Shanksville, Pennsylvania. At 8:10 a.m. American
Airlines Flight 77, a Boeing 757, departs Washington bound for Los
Angeles. It was hijacked and flown into the Pentagon. At 8:15 a.m. United
Airlines Flight 175, a Boeing 767, departs Boston bound for Los Angeles.
It was hijacked and flown into the South Tower of the World Trade
Center, destroying it.
Everyone onboard all of the flights were killed, with a total death toll
nearing 3,000, including over 300 police and firefighters. The U.S.
government held international terrorist Osama bin Laden and the terrorist
organization Al Qaeda responsible for the attacks.
In the largest aviation terrorist attack in the world, it was discovered that
the hijackers trained at U.S. flight schools.
In 2002, President George W. Bush commissioned The National
Commission on Terrorists Attacks Upon the U.S., also known as the
9/11 Commission. The report outlined both the structure and actions of the
9/11 attacks themselves, provided a broader look into the issues that
contributed to the attacks and provided a series of recommendations for
fixing the aviation security system. The Commission concluded that,
among other failures, the civil aviation did not understand the grave
threat it faced, nor did it adjust its policies and practices to defeat the
threat. Ultimately, while there had been previous attempted hijackings
with the intent of crashing the plane into a ground target in the U.S., this
scenario had not entered into the thinking of aviation security
practitioners.
The hijackers learned how to fly at various flight schools in the United
States. They boarded the aircraft with box cutters and knives, items that
screening policy allowed at the time, and possibly mace or tear gas, items
ACE – Security
Module 1
Page 29
that were not allowed but were commonly missed at security screening
checkpoints. The Al Qaeda terrorist group was held responsible for the
attacks. Led by Osama bin Laden, Al Qaeda had been responsible for
numerous terrorist attacks worldwide, including the truck bombing of the
Khobar Towers at a U.S. Air Force Base in Saudi Arabia and the suicide
bombing of the USS Cole, a Navy cruiser.
The specific details of how the hijackers took over the cockpit are largely
unknown. However, several inferences can be drawn based on the status
of the commercial aviation security system at the time. Cockpit doors were
not reinforced, and in fact were quite flimsy, allowing easy access. With
the pilot-in-command responsible for in-flight security, according to air
carrier security and federal aviation regulations, disturbances in the cabin
often brought one of the flight crew out of the cockpit to handle the
situation. Therefore, another method of entry into the cockpit by the
hijackers could have been to cause a commotion in the cabin area, luring
one of the flight crew to open the cockpit door. The 9/11 Commission
concluded that the hijackers had previously taken the same flights as the
ones they hijacked in order to assess the flight crew procedures as related
to the cockpit (Commission 2004, pp 245).
Two of the terrorists were on CIA watch lists, but the lack of those lists
being shared with the FAA resulted in their movements going unnoticed
on 9/11. Additionally, two of the hijackers were selected for additional
screening under the CAPPS program. However, at the time, CAPPS only
required that their bags accompany them onto the aircraft thus still
enabling the hijackers to board the plane. Without a major hijacking in
several years, the industry was more focused on preventing airline
bombings rather than hijackings. This attitude was demonstrated by
security policies and procedures that focused more on preventing
bombings. Also, at one airport, two of the hijackers set off the walk-thru
metal detectors but a CCTV recording of the subsequent hand wand
process showed the process to be inadequate to finding any prohibited
items.
The public speculated on the ability of the hijackers to be able to pilot
such large commercial service aircraft. All of the hijackers held at least a
Commercial Pilot Certificate, each had over 250 hours of flying time,
and all had spent some simulator time in similarly sized aircraft. While it
may be difficult to take off and land an aircraft, or to fly it during bad
weather, flying en route in good weather and good visibility was within
the capabilities of pilots trained to the level that the 9/11 hijackers were
trained.
In describing the concept of emergency response, the 9/11 Commission
stated:
“Emergency response is a product of preparedness. On the morning of
September 11, 2001, the last best hope for the community of people
ACE – Security
Module 1
Page 30
working in or visiting the World Trade Center rested not with national
policymakers but with private firms and local public servants, especially
the first responders: fire, police, emergency medical service, and building
safety professionals”(Commission 2004, pp 278).
The faster an entity is able to recover from an attack, the less damage there
will be from that attack and the less likely the attack will be repeated due
to its limited impact.
Although the 1993 attack on the WTC had resulted in better evacuation
plans, as well as the installation of radio repeaters throughout the
buildings, there were numerous problems that could have been foreseen
and resolved. First, many in the WTC argued that if there was a fire, a roof
rescue using helicopters could be conducted. This argument was
reinforced in 1993, when a few evacuations took place by roof. Even some
in the NYPD Emergency Services Unit believed that a roof rescue was
part of the plan. However, the roof rescue plan had been removed.
There was not a helipad on the North Tower, and the South Tower helipad
was not certified by the FAA for use. As a result, several citizens
attempted to gain access to the roof but found the doors locked. While
there were police helicopters hovering in an attempt to try a roof rescue
anyway, the intense smoke and lack of visibility, flames, updrafts and
numerous antennas on both of the buildings prevented the helicopters
from landing. The important lesson here is to ensure that the emergency
plans are communicated throughout the agencies that are affected.
Other problems with response were caused by interagency conflicts
between the New York Police Department, the Fire Department of New
York, and the Port Authority Police Department, which was responsible
for law enforcement and emergency response throughout the towers.
Chain of command issues existed between the agencies, along with a
general inability of the agencies to communicate with each other due to
different radio systems. Adding to the communications problems were
jammed 911 phone lines and the fact that dispatchers who were fielding
the calls were also not aware of the proper evacuation plans for the towers.
Some dispatchers were advising individuals to go to the roof and await a
roof rescue by helicopter.
Some companies, such as Morgan Stanley, evacuated immediately, an
act that saved the lives of their employees. Other companies,
particularly in the South Tower before it had been struck by United 175,
had initially evacuated but then returned to their offices when it was
discovered that it was the North Tower that had been hit, a fatal decision
for many of them. Another challenge was that the security system
command center for the South Tower was located in the North Tower.
Many people died in the South Tower while waiting for overcrowded
elevators and were unable to access stairwells due to a lock-release order
to the building’s access control system. The software that would override
ACE – Security
Module 1
Page 31
the lock-release order was located in the North Tower and was destroyed
when the first plane hit.
Despite many failures in the response to 9/11, there were plenty of
successes. In less than 20 minutes, over 1,000 responders descended on
the Towers and initiated the largest rescue effort, ever. Thousands of lives
were saved due to the mitigation and preparedness actions taken after the
first WTC bombing and the dedication of police, fire and civilian
personnel. Casualties were also limited at the Pentagon due to the rapid
and coordinated response of police, fire and military personnel and
mitigation measures, such as safety glazing in the windows of the
Pentagon, installed after the Oklahoma City bombing.
Ultimately, the 9/11 Commission pointed to six specific weaknesses in the
aviation security system:
•
•
•
•
•
A pre-screening process that focused on detecting potential
aircraft bombers and not potential hijackers.
Sloppy checkpoint screening and permissive rules
regarding small knives.
A lack of in-flight security measures, such as air marshals
and reinforced cockpit doors.
An industry-wide strategy of complying with hijackers in a
non-confrontational manner.
A lack of protocols and capabilities for executing a
coordinated Federal Aviation Administration (FAA) and
military response to multiple hijackings and suicidal
hijackers (Elias 2005, pp 1).
Many of these weaknesses were addressed in the Aviation and
Transportation Security Act of 2001.
ACE – Security
Module 1
Page 32
The Aviation Security System since 9/11
Introduction
With few significant changes, the aviation security system stayed
essentially the same between the Gore Commission in 1996 and the
terrorist attacks of 2001. The terrorist attacks of September 11th triggered
the most sweeping changes in security in the history of aviation. Privately
contracted screeners were replaced by federal employees at almost all
commercial service airports, cockpit doors were reinforced, air marshals
put back on aircraft, and some pilots started carrying guns. But the most
significant change resulting from September 11th was the new perception
of hijackings by the United States and the world.
Hijackings were no longer considered a political act, with the strategy
of getting the negotiators to talk to hijackers as a way to peacefully resolve
the situation. As a result of the September 11th hijackings, aircraft were
now turned into weapons of mass destruction capable of leveling the
tallest buildings in the world and killing thousands of people at one time.
This change in perception was obvious in several air rage incidents taking
place after September 11th, in which passengers intervened to protect the
cockpit. One of the most significant cases of passenger intervention took
place in December of 2001, when several passengers prevented suicide
bomber Richard Reid from igniting an improvised explosive device in his
shoe.
The Aviation and Transportation Security Act of 2001
Passed on November 19, 2001, ATSA created sweeping changes in both
airport and airline security. The ATSA created the position of
Undersecretary for Transportation Security, transferring authority for
all civil aviation security functions to the TSA.
ATSA also created the position of Federal Security Director for every
commercial service airport.9 Prior to 9/11, the FAA’s Civil Aviation
Security Field Office (CASFO) handled security inspections and
enforcement at commercial service airports. The Federal Security Act of
1996 created the position of Federal Security Manager (FSM) at the
Category X airports to oversee many of the security functions. This
arrangement occasionally created conflict with the local CASFO’s “Cat X
agent,” who was also there to oversee enforcement and compliance with
the airport security plan, federal regulations and aircraft security
equipment.
9
While the legislation called for an FSD at each commercial service airport, it was soon
discovered this requiement was financially and operationally impractical. In some cases, the FSDs
are assigned to more than one commercial service airport. There is an FSD designated to oversee
security at each commercial service airport; however, not all airports have their FSD on site.
ACE – Security
Module 1
Page 33
The Federal Security Director for each airport is responsible for
overseeing baggage and passenger screening and for ensuring that airports
meet regulatory requirements. The FSD approves the Airport Security
Program and works with the airport operator on the implementation of
Security Directives and federally mandated security programs, such as
behavior detection, travel document checking and random anti-terrorism
measures.
ATSA brought Federal Air Marshals (FAM) back to the airways. The air
marshal program began in the 1970s; however, throughout the ‘80s and
‘90s the program continued to reduce its numbers, and by 9/11, only
consisted of about 33 agents, mostly operating on high-risk international
flights.
Airport perimeter security was addressed in ATSA and required airports to
develop procedures or methods to screen all personnel and goods
entering the secure area of an airport. This requirement included
establishing pilot programs to test biometric technology for access control
and developing security awareness programs for airport and airline
personnel.
Most significantly, ATSA federalized the screening workforce and
established training and employment guidelines for screening personnel.
ATSA required 100% screening of checked baggage by December 31,
2002, which was a significant requirement in terms of money and the
ability to manufacture such equipment. While all TSA screening personnel
were to be deployed by November 19, 2002, a deadline the TSA met,
meeting the checked baggage requirement was a bit more difficult, and the
definition of “screened” was interpreted to include Positive Passenger Bag
Match, in order to meet this deadline.
The requirement to screen passengers and baggage before allowing the
individual or the item on board an aircraft is placed on the aircraft
operator, not on the airport. However, the airports must be properly
equipped and designed to operate such screening devices.
At most commercial service airports within the U.S., passenger and
baggage screening is conducted by the TSA; however, it is still the
responsibility of the aircraft operator to disallow any person or item from
being placed on their aircraft that has not undergone the appropriate
screening process. This practice helps ensure that aircraft operators
conducting operations at foreign destinations continue to comply with the
same security standards they are required to comply with in the U.S.
At the time ATSA was passed, much of the EDS equipment was not
available for deployment, nor did the manufacturer’s production rate of
the equipment allow airports to meet the federal deadline of December 31,
2002, for 100% screening of checked baggage. In fact, by the end of 2002,
only a couple of airports could meet this requirement. ATSA allowed
ACE – Security
Module 1
Page 34
aircraft operators to not only use positive passenger bag matching,
but also K-9 teams, manual search, or other technology to meet the
100% checked bag requirement. To date, this “allowance” is still in
place until all commercial service airports are able to implement EDS
technology.
ATSA also addressed air cargo issues, most notably cargo on
commercial passenger airliners, but some new regulations did apply to the
“all-cargo” carriers such as UPS and FedEx. ATSA called for procedures
to be implemented as soon as practicable to screen cargo carried aboard
commercial airliners. In 2006, rulemaking for air cargo operators was
passed and was implemented in 2007.
ATSA made it illegal to assault airport screening personnel or anyone
involved with aviation security, including the flight crew. While assault
is illegal in all 50 states, ATSA made it a crime, prosecutable in federal
court.
ATSA called for the development of technology to detect or neutralize
chemical and biological weapons.
To help fund the security measures, a $2.50 per passenger fee was also
added for all passengers flying commercially.
The 300-foot went from being a contingency plan to the rule. Airports
were not allowed to keep vehicles parked within 300 feet of their terminal
building, unless the airport operator could demonstrate to the TSA that
safeguards were in place.
Criminal history record checks finally got their long needed overhaul.
Now, all employees who are granted unescorted access to the airfield are
required to undergo a CHRC. Even previously “grandfathered” employees
are required to undergo the fingerprint-based checks. Computer and
fingerprint machines in airports now allow quicker access to the FBI
databases.
One loophole in ATSA with regard to the criminal history background
check system is the lack of a requirement to verify the identity of the
individual applying for unescorted access. With false documents, an
applicant who does not have a criminal history, but may be an illegal alien
or a terrorist, can apply for an airport identification badge, clear the
background check, and be issued unescorted access media. Several
airports across the United States had hundreds of employees arrested by
the Immigration and Naturalization Service for being illegal aliens. These
employees had unescorted access to the airfield and secured areas. Many
airports now pay private contractors to verify the identity of applicants.
However, this procedure is not funded by the federal government. The
TSA issued a Security Directive subsequent to 9/11 to require airports to
verify the identity of badge applicants.
ACE – Security
Module 1
Page 35
Other requirements within ATSA include the requirement to reinforce
cockpit doors on commercial passenger airliners. Many commercial
aircraft today also have enlarged viewing holes and, in some cases, CCTV
video of the cabin.
General aviation security was addressed with regards to rules on
commercial charter or cargo flights on aircraft exceeding 12,500 pounds.
ATSA required passenger manifests on international flights coming into
the U.S. to be transmitted to TSA within 15 minutes of departure, but in
2007, new legislation was passed requiring the aircraft operator to transmit
the passenger manifest prior to departure.
Key Issues
ATSA also initiated several new programs including some designed to test
concepts and others designed to streamline the security processes,
including the Screening Partnership Program (SPP), Trusted Traveler, the
Transportation Worker Identification Credential (TWIC), and Secure
Flight.
THE SCREENING PARTNERSHIP PROGRAM (AKA OPT-OUT)
ATSA required the TSA to establish pilot projects at up to five airports
where employees of qualified private companies under federal oversight
would perform screening. The law requires those contract screeners to
meet all the requirements applicable to federal screeners. The TSA
calls this the Screening Partnership Program, but it is commonly referred
to in industry as “opt-out.” The initial opt-out airports are:
• San Francisco, Category X.
• Kansas City International, Category 1.
• Greater Rochester International (New York), Category II
• Jackson Hole Airport (Wyoming), Category III
• Tupelo Airport (Mississippi), Category IV
•
In each of the above instances, with the exception of Jackson Hole, the
airports are assigned contractors that the TSA has hired. In Jackson Hole,
designated and trained airport employees conduct the screening. All U.S.
commercial service airports have been able to apply for Opt-Out since
November 19, 2004. The total number of opt-out airports as of 2011 is 17;
however, several other airports have had applications in to the TSA for
quite some time. In 2011, the TSA made a controversial decision to reject
existing and future opt-out applications unless there was a clear benefit to
the TSA.
Congressional response has not been favorable to this decision, and the
issue is likely to continue as a topic of debate.
Opt-out allows an Airport Operator to have screening carried out by the
screening personnel of a qualified private screening company, provided
ACE – Security
Module 1
Page 36
that the level of provided screening services and protection is equal to or
greater than that provided by federal government personnel and that
the screening is provided by companies owned and controlled by U.S.
citizens. The federal government, however, maintains supervisory control
over screening personnel and performs the actual acquisition of the
contractor. The TSA notes that airport operators may be allowed to
participate in the selection process and potentially manage the private
screening company if the airport itself applies to be the screening
company (such as in the case of Jackson Hole, WY).
On April 22, 2004, the TSA released a report on performance of the pilot
program. The report used three criteria: security effectiveness, cost, and
customer and stakeholder impact. The report concluded that the
effectiveness of screening was equal to, and, in one case above the average
level, of federalized airports, and that costs were not significantly
different. When measuring customer and stakeholder impact, the results
were mixed. Some passengers felt safer with the federalized screeners and
passenger wait times at the opt-out airports were slightly lower at the
larger airports. There was not enough data available at the smaller airports
to support any conclusion on wait times.
The difference in the opt-out private screening program versus the
privatized screening companies used prior to 9/11 is that the new program
is funded and managed by the federal government, not the airlines.
Additionally, screeners must now meet certain minimum training and
performance standards, receive higher compensation and have direct
federal oversight. The use of private screening companies is common at
airports throughout the European Union and at Israel’s Ben Gurion
International Airport.
Some advantages of opt-out are that it allows airports to streamline the
hiring process of screeners (the federal process is quite lengthy and
collective bargaining is approved for TSA screeners, which some feel may
make the process of hiring and firing employees longer) and the airport
operator could conceivably use airport funds to increase staffing levels,
thus reducing passenger wait times – still the subject of debate.
Additionally, contractors have significant discretion in operational and
management decisions, including overhead, materials, recruiting,
compliance, and scheduling. The TSA’s major goals for the opt-out
program are security, customer service, competitive costs, and a privatepublic sector partnership. Contractors generally experience a lower rate of
workers compensation claims and can often cover the same
responsibilities with up to 20% less staff.
Initially, one critical area the TSA did not address is liability should a
weapon or explosive get through a private screening checkpoint and that
neglect result in death and/or destruction to an aircraft; however, this is
now changed. Under Section 44920 of Title 49, United States Code,
ACE – Security
Module 1
Page 37
airport operators are not liable for any claims for damages filed in State or
Federal court (including a claim for compensatory, punitive, contributory,
or indemnity damages) relating to the Airport Operator's decision to
submit an application to the Secretary of Homeland Security under
subsection or the decision not to submit an application; or from any act of
negligence, gross negligence, or intentional wrongdoing by a qualified
private screening company or any of its employees in any case in which
the qualified private screening company is acting under a contract entered
into with the Secretary of Homeland Security or the Secretary's designee;
or employees of the Federal Government providing passenger and
property security screening services at the airport.
Also helping to provide legal protection is the The Support Anti-terrorism
by Fostering Effective Technologies Act of 2002 (SAFETY Act), which
provides legal liability protections for providers of Qualified AntiTerrorism Technologies – whether they are products or services, which
include private screening companies. The protections extend to their
clients:the U.S. government and, potentially, the airport operator.
The role and responsibility of the FSD does not change with a privatized
screening company, but how the FSD carries out their duties does change.
With a federal work force, the FSD has direct supervision and control over
the screening workforce and the implementation of administrative
policies. With a contractor providing the workforce, the FSD has
responsibility for overall security but not direct control over the
administration of the workforce.
In 2010, the implementation of an aggressive form of pat-down at the
screening checkpoints by screening personnel renewed calls for privatized
security. However, many of the politicians who sought the private
companies were under the mistaken belief that a private company would
not use the aggressive pat-down process. This is not true. While the
personnel at the checkpoint may change with a private contractor, the
approved screening procedures do not.
TRUSTED TRAVELER
ASTA called for a Trusted Traveler program, which was rapidly renamed
Registered Traveler (RT) by the TSA, which rendered the original intent
of the program ineffectual. Trusted Traveler was to allow certain
passengers the opportunity to bypass certain or all screening processes in
exchange for telling the government more about themselves. TSA balked
at this program and approved the Registered Traveler program instead,
which only provides front-of-the-security-line privileges. RT participants
must undergo a Security Threat Assessment (STA)10 in order to confirm
that they do not pose or are not suspected of posing a threat to
10
The STA includes checking each applicant's identity against terrorist-related, law enforcement, and
immigration databases that TSA maintains or uses. RT applicants who receive an approved STA result may
become program participants (Source: http://www.tsa.gov/what_we_do/rt/index.shtm)
ACE – Security
Module 1
Page 38
transportation or national security and provide biometrics data (fingerprint
and retina scan).
The RT program is market-driven and offered by the private sector, with
TSA largely playing a facilitating role.
Some airports have expanded the RT privileges to include:
•
Modified airport configuration to minimize RT passenger
wait times, including dedicated or integrated lines and
lanes – bypassing even the frequent flyer lines.
•
Enhanced customer service for RT participants, such as
divesting assistance, concierge service for luggage, and
parking privileges.
•
Discounts for service or concessions (at certain airports).
Up until 2011, the TSA had been adamant that RT status would not result
in a lesser standard of screening for participants. However, TSA is now
reassessing the true “Trusted Traveler” concept, but, as of this writing, it is
still in its early stages.
SECURE FLIGHT (FORMERLY CAPPS II)
In 1996, the Gore Commission recommended the first passenger profiling
system, known as the Computer Assisted Passenger Prescreening System
(CAPPS). In January 2003, TSA proposed a new system called CAPPS II,
which would have required passengers to provide airlines with a large
amount of personal information to be checked against various government
databases, including the No Fly and Selectee list. The program was
massaged and ultimately became known as Secure Flight.
Under Secure Flight, TSA takes over responsibility for checking airline
passengers’ names against terrorist watch lists. TSA has now taken over
responsibility for comparing Passenger Name Record (PNR) information
of domestic air passengers to a greatly expanded list of known or
suspected terrorists in the Terrorist Screening Center (TSC) database.
Secure Flight is intended to:
•
•
•
•
Prevent individuals on the No Fly List from boarding an
aircraft.
Identify individuals on the Selectee List for enhanced
screening.
Facilitate passenger air travel by providing fair, equitable
and consistent matching process across all aircraft
operators.
Protect individuals' privacy.
ACE – Security
Module 1
Page 39
Along with Secure Flight, the Department of Homeland Security manages
the Advance Passenger Information System (APIS), which allows DHS
to collect passenger manifest information for international flights
departing from or arriving in the United States prior to boarding.
TRANSPORTATION WORKER IDENTIFICATION CREDENTIAL (TWIC)
The TWIC program provides a tamper-resistant, biometric credential to
transportation workers requiring unescorted access to secure areas of
transportation facilities – it is expected that this program will migrate to
the aviation community within a few years. In addition to TWIC being
included into ATSA, in 2004, President George W. Bush signed executive
policy Homeland Security Presidential Directive-12 (HSPD-12), which
directed the agencies to unify the government's identification badge
systems through a new standard.
The concept of the TWIC program is to improve security by establishing a
system-wide common credential, used across all transportation modes, for
all personnel requiring unescorted physical and/or logical access to secure
areas of the transportation system. TSA has plans to implement a systemwide common architecture to meet current and future, physical and logical
access requirements for all personnel, of all transportation modes, in all
TSA areas of responsibility. The goal is to have one standardized
credential that is universally recognized and accepted across the DOT, and
that can be used locally using a scalable architecture. The card will be
multi-modal and used in aviation, maritime, trucking, and other surface
transportation.
Presently, most individuals working at an airport or other transportation
facility must have an access media card (access/ID), which is encoded to
allow them access to certain areas. These cards serve as both identification
credential and access key. Challenges in implementing TWIC into the
aviation program are the large number of proprietary access control
systems at hundreds of U.S. commercial airports and the ability, by
regulation, of the airport operator to restrict access to the security areas of
the airfield. Some early TWIC cardholders claim that their credential
provides them access to any airfield, which is wrong on two accounts. The
TWIC is not an access card, only an identification card, and airport
operators through Title 49 CFR Part 1542 (Airport Security) and through
Title 14 CFR Part 139 (Public Protection) have the right to decide who can
access the Security Areas.
An additional challenge is that airport operators want to know the level of
background check that has been completed before allowing an individual
access to their airport. TWIC presently does not allow airport operators to
see the records of their cardholders.
Along with TWIC, ATSA called for the establishment of a uniform
identification system for law enforcement officers traveling with their
ACE – Security
Module 1
Page 40
firearms. This program has not moved forward independently since the
passage of ATSA and may ultimately be wrapped up in the TWIC.
ACE – Security
Module 1
Page 41
Aviation Security Events since 9/11
Shortly after 9/11, in November 2001, the Nuclear Regulatory
Commission temporarily ordered the closure of 500 general aviation
airports across the U.S., when they believed that intelligence indicated a
possible plot to attack nuclear facilities, using aircraft. The NRC ordered
the closure of any airport within a three-statue mile radius of a nuclear
facility. Commercial service airports were not affected.
Then, on December 22, 2001, Richard Reid, a British citizen and convert
to Islam, was arrested for trying to light a fuse to set off explosives
concealed in his sneakers while on American Airlines Flight 63 from Paris
to Miami. Reid was initially identified as a potential risk by contract
airport security screeners conducting routine passenger security
questioning. Reid was already considered suspicious, as he was a British
citizen, traveling on a Passport issued in Brussels while flying from France
to the United States. These inconsistencies, particularly the Brussels
passport issued to a citizen of the U.K., resulted in Reid being referred to
Paris police, who questioned and released him.
A flight attendant noticed Reid’s unusual behavior, and she, along with
other passengers, subdued him until the plane made an emergency landing
in Boston. Two doctors onboard injected him with sedatives. Reid
admitted he is a disciple of Osama bin Laden and allegedly was trained at
an Al Qaeda terrorist training camp. He pleaded guilty and is serving a life
sentence for air piracy.
In 2002 and 2003, two surface-to-air missile attacks on commercial
airliners made headlines. In November 2002, a pair of surface-to-air
missiles was fired at an El Al charter flight as it departed Mombassa,
Kenya, both missing their target. In the other incident, a DHL Airbus 300
cargo aircraft was hit with a surface-to-air missile as it departed Baghdad
International Airport. The wing caught fire; however, the aircraft landed
safely. In this incident, terrorists fired two SA-7’s at the aircraft, but only
one hit the plane. A French TV crew filmed the incident.
LAX Airport Shooting – Terminal Attack
On July 4, 2002, a gunman opened fire near the El Al ticket counter at Los
Angeles International Airport, in the Bradley International Arrivals Hall.
The attack killed two people and wounded four others. The gunman was
shot and killed by an El Al security agent.
An El Al official stated they had received prior intelligence of a potential
attack of this nature. The shooter, Hesham Mohamed Hadayet, was armed
with a .45 caliber handgun, a 9 mm handgun and a knife with a six-inch
blade. He did not have to pass through screening to reach the ticket
counters and was therefore able to enter the public areas and commence
his attacks without warning.
ACE – Security
Module 1
Page 42
In interviews conducted with LAX, it was learned that authorities, and
LAX police officers with submachine guns in a tactical response
formation, responded to the scene just moments after the El Al agent
killed Hadayet. This detail is important to note, as many airport police
officers are still ill-equipped to handle heavily armed gunman. Some
airports such as LAX and Boston/Logan have equipped some of their
police officers with submachine guns, providing their officers the
capability of an adequate response to similarly armed attackers.
Russian Airliner Bombings
In August of 2004, suicide bombers destroyed two Russian airliners. Both
bombers boarded the aircraft at Russia’s Domodedovo International
Airport. They were able to bypass some security processes, such as not
having the proper passports, by bribing airline ticketing personnel. It is
assumed that they were able to pass through the screening checkpoint
wearing the explosives as Russia’s walk-thru metal detectors, (similar to
those used in the U.S.) do not detect explosives, only metal. Over 89
passengers and crewmembers died in the bombings. Both female bombers
concealed the explosives in their braziers.
Shortly thereafter, the TSA initiated a pat-down procedure for passengers
requiring secondary screening, as well as initiated the deployment of
Portal Trace Detectors (PTDs). The PTD is slightly larger than a metal
detector, but it can detect trace elements of explosives on an individual.
These were in limited use throughout the country but have been replaced
by body imaging technology.
Liquid Bomb Plot – Again
Although the plot to blow up 11 to 12 U.S. bound commercial airliners
was originally planned in 1994 by Ramzi Yousef, the same plot,
uncovered in August 2006, seemed to catch many in the government and
the general public by surprise. The plot, uncovered by United Kingdom
MI-5 internal intelligence authorities, was similar to the Yousef plot in
that it was intended for individuals possessing small amounts of liquidbased explosives to board commercial aircraft departing the U.K. for the
United States. The explosives would be smuggled in small containers,
such as contact lens solution bottles.
After the attack was uncovered and thwarted, the resulting impacts on the
aviation industry and the flying public are still being felt. Initially, U.K.
authorities banned travelers from virtually all carry-on baggage including
laptop computers, cell phones, iPods and other personal music devices,
and nearly all liquids, including bottled water. In the United States, liquids
in excess of three ounces were banned from being carried on-board unless
the items were purchased after the passenger cleared the screening
checkpoint.
ACE – Security
Module 1
Page 43
While some individuals who are clearly less educated on the aviation
industry publicly speculated that this incident should require that
passengers not be allowed to even have carry-on bags, the complete ban
on these items was lifted after a few weeks in the U.K. and restrictions
were relaxed a bit in the U.S., as well. During the ban, many passengers
reported broken or stolen laptops, cell phones and other electronic
equipment, and millions of dollars in cosmetics and other liquids were
thrown away at security screening checkpoints.
The primary challenge during the ban was that current screening
technology is unable to detect liquid-based explosives. Although
passengers are restricted to bottles containing three ounces or less of
liquids (everything else has to be checked), there is considerable debate
about the ability of a terrorist to either 1) take on several bottles each
containing three ounces of a liquid-based explosive or 2) work with a
accessory to combine liquids and construct an explosive device once on
the aircraft.
Restricting carry-on baggage, particularly laptops for business travelers
and on ocean transit flights, limits the ability of the individual to work
while on the flight. Forcing expensive electronic equipment, particularly
laptop computers, into checked baggage opens the door for widespread
and expensive theft, property damage and identity theft and corporate
espionage if the information on the laptops is stolen and sold, not to
mention the potential invasion of privacy rights. Since a large share of
airline revenue is made from the business traveler, it is important to
accommodate their business activities, or they will seek other options,
such as private charter operations, or telephone conferencing.
Another challenge created by such policies occurs when travelers are
forced to check cell phones. If so, they are unable to use such devices
while in the boarding area prior to the flight. While this primarily affects
business travelers, it could also be a security of flight issue, as the use of
cell phones on United 93 allowed passengers to be informed of the
hijacker’s intentions, enabling them to fight back.
The rapid implementation of the liquid ban resulted in thousands of people
jamming airport ticketing and screening lines, creating a tempting target
for a suicide bomber using a personal improvised explosive device or a
VBIED. The liquid bomb plot highlights a key area that must be
addressed within aviation security, which is the need to keep up with
developing threats and technologies (for example, no technology was
being used that could detect liquid-based explosives, although the attempt
first occurred 11 years earlier).
Attacks on Aviation Continue into the 2010’s
In late 2006, there was a plot uncovered to shoot down an El Al airliner
in Geneva. This discovery resulted in El Al installing counter-MANPAD
(C-MANPAD) systems on their aircraft. These systems are similar to
ACE – Security
Module 1
Page 44
those used on military aircraft and rely on the dispensing of flares to trick
a MANPAD into following the flare instead of the aircraft.
In late 2006 and early 2007, several attacks occurred on the airport in
Madrid, Spain, a suicide bomber attempted attack at the airport in
Islamabad, Pakistan, and a vehicle-borne improvised explosive device
attack occurred on the terminal building in Glasgow, Scotland.
Also in 2007, the Implementing the Recommendations of the 9/11
Commission Act was passed, which mandated the inspection of 100% of
all air cargo, and created Fusion Centers, which serve as intelligence focal
points for homeland security related information.
In 2008, TSA personnel stopped an individual with explosive-making
materials in his backpack at the Orlando International Airport.
In 2009, Najibullah Zazi was captured while plotting an attack on the New
York City subway system. He was a shuttle bus driver at Denver
International Airport.
On December 25, 2009, Umar Farouk Abdulmutallab attempted to ignite a
bomb hidden in his underwear on board Northwest Airlines Flight 253.
Passengers and flight attendants prevented him from completing the attack
and was taken into custody on six criminal counts, including attempted use
of a weapon of mass destruction and the attempted murder of 289 people.
In 2010, al Qaeda in the Middle East took responsibility for placing two
bombs in ink printer cartridges and shipping them via air cargo. This plot
renewed a focus on both al Qaeda’s attacks on the U.S. and the world in
general, and accelerated air cargo security measures. Additionally, one of
the leaders of al Qaeda in the Middle East, Anwar Al-Awlaki, is becoming
a propaganda specialist of sorts with YouTube broadcasts and via his
magazine, Inspire. The Yemen air cargo attack was featured in an issue of
Inspire, discussing how the bombs were constructed and bragging that the
attack cost just about $4,000 for al Qaeda, but is resulting in billions of
dollars being spent by the U.S. and other countries to try to prevent future
such attacks. This is inline with one of the strategies of al Qaeda, which is
the economic weakening of the U.S.
On January 24, 2011, an apparent suicide bomber detonated their
explosives in the public terminal area of Moscow’s Domodedovo Airport,
killing over 30 people and injuring more than 150. The attacks in airport
public areas have increased debate over how to protect the airport as a
whole instead of a singular focus on the screening checkpoint.
On average, about five to six hijackings, along with numerous incidents of
air rage and airport attacks occur worldwide every year.
ACE – Security
Module 1
Page 45
Summary
Up until 9/11, many of the aviation security measures were established as
a result of a new form of attack or repeated attacks. When hijackings and
bombings increased beyond the public’s ability to tolerate them, the use of
air marshals and passenger and carry-on baggage screening were
implemented.
In the 1980s, as international terrorism focused more on aviation, and
employees became perpetrators and facilitators of air security incidents,
the aviation industry increased regulations on airport access control and
credentialing. Throughout the 1990s, moderate changes were made;
however, with few exceptions, air terrorism had virtually ceased to exist in
the U.S.
The 9/11 attacks brought the U.S. back to the forefront of air terrorism,
and the Transportation Security Administration was created along with the
passage of the Aviation and Transportation Security Act of 2001.
Throughout the 2000’s and into the 2010’s, attacks on the United States,
specifically on aviation, continue to occur. Our industry remains
challenged by having to make tough decisions about where to put our
money and resources to prevent the next attack.
Television, books and movies have provided an unending stream of ideas
for criminals and terrorists. As far back as the classic movies, “Airport,”
“Airport 75,” “77” and “79,” “Die Hard 2,” and others, Hollywood has
discovered dozens of ways to put the aviation security system to the test.
In fact, the specific strategy of hijacking an aircraft and crashing into the
nation’s Capital was explored in the plot of Tom Clancy’s book Debt of
Honor. Instead of looking at these books and movies as a source for
terrorist ideas, security professionals might view them as potential future
threats to be mitigated, prepared for, or defended against.
ACE – Security
Module 1
Page 46
The Aviation Security System: Agencies, Entities
and Responsibilities
The Department of Homeland Security
The Homeland Security Act of 2002 created the Department of Homeland
Security within the Executive Branch. Several governmental agencies
were relocated or consolidated under DHS including the U.S. Coast
Guard, TSA, the U.S. Secret Service, and the Federal Emergency
Management Agency. Former U.S. agencies such as the U.S. Border
Patrol, U.S. Customs and the U.S. Immigration and Naturalization Service
were blended into DHS and reorganized under Immigration and Customs
Enforcement (ICE) and Customs and Border Protection (CPB). The
primary mission of DHS is to: (1) help prevent terrorist attacks in the U.S.,
(2) reduce the country’s vulnerability to terrorism, and (3) assist in
recovery after an attack.
The Transportation Security Administration
Created by the Aviation and Transportation Security Act of 2001, the TSA
does not just oversee aviation security functions. The agency also oversees
maritime and land security, and certain security intelligence and
operations policy. The context of this document will address the aviation
security function.
The TSA’s organizational chart has changed frequently since the
organization’s inception. For the latest organizational chart and structure
refer to www.tsa.gov.
Of importance to aviation security practitioners with respect to the TSA is
that the agency is primarily responsible for aviation security at the federal
level. The TSA provides staffing for the screening checkpoints and
baggage screening and ensures compliance with federal transportation
security regulations. Within each commercial service airport, the TSA also
serves in an oversight capacity and an operational capacity through the
activities of the Federal Security Director and his staff.
TSA also is involved in numerous other programs, including:
The Federal Air Marshal Program – hiring, training, and operations of
FAMs.
National Explosives Detection Canine Team Program – started in 1970
by the FAA to train and certify canines and their handlers.
Training and certification of Federal Flight Deck Officers (FFDO) – the
program to provide firearms and self defense training to pilots of
commercial air carriers.
ACE – Security
Module 1
Page 47
Crew Member Self Defense Training Program – a basic self defense
awareness program combined with hands on training at a local community
college.
Armed Security Officers Program – provides armed security officers for
use on general aviation flights arriving and departing from Reagan
National Airport.
Office of Training and Development - provides rapidly deployable,
national level resources regarding all aspects of Chemical, Biological,
Radiological, Nuclear and Explosives (CBRNE).
The Federal Security Director
At the local level, most airports and airline operators work directly with
the Federal Security Director (FSD) appointed to their airport. FSD duties
include:
•
•
•
Service functions, including the screening of passengers,
checked baggage and cargo.
Regulatory functions, including airport and aircraft
operator compliance inspections and approvals of airport
security programs, oversight of the canine program and
internal investigations.
Administrative functions, including staffing, budget and
finance personnel, human resource personnel, engineering,
procurement, public relations officers and stakeholder
managers.
The Federal Security Director is responsible for providing day-to-day
operational direction for federal security functions at the nation’s
commercial service airports. The FSD is the local ranking TSA authority
at each airport and is responsible for the leadership and coordination of
TSA security activities, including tactical planning, execution, and
operating management for coordinated security services. The job
description for the FSD lists the following responsibilities:
Organizing and implementing the Federal Security Crisis Management
Response Plan.
Implementation, performance and enhancement of security and screening
standards for airport employees and passengers.
Oversight of passenger, baggage and air cargo security screening.
Airport security risk assessments.
Security technology implementation and maintenance within established
guidelines.
Crisis management.
ACE – Security
Module 1
Page 48
Data and communications network protection and recovery and its impacts
on federal security responsibilities.
Employee security awareness training.
Supervision of federal law enforcement activities within the purview of
the FSD and TSA.
Coordination of federal, state, and local emergency services and law
enforcement.
FSDs are assigned to an airport, or in the case of smaller airports, a group
of airports.
The FSD is assisted by two to three deputies, an Assistant Federal Security
Director (AFSD) for Regulatory Inspection and an Assistant Federal
Security Director for Screening. In some cases, an additional deputy for
Law Enforcement may also be included.
The AFSD – Regulatory Inspection is the principal advisor to the FSD on
all matters concerning enforcement and compliance with airport and
aircraft operator security programs and Security Directives. They plan,
coordinate, and manage an inspection program for compliance by airlines
and other airport tenants with airport and aviation security policies and
regulations. They oversee a staff of Transportation Security Inspectors
(TSIs) responsible for conducting comprehensive assessments and
investigations of airport and air carriers to:
•
•
•
•
•
•
Determine security position, monitor compliance with
applicable transportation security policies, regulations and
agreements.
Identify potential problem areas or deviations from
prescribed standards.
Ensure overall adequacy, effectiveness and efficiency of
security posture.
Provide technical guidance to airports and air carriers on
the development and/or modification of a large number of
security plans to ensure compliance with regulatory
requirements.
Determine when enforcement action should be initiated and
recommend the type of action and level of penalty.
Review and analyze assessment reports and testing results
with special attention given to identifying unusual trends or
airport/air carrier actions that appear to have potential for
developing a security problem.
ACE – Security
Module 1
Page 49
The AFSD of Screening manages the security screening staff, including
checkpoint supervisors, manages screening operations, and administers
regulations and policies pertaining to TSA’s aviation security program.
Screeners are known as Transportation Security Officers (TSO), whose
authority is only in relation to screening, not other airport operator
functions; TSOs do not have inspection authority over airport or aircraft
operator security programs, nor are they certified law enforcement
officers. Some TSOs serve as Behavior Detection Officers (BDO), while
others work in the Travel Document Check area of the screening
checkpoint.
The AFSD for Law Enforcement is one of the few, true law enforcement
agents within the TSA (beside air marshals). AFSD-LEOs coordinate with
local and state law enforcement for protection of the airport, as well as
manage the Bomb Appraisal Officer (BAO) program.
The third division overseen by the FSD is administrative, often comprised
of stakeholder managers who coordinate with airport and aircraft operators
on security issues, public relations officers, finance, human resource and
other administrative personnel.
Federal Air Marshals
On September 11, 2001, the Federal Air Marshal program consisted of
about 30 FAMs flying mostly international flights. Today, thousands of air
marshals fly on tens of thousands of flights each month on a wide variety
of routes and aircraft. The Department of Homeland Security is naturally
reluctant to release the total number of air marshals it currently employs. It
would be a matter of simple math for terrorists to figure out the odds of air
marshals being on a particular aircraft if they knew the total number of
marshals employed by the agency.
Federal Air Marshals disguise themselves as ordinary travelers to maintain
a low profile and blend in with passengers aboard mostly high-risk routes
on U.S. carriers. They are authorized to carry firearms and work in teams
to prevent hijackings. Federal Air Marshals are trained in the Federal Law
Enforcement Training Center in Glynco, Georgia, and are badged and
credentialed federal agents. Aircraft operator requirements for carrying
Federal Air Marshals are covered in section 1544 of Transportation
Security Regulations. Air marshals must meet the highest standards for
marksmanship, for obvious reasons, and are there to protect the flight deck
from intrusion. Many times, they may not intervene in a passenger
disruption, until or unless the safety of the flight is jeopardized. In one
recent case, an individual exited an aircraft lavatory and joked to an air
marshal (unknowingly) that he was constructing a bomb in the lav. The
flight immediately landed in Denver, Colorado, and the individual was
taken into custody.
ACE – Security
Module 1
Page 50
The Canine and Explosives Program
The TSA National Explosives Detection Canine Program (NEDCP)
exists to deter and detect the introduction of explosive devices into the
transportation system. In addition, bomb threats cause disruption of air,
land and sea commerce, and pose an unacceptable danger to the traveling
public and should be resolved quickly. Explosives detection canine teams
are a proven, reliable resource to detect explosives and are a key
component in a balanced counter-sabotage program. The use of highly
trained explosives detection canine teams is also a proven deterrent to
terrorism directed towards transportation systems and provides a timely
and mobile response support to facilities, rail stations, airports, passenger
terminals, seaports and surface carriers. A more complete description of
the canine and explosives program is covered in a subsequent module.
Explosives Unit
The Explosives Unit provides an expert, rapidly deployable, national level
resource to conduct all aspects of transportation explosives security,
including: countermeasures development, testing and evaluation of
explosives effects and detection systems; explosives incident management,
technical support to DOT and other transportation security personnel;
Weapons of Mass Destruction Program Management, post-blast
investigations where a bombing is suspected; Least Risk Bomb Location
(LRBL) assistance to pilots with suspected Improvised Explosive Devices
(IEDs) in flight, and explosives security surveys and other technical
explosives assistance. Missions are performed for both U.S. and foreign
governments. A more complete description of the Explosives Unit is
covered in a subsequent module.
Screening Passengers by Observation Techniques (SPOT)
The SPOT uses Transportation Security Officers (i.e., screening
personnel) to conduct behavior observation and analysis techniques in the
public areas of the airport terminal building. The program is designed to
spot suspicious behavior and is in use by law enforcement and other
security services throughout the world (TSA 2007).
“TSA's SPOT-trained security officers are screening travelers for
involuntary physical and physiological reactions that people exhibit in
response to a fear of being discovered. TSA recognizes that an individual
exhibiting some of these behaviors does not automatically mean a person
has terrorist or criminal intent. SPOT does, however, help our security
officers focus appropriate resources on determining if an individual
presents a higher risk or if his/her behavior has a non-threatening origin.
Individuals exhibiting specific observable behaviors may be referred for
additional screening at the checkpoint to include a handwanding, limited
pat down and physical inspection of one's carry-on baggage. Referrals are
based on specific observed behaviors only, not on one's appearance, race,
ethnicity or religion” (TSA 2007).
ACE – Security
Module 1
Page 51
While SPOT has yet (as of August 2007) to catch a terrorist as he or she
attempts an attack, the program has captured several criminals or
individuals wanted by the law. Behavior pattern assessment is widely used
at many international airports.
Aviation Direct Access Screening Program (ADASP)
The Aviation Direct Access Screening Program (TSA 2007) focuses on
screening employees who already are entering the Sterile or Security
Areas of the airport. TSA personnel will dispatch to certain locations in
the airport (commonly locations where airport and airline employees and
airport tenants are moving from an airfield Security Area into the Sterile
Area) and conduct an identification check and handwand the employee. In
some cases, personnel conducting ADASP checks will perform them at a
perimeter gate where vehicles can access the Security Areas of the airfield.
The program, started in the fall of 2006, deploys officers
anywhere, anytime to inspect workers, their property and
vehicles. These officers ensure workers follow proper
access procedures when entering secure areas, display the
appropriate credentials, and do not possess items unrelated
to their work that may pose a security threat. Outside the
airport, random inspections include scrutinizing delivery
trucks or personal vehicles at access gates. Inside the
airport, roving patrols screen workers with handheld metal
detectors and examine property for threat items that are
unrelated to their work. Temporary checkpoints are also
created beyond access points to ensure access protocols
are followed and workers are screened before entering the
terminal. These measures do not impact wait times at
security checkpoints (TSA 2007)
It is important for ADASP personnel to coordinate with airport operations
and law enforcement agencies in case they need support, such as in the
case of an unruly or uncooperative employee, or if they find a threat item,
which ADASP teams have on several occasions. However, so far, in no
instance has there been proof that the threat item was intended to be used
in a terrorist attack on aviation.
Other Government Agencies
Commercial service airports, both large and small, can encounter a variety
of other government agencies, each of which has a role in the national
airspace system and some directly or indirectly in aviation security. These
other government agencies consist of Immigration, Agriculture and
ACE – Security
Module 1
Page 52
Customs inspectors, along with U.S. Post Office and FBI personnel. The
FBI often designates at least one agent to handle aviation security issues at
each field office. Additionally, FBI personnel respond to hijackings, bomb
threats and security incidents on airports.
Airport Security
Washington, D.C. may set the policy for aviation security, but it is the
local airport operator for who ensures those policies are implemented,
followed and enforced.
The Airport Security Coordinator
Another requirement of ATSA is that each commercial service airport
must have at least one Airport Security Coordinator on duty and available
24 hours a day, seven days a week. Since this is an impossible task for one
person, many airports have opted to have one primary Airport Security
Coordinator, as well as several other personnel trained to act in the Airport
Security Coordinator capacity as backup (in the event of vacations, travel,
sickness, etc.).
The Airport Security Coordinator is responsible for drafting the Airport
Security Program (ASP), which must be approved by the TSA. The
function of the ASP is outlined in more detail in the module on airport
security. The ASC must also be trained to be an ASC using the curriculum
guidelines set forth by the TSA (and outlined in Part 1542).
The ASC is responsible for conducting background checks on individuals
with unescorted access to the airfield, managing the access control system,
granting access to airlines, contractors, tenants, and vendors, conducting
security training for employees who receive an airport identification
badge, managing the security guards, and/or overseeing security
enforcement on the airfield and in the terminal building.
The ASC works with the police or sheriff’s department assigned to the
airport and other federal, state and local law enforcement agencies to
design and implement security contingency plans for bomb threats,
hijackings, airport attacks and other threats. The ASC is also responsible
for managing the airport’s K-9 bomb dog detection program.
Law Enforcement
Law enforcement agencies at an airport are responsible for enforcing laws,
just as they would be on the streets of any city or county. Additionally,
they have the responsibility to respond to screening checkpoints and
provide immediate response to security situations.
Law enforcement agencies also manage any K-9 bomb dog programs,
conduct VIP handling and are usually the first responders to any major
security incident.
ACE – Security
Module 1
Page 53
K-9 bomb detection dogs are provided by the TSA. The dogs and their
handlers are trained by the TSA, but it is the local agency’s responsibility
to provide the police officer, pay their salary, and take care of the bomb
detection dog once it is trained. Some of the expenses are reimbursed by
the TSA.
The police chief or sheriff must work closely with the ASC to provide
protection for the traveling public and affect a mutually beneficial
response to airport incidents.
Airport Operations
At larger airports, a separate division, commonly referred to as airport
operations, handles airfield inspections, security escorts, and various other
duties, but these personnel are often the first line of response and/or
detection of security problems.
Since the ASC is often an administrator role, at most airports it is the
responsibility of airport operations personnel to coordinate security guard,
law enforcement, and fire rescue response to airfield situations. Therefore,
the ASC should coordinate closely with airport operations personnel.
At small airports, airport maintenance personnel often double in the
operations role; at very small commercial service airports the operations
function may be conducted by the airport manager.
The most important point regarding airport security is the ASC drafts the
ASP. This plan is essentially a promise to the TSA, explaining how
security regulations will be met at each particular airport. The ASP is
unique to each airport, and once the TSA approves the ASP, the airport
must follow it.
Air Carrier Security
Screening was the majority of the air carrier security function prior to 9/11
and was moved to the domain of the federal government with the
enactment of ATSA. However, there are still several key air carrier
security functions.
The Airline Station Manager
At each commercial service airport, one individual is designated as the
station manager for the airline. This individual is responsible for the safe
and secure travel of the passengers on the airline, and also addresses
numerous administrative tasks like human resources, budgeting, and other
business functions.
Whenever a security incident involves a commercial aircraft, the station
manager is most often the sole representative of the airline to the airport,
the TSA, and/or law enforcement agencies. The station manager is often
the only one with the authority to make decisions on behalf of the airline.
ACE – Security
Module 1
Page 54
Aircraft Operator Security Coordinator (AOSC)
One individual is designated by each aircraft operator to be the primary
point of contact for the TSA. The AOSC is similar in role and function to
the Airport Security Coordinator and is responsible for the airline’s
compliance with federal regulations. Often, large aircraft operators will
designate additional AOSCs, one each for their major hubs.
Ground Security Coordinator (GSC)
The ground security coordinator is an airline employee who has been
trained by the airline to coordinate the security functions of each flight.
The GSC works with the airline station manager and the flight crew. In
large commercial service airports, many airline gate agent personnel are
trained as ground security coordinators. Additional information about the
role of the ground security coordinator and the role of air carrier security
is covered in a later module.
In-Flight Security Coordinator
The in-flight security coordinator is the pilot-in-command (PIC) of a
particular aircraft. The PIC has final responsibility for the safety of the
flight.
Corporate Security and Loss Prevention
Air carriers employ corporate security personnel who are responsible for
receiving and disseminating information from the Transportation Security
Administration, in addition to other risk and loss prevention duties.
Corporate security personnel also oversee the security training of flight
crews and ground personnel.
Human resource personnel often take care of ensuring that fingerprintbased CHRCs are completed. However, the AOSC is ultimately
responsible for ensuring these checks are properly conducted.
ACE – Security
Module 1
Page 55
Industry Organizations
A number of industry organizations influence aviation security policy:
•
•
•
•
•
•
•
•
•
•
•
•
•
•
American Association of Airport Executives
Air Line Pilots Association
Air Transport Association
Airport Law Enforcement Agencies Network
Airports Council International – North America
Airline Pilots Association
Allied Pilots Association
Association of Flight Attendants
National Association of State Aviation Officials
Coalition of Airline Pilots Associations
National Air Carrier Association
National Air Transportation Association
National Business Aviation Association
Regional Airline Association
Many of these organizations speak through the TSA’s Aviation Security
Advisory Committee (ASAC). Other organizations are added or removed
from the committee depending on the issue. As an example, when the
ASAC considered general aviation airport security guidelines,
organizations such as the General Aviation Manufacturers Association, the
National Air Transport Association and the U.S. Parachute Association
were part of the committee.
Summary
The TSA employs Federal Security Directors to oversee security at each
commercial service airport, most specifically the screening function. Each
airport has its own Airport Security Coordinator who primarily controls
access to the airfield, background checks and the badging and training of
personnel.
The ASC drafts the Airport Security Program, which is an explanation of
how federal regulations will be followed and met at the airport. Local law
enforcement agencies, airport operations and maintenance personnel are
often integral to the fulfillment of the ASP – being in the airfield, they are
the so-called “tip of the spear.”
Air carriers continue to serve security roles through their station manager,
ground security coordinators and pilots.
Industry trade associations represent various interests throughout the
aviation system including airport operators, the airlines, business aircraft
operators and general aviation aircraft owners and pilots.
ACE – Security
Module 1
Page 56
References
AirDisaster.com. (2007). "Special Report: Pacific Southwest Airlines
Flight
1771."
Retrieved
8/20/07,
2007,
from
http://www.airdisaster.com/special/special-pa1771.shtml.
Commission (2004). The 9/11 Commission Report. Washington DC.
Elias, B. (2005). Aviation Security-Related Findings and
Recommendations of the 9/11 Commission. C. R. Service, Library of
Congress: 20.
Rumerman, J. (2007). "U.S. Centennial of Flight Commission."
Retrieved
8/20/07,
2007,
from
http://www.centennialofflight.gov/essay/Government_Role/security/
POL18.htm.
Thomas, A. (2003). Aviation Insecurity. New York: Prometheus Books.
TSA. (2007). "Screening Passengers by Observation Techniques (SPOT)."
Retrieved
9-7-07,
2007,
from
http://www.tsa.gov/what_we_do/layers/spot/index.shtm.
TSA. (2007). "TSA Enhances Security With Employee Screening."
Retrieved
9-7-07,
2007,
from
http://www.tsa.gov/what_we_do/layers/employee_screening.shtm.
TSA. (2007). "VIPR Teams Enhance Security at Major Local
Transportation Facilities." Retrieved 9-7-07, 2007.
Wallis, R. (1993). Combating Air Terrorism. New York: Brassey's.
ACE – Security
Module 1
Page 57