Homeland Security Watch

The September issue of the Emerging Infectious Diseases includes a policy review that assesses variability in state plans to contain pandemic influenza. The report reviewed 49 of 50 states’ pandemic influenza plans (Lousiana was the only state without one on the web), and focused on three key areas: vaccination, surveillance & detection, and containment measures. Although the report describes variability in the first two areas, containment strategies–such as legal and practical plans for quarantine–showed the most marked heterogeneity:

…confusion and lack of specificity exist in these posted state plans in proposing practical containment measures in the community.

The authors, all from the Research Triangle Institute International (RTII), make helpful recommendations to fill this gap:

Several practical nonpharmaceutical containment steps need to be considered. For example, only approximately one third of the state plans are explicitly considering recommending self-isolation of adults with influenzalike symptoms and keeping children with such symptoms home from school and daycare. Even in this increasingly computer-based economy, in which a considerable percentage of persons can work from home most of the time, this simple stratagem is not addressed in most state plans. Other simple recommendations for use in the community, such as avoiding mass gatherings; shopping on off hours; and household and workplace strategies such as frequent hand washing, avoiding handshaking, and keeping towels separate, are often neglected in state plans.

We should remember that health officials who fought against the spread of SARS in 2003 used extensive exposure control measures, including restrictions on mass gatherings and voluntary home quarantines. Many officials credited such measures as important to slowing disease spread, including CDC director Julie Gerberding. And a Harvard survey of Toronto citizens impacted by SARS demonstrates that the public is not as allergic to the idea as many think. Creative solutions, such as Singapore attention to workforce issues and Hong Kong’s guidance for business and special needs groups, should be thoughtfully considered.

The RTII researchers suggest lack of federal guidance and gaps in epidemiological knowledge as primary reasons for variable state plans, and recommend a revision of the national pandemic influenza plan. Such a revised plan should pay close attention to exposure controls like isolation, quarantine, community restrictions, and other practical containment measures.

A quick post from the road. Be sure to check out this story from Chuck McCutcheon at Newhouse News headlined “Crumbling Infrastructure Worries Homeland Security Experts,” which quotes from a post that I wrote a few weeks ago. The story covers what I think is an interesting issue, and one to which Congress is paying increased attention as of late.

The George Washington University’s National Security Archive posted earlier this monththe full transcripts of the 9-11 air traffic control recordings, as well as detailed flight paths for three of the four hijacked airplanes. The documents, released by the National Transportation Safety Board (NTSB) on a FOIA request, were previously summarized in the 9/11 Commission Report. However, there are some minor differences–and certainly additional detail–to be found in the text:

For example, the NTSB transcript differs slightly from the Commission’s text of the warning that United Airlines Flight 93 received only minutes before the hijackers attacked. At 9:23am, the Aircraft Communications Addressing and Reporting System (ACARS) shows a text message to Flight 93 reading: “BEWARE OF ANY COCKPIT INTROUSION [sic]. TWO AIRCRAFT IN NY, HIT TRADE CNTER BUILDS [sic].” Five minutes later at 9:28am Flight 93 was sending the message “***(mayday)*** (hey get out of here) ***” as it was being hijacked.

The Flight Path Studies reconstruct the routes of American Airlines Flight 11, American Airlines Flight 77 and United Airlines Flight 175. Complied from recorded radar data and information from the Flight Data Recorders, the studies’ illustrations of radar ground tracks, maps and altitude profiles provide graphic guides to each hijacking and were used by the NTSB to determine the takeover points where the hijackers gained control of the planes.

For a reference point, you can access the first chapter of the 9/11 Commission Report here.

Looks like I’ll be holding down the fort from the US. I also am glad to be on board - thanks to Christian for including me.

Building on Dan’s commentary in the previous post, it’s noteworthy that UK Communities Secretary Ruth Kelly unveiled today a new Commission on Integration and Cohesion to start work in September. As described by the BBC, the commission is designed to “establish common values across society” and will tour the UK to better understand the economic and social gaps that exist between different ethnic groups. According to BBC:

…its work will include examining the fight against extremist ideas amid concerns from some Muslim leaders that they are not receiving enough help in combating the growth of radicalisation.

Muslim communities have been divided since the London bombings over how best to address radical movements associated with extremism, with some saying there is a small but serious problem and others denying terrorism is linked to Islamist thinking.

The commission is designed to carry on some of the research that followed riots in northern towns in 2001. Following that violence, experts warned the government some communities were leading “parallel lives” with little or no contact with each other.

In the wake of this month’s aviation plot, the commission will undoubtedly be pressed to provide recommendations to address the phenomenon of European extremism, which terrorism experts like Peter Bergen believe to be one of the “most pressing threats to America from al Qaeda.”

Like Christian, I’m headed to Europe for several weeks. Unfortunately, it’s conferences and meetings for me, and not vacation.

Harboring some worries about my scheduled return flight from Europe on the five year anniversary of 9/11, my first guest post is on the UK airline bomb plot and addressing Islamic radicalization in Europe.

I hope to post more from abroad. Glad to be on board.

Had the recent bomb plot against U.S.-bound flights from the U.K succeeded, it would have been the most spectacular terrorist attack since 9/11. It also would have been a brazen taunt to U.S. authorities: No matter what you do to protect airplanes, they are still not safe. Thwarting this latest attack was a huge law enforcement and intelligence success. But five years after 9/11, the plot also confirms that we have moved into a new stage in the war on terrorism, one that will require more tools than the military, law enforcement, intelligence, and homeland security solutions that have dominated our efforts to-date.

Islamic extremists’ fascination with airplanes has not abated, despite the nearly $20 billion we’ve spent since 9/11 to make them harder targets. Airplanes are ready-made for human casualties. They fit the bill for spectacular theater. And, Al Qaeda also places a premium on inflicting significant economic damage.

The often overlooked aspect of terrorists’ aviation fascination is that intercontinental air travel is a shining symbol of globalization. While many view the forces or modernization, mobility, and interdependence as forces of positive change, reaction against those forces feeds Bin Laden’s radicalism as well as the growing disaffection of segments of Europe’s indigenous Muslim youth, the young men behind the London transit bombings and this latest plot. In the reactionary worldview, globalization is an engine of western imperialism and injustice.

Arguably though, Bin Laden himself is a product of the globalizing trend, the son of a wealthy Saudi businessman and educated in engineering and business. Similarly, many of the 9/11 bombers were western-educated with technical and law degrees. As with the London transit bombings, many of these most-recent plotters were second-generation Pakistanis born and raised in UK. The westernized children are more radical than their first-generation immigrant parents. No irony is lost on the fact that the intended bombing paraphernalia included i-Pods and Gatorade bottles – two other icons of global capitalism.

The susceptibility of indigenous Muslim communities in Europe to terrorist radicalization is a vexing problem that will last for more than a generation. How do you prevent the alienation of young men from societies into which they were born? How do you counter or defuse the deep antipathy toward the U.S. that results from our foreign policy in the Arabic and Muslim world? How do you increase intelligence and law enforcement scrutiny of Muslims in Europe without fueling radicalism or alienating the overwhelming majority of law-abiding Muslim citizens?

Solutions will require patience and perseverance from societies that want security now. They will also require a greater engagement by “white” Europe of a “brown” Europe that it has traditionally tolerated but which it has never integrated. Policies must obviously include improving education, increasing economic opportunities, and bettering relations with police. At the same time, Muslims themselves must do more to turn their own against extremism. This is harder said than done, though: European Muslims who have cooperated with their governments have often lost credibility in their communities.

America’s war on terrorism has resorted to military solutions in Afghanistan and Iraq. Away from the hot wars, the counter-terrorism fight is banking on law enforcement, intelligence, and technology for its success: detect and prevent plots before they happen. As terrorist cells increasingly reflect autonomous and home-grown risks, however, it is unrealistic to think that detection and prevention will always succeed.

As we approach the fifth anniversary of 9/11, the United States and its allies must develop a strategy to defuse the threat of a “Eurabian” fifth column, extremists within European immigrant communities bent on attacking their own countrymen.

The military, intelligence, technology, and aggressive police work are the right tools against the symptoms of terrorism, but do little to address terrorism’s root causes. While tough-on-terror politicians scoff at “softer” tools, education, outreach, and better economic opportunities are the right counterweight to radicalizing influences. If we are serious about waging and winning the long war on terrorism we must bring every possible tool to bear. Our political leaders need to realize that while hammers are essential, all problems are not nails.

Daniel B. Prieto is Senior Fellow and Director of the Homeland Security Center at the Reform Institute. Previously, he was Research Director of the Homeland Security Partnership Initiative at the Kennedy School of Government at Harvard University.

I’ve posted nearly 1,000 times on this site in the last nine months, so I’m ready for a vacation, and am leaving town later today. I’m going to be out-of-pocket for the next two weeks, returning to DC on September 10th. I’m going to do my best to stay away from the blog during that time, although I might sneak in a post or two from an internet cafe. The previous post this morning contains the homeland security events list through the period of time that I’m away.

While I’m out, I’m turning over the site to two guest contributors, who will be posting as much or as little as they want under their own bylines.

The first is Kate Phillips, a former colleague of mine in the Homeland Security Program at the Center for Strategic and International Studies. Kate studied molecular biology at Princeton and will be finishing her master’s degree next spring (attention potential employers!) at the Johns Hopkins School of Advanced International Studies. She’s expert on a range of homeland security issues - bioterrorism, risk assessment, aviation security, etc. - and I predict that she will become Secretary of Homeland Security sometime in the mid-2020’s. You can reach her at this address if you would like to provide suggestions or feedback on any posts.

The second is Dan Prieto, a Senior Fellow at the Reform Institute, a centrist think tank here in the DC area. Dan worked previously on homeland security issues at Harvard’s Kennedy School of Government and as a professional staff member on the House Homeland Security Committee. He’s been a Council on Foreign Relations fellow and was an associate member of the Markle Task Force on National Security, among other prior affiliations. You can read his full bio here.

Both of them will have an open invitation to continue to post after I return. Although by no means do I expect to slow down my posting at the time - I should return tanned, relaxed and ready to bang out the next thousand posts.

Below is a list of homeland security policy events in the DC area over the next two weeks (as well as the occasional listing outside of DC), extended in this one instance through the period of time that I’m on vacation. You can always find current and previous postings under the “Events” category tab at right. And please note that many events require prior invitations and/or RSVPs.

In addition to the events mentioned below, the Families of September 11 website has a comprehensive list of commemorative activities and memorials around the country related to the fifth anniversary of 9/11.

8/29: Mississippi College Law Review symposium on Hurricane Katrina and its impact. Jackson, MS.
8/30: Avisian Identity in Government event on “Securing our First Response: FIPS-201 Products aid in disaster recovery.” National Press club, 7:30am.
9/6-9/7: Fifth North American Cargo Security Forum. Washington Hilton.
9/6-9/8: Pace University ‘Aftershock’ conference on “Rethinking the Future Since September 11, 2001.” New York City.
9/6-9/8: ICAO Symposium on Machine Readable Travel Documents. Montreal, Canada.
9/6-9/8: Technologies for Critical Incident Preparedness conference. Atlanta, GA.
9/7: Manhattan Institute event on “First Preventers: The Role of Law Enforcement in the War on Terror.” Roosevelt Hotel, NYC, 8:30am.
9/7: Wilson Center event with Bruce Hoffman on “Five Years After 9/11: Terrorism Trends and Implications.” 1300 Pennsylvania Ave NW, 4pm.
9/7: RAND Policy Forum with Brian Michael Jenkins on his new book “Unconquerable Nation.” 1200 South Hayes St., Arlington, 6pm.
9/8: AEI event on “Five Years Later: A Progress Report on U.S. Security Post-9/11.” 1150 17th St NW, 9am.
9/8: Cato Institute event on “The War on Terrorism Five Years after 9/11.” 1000 Massachusetts Ave NW, 9:30am.
9/10-9/12: 2006 Water Security Congress. Omni Shoreham Hotel, DC.
9/10: Discovery Channel special with Ted Koppel on “The Price of Security”, 8pm.
9/11: Radford University Homeland Security Conference. Radford, VA.
9/11: RAND Congressional Luncheon with Brian Michael Jenkins on his new book “Unconquerable Nation.” Location TBA, 12 noon.

(Please e-mail me if you have suggestions about additions to this list for this week, or future weeks).

Last Friday the Congressional Budget Office released their cost estimate for the Senate’s immigration and border security bill, S. 2611. The CBO estimates that the bill would increase direct spending on discretionary programs (assuming that authorized funding is appropriated) by $33 billion from 2007-2011, and $78 billion from 2012-2016, largely for border security activities. They also estimate that it would increase direct spending (i.e. for health, social services, Social Security) by $16 billion from 2007-2011, and $48 billion from 2012-2016. These latter costs assumed in the Senate bill derive from expected increases in outlays of benefits to people who are now illegally in the country (and are already paying many types of taxes) but cannot today receive certain federal benefits.

By contrast, CBO estimated that the House bill, H.R. 4437, would cost only $1.9 billion over the 2006-2010 period, although that estimate is somewhat deceiving. This estimate is for the manager’s amendment, not the final bill that passed the House after dozens of amendments were added to it. The estimate is for the authorization of certain border security and enforcement programs, and does not include any authorized funding for additional Border Patrol and construction along the border.

A Northwest Airlines flight from Schiphol airport in Amsterdam to Mumbai returned to Schiphol shortly after takeoff today, as the result of suspicious behavior by twelve people on the flight, who were using cell phones onboard, passing them among themselves, and disobey flight attendants during an early stage of the flight. The flight returned with F-16 escort and the 12 individuals are currently detained in accordance with Dutch law. No word yet on the identities of the 12 individuals and whether this is connected at all to terrorism (I’ve checked Dutch language sources in addition to English ones), and this could be nothing, but given the circumstances, it sounds like the authorities in the Netherlands acted appropriately.

Update (8/24): No link to terrorism.

The Department of Homeland Security issued a press release today detailing the results of border security activities over the past few months. The document is an improvement upon earlier press releases on this topic, in that it provides statistical context for some of its statements, for example, regarding ‘catch and release’:

– 99% Apprehended Now Being Detained For Return. In the week of August 7-13, 2006, U.S. Customs and Border Protection (CBP) apprehended 1055 non-Mexican illegal aliens at the Southern border, and released only 7 non-Mexican illegal aliens.

– Last Year Only 34% Detained. This year’s detention numbers are a dramatic improvement. For comparison, in January of this year, the number of apprehensions was significantly higher, and DHS was only able to detain half of the non-Mexican illegal aliens arrested. At this time last year, the detention rate was 34% of all non-Mexican illegal aliens apprehended.

This press statement is closely timed with Sec. Chertoff’s trip to Texas later this week, during which he will tour the border and speak at the Border Governors Conference in Austin on Thursday. It also comes as Congress prepares to return to DC to try to salvage the border bill, perhaps via a compromise such as the Pence-Hutchison plan. But given the political dynamics of the 2006 races (which discourage compromise in both parties), the persistent gap between the Senate and House on the issues, and the incendiary tone of the House’s theatric field hearings this month, the chances of passing a bill have significantly diminished in the last few weeks.

The Congressional Research Service issued a new report that looks at the definition, scope, and characteristics of homeland security intelligence (HSINT). It’s available for the first time on the Internet here at Homeland Security Watch:

RL33616: Homeland Security Intelligence: Perceptions, Statutory Definitions, and Approaches, August 18, 2006

The report attempts to address a question that hasn’t been fully answered yet: what do we really mean by “homeland security intelligence”? Is it a new intelligence discipline? Is it instead simply a constituency within the intelligence community? Or is it instead something new, that doesn’t easily conform to earlier intelligence paradigms, and requires new means of interaction and control?

The author of the report, Todd Masse, offers three potential ways to frame thinking about homeland security intelligence: (1) a geographic approach, i.e. focusing on where collection takes place; (2) a structural/statutory approach, focusing on who is doing the collecting; and (3) a holistic approach, that does not have formally delineated borders. About this final approach, Masse writes:

The approach recognizes no borders and is neither “top down” nor “bottom up.” It involves and values equally information collected by the U.S. private sector owners of national critical infrastructure, intelligence related to national security collected by federal, state, local, and tribal law enforcement officers, as well as the traditional “Ints” collected by statutory members of the IC. It involves strategic and tactical intelligence designed to prevent attacks on the U.S. homeland, as well as highly tactical and event-driven information coordination that must take place in response to a terrorist attack or national disaster. Yet such an approach also implies a level of information sharing between federal, state, local, tribal, and private sector information collection entities that does not appear to exist currently.

….Under the holistic approach, the HSINT community might include the 16 statutory members of the IC (as each collects national intelligence, or intelligence related to national security which could have a profound impact on homeland security); the National Counterterrorism, National Counterintelligence, National Counter Proliferation, and Open Source Intelligence Centers; the 14 existing private sector Information Sharing and Analysis Centers, scores of state and local law enforcement entities charged with gathering criminal intelligence, numerous state and regional “intelligence fusion” centers, and federal entities with law enforcement responsibilities which may collect intelligence related to national security. This holistic approach implies an interdependency between the diverse players of the statutory IC and the broader HSINT Community.

Building these interdependencies needs to be one of the most important objectives for our national security today. Unfortunately progress has been halting over the last five years, although I think the intelligence community has started to turn the corner within the last year. Organizations like the NCTC, the ISE office, and the many state/local fusion centers are gradually leading to a more interdependent HSINT community. But these efforts will be insufficient without a deep commitment to cultural change (tied to pay and promotion) in the intelligence community, one that eschews classification except when absolutely necessary (to allow rapid sharing with non-federal sources), promotes collaboration, and encourages information-sharing rather than information-hoarding.

Overall, a very thoughtful piece from CRS. And as always, the full Homeland Security Watch collection of CRS reports is available here.

Wired Magazine has a story today on a $12,000 nuclear detector built by a group of volunteer researchers in San Francisco:

Here on the San Francisco Bay, a group of do-it-yourself volunteer researchers are not waiting for the mushroom cloud. They say they are close to perfecting a portable device that could do much the same thing right now, for total out-of-pocket costs of about $12,000.

The group, led by physicist and Sandia Lab weapons subcontractor Stanley Glaros, says it has already built a boat-mounted scanner with off-the-shelf parts that might reliably spot radiation spikes in containerships at sea from a kilometer away. The team’s detector has been up and running for eight months, and the group plans to publish its test findings in the Review of Scientific Instruments.

“Can we detect hazardous material at a distance?” said Glaros. “Yes, easily.”

….the team is now testing a homemade detector based on a 4-inch by 4-inch by 16-inch sodium iodide crystal, custom grown by Saint Gobain, a subsidiary of Compagnie de Saint-Gobain headquartered in Paris, France. It is the same technology used in many monitors currently deployed at ports around the country. It will also be used in most of the new Advanced Spectroscopic Portals being purchased by DHS.

“The crystal is like Frodo’s sword,” explained a Glaros collaborator. “It starts to glow when the bad stuff’s around, kind of a blue fluorescence.”

Faced with a large-crystal scanner, terrorists would find it extremely difficult to hide 10 kilograms of Uranium 235, the amount needed to construct a first-generation Chinese- or Pakistani-designed weapon. To shield it, a terrorist “would have to get a shit load of lead bricks and put the source inside,” said Glaros. Theoretically, the device could also detect a Soviet era plutonium fueled suitcase bomb.

The article provides additional details on how this system works, and discusses the challenges about how to respond to a positive indication from a detector. If this system can do what it claims, then it’s something that DHS should consider for deployment on other vessels, essentially as a small “side bet” as part of its broader portfolio of intended nuclear detection capabilities.

As a response to the UK terror plot, the Science & Technology directorate of DHS posted this request for information on FedBizOpps.gov today:

In support of the ongoing effort by the Department of Homeland Security (DHS), Department of Defense (DoD), Federal Aviation Administration (FAA), and the Department of Energy (DOE), as well as the DOE National Laboratories and the commercial sector, it is DHS’s goal to investigate any and all potential detection technologies that may assist in the identification of explosive and flammable liquids.

In order to exhaust the list of technologies that are already being investigated and to enhance the opportunities for non-traditional vendors, the Science and Technology Directorate (S&T) of DHS is seeking potential sources of Bottle Screening Devices capable of detecting and distinguishing explosive and flammable liquids from benign liquids (drinks, lotions, hygiene products, contact lens solutions, etc.).

The anticipated application of these devices is screening bottles or other containers at passenger checkpoints, which will require the devices to have a 200 bottle per hour minimum throughput and must meet a minimum technology readiness level (TRL) of 5 or greater. This means that the basic technological components are integrated with reasonably realistic supporting elements so it can be tested in a simulated environment….

The deadline for the RFI is September 12th.

The New York Times has an important story today on the issue of the Passenger Name Record (PNR) and the role that it can play as a data input into the aviation screening system, in the wake of the foiled UK terror plot. The proposals discussed in the story seem to go beyond the currently-planned uses of PNR data, envisioning a broader system of data analysis using the PNR information, perhaps with a direct hook into the major Computerized Reservation Systems (e.g. Sabre, Galileo, Amadeus) that are the core information nodes of the global travel system:

A proposal by Homeland Security Secretary Michael Chertoff would allow the United States government not only to look for known terrorists on watch lists, but also to search broadly through the passenger itinerary data to identify people who may be linked to terrorists, he said in a recent interview.

Similarly, European leaders are considering seeking access to this same database, which contains not only names and addresses of travelers, but often their credit card information, e-mail addresses, telephone numbers and related hotel or car reservations.

….“Ideally, I would like to know, did Mohamed Atta get his ticket paid on the same credit card,” Mr. Chertoff said, citing the lead hijacker of the 2001 plots. “That would be a huge thing. And I really would like to know that in advance, because that would allow us to identify an unknown terrorist.”

Would there be direct security benefits from this type of analysis? Absolutely. Will the privacy loss from this outweigh its benefit? That depends, based upon different individual and national privacy values (and some people would object to the concept of even quantifying this). Are there ways to do this that are less invasive in terms of individual privacy? Definitely, including data anonymization and a system where individual countries and the reservation systems conduct data analysis themselves and share only the ‘hits’ against common watch list and indicators databases, without having to share the full stream of unwashed PNR data.

Update (8/23): More on this issue from Ryan Singel at 27BStroke6.

From the Guardian this afternoon:

Eleven of the 24 people arrrested in connection with the alleged aircraft bomb plot are to face charges, the Crown Prosecution Service announced today.

At a joint press conference, the head of the Metropolitan police’s anti-terrorist branch, revealed that investigations had found bomb making equipment, the chemical hydrogen peroxide and a number of “martyrdom” videos.

Deputy assistant commissioner Peter Clarke said police also had “highly significant” surveillance that would be used in evidence against the suspects.

Eight of the eleven have been charged with two offences of conspiracy to murder and a new offence of preparing acts of terrorism contrary to section five of the Terrorism Act 2006.

The other three have been charged with other offences under the Terrorism Act 2000.

The CPS said 11 others are still in custody and a woman has been released.

Here’s the link to the official release from the Crown Prosecution Service on the charges.

The DHS inspector general released a report today entitled “Additional Guidance and Security Controls Are Needed Over Systems Using RFID at DHS” which takes a comprehensive view of the Department’s use of RFID technology, building on work in recent IG reports (see here and here). The report gives DHS relatively positive marks for its use of RFID, one that belies a lot of the recent criticism of the Department’s use of the technology:

CBP, TSA, and US-VISIT have implemented effective physical security controls over RFID tags, readers, computer equipment, and databases supporting the RFID systems at the sites visited. No personal information is stored on the tags. Sensitive information is maintained in and can be obtained only with access to the system’s database.

Within this broader positive context, the report offers several points of criticism, but these are more about management and internal process than the actual use of the technology. The report concludes with the following recommendations to the DHS CIO:

• Develop and implement policy and guidance that addresses security controls for systems being implemented using RFID technology.
• Direct the DHS RFID Coordination Group to finalize its charter and ensure that all components using or planning to use RFID technologies are represented in the group.
• Ensure that components adhere to DHS information security procedures (that is, perform vulnerability assessments and review user access at least annually) for all systems using RFID technology.

This report probably won’t reassure the Spychips crowd, but it indicates to me that DHS is making progress at using RFID technology responsibly.

The new issue of Foreign Affairs arrived in the mail over the weekend. It contains an article by John Mueller, a professor at Ohio State University, with the unfortunately-timed title of “Is There Still a Terrorist Threat? The Myth of the Omnipresent Enemy.” In the piece, Mueller attempts to argue that there essentially is no meaningful terrorist threat from al-Qaeda to the United States anymore, an argument that seems highly dubious in light of the recently-revealed UK aviation plot. To be fair, that plot was uncovered after the publication deadline. But that doesn’t excuse the significant logical flaws in Mueller’s arguments.

At the beginning of the essay, Mueller writes:

But if it is so easy to pull off an attack and if terrorists are so demonically competent, why have they not done it? Why have they not been sniping at people in shopping centers, collapsing tunnels, poisoning the food supply, cutting electrical lines, derailing trains, blowing up oil piplines, causing massive traffic jams, or exploiting the countless other vulnerabilities that, according to security experts, could so easily be exploited?

One reasonable explanation is that almost no terrorists exist in the United States and few have the means or the inclination to strike from abroad.

Mueller then looks at the improvements in homeland security since 9/11. Commenting on the remaining gaps in elements of the nation’s infrastructure protection and border security, he wonders why terrorists haven’t struck again. He offers several explanations for this fact (a well-integrated U.S. Muslim community, terrorists biding their time), but then dismisses these arguments. Instead, he prefers this argument:

A fully credible explanation for the fact that the United States has suffered no terrorist attacks since 9/11 is that the threat posed by homegrown or imported terrorists — like that presented by Japanese Americans during World War II or by American Communists after it - has been massively exaggerated. Is it possible that the haystack is essentially free of needles?

Mueller goes on to try to defend this hypothesis by references to the fact that the FBI has uncovered few terrorist plots or groups in the United States since 9/11 (which is true, at least in the official record), by citing improved international cooperation in combating the terrorist threat, and by arguing that (in other words) that al-Qaeda has lost its mojo.

This entire chain of logic in the piece, as briefly summarized above, is flawed in its failure to note these three real phenomena:

1. Deterrence: Mueller fails to consider or acknowledge that new protective and/or intelligence measures by the United States and other countries have had a deterrent effect on the movement, entry, and activities of potential terrorists for U.S.-based plots, above and beyond their protective and interdictive functions.
2. Layered Security: In Mueller’s identification of gaps in homeland security, he writes as if these weaknesses are single points of failure that should lead directly to an attack, not considering the fact that there are multiple layers of security in our system, none of them flawless, but that together make it more difficult to plan and execute an attack.
3. Desire to Surpass 9/11: Mueller doesn’t even mention the solid hypothesis that al-Qaeda is biding its time in terms of attacking the United States so that its next attack will be equal to or more “spectacular” than 9/11. For example, the revelations in Ron Suskind’s recent book “The One Percent Doctrine” about the ‘mubtakkar’ subway plot support this theory.

Finally, the last section of the article throws out these cheap canards:

But while keeping such potential dangers in mind, it is worth remembering that the total number of people killed since 9/11 by al Qaeda or al Qaeda-like operatives outside of Afghanistan and Iraq is not much higher than the number who drown in bathtubs in the United States in a single year, and that the lifetime chance of an American being killed by international terrorism is about one in 80,000–about the same chance of being killed by a comet or meteor.

It drives me crazy when people use statistics in this fashion to try to demean the risks that we face from international terrorism. And Mueller uses them in very misleading ways. First, they’re highly selective - notice the decision to remove Afghanistan and Iraq from the totals. Second, they’re wrong. This document notes that there were 341 bathtub drownings and 332 bathtub drownings in recent given years (2000, 2003). Assuming that this statistic falls within a predictable range each year, it’s a lot lower than the combined casualties from al-Qaeda-related attacks in Madrid, London, Moscow, Amman, Riyadh, and Bali, among many other cities, over the past five years. (Did Foreign Affairs fact-check this? And the comet/meteor statistic?) Third, it’s misleading to compare accidental deaths, which government in most cases has little ability to prevent beyond existing product safety activities, to acts of international terrorism where government’s role is paramount and the consequences of an attack far exceed its raw casualty total. Fourth, and most importantly, this type of analysis is retrospective, failing to acknowledge that future attacks could be much more severe then anything we’ve seen so far.

The Memorial Institute for the Prevention of Terrorism (MIPT) published their 2006 Terrorism Annual yearbook recently, which contains the following articles:

• Change and Continuity in Terrorism Revisited: Terrorist Tactics, 1980–2005
• Maritime Terrorism in the Contemporary Era: Threat and Potential Future Contingencies
• Ready to Detonate: The Diverse Profiles of Female Bombers
• Subversion and Terrorism: Understanding and Countering the Threat

The last part of the report contains terrorism statistics for 2005, derived from the RAND-MIPT Terrorism Incidence database.

The Federal Register today contains a notice from the Coast Guard and TSA regarding the Transportation Worker Identification Credential (TWIC) program, announcing a decision to modify the earlier Notice of Proposed Rule Making, following pressure from members of Congress about the rules:

TSA and Coast Guard have concluded that facility and vessel owners and operators will not be required to purchase or install card readers during the first phase of the TWIC implementation. Additionally, a requirement to purchase and install card readers will not be implemented until the public is afforded further opportunity to comment on that aspect of the TWIC program. The details of this approach will be explained in the next rulemaking.

Washington Technology reported last week that biometric industry representatives are upset about this change, which presumably cuts into their revenue estimates for TWIC. If there are legitimate concerns about which technologies to use (an issue that is hamstringing the similar PASS program) then it makes sense for a slight delay to work these out. But this change should not permanent, because it undermines the core rationale for the TWIC program of being able to reliably validate the IDs of workers at a port.

The Washington Post had a story on Sunday about the Science and Technology (S&T) directorate at DHS, a piece written in the wake of recent coverage about gaps in aviation security research over the last few years. The article does a solid job of summarizing some of the difficulties that S&T has faced since it was created 3 1/2 years ago. A passage from it:

Despite spending billions of dollars to defend against everything from dirty bombs to anthrax, the administration has not delivered a coherent long-term strategy to underpin its rhetoric, said Albert H. Teich, director of science and policy programs at the American Association for the Advancement of Science (AAAS).

Budgets have fluctuated, and personnel has turned over at a rapid rate, according to many who have worked with the department. Nearly all Homeland Security Department research activities will be cut for the first time next year, Teich said.

“The fundamental question that has not been answered adequately is: Where does science and technology fit into this country’s homeland security strategy?” said Michael A. Levi, a fellow at the Council on Foreign Relations.

The Science and Technology Directorate was formed after the Sept. 11, 2001, attacks to set national priorities and end the fragmentation across the government of research into weapons of mass destruction. Its mission includes deploying state-of-the-art detection systems and developing new kinds of response gear, as well as assessing emerging threats.

But with DHS’s well-documented start-up problems, the S&T Directorate has been thinly staffed and deprived of money. Its reorganization was put on the back burner by Secretary Michael Chertoff, who took over in March 2005. Meanwhile, its management problems sapped the confidence of administration officials and congressional funders, analysts said.

I think this assessment is generally correct, and I think the two key words in this passage are “thinly staffed.” There are a lot of good people in the S&T directorate, but not enough of them, and too much of the management and strategic work of the directorate has been outsourced to other government labs and outside contractors. There’s not enough “there” there. It makes sense for outside entities to be doing the actual research and development, but there needs to be a more dynamic core. Hopefully Adm. Jay Cohen’s new leadership and S&T’s pending reorganization will address these gaps and strengthen the directorate.

My only critique of the story is that its claim that the budget for S&T is being cut in half is misleading, since a very large share of that cut is the result of a shift of R&D funds to the Domestic Nuclear Detection Office. But overall, an interesting story.

Brian Michael Jenkins from RAND, one of the foremost terrorism experts in the world who has been studying the subject since the 1970s, released a new book this week, entitled “Unconquerable Nation: Knowing Our Enemy, Strengthening Ourselves.” The full text of the book is available at this link in PDF format. It’s the first full-length book that Jenkins has written since 9/11, and well worth the wait; it’s one of the best analyses of how we’ve waged the war on terror over these last five years, and offers solid recommendations about the course we need to follow in the coming years.

Jenkins takes the title of the book from Sun Tzu: “Being unconquerable lies with yourself.” His overarching point in the book that America’s ability to prevail in the war on terror depends on a ethos of clear resolve and patient discipline, not fear and hasty reactive gestures. On that point, he writes:

This philosophy alters Americans’ mental model of today’s conflict. It elevates the necessity of knowing the enemy, something we have not made sufficient effort to do. It moves us from relying almost exclusively on the projection of military power and viewing homeland security as physical protection to mobilizing our spirit, courage, and commitment. While we strive to destroy our terrorist enemies by reducing their capabilities, thwarting their plans,
frustrating their strategy, and crushing their spirit, we must also rely on our own psychological strength to defeat the terror they would create. Instead of issuing constant warnings and alarms, we must project stoicism and resolve. Instead of surrendering our liberties in the name of security, we must embrace liberty as the source and sustenance of our security.

The section on “Basic Beliefs” from pages 14-16 distills his key observation about the war on terror over the last five years:

– The enemies we face have changed fundamentally.
– Patterns of armed conflict have also changed.
– Unrelenting pressure on the al Qaeda organization and its terrorist allies has forced the jihadists to operate at a lower, but still lethal, level. However, the United States has neglected the political war.
– Although President George W. Bush warns Americans that “the war on terrorism will take a while,” it is not clear that either those in the administration or average citizens at home fully comprehend what that means—or the great challenge it presents, especially to an impatient society.
– Americans must be ferociously pragmatic for the long term.
– The invasion of Iraq was a dangerous distraction.
– In the longer struggle against the jihadists and future terrorist foes, we will ultimately prevail.
– America’s courage is its ultimate source of security.
– Homeland security begins at home.
– Whatever we do, American values must be preserved.

These may be truisms, but if so, they’re important ones, and they aren’t discussed enough in the dialogue between our nation’s leaders and the American public today. As a result, too many people in the United States are unable to put threats to the nation in context, and become overly influenced by fear. Too many people expect perfect security, an unrealistic objective in a free society. Too many people believe that you can win the war on terror by taking moral or legal shortcuts, and don’t account for the long-run negative impact that these decisions have on our ability to build the foundations of support that we need at home and abroad to be successful. And too many people believe that it can be won without shared sacrifice and civic participation, something that our nation’s leaders have not asked the entire American people to make on the homefront.

Chapter Five of the book concerns homeland security. Before I summarize it, let me implore you to read the whole chapter, not just this overview. He begins the chapter by analyzing the millenial tensions and the changes in societal context - a globalized economy, dangerous new technologies - that created a kind of “fin de siècle apprehension” even before 9/11. The attacks of 9/11 made this national mood combustible, putting the country on edge, but in a “schizophrenic” way: “Dire warnings of imminent danger were accompanied by admonitions for Americans to go on about their business as usual.”

He then describes how post-9/11 uncertainties caused a shift in the nation’s risk analyses from “threat-based assessments” to “vulnerability based-assessments.” Because the threats were amorphous and often unknowable, officials were forced to look at vulnerabilities. But vulnerabilities are everywhere in a free society, causing a scramble for prioritization. Jenkins describes how this competition for resources leads to “threat advocacy,” which different stakeholders and interest groups competing to highlight their vulnerabilities, and officials and the media focusing attention on the latest attack or plot, rather than developing a consistent risk-based framework that prioritizes resources and can combat multiple threats simultaneously.

Jenkins then offers a series of principles and recommendations about how the United States can better “face the foe within,” as summarized in this paragraph:

We need to spend the next several years doing things very differently. We need to get more realistic about risk. We need to increase preparedness by educating and mobilizing all Americans to participate in homeland security. Amid the proliferating bollards and barriers and gates and guards, we need to understand security better and to accept its limitations—yet we must also take the opportunity to rebuild America’s decaying infrastructure. We need to improve local intelligence without succumbing to national paranoia about “sleeper cells” and fifth columns. We need to build a better legal framework for preventive interventions against terrorists, but we also need to ensure proper oversight to prevent the abuse of those preventive interventions. In all these areas of conduct, we need to remember our core national values and to uphold them as we move forward. Otherwise, the terrorists will truly have won, even without following through on any of their plans of attack. Their terror alone will have sufficed. We will have unilaterally surrendered.

Each of these excellent points is covered in more detail in the section that follows, from pages 153-176. The section entitled “Enlist the Public” is particularly good. Jenkins writes:

The best way to increase our ability as a nation to respond to disasters, natural or man-made, is to enlist all citizens through education and engagement, which also happens to be a very good way to reduce the persistent anxieties that afflict us. We have not done this.

The federal government’s decision to tell citizens to go on living their lives, offering only the vague admonition to be vigilant, has “encouraged dependency,” rather than “promoting self-reliance,” Jenkins says. He argues that there needs to be a much strong commitment to public education on homeland security, and that doesn’t mean websites and pamphlets. Instead, he says:

We need to aggressively educate the public through all media, in the classrooms, at town halls, in civic meetings, through professional organizations, and in volunteer groups. This means more than speeches in front of the American flag. The basic course should include how to deal with the spectrum of threats we face, from “dirty bombs” to natural epidemics, with the emphasis on sound, easy-to-understand science aimed at dispelling mythology and inoculating the community against alarming rumors and panic.

He goes on to talk about other elements of civic education and preparedness, one that resembles the concept of “total security” utilized in Scandinavian countries (see this book for more info).

I could go on with the review, but I’ll stop there, and finish by noting that the book contains an excellent bibliography, taken from Jenkins’ own library and broken into a number of categories. Overall, an excellent book - highly recommended.

German authorities today disclosed a terror plot targeted at regional trains that was disrupted several weeks ago, as reported by Deutsche Welle:

Two suitcases containing bombs and found on trains in Germany were likely to have formed part of a terrorist plot, German investigators said Friday.

The bombs were found in the German cities of Dortmund and Koblenz on July 31 with German Criminal Police Office (BKA) chief Jörg Ziercke saying that were arranged to explode simultaneously at 2:30 p.m. Neither of the bombs was detonated.

“It’s more likely than unlikely that there was a terrorist background,” Ziercke told a news conference in Wiesbaden. If the around 25-kilo (55-lb.) suitcase bombs had exploded they would have lead to “a fireball” in the train carriages and an “indeterminate number of injured and possible deaths,” he said.

Speaking in Berlin Friday, German Interior Minister Wolfgang Schäuble also warned that Germany should brace itself for similar attempts. “Unfortunately, we must assume that the danger of a repeat of these attempted attacks.”

The recent plot that this most resembles is the Madrid bombings, which were also targeted at regional commuter trains, and detonated with near-simultaneity. German authorities released pictures of men that they believe were connected to the plot, taken from video surveillance of train stations - another proof point for the value of this technology. Coverage of the story in the Frankfurter Allgemeine Zeitung (in German) notes that a menu from a restaurant in Lebanon was found near one of the bombs, a potential hint (or deliberate false lead?) about the origin of the plot.

Update (8/19): One of the suspects has been arrested.

Below is a list of homeland security policy events in the DC area next week (as well as the occasional listing outside of DC). I post a list each week and will sometimes update mid-week when I find new items. You can always find current and previous postings under the “Events” category tab at right. And please note that many events require prior invitations and/or RSVPs.

8/21-8/22: Systems Integration in Biodefense conference. Ritz Carlton DC, 1150 22nd St NW.
8/21-8/25: 2006 DHS Security Conference and Workshop. Baltimore, MD.
8/22-8/24: Infragard 2006 National Conference. Renaissance Washington Hotel, 999 Ninth St NW.
8/22: Center for American Progress event on “Disaster: A Look at the Response and Recovery One Year After Katrina” with the authors of the new book Disaster. National Press Club, 529 14th St NW, 1pm.
8/22: Airport and Seaport Inspections User Fee Advisory Committee meeting. 1300 Pennsylvania Ave NW, 1pm.
8/23: George Mason University Mercatus Center event on “The Crisis of Katrina: Lessons for Preparedness and Response.” National Press Club, 529 14th St NW, 9am.
8/23: Women in Government Relations Homeland Security Task Force meeting. Canadian Embassy, 501 Pennsylvania Ave NW, 12 noon.
8/24: Heritage Foundation event on “Grassroots Response: Citizens Taking Care of Citizens During Disasters” with former Virginia Gov. Gilmore et al. 214 Massachusetts Ave NE, 10am.
8/24: Center for Immigration Studies event on employment verification. 1522 K St NW, Suite 820, 12 noon.

(Please e-mail me if you have suggestions about additions to this list for this week, or future weeks).

The C-Span website links today to an interesting new report from the Partnership for Public Service that analyzes the media coverage of Hurricane Katrina and its aftermath over the last twelve months:

Covering Katrina: Trends in Katrina Media Coverage Initial Analysis from the Top Ten National Newspapers and Ten Gulf Coast Newspapers

The three key findings from the report, none of which are particularly surprising:

– Katrina Received 10x the Coverage as Florida Hurricanes. The top ten papers in the country published 13,901 articles mentioning Hurricane Katrina in the eleven months following the storm. The ten selected Gulf Coast papers published 23,348 articles during that time. By comparison, all four of the hurricanes that struck Florida in 2004 drew less than 10% of coverage of Katrina in both the top ten and the Gulf Coast newspapers.
– Stories Were More Likely to Connect FEMA, Government with Fraud, Waste. ‘Fraud’ and ‘waste’ are more than twice as likely to appear in articles that mention FEMA as in those that do not. About 9% of the stories in the top ten papers and 11% of the stories in the Gulf Coast papers that mention FEMA also mention waste or fraud.
– Poverty and Lessons Learned Received Little Coverage. Poverty coverage was initially very limited and even less sustained than overall coverage. By November 2005, less than 4% of national coverage and less than 2% of Gulf Coast coverage mentioned poverty. Discussion of issues related to governmental reform and lessons learned from the event were even less a part of the stories. Overall, less than 1% of the Katrina stories in top ten or Gulf Coast newspapers mentioned ‘lessons learned’.

And the report concludes by suggesting the need for more stories on the following topics:

These topics include issues such as improving human capital management, emphasizing better collaboration and coordination between government agencies and among government and non-government organizations during a disaster, and focusing on long-term prevention and mitigation strategies that reduce the likelihood of another disaster like Katrina.

More evidence from the Washington Times that the deployment of National Guard troops to the US-Mexico border was and is a bad idea from a cost and security standpoint:

National Guard troops deployed along the U.S.-Mexico border as part of President Bush’s plan to free U.S. Border Patrol agents have been assigned bodyguards — some of the same agents the soldiers were sent to relieve.

Several veteran Border Patrol agents in Arizona told The Washington Times they were issued standing orders to be within five minutes of National Guard troops along the border and that Border Patrol units were pulled from other regions to protect the Guard units — leaving their own areas short-handed.

The agents, who refer to the assignment as “the nanny patrol,” said most of the Guard troops are not allowed to carry loaded weapons, despite a significant increase in border violence directed at Border Patrol agents and other law-enforcement personnel over the past year.

The National Border Patrol Council (NBPC), which represents all 10,000 of the agency’s nonsupervisory agents, said the presence of more than 6,000 Guard troops on the border has allowed a few hundred agents to be reassigned from administrative to field duties, but that “about the same number are now assigned to guard the National Guard troops.”

I have a lot of respect for the difficult, thankless work that the National Guard and the Border Patrol do. But I’ve thought that this deployment was a bad idea from day one, and this story exposes the decision to deploy these National Guard troops for what it is: a political exercise that runs contrary to everything that Sec. Chertoff espouses about a risk-based approach to border security. (And it’s contrary to what Sec. Chertoff thought five months before the decision was made). There are so many other ways in which the $756 million/year that we’re spending for this initiative could be better used: fully funding the DNDO instead of slashing its budget, increasing the Department’s intelligence budget, staffing up a chemical security oversight office, etc. It’s a shame that political exigencies are trumping solid risk-based threat and vulnerability analysis on this issue.

An interesting story today from the AP that looks at security activities at Port Newark, and recounts an incident there several years ago:

Five years ago, as he stood next to the trailer that was hauled from Port Newark, the cell phone of Kevin McCabe, the seaport’s chief inspector for what would later become the U.S. Department of Homeland Security, bleated urgent rings from high-level state and federal officials demanding to know what was inside the container.

“I told them, `We don’t know yet, but I’m standing about three feet away from it, so if anything happens, I’ll be the first to know,”‘ McCabe recalled.

Sweat poured and pulses raced as authorities pondered what their next move should be. They were minutes away from a decision to shut down the seaport, Newark International Airport, and part of the New Jersey Turnpike.

Just in time, more sophisticated radiation detection equipment arrived from New York City in an unheard-of 22 minutes, and was able to determine that the cargo inside was harmless, and that the readings were generated by bolts of Egyptian carpet, a source of naturally occurring radiation.

“The economic consequences of shutting those things down would have been immense, but we were afraid we could have had a real potential catastrophe on our hands,” McCabe said.

This story raises an interesting question: what are the appropriate conditions for a decision to shut down a port, in response to a suspicious incident? It’s also a timely question, in the wake of a similar scare that shut down part of the Port of Seattle earlier this week. The reaction to this recent incident was less severe than the potential consequences described in the Newark anecdote above, but we’re still operating in a mode where the natural reaction to an anomalous incident is to escalate the response in a way that is disruptive to port operations.

Perhaps this is the only good option, given the need to quickly protect people and mitigate against the potential consequences of a threat. Or are there ways to improve system awareness and not be forced to make these costly decisions? This is a challenging issue for the agencies responsible for port security, and one that is easy to second-guess after any incident. I hope and expect that the key agencies (e.g. Coast Guard, CBP, FBI, local entities) will continue to work on this issue, consistent with the Maritime Operational Threat Response plan, and make the port system more resilient in the face of these threats.

This Daily Show clip from Wednesday night delivers a deserved smackdown of CNN’s “Target: USA” day of coverage on Monday in the wake of the aviation security plot:

The media plays a valuable and necessary role in terms of educating the American public about homeland security and highlighting threats and vulnerabilities that the government has not adequately addressed. Often this is the only effective way to spur the government into action in certain areas. But when this news as presented as an endless litany of threats, without due regard for which threats are the greatest priorities from a risk-based perspective, then that only serves to confuse people and inspire fetal position-inducing fear in the general public.