Homeland Security Watch

News and analysis of critical issues in homeland security

February 8, 2012

Supply chain testimony

Yesterday several DHS officials and others were on the Hill giving testimony related to the new National Strategy for Global Supply Chain Security.  Please see: http://homeland.house.gov/hearing/subcommittee-hearing-balancing-maritime-security-and-trade-facilitation-protecting-our-ports

Three quick impressions:

1. Constructive example of “stovepipes” being brought together around a supposedly stovepipe-busting strategy.

2. The tension between security and resilience is real, persistent, and difficult to effectively engage.   Security is tough enough.  Resilience requires even more creativity.

3. It is striking to have a hearing on this topic without hearing directly from the private sector as well.

This is an early step in rolling-out the new strategy.  Much more to come.

April 3, 2010

TSA: Turning to Mass Transit & Passenger Rail

Filed under: Ground Transport Security,Mass Transit & Rail Security,Terrorist Threats & Attacks — by Jessica Herrera-Flanigan on April 3, 2010

Monday’s suicide bombing in Moscow’s subway system reminded us of the threat to subway and train systems.  While much of our attention has focused on aviation security in recent months, the bombing reminds us that rail systems remain an easy target for terrorists and militant groups hoping to cause damage. While the U.S. has avoided such an attack, the last fifteen years have seen several attacks carried out around the world against such systems, as well as one thwarted attack here in the U.S., including the following incidents:

  • 1995: Sarin gas is released by members of Aum Shinrkyo on several lines of the Tokyo Metro that were passing through key areas of the Japanese government, killing 13 people and injuring countless others.
  • 1995: Over a period of four months, several gas bottles exploded on the RER and the Metro in Paris, killing  8 and wounding more than 100 people. The attacks were attributed to the Armed Islamic Group.
  • 2004: In February, a suicide bomber killed 41 people and injured more than 120 in an explosion on the Moscow metro system.   Individuals linked to the militant Nikolai Kipkeyev were found guilty.  In August, Kipkeyev died when a female suicide bomber he was escorting into a Moscow subway panicked upon seeing a police officer and detonated her bomb, killing 8 people and wounding 50 others.
  • 2004: A series of coordinated bombings take place on Madrid’s Cercanias commuter train, killing 191 people and wounding 1800 others.  A direct connection to Al Qaeda is not found, though Spanish authorities determine that the attacks were done by by an Al-Qaeda-inspired terrorist cell.
  • 2005: A series of coordinated suicide attacks occur on London’s mass transit system, carried out by four British Muslim men, killing 52 people and injuring more than 700.
  • 2006:  Seven bombs explode on the Suburban Railway in Mumbai, killing 209 and injuring more than 700.  The bombings were believed to be carried out by Lashkar-e-Toiba and the Students Islamic Movement of India.
  • 2009: Najibullah Zazi is arrested in Denver for planning suicide bombings on the New York City subway system.  On February 22, 2010 he pled guilty and admitted that he was recruited by Al-Qaeda in Pakistan to blow up the New York City subway.

So who is responsible for coordinating the U.S. rail and subway security systems here in the U.S.?  The Transportation Security Administration (TSA).  Not only must TSA focus on aviation security (without an Administrator in place), it must also focus on mass transit and passenger rail security.  According to the TSA’s website, it does so by seeking to:

advance mass transit and passenger rail security through a comprehensive strategic approach that enhances capabilities to detect, deter, and prevent terrorist attacks and respond to and recover from attacks and security incidents, should they occur. TSA’s strategic priorities for mass transit and passenger rail security are:

* Focus efforts to mitigate high consequence risk to transit assets and systems, particularly underwater and underground infrastructure;

* Expand employment of random, unpredictable deterrence; and

* Build security force multipliers with training, drills and exercises, and public awareness

According to the FY 2011 DHS Budget Request, TSA is undertaking the following activities to secure mass transit, passenger rail, and bus:

  • shareholder collaboration with key stakeholders through its Regional Transit Security Working Group, which identifies regional priorities and resolves security needs.  Much of TSA’s regional work is focused on Tier 1 Transit Security Grant Program cities, including New York City, Boston, D.C., Philadelphia, Chicago, Los Angeles, and San Francisco.
  • working with the American Public Transportation Association to develop consensus-based security standards for mass transit.
  • engaging in its “layered security operational test bed” to test operational and technological solutions for mass transit and passenger rail facilities.

In FY 2011, TSA requested $97.6 million to support its Surface Transportation Inspection Program and explosive detection canine program, a $29.4 million increase from FY 2010.

In terms of funding support for local mass transit areas, the Transportation Security Grant Program has requested $300 million for FY 2011. This money is allocated on a risk-based approach to eligible mass transit and bus systems, as well as to Amtrak, to enhance security measures on critical transit infrastructure.  Guidelines for the distribution of these funds are given in the DHS Appropriations bills, as well as in the Implementing Recommendations of the 9/11 Commission Act of 2007.

So how well is TSA doing on its efforts to better secure rail and and subway systems?  In a report entitled Transportation Security: Key Actions Have Been Taken to Enhance Mass Transit and Passenger Rail Security, but Opportunities Exist to Strengthen Federal Strategy and Programs released last June, the Government Accountability Office commended TSA for taking key steps to strengthen the systems.  At the same time, it noted that TSA faced a number of challenges hindering its success. Specifically, GAO found that TSA had not fully combined its assessments of threat, vulnerability, and consequence to conduct its risk assessments.  The GAO also noted that TSA faced a number of coordination challenges- both with industry and other agencies at the state, local, and federal levels.  Information sharing of security information remained a challenge, as did concerns regarding “potential costs and the feasibility of implementing pending employee security training requirements.”

The need to strengthen the federal relationships with transit agency officials across the country is one that also appeared in another June 2009 GAO report entitled, Transit Security Grant Program: DHS Allocates Grants Based on Risk, but Its Risk Methodology, Management Controls, and Grant Oversight Can Be Strengthened. In the report, the GAO noted that management and resource issues have resulted in delays in approving projects and distributing funds. According to the report, as of February 2009, transit agencies having spent only $21 million of the $755 million that had been awarded between 2006 and 2008.  To correct the shortcomings, GAO recommended that DHS strengthen its methodology for determining risk by developing a “cost-effective method for incorporating vulnerability information into future iterations of the” Transportation Security Grant Program.

It is safe to say that like much of TSA’s efforts on aviation security, its mass transit and passenger rail efforts remain a work in progress – showing some movement forward and continually evolving but in need of improvement.  Unfortunately, like our efforts in aviation security, many efforts remain reactionary in nature.  After the bombing in Moscow, a number of transit agencies across the nation beefed up their security, assigning more police, increasing K-9 teams, and conducting random station sweeps.  During those efforts, vulnerabilities were uncovered. For example, in New York City, the Associated Press reported that more than 4,000 security cameras in its subways were not working and that the Metropolitan Transportation Authority had cut the number of police patrols throughout its systems.

While the U.S. has been fortunate to not have seen a successful attack carried out on a domestic mass transit and passenger rail system, its efforts to secure such systems should be prioritized and expanded.  In particular, an increased focus on risk-based grants, information sharing of key intelligence with relevant stakeholders, and identifying and deploying preventive technologies are key to strengthening our mass transit and passenger rail systems.