Airline Security: Gentle Solutions to a Vexing Problem
By Fred Burton and Ben West
U.S. President Barack Obama outlined a set of new policies Jan. 7 in response to the Dec. 25, 2009 Northwest Airlines bombing attempt, which came the closest to a successful attack on a U.S. flight since Richard Reid's failed shoe-bombing in December 2001. As in the aftermath of that attempt, a flurry of accusations, excuses and policy prescriptions have emanated from Washington since Christmas Day concerning U.S. airline security. Whatever changes actually result from the most recent bombing attempt, they will likely be more successful at pacifying the public and politicians than preventing future attacks.
At the heart of President Obama's policy outline were the following key tactics: pursue enhanced screening technology in the transportation sector, review the visa issuance and revocation process, enhance coordination among agencies for counterterrorism (CT) investigations and establish a process to prioritize such investigations. While such measures are certainly important, they will not go far enough, by themselves, to meaningfully address the aviation security challenges the United States still faces almost nine years after 9/11.
Holes in the System
For one thing, technology must not be seen as a panacea. It can be a very useful tool for finding explosive devices and weapons concealed on a person or in luggage, but it is predictable and reactive. In terms of aviation security, the federal government has consistently been fighting the last war and continues to do so. Certain practical and effective steps have been taken. Hardening the cockpit door, deploying air marshals and increasing crew and passenger awareness countered the airline hijacking threat after 9/11; requiring passengers to remove their shoes and scanning them prior to boarding followed Reid's 2001 shoe-bombing attempt; and restrictions on liquids and gels followed the 2006 trans-Atlantic plot. Not enacting these measures would have meant not learning from past mistakes, and they do ensure that unsophisticated "copycat" attackers are not successful. But such measures -- even those that are less technological -- fail to take into account innovative militants, who are eager and able to exploit inevitable weaknesses in the process.
Even advanced body-imaging systems like the newer backscatter and millimeter-wave systems now being used to screen travelers cannot pick up explosives hidden inside a person's body using condoms or tampons -- a tactic that was initially thought to have been used in the Aug. 28 assassination attempt against Saudi Deputy Interior Minister Prince Mohammed bin Nayef. (It is now believed that the attacker in that case used an underwear bomb like the one used in the Christmas Day attempt.) Moreover, X-ray systems cannot detect explosives cleverly disguised in carry-on baggage or smuggled past security checkpoints -- something that drug smugglers routinely do.
Preventing attacks against U.S. airliners would require unrealistically invasive and inconvenient measures that the airline industry and American society are simply not prepared to implement. El Al, Israel's national airline, is one international carrier that conducts thorough searches of every passenger and every handbag, runs checked luggage through a decompression chamber and has two air marshals on each flight. The airline also refuses to let some people (including many Muslims) on board. While these practices have been successful in preventing terrorist attacks against the airline, they are not in line with American and European culture and President Obama's insistence that measures remain consistent with privacy rights and civil liberties. It is also economically and politically unfeasible for major U.S. airlines operating hundreds of flights per day from hundreds of different cities to impose measures such as those followed by El Al, an airline with fewer planes and a smaller area of operation.
And as long as U.S. airport security relies on screening techniques that are only moderately invasive, there will be holes that innovative attackers will be able to exploit. While screening technology is advancing, there is nothing in the foreseeable future that would be able to do more screening with less invasiveness. The U.S. prison system grapples with the same problem, and even there, where inmates are searched far more invasively than air travelers, contraband is still able to flow into facilities.
Focusing on the visa issuance and revocation process also leaves holes in the system. The Christmas Day bomber, Umar Farouk Abdulmutallab, had been given a multiple-entry U.S. visa, which allowed him to travel to the United States. When Abdulmutallab's father expressed concerns to officials at the U.S. Embassy in Abuja, Nigeria, on Nov. 19, 2009, that his son might have been involved with Yemen-based Islamist militants, Abdulmutallab's name and passport number were sent from the U.S. Embassy in Abuja to Washington and placed in the "Visa Viper" system, which specifically pertains to visas and terrorist suspects. His name and passport number were also logged into the Terrorist Identities Datamart Environment, but not the "no-fly" list.
This standard operating procedure (which does not automatically result in a visa revocation) passed the responsibility from the CIA agents who spoke to Abdulmuttalab's father on to the U.S. State Department, where agents unfamiliar with the specifics of the case did not, apparently, decide to act on it. In hindsight, the decision not to take the father's warning more seriously appears to be a glaring mistake, but in context it seems less obvious. The father's tip was vague, with little indication of what his son was up to or, more important to U.S. CT agents, that he was planning even to travel to the United States, much less attack a U.S. airliner.
The possibility of yet another jihadist suspect emerging in the Middle East does not pose an existential threat to the United States, so this raises the third challenge: prioritizing CT investigations. Vague warnings such as the tip from Abdulmuttalab's father spring up constantly throughout the world and CT investigators have to prioritize them. Only the most serious cases get assigned to an investigator to follow up on while the rest are filed away for future reference. If the same name pops up again with more information on the threat, then more action is taken. U.S. CT agents are most concerned about specific threats to the United States, and with no actionable intelligence that Abdulmutallab was plotting an attack against the United States, his case was given a lower priority.
Nevertheless, not acting immediately on the father's vague threat proved to be a near-fatal move. This highlights the danger of the unsophisticated, ill-trained militant, referred to in U.S. CT circles as a "Kramer jihadist" (after the bumbling character in the sitcom "Seinfeld"). By himself, a Kramer jihadist poses a minimal threat, but when combined with a trained operative or group, he can become a formidable weapon. Abdulmutallab had been radicalized, but there is nothing to suggest that he had extensive jihadist training or any tactical expertise. He was simply a willing agent with a visa to the United States. When put in the hands of a competent, well-trained operator (such as those involved with al Qaeda in the Arabian Peninsula), a Kramer jihadist can be outfitted with a device and given a support network that could supply him with transportation and direction to carry out an effective attack. There are simply too many radical Islamists in the world to investigate each one, but immediately revoking visas to keep suspects off U.S. airliners until they can be investigated further is a fairly simple process and would be an effective deterrent.
Finally, the lack of coordination among agencies in CT investigations is an old problem that dates back well before 9/11. This challenge lies in the fact that the U.S. intelligence community is broken up into specific agencies -- each with its own specific jurisdiction and incentive to leverage its power in Washington by controlling the flow of information. This system ensures that no single agency becomes too powerful and self-interested, but it also fractures the intelligence community and bureaucratizes intelligence sharing.
National Counterterrorism Center
In order to investigate a case like Abdulmutallab's, agents from the CIA must work with agents from the FBI, and the State Department is tasked with coordinating the requests for information from various foreign governments (whose information is not always reliable). For foreign threats specifically aimed at airlines, agents from the Transportation Security Administration, Federal Aviation Administration, Office of Director of National Intelligence, and Immigration and Customs Enforcement must be notified. Rallying and coordinating all the appropriate actors and agencies to respond to a threat requires careful bureaucratic maneuvering and presents numerous opportunities to be bogged down at every step. Certainly, the more overt the threat, the easier it is to move the bureaucracy, but a case as opaque as Abdulmutallab's would not likely inspire a quick and decisive follow-up.
The U.S. National Counterterrorism Center (NCTC) was created to aggregate threats from various local, state and federal agencies all over the world in order to streamline the threat-identification and investigation process. However, the additional bureaucracy that was generated with the formation of the NCTC has essentially canceled out any benefit that the center might have contributed.
When it comes down to it, modern airliners -- full of people and fuel -- are extremely vulnerable targets that can produce highly dramatic carnage, characteristics that attract militants and militant groups seeking global notoriety. And Abdulmutallab's efforts on Christmas Day certainly will not be the last militant attempt to bring an airliner down. As security measures are changed in response to this most recent attempt, terrorist planners will be watching closely and are sure to adapt their tactics accordingly.