Earlier this month, prior to reports this week that several thousand Secured Identification Display Area (SIDA) badges used by employees to gain access to secure areas at airports have been reported missing, lost or stolen in recent years, the Department of Homeland Security’s (DHS) Inspector General (IG) reported it had discovered “numerous vulnerabilities” affecting controlled access to secured airport areas “critical to the safety of passengers and aircraft — despite [the] Transportation Security Administration’s (TSA) efforts to ensure only cleared individuals enter secure areas.”
“Airport employees, as well as unauthorized individuals, entering the secure areas of airports, pose a serious potential risk to security,” the IG stated.
"Since 2004, we have published more than 115 audit and inspection reports about TSA’s programs and operations, [and] have issued hundreds of recommendations to attempt to improve TSA’s efficiency and effectiveness,” DHS IG John Roth told the House Committee on Oversight and Government Reform.
Since July 2013 alone, Roth noted, the IG has issued 13 audit reports exposing TSA’s vulnerabilities and challenges, especially passenger and baggage screening, access controls to secured areas, workforce integrity and TSA’s operations.
Homeland Security Today also reported that another IG audit disclosed US airline passengers appear to have been in potential jeopardy to terrorist attacks for nearly a decade because TSA hasn’t properly managed the maintenance of its airport screening equipment.
Consequently, the IG stated, TSA may have to be using other screening measures that “may be less effective at detecting dangerous items.”
But it’s the badging and ID issues that arose this week following reports that more than 270 badges went missing at San Diego International Airport in the last two years, and that more than 1,400 badges were reported missing from Atlanta’s Hartsfield-Jackson International Airport.
Making matters worse for the Atlanta airport, according to the FBI, on at least five occasions in 2014, Eugene Harvey—a baggage handler at Hartsfield-Atlanta airport— worked with another former Delta employee to smuggle firearms through airport-controlled security checkpoints for Delta employees. Harvey was not required to go through the screening performed for passengers by TSA.
Once through the airport-controlled security checkpoints, the firearms were transported in carry-on baggage into the passenger cabins of aircraft. Harvey’s accomplice flew to New York with the guns.
These two instances bore striking resemblances. The suspects in the Delta airlines gun smuggling ring allegedly took advantage of employee tags that allowed them to bypass normal security.
In addition, Hartsfield-Atlanta airport was the point of origin in both cases.
"TSA is taking these recent incidents very seriously, and has taken immediate steps to enhance site security at Hartsfield-Jackson Atlanta International Airport and other major US airports," TSA said at the time.
Of particular concern, IG John Roth told the House Committee on Oversight and Government Reform on May 13, are the problems his office’s audits found with airport badges and access to secure areas. Roth noted that, “In February 2013,” his office had “identified problems with TSA’s Aviation Channeling Services Provider project, which uses vendors to relay airport badge applicants’ biographical information and fingerprints to TSA for vetting.”
Roth said, “Because TSA did not properly plan, manage or implement the project, airports nationwide experienced a backlog of background checks. To address the backlog, TSA temporarily allowed airports to issue badges without the required background checks.”
“Consequently, at least five airports granted badges to individuals with criminal records, giving them access to secure airport areas,” the IG disclosed. “In response to our findings, TSA agreed to develop a lessons learned report, establish a policy requiring all projects to include a comprehensive plan, communicate customer service expectations to vendors and monitor their performance for accountability, and require inspectors to review badges issued without the required background checks.”
Furthermore, Roth told the committee this month, “We also used covert testing to determine whether unauthorized and potentially dangerous individuals could gain access to secured airport areas. In addition, during this audit, we identified the extent to which Transportation Security Officers (TSOs), airport employees, aircraft operators and contractors were complying with related federal aviation security requirements.”
While the results of the IG’s covert testing are classified, Roth told lawmakers on May 13 that what “we can say [is] that we identified significant access control vulnerabilities and recommended improvements.”
In September, 2011, the IG’s office reported “individuals who pose a threat may obtain airport badges and gain access to secured airport areas” because of deficient vetting and oversight by TSA’s process of credentialing airport workers.
But as serious as this finding is, the IG’s audit highlighted a much bigger, long-standing concern of counterterrorism and law enforcement officials, which is the threat of terrorists getting their hands on official credentials.
The IG’s audit of TSA credentialing disclosed that analysis of “vetting data from 359 airport badging offices … identified badge holder records with omissions or inaccuracies pertaining to security threat assessment status, birthdates and birthplaces.” The audit further found that “badges were issued to individuals without a complete security threat assessment.”
The IG concluded that “these problems exist because TSA has designed and implemented only limited oversight of the application process.”
“In response to [the latest] congressional concerns and media reports about missing badges, which could allow unauthorized people access to secure airport areas, we very recently began a review of TSA’s controls over access badges,” the IG reported, saying, “We intend to identify and test TSA’s efforts to mitigate the risks of unaccounted for, lost, stolen or terminated airport-issued badges.”
In addition, Roth said “this month we will publish the final report from an audit we conducted of TSA’s controls over the vetting of aviation workers possessing or applying for credentials that allow unescorted access to secure areas of commercial airports. Specifically, we assessed TSA’s process for vetting workers for terrorist links, criminal history, and lawful status. We also sought to determine the accuracy and reliability of the data TSA uses for vetting.”
"Clearly there are an awful lot of things falling through the cracks and there’s just no room for an error when it comes to this issue,” Sen; John Thune, chairman of the Senate Committee on Transportation said this week. “We need answers. They’re not providing them."
Thune said previous answers from TSA to his requesting information on lost, stolen or missing SIDA credentialing had just raised more questions than answers.
After several high profile security breaches involving airport personnel smuggling firearms onto commercial flights after bypassing security, lawmakers began discussing ways to bolster access control measures to deter and prevent future incidents, including 100 percent employee screenings, increased random screenings, expanding the list of disqualifying crimes for employees and more frequent criminal history records checks.
The House Committee on Homeland Security’s Subcommittee on Transportation Security held a hearing to discuss airport access control measures after several alarming security incidents, including the December 23, 2014 arrest of a Delta baggage handler at Hartsfield-Jackson Atlanta International Airport for gun smuggling the FBI called a “serious security breach.”
Just weeks after the arrest of the Delta airlines worker, a Federal Aviation Administration (FAA) safety inspector bypassed security and flew from Atlanta to New York with a gun in his carry-on baggage.
Officials said the FAA employee used a SIDA badge to avoid TSA screening and gain access to a secure area of Atlanta’s Hartsfield-Jackson International Airport.
FAA Administrator Michael P. Huerta suspended the program allowing agency safety inspectors to skip security screening.
The safety inspector did not have SIDA privileges at New York’s LaGuardia Airport, where the firearm was allegedly found in his carry-on baggage during standard TSA screening.
"The FAA will stand down the program while it conducts improved training for all of its inspectors," FAA said in a statement. "The agency also will require inspectors to sign a new agreement that details each inspector’s responsibility under the program and clearly states that any infraction related to a weapon will result in an immediate and permanent suspension of privileges and possible further disciplinary action."
TSA Administrator John Pistole earlier told a Senate committee that no perfect solution exists to entirely eliminate risk. He was discussing the agency’s recent efforts to adopt a risk-based approach to transportation security.