A traveler waits while the tablet captures her photo to immediately verify that her face matches the face on her ID. (TSA photo)
New technology that confirms the validity of a traveler’s identification (ID) and confirms their flight information in real time is now in use at the Transportation Security Administration (TSA) security main checkpoint at Pittsburgh International Airport (PIT).
This deployment is the latest generation of Credential Authentication Technology (CAT) to verify the identity of travelers. First generation CAT units are designed to scan a traveler’s photo identification, confirm the traveler’s identity as well as their flight details. The new CAT units, referred to as CAT-2, have the same capabilities, but are also equipped with a camera that captures a real-time photo of the traveler.
CAT-2 compares the traveler’s photo on the ID against the in-person, real-time photo. Once the CAT-2 confirms the match, a TSA officer verifies and the traveler can proceed through the checkpoint, without ever exchanging a boarding pass. The photo is then deleted.
The CAT-2 units are equipped with cameras on tablets and are used to match the face of the person standing at the checkpoint with the face that appears on the traveler’s ID such as the person’s driver’s license or passport. The technology enhances detection capabilities for identifying fraudulent documents at the security checkpoint. The photos are not saved and are only used to match the person standing at the travel document checking podium with the photo on the ID that is being presented.
“Identity verification of every traveler prior to flying is a key step in the security screening process,” said Karen Keys-Turner, TSA’s Federal Security Director for the airport. “This technology enhances detection capabilities for identifying fraudulent IDs such as driver’s licenses and passports at a checkpoint and it increases efficiency by automatically verifying a passenger’s identification. We just want to ensure that you are who you say you are.”
Travelers hand their ID to the TSA officer, look at the camera and if the ID is validated, the traveler then proceeds into the checkpoint. Even with TSA’s use of these units, travelers still need to check-in with their airline in advance and bring their boarding pass to their gate to show the airline representative before boarding their flight.
“This latest technology helps ensure that we know who is boarding flights,” Keys-Turner said. “Credential authentication plays an important role in passenger identity verification. It improves a TSA officer’s ability to validate a traveler’s photo identification while also identifying any inconsistencies associated with fraudulent travel documents.”
The system also confirms the passenger’s flight status by verifying that the individual is ticketed to fly out of an airport on that same day.
U.S. Customs and Border Protection Office of Field Operations officers conducting outbound operations recently seized seven weapons, 104 rounds of ammunition, nine magazines and marijuana hidden within a vehicle hauling a trailer.
“This seizure serves as another example of the effectiveness and the utilization of officer experience and technology to prevent weapons from going south and causing greater harm,” said Port Director Liliana Flores, Del Rio Port of Entry. “These types of seizures perfectly illustrate CBP’s resolute commitment to securing our shared border with Mexico.”
The seizure occurred on the morning of Wednesday, April 24, at the Del Rio International Bridge when officers assigned to outbound operations selected a 2015 Chevy Express van traveling to Mexico for inspection. The vehicle and utility trailer it was pulling were referred for a non-intrusive inspection system examination and canine examination. Upon further physical inspection of the vehicle and trailer, CBP officers discovered seven weapons, 104 rounds of ammunition, nine magazines and 59 grams of marijuana within the conveyance.
The weapons, ammunition, magazines, marijuana were seized by CBP OFO officers. The case was turned over to Homeland Security Investigations special agents for further investigation.
In a recent judgment at the U.S. District Court in Bangor, Alexander Michael Dominic MacDonald, a 30-year-old from Chelmsford, England, received a sentence of time served and was ordered to make restitution after pleading guilty to charges of interfering with a flight crew. The incident, which occurred on a United Airlines flight from London to Newark on March 1, 2024, led to an unplanned landing at Bangor International Airport.
Chief U.S. District Judge Lance E. Walker handed down the sentence, recognizing the time MacDonald had already spent in custody since his arrest on the day of the incident. In addition to his time served, MacDonald is compelled to pay restitution amounting to $20,638.00.
Court documents reveal that MacDonald engaged in a loud dispute with a fellow passenger mid-flight. His escalating aggression prompted intervention by flight attendants, whom he subsequently threatened and intimidated. The situation intensified when the flight’s international purser tried to deescalate MacDonald’s disruptive behavior, only to face threats that MacDonald would “mess up the plane.” Eventually, MacDonald was subdued with flex cuffs, and the decision was made to divert the flight to Bangor to ensure the safety of all on board.
This case was thoroughly investigated by the FBI, U.S. Customs and Border Protection, and the Bangor Police Department, underlining the seriousness with which such disruptions are treated due to their potential threat to passenger safety and flight operations.
2023 Passenger Support Specialist of the Year LTSO Julia Perry assists a traveler at Denver International Airport.
A Lead Transportation Security Administration (TSA) officer (LTSO) who works at Denver International Airport (DEN) was recognized as the national 2023 Passenger Support Specialist (PSS) at an agency award ceremony held today at Ronald Reagan National Airport in Arlington, Virginia.
LTSO Julia Perry is being honored for her exceptional commitment to passengers who benefit from additional assistance during the security screening process. TSA Administrator David Pekoske presented the award to her during the ceremony.
LTSO Perry has excelled in her role since joining TSA in August 2022. Early in her tenure with the agency, she requested to receive additional training to become part of the local PSS team. Since then, she has been involved in activities with local Make-A-Wish; Warren Village; Children’s Hospital; and service dog groups. She consistently demonstrates a high level of proficiency and professionalism when interacting with individuals as well as larger groups.
TSA’s PSS program operates under TSA Cares, which allows passengers with any type of medical condition or circumstance to reach out to the agency to request assistance prior to flying. When a traveler calls TSA Cares, a specially trained representative provides information about screening that is relevant to the traveler’s specific condition. Travelers can request the assistance of a PSS through TSA Cares at any airport across the country.
LTSO Perry serves as the local contact for several groups including Rocky Mountain Downs; Wheelchairs 4 Kids; Colorado Center for the Blind; and Wings for All. She assists in giving tours to these constituencies while also ensuring that security screening for individuals with special needs is done in the most conducive environment for success.
TSA leadership at DEN regularly receives positive feedback on LTSO Perry’s interaction with travelers. She recently led a tour of disabled young adults with the Brighton Transition Learning Center. The students were so thrilled with their airport tour and experience that they each sent LTSO Perry a personal thank you notes.
Metal briefcase with guns and ammunition that were packed in a metal suitcase and placed inside a larger piece of luggage. (TSA photo)
An Ohio man was taken into custody on Friday, April 26, at an airport after TSA agents detected three handguns and multiple rounds of ammunition concealed ingeniously within a metal briefcase inside his checked luggage. The arrest was the result of vigilant screening by the Transportation Security Administration (TSA) at the TSA checked baggage room, highlighting the effectiveness of security measures in place.
The firearms were each meticulously wrapped in aluminum foil and secured with sticky tape, cleverly hidden under a metal sheet within the briefcase, which itself was packed inside a larger suitcase scheduled to fly to San Juan, Puerto Rico. The TSA personnel promptly alerted the Allegheny County Police, who conducted a thorough examination of the suspicious luggage.
Upon inspection, law enforcement officials discovered one 9mm handgun wrapped with 47 bullets, another 9mm handgun accompanied by 23 bullets, and an unloaded .40 caliber handgun, also wrapped in foil. Additionally, three boxes of 9mm ammunition were found within the briefcase.
Karen Keys-Turner, TSA’s Federal Security Director for the airport, expressed her gratitude towards the TSA officers for their acute observation skills and quick response in uncovering the hidden arsenal. “I also want to commend the Allegheny County Police for their swift action in seizing the case with the weapons and arresting the man,” Keys-Turner stated. “Travelers who fly out of our airport should feel reassured that TSA’s partnership with local law enforcement is critical in ensuring that our airport environment is secure and safe for passengers.”
This incident underscores the challenges and the ongoing need for stringent security checks to thwart attempts to smuggle weapons and other illegal items through commercial aviation, ensuring the safety and security of all travelers.
The leader of U.S. Customs and Border Protection was pressed on what the agency is doing to vet people seeking entry to the country at border checkpoints and how it would utilize additional funds to secure the southern border as lawmakers continue debating a budget for the current fiscal year.
Acting CBP commissioner Troy Miller appeared before a House Appropriations subcommittee on Tuesday for a hearing on the agency’s annual budget request, which comes as the administration is weighing how to stem the flow of encounters at the U.S.-Mexico border.
The administration has requested $19.7 billion for CBP, which falls under the Department of Homeland Security’s budget. Within its request, the administration is pushing for $117 million to boost border enforcement staffing with new Border Patrol agents, officers and processing coordinators and other positions.
A Border Patrol truck drives along the U.S.-Mexico border in front of a bollard-style fence. Agents say this type of fence gives them good visuals on activity going on across the border, while effectively deterring illegal crossings. (CBP photo)
Two migrants have been hospitalized after falling from the wall along the U.S.-Mexico border near San Diego Monday night, U.S. Border Patrol officials confirmed.
Agents encountered the two women last night around 9:30 p.m. According to Border Patrol, they were complaining of injuries sustained in a reported fall.
Authorities did not confirm the nature of their wounds, but said medical personnel responded to the scene and determined they needed “higher level care.” The two women were transported to a nearby hospital and remain in an unknown condition.
Read the rest of the story at Border Report, here.
President Biden has signed a National Security Memorandum (NSM) aimed at strengthening the security and resilience of U.S. critical infrastructure, replacing a decade-old policy and initiating a robust protective strategy against all contemporary and future threats. The NSM coincides with significant funding initiatives under the President’s Investing in America Agenda, which aims to harness the transformative potential of new technologies, including artificial intelligence, to future-proof American infrastructure.
Under the NSM, the Department of Homeland Security (DHS) is mandated to lead a whole-of-government effort, with the Cybersecurity & Infrastructure Security Agency designated as the National Coordinator for Security and Resilience. This initiative includes the development of a biennial National Risk Management Plan by the DHS, which will outline strategies to mitigate risks to the nation’s essential services.
The memorandum also integrates efforts from the U.S. Intelligence Community to enhance intelligence sharing across federal, state, and local entities, and with private sector partners who manage much of the nation’s critical infrastructure. This is a strategic move to solidify defenses against both state and non-state actors that might target critical U.S. systems.
A significant financial commitment has been highlighted, with the Biden-Harris Administration announcing the allocation of $448 billion in Bipartisan Infrastructure Law funding, supporting over 51,000 projects. This includes substantial investments focused on enhancing the resilience of transportation and other infrastructure, critical in countering the effects of climate change and other emerging threats. Notably, $50 billion is earmarked for infrastructure resilience, with initiatives like the $8.7 billion PROTECT program, which aims to bolster transportation systems against potential disasters.
The NSM emphasizes the importance of establishing baseline security and resilience standards across critical sectors. It reaffirms the designation of 16 critical infrastructure sectors which are:
Chemical
Commercial Facilities
Communications
Critical Manufacturing
Dams
Defense Industrial Base
Emergency Services
Energy
Financial Services
Food and Agriculture
Government Facilities
Healthcare and Public Health
Information Technology
Nuclear Reactors, Materials, and Waste
Transportation Systems
Water and Wastewater Systems
Each will be paired with a Sector Risk Management Agency (SRMA) possessing the expertise to manage sector-specific risks and enhance coordination efforts.
This strategic directive arrives at a time when global challenges from adversarial nation-states and the impacts of climate change increase the vulnerability of critical infrastructure. The NSM is crafted to ensure that U.S. infrastructure not only withstands such adversities but also adapts and thrives, securing the economic and security interests of the nation for future generations.
The initiative represents a proactive approach to national defense, emphasizing resilience as a cornerstone of homeland security and underscoring the government’s commitment to safeguarding the American way of life against a spectrum of risks and challenges.
Airports and the aviation system face a variety of threats globally. Ranging from terrorism, and insider threats, to criminal activities such as smuggling and theft. These threats are constantly evolving based on the capability of groups, advances in technology, and the vulnerability of infrastructure. One of the most difficult threats to mitigate is an Insider Threat.
The Insider Threat is difficult to mitigate due to its origins within a group of trusted employees who are vetted, constantly screened, and most importantly, have access to the security processes within the overall system. Airports and the aviation system have established formal security processes from the International Civil Aviation Organization, and their National Aviation Security Programs. These processes are standardized and include physical security measures such as fences, cameras, etc. Additionally, they also impose security processes such as vetting, badging, and credentials, screening with advanced hardware and software, and facial recognition systems that are constantly monitoring activities. As complete as the airport and aviation security systems are, there will always be vulnerabilities in the system and the insiders know how to exploit them.
Most, if not all the security systems currently deployed at commercial airports use a one-dimensional or ground zone security system. Meaning the security system is linear and is there to mitigate ground-level threats. On the other hand, military airports account for airborne threat vectors which range from incoming enemy aircraft to UASs and missiles. With the advent of a growing UAS threat we have seen in places like Saudi Arabia, Yemen, Ukraine, and Russia, commercial airports face this new threat/challenge by UAS or “drones.”
If you examine the threat from UAS at commercial airports in conjunction with Insider Threat, the commercial airport and aviation systems face a significant new challenge. The threat of a terrorist attack delivered by UAS is readily evident. Currently, there are few, if any, Counter UAS (C/UAS) systems deployed within civilian and commercial airports. In most airports, especially in the US, mitigation of these UAS threats is restricted. This leaves a major security issue for a terrorist-type attack using a UAS directly against an airport or aircraft. Additionally, a UAS could deliver an IED bypassing traditional security screening via placement on an aircraft, or within an airport by an insider which is another significant vulnerability.
It is important to now evaluate other threats posed by UAS to airports and aircraft. If you ask most airport security personnel they will tell you that beyond terrorism the biggest threat they face is criminal. Theft of property, drugs, guns, or other illegal material being smuggled on aircraft, and the introduction of prohibited items on or off an airport. Think of It this way, it’s very easy to fly items in and out of an airport using drones as the primary threat vector. Combined with Insider Threat, aviation is now facing a significant challenge. Airports and the Aviation sector must address multidimensional threats with a limited capability to mitigate them.
High Point Aerotech C/UAS DHS Testing
In recent news, the prevalence of UAS smuggling has been illustrated in the results of Operation Skyhawk. The operation focused on the mitigation of a multi-statewide drone smuggling operation in and out of Georgia’s prisons. Among the 150 suspects arrested were eight Georgia Department of Corrections employees. The contraband confiscated included 87 drones, 273 cellphones, 22 weapons, and a plethora of illegal narcotics. This illustrates a blaring example of UAS technology being utilized by insider threats to accomplish a malicious goal. Now imagine the implications of a criminal utilizing these same methods on a massive scale within airports.
Let’s examine a couple of potential scenarios. Insider threats among ground-handling companies have always posed a challenge. Though these personnel are vetted, it’s a transitory business with high turnover rates. The ability of an insider to remove contraband or stolen material from an aircraft/maintenance facility and fly it out of an airport using a drone is a real threat. Likewise, on-airport cargo and catering facilities which have a high rate of transitory personnel pose another challenge. An insider with access could use a drone/UAS to bring in prohibited items, or worse explosives and drugs which could then be loaded onto aircraft bypassing traditional security screening.
These are just two examples of new challenges for airport and aviation security personnel. The question becomes how to mitigate both the insider threat in conjunction with new UAS threats that can bypass a security system built for linear threats.
The solution is complex and must include a combination of linear and multidimensional security processes supplemented by the introduction of new technology to mitigate this threat. The airport security system must enhance its insider threat system and consider a threat that can easily reach the sterile area of an airport. Airport security programs must now assess areas of vulnerability that can be exploited by UAS systems such as areas accessible to insiders. Egress and ingress air routes, areas not currently considered vulnerable, and areas of potential high insider threat (cargo, catering, ground handling crew areas) should be reviewed and enhanced. This includes physical barriers, enhanced cameras and lighting, and other measures such as random security patrols. To address the UAS threat itself the solution is technology.
It is time that commercial airports consider and deploy C/UAS systems into their Airport Security Programs (ASPs). There are some international airports and a few US airports that are currently experimenting with C/UAS systems. Utilizing these systems provides a wide-ranging security net that encompasses not only aerial but ground-based threats through its use of 24hr EO camera and radar capabilities. We should look to the experience gained by these airports and C/UAS deployments as a guide. Additionally, CUAS systems provide the user with the ability to centralize decision making allowing the operator to navigate the complexities of the US’s current UAS legislation. The use of C/UAS testing pilots and data collection exercises using C/UAS would be a proactive initial step. Why wait until the regulators and lawmakers figure it out? Simple data collection to identify the threats posed by UAS, and planning accordingly, make mitigation easier to enact. Currently most airports are void of UAS threat data, now is the time to act. In the security business the more you know about the threat the less risk is posed.
Earlier this week, President Biden issued the long-anticipated successor document to Presidential Policy Directive 21 (PPD 21). This new policy, National Security Memorandum 22 (NSM 22), codifies his Administration’s policy toward Critical Infrastructure Security and Resilience and updates the policy approach to reflect the current critical infrastructure risk environment and the reality that digitalization and new technologies have fundamentally altered the operations of the Nation’s critical infrastructure. It’s release was welcomed by the critical infrastructure community because it emphasizes the importance of the security and resilience requirement in the face of increased Nation-state and criminal threats and it aligns national policy with the Administration’s strategy on cyber security and other risks. In doing so, it also maintains a good deal of structural stability, which is crucially important to facilitate collaboration between the private sector, State and local governments, and the Federal government on these issues.
In November of 2022, I wrote 5 Ways to Update Critical Infrastructure Security and Resilience Policy in an Era of Strategic Risk about some of what I hoped the successor to PPD 21 might achieve, and for the most part I think the NSM met the goals I identified. While I may quibble with some omissions in the NSM, overall it is well done and represents the culmination of what seems to have been a successful interagency process. Like many Presidential policies, however, it leaves a good bit of work to be done as part of “policy implementation” in terms of planning, risk identification and assessment, and ultimately prioritized risk mitigation activities. As such, the homeland security and critical infrastructure community will need to remain engaged on these issues.
Amongst the upcoming efforts that are worth continuing to track:
The development of the National Infrastructure Risk Management Plan, as a successor to the National Infrastructure Protection Plan. This plan can further articulate the risk basis for critical infrastructure and set risk management goals for national-, sector-based and regional risk. By doing so, it should reinforce the need for collaboration to address the risks and what the delta is between what critical infrastructure owners and operators are responsible for and what is in the national interest. The Federal government plays an important role in bringing risk information to bear, setting incentives, and defending critical infrastructure from nation-state adversaries, but it is important to remember that risk management needs to be balanced with opportunity and take into account business and community needs.
Steps to address systemic risk. For the first time, through this NSM, critical infrastructure policy focuses on the reality that certain dependencies and technologies can potentially cause systemic risk if they fail. This concept, borrowed from the financial sector, is intended to focus resilience efforts on things that can cause widespread cascading impacts, such as failure of cloud services, regional power or telecom outages, vulnerabilities in ubiquitous software or hardware or concentrated supply shocks. Based on this policy, the government will endeavor to identify Systemically Important Entities, conduct the first-ever cross-sector risk assessment for critical infrastructure, and address “the most significant risks involving multiple sectors”. This sets a clear foundation for prioritizing certain critical infrastructure for security and resilience investments and continuous monitoring of health and stability.
The identification of Essential Critical Infrastructure workers. During the pandemic in 2020, for the first time, CISA worked with the interagency and the government to identify types of workers that were essential for critical infrastructure functioning. That list was expansive and context-specific to the pandemic. In NSM 22, Sector Risk Management Agencies are tasked with doing that again in a way that is not scenario-specific. It will be worth watching what comes out of that effort and how such an identification is used to strengthen the labor pool.
Work to strengthen minimum security requirements. Recent cyber incidents have demonstrated that there are critical infrastructure sectors where baseline security requirements are not in place – or not met. Consistent with last year’s National Cybersecurity Strategy, NSM 22 calls for an evaluation of whether there are sufficient requirements for individual critical infrastructure sectors and whether they are being met; it also calls for using existing regulatory authorities or pursuing additional authorities to increase minimum security requirements where the government demonstrates them needed.
Future change in the 16 Sector structure. NSM 22 carries through PPD 21’s Sector structure and designation of Sector Risk Management Agencies but leaves room for that to be revisited through the Secretary of Homeland Security. Worth watching, in particular, is whether the Secretary puts forward the idea that Space should be designated as a critical infrastructure sector in some manner. Doing so would send a message about the critical nature of securing space assets and collaborating with companies who operate there and help deliver cross-sector functionality such as position, navigation and timing.
Publication of an Intelligence Community-driven Threat Assessment for critical infrastructure. This requirement, at both the classified and unclassified levels, gives the Director of National Intelligence an opportunity and mandate to make public threats to critical infrastructure to guide risk mitigation. This will be an important element in information sharing as it will help maintain focus on security and resilience for critical infrastructure that adversaries are actively looking to weaken.
NSM 22 is a policy that is written in an age of strategic competition between the United States and key adversaries, most prominently China and Russia. It recognizes that critical infrastructure security and resilience is a core natural interest and that it is important that the country’s critical functions not serve a strategic vulnerability, but instead as a source of strength. The United States must continue to strive to have the most dynamic economy and innovative suite of technologies in the world and to do so the country has to invest in making sure that critical infrastructure, technologies, and supply chains are secure and resilient. The policy approach within NSM 22 recognizes that it takes a team effort and that prioritization, collaboration and effective and efficient orchestration are key. That spirit needs to infuse the policy implementation work to come to maintain our country’s commitment to invest in the future.
