As a political standoff shut down the government for 35 days, homeland security professionals scrambled to continue the mission. From Russia to China, to cyber attacks and near daily mass shootings, read on for where we should focus as a nation and in our communities. We reached out to our cadre of experts to ask: What are the real worries?
Cybersecurity and Technology
Unsurprisingly, cybersecurity maintains its place high on the agenda. Homeland Security Secretary Kirstjen Nielsen has focused on the cyber threat and continues to focus resources and attention on the cyber realm. She has argued that it is the very diversity and multifaceted nature of cyber attacks that makes securing this unseen threat such a challenge.
“Cyber attacks now exceed the risk of physical attacks,” Nielsen said in September. “Don’t get me wrong: terrorists, criminals, and foreign adversaries continue to threaten the physical security of our people. But cyberspace is now the most active battlefield, and the attack surface extends into every single American home.”
IoT and Our Supply Chain
The “Internet of Things,” or IoT, has risen to “buzzword” status – making some people’s eyes roll over and others, understandably, increasingly worried. Experts at the Chertoff Group, a consulting firm focused on security and risk management advisory services led by former DHS Secretary Michael Chertoff, believe the increasingly complex nature of our technology supply chain represents a top security risk that will require a new level of convergence across physical, information technology and operational technology programs.
“These risks are magnified by growing complexity in the way software is developed, maintained and retired in today’s rapidly evolving technology sector. The Ford F-150 features more than 150 million lines of code – as compared with 2 million lines of code for the Lockheed F22 Raptor. Moreover, with respect to the ingredients into that code, open source software libraries are now widely used across global industry – by some estimates, there will be almost a half-billion open-source libraries available to developers within a decade,” Chertoff Group Principal Adam Isles told Homeland Security Today.
“As these risks are magnified as Internet of Things technologies proliferate, the potential consequences of IoT-focused attacks will grow accordingly.”
Randall Murch, a former FBI laboratory forensic biologist and research leader for Biosecurity and Forensics at Virginia Tech, warns that cyber systems throughout biomanufacturing, healthcare, agriculture and food systems throughout the country face increasing risks. Murch said these systems could be, or already are being, exploited to the detriment of national security, economic competitiveness and societal wellbeing.
“These exist as ‘tactical,’ ‘operational’ and ‘strategic’ levels and across the landscape of ‘concept to consumer.’ The negative effects can range from loss of valuable intellectual property, to corruption of critical nodes and systems, to devastating cross-sector impacts,” he said. “To date, some of these have been detected and responded to following their emergence and specific harmful effects results; that is, response to a crisis. A reactive, stochastic and disorganized posture exists at the present; a prepared, proactive and organized posture does not.”
Murch calls for government and industry experts to collaborate on mitigating potential threats, adding that while “saving the bioeconomy” has been proposed as a campaign of strategic importance, it has yet to be adopted or pursued.
Ransomware and Criminal Attacks
‘Cyberland’ and Information Warfare
Intelligence communities in the United States determined that Russian President Vladimir Putin has ordered extensive disinformation campaigns to undermine elections in the United States, including interference in the 2016 presidential election with a preference for Donald Trump.
“There can be no doubt that one of our highest priority threats for 2019 and beyond will be how to address the threat of dealing with the dangerous role that misinformation [unintentionally false] and disinformation [intentionally false] play in influencing American citizens. While the majority of this mis/disinformation, or what should be considered ‘narrative warfare,’ stems from places like Russia, China and Iran, it also is dangerously prevalent in domestic media, especially social media,” said Paul Cobaugh, Vice President at Narrative Strategies and author of Narrative Warfare: A Primer & Study Guide.
“Every single threat we and our allies encounter will need to be solved with clear analysis and strategy. If those doing the analysis and strategizing are influenced by false or misleading information, we will have extreme difficulty addressing our threats. If American citizens vote or participate in local governance based on emotional and dishonest content, we won’t solve our problems on a local level, either,” he said.
“The bottom line is that malign influence undermines every aspect of our national security. We all have a responsibility, be it government or private citizens.”
Helping Local Communities Understand ‘Cyber Threats’
Increased effort is also required at the local level. S.F. Vale, president of the Starr-Camargo Bridge Co., which owns the 591-foot-long bridge connecting the Rio Grande Valley in South Texas to Mexico, said we should consider having community access to trusted technicians who can guide us through personal cyber risks and implement protective measures. “This will reduce tensions, especially as [cyber] is the language we most often use to communicate these days,” he said.
“Information warfare is protected as part of the same corrective protocols,” Vale added. “We still make the decisions but learn about developed security devices that can be updated to avoid misinformation.”
Terrorist Activity and Physical Attacks
Kyle B. Olson, president of the emergency management and homeland security consultancy Olson Group and a leading facilitator of high-profile exercises, warns that while we will continue to see cyber attacks, terrorist activity could take a more deadly turn.
“Yes, cyber attacks are all the rage and certainly pose threats to our economy and our infrastructure, but the pattern of terror-style use of weapons as crude as trucks and as sophisticated as nerve agents suggests a more likely trend in the year ahead,” Olson said.
“I am certain that websites will get hacked and credit card numbers stolen, but I am afraid that the tragic headlines could belong to the lethal physical attacks, delivered in unexpected ways against unsuspecting soft targets, particularly in small- and medium-sized cities,” he added. “Digital is disruptive, but coordinated attacks, releases of toxic materials, and the employment of vehicles as weapons or delivery platforms could be the story in 2019.”
Director of National Intelligence Dan Coats told the Senate Intelligence Committee this week that terrorist groups are “operating not simply on what takes place on the battlefield that gives them strength or weakness, but they are operating on the basis of a theocracy, a theology, an ideology that we will continue to see for perhaps years ahead in various places of the world,” and stressed that the U.S. “should not underestimate the ability of terrorist groups” to continue operations despite territorial defeats like ISIS’ onetime caliphate in Syria and Iraq.
CIA Director Gina Haspel added that “of course” ISIS is still dangerous, “and they still command thousands of fighters in Iraq and Syria.”
Bruce Hoffman, a senior fellow at the Council on Foreign Relations and one of the foremost experts on terrorism in the world, told HSToday that the biggest challenge in 2019 will be to avoid being lulled into a false sense of complacency that the threat of terrorism has permanently abated and understanding that the progress in countering this threat achieved to date can only be sustained by continued focus and attention on it.
“According to separate reports by the Washington, D.C.-based CSIS (Center for Strategic and International Studies) and London-based Tony Blair Institute for Global Change, Salafi-Jihadi extremism and violence persists and has expanded to over a third of the world’s countries. ISIS, moreover, anticipated the loss of its Caliphate and prepared accordingly,” said Hoffman. “ISIS today retains eight official branches and some two dozen networks scattered across North and West Africa, the Middle East and South and South East Asia.”
Meanwhile, terrorists who have served their allotted time in prison pose a threat to homeland security upon their release, according to Ken Stiles, a retired CIA officer and current lecturer at Virginia Tech’s Hume Center for National Security & Technology and the Department of Geography.
“There have been a number of recent reports about the number of terrorists arrested since 9/11 who are going to be released in the coming years,” Stiles said. “Some might have repented, but most have not, nor will change their ideological bent. Given that, how can U.S. society remain safe when these individuals are released?”
Stiles said that state and federal governments should create laws similar to those used to monitor sexual predators after release from prison.
“If you talk to these extremists, or read their writings, change is not on their minds,” Stiles said. “Their radical ideology is hardwired in their being, hence their actions. If they are willing to die to achieve their goals does anyone really think a few years in prison will change them?”
Protecting Our Critical Infrastructure
Chuck Brooks, principal market growth strategist for Cybersecurity and Emerging Technologies for General Dynamics Mission Systems, reminds us that the energy sector is particularly vulnerable – not just to cyber attack, but also to physical assault or missile attack. “Protecting our national grid is certainly an encompassing topic that keeps DHS, DoD and intelligence community planners up at night,” he said. “The threats can be cybersecurity attacks, from Electronic Magnetic Pulse generated from a geomagnetic solar flare or from a terrorist short-range missile, or from a physical assault on utilities or power plants.”
Three-quarters of energy companies have experienced at least one recent data breach, according to a report by the Ponemon Institute.
“We are quite vulnerable,” Brooks said. “Much of our grid still relies on antiquated technologies, and more investments in hardening defenses are needed. As technology exponentially advances with artificial intelligence, and as threat actors (including cyber mercenaries) easily gain destructive tools via the dark web, the risks grow.”
Critical infrastructure is also at great risk from insider threats, which William F. Flynn, president of GARDA Risk Management, LLC, describes as the Achilles’ heel for protecting critical infrastructure. “While data breaches and theft of information have received much of the attention, the impacts also include fraud, sabotage, espionage and workplace violence – with 2017 being a record year with 579 workplace homicides,” he said. “The insider threat is ubiquitous, impacting all sectors – with the potential for both cyber and physical security consequences.”
Steve Karoly, former TSA Acting Assistant Administrator for the Office of Requirements and Capabilities Analysis, warns a “bow wave” is growing in intensity and in depth in terms of the need for a checkpoint screening equipment refresh period. “Given that we have 2,100-plus checkpoint screening lanes of equipment (approximately 7,000 units) and not enough funding to upgrade, refurbish, or replace this equipment, TSA will need to evolve their security screening process in terms of who and what needs to be screened,” he said. “In other words, today, TSA looks for a needle or two in a very, very large haystack. In the future, TSA will need to make that haystack much smaller by taking the bulk of low-risk travelers (with confidence that these travelers are truly low-risk by enhanced vetting) and allowing them to proceed to the sterile area with a much more reduced screening assessment. This could allow for a major reduction in checkpoint screening equipment at the security checkpoint.”
Karoly believes the development of an integrated, distributed and holistic airport security screening architecture is still years away. However, he says, many of the larger airports are presently planning or are already undergoing a major renovation without understanding how the future architecture may impact their operation.
“Without the alignment between the future airport screening architecture and airport terminal development, there is high risk that 1) airports will experience lots of ‘scrap and rework’ in the coming years or 2) the airport will not immediately benefit from seeing the successes this integrated and distributed architecture can provide,” he said.
Karoly added that the transition from executing a successful pilot (through the Innovation Task Force) to an actual acquisition/procurement activity continues to be time-consuming. “TSA needs to better streamline their acquisition and procurement processes to account for and give credit for the conduct of numerous ITF activities to include source selection, requirements development, and requirements assessment,” he said. “For example, TSA should view the ITF proposal selection process as a ‘procurement’ competition / selection process. This would allow TSA selected and successfully demonstrated ITF pilots to transition more quickly to a program of record since the TSA procurement team would not have to conduct a procurement competition process, for the technology selected and assessed by the ITF, which could last months to years.”
Over the past two years, there has been some effort by TSA to understand the capability that biometrics could bring to the overall airport security screening process. However, Karoly said these efforts have not been well coordinated through the entire TSA enterprise. “Since an airport security environment includes many stakeholders (local law enforcement, airlines, airport concessions, etc.), what is truly needed is a biometric strategy co-developed by all airport security stakeholders,” he said.
As elsewhere, the sharing of data between airport security stakeholders continues to be an area of major concern and a major thorn in the aviation security architecture side.
“To get to a ‘reservation to destination’ or ‘curb to gate’ aviation security ecosystem, you must be willing and have the capability to share data,” said Karoly. “However, there are numerous challenges in making that happen: how is personal data controlled, who owns the data, how long is that data stored, and can a data holder be trusted. The first step will be to get the federal government, city government and private industry, or a subset of those stakeholders, into a room and begin the discussion.”
Leveraging Information Sharing Within the Homeland Enterprise
“Where there are real or perceived capability gaps that can be solved by technology, the greater homeland security capability development world will strive to fill that gap,” said Dr. Thomas Cellucci, chairman and CEO of Bravatek. “Therefore, it will be imperative for the U.S. government to establish a robust capability that will leverage cooperative information sharing gathered from our extensive networks throughout the homeland security enterprise. A critical part of this information-sharing will be to develop, whenever possible, detailed operational requirements documents from homeland security stakeholders to ensure clear understanding among all parties and uncover underlying capability needs.”
Cellucci, who previously served as the first-ever DHS chief commercialization officer under presidents George W. Bush and Barack Obama, is a proponent of technology foraging – the collection of data on technologies/systems applicable to homeland security requirements. It is designed to identify, screen and link potential technology solutions to user requirements, and successful implementation results in improved relationships among the research and development and operational communities, and identifies emerging science that can be used in product development.
“Technology foraging is two-dimensional: it involves identification of an interesting technology AND the alignment of that technology to user requirements,” he said. “Foraging involves developing a research approach, information gathering, building a technical database around a potential technology, critical evaluations, and relationship building. Communications are also critical.”
Kriste Jordan Smith, the deputy federal security director for the Transportation Security Administration at Dallas/Fort Worth International Airport, also believes that information-sharing between government agencies will be critical this year. Smith recommends establishing relationships with staff in other agencies as a practical approach to getting things done.
“Our greatest challenge will be to sustain and maintain interconnectedness across multiple entities so we can all be more aware and resilient, no matter what attack vector comes into play. Forging strong working relationships, broadening each of our world views to be open to new information, and partnering via quick wins and mutually beneficial initiatives provide the foundation of a community’s preparedness and response capabilities,” Smith said.
“Relationships are a strategic asset, often overlooked in the rush to deliver short-term results and demonstrate value,” she added. “Word to the wise: Be a change agent for the future by investing more in relationships now, and reap vast dividends later.”
International Information-Sharing and Relationship Building
It’s not just within the U.S. that relationships and information-sharing need to improve. Francis Taylor, former head of the DHS Office of Intelligence and Analysis, says the State Department, the DoD and the departments of Justice and Homeland Security need to work with the source countries in Central America to improve safety and security in those areas and to stem the reasons for people fleeing.
“We need to help our neighbors to develop strategies to solve their problems at home and not at our southern border. We have done this over the years with Mexico and have seen significant decrease in illegal crossings by Mexican citizens,” Taylor said. “We have worked with Panama and Brazil to improve our intelligence and law enforcement information exchanges to allow us to see and interdict potential threats well before they reach our border. We know what needs to be done, but there needs to be a political recognition of what is required and the necessary investments to make it happen.”
Not all security threats are manmade. Last year there were 15 named storms in the Atlantic Ocean and 22 named storms in the Pacific Ocean – yet another busy and costly hurricane season. That came on the heels of 2017, when Category 5 hurricanes Jose, Maria and Irma contributed to one of the most devastating hurricane seasons since 2005, with a death toll estimated to exceed 3,300. This is even before we consider the impact – both human and infrastructure – of the wildfires in California, Montana, Nevada, Oregon, Utah, and Washington state.
Art Mead, director of the Ohio-based Huron County Emergency Management Agency and Office of Homeland Security, said 2019 will be a challenge for homeland security on many fronts. “Yes, cyber is a large worry, border security is another concern; however, Mother Nature is showing us that no matter how much we prepare she still wins the argument,” he said. “I think that looking at all hazards and trying to prepare for all of the above is the best approach to providing safety and security to our residents.”
Beyond our borders, climate and weather disasters are also fueling the migration of many displaced people, some heading to the U.S. and placing increasing strain on our already burdened border security.
Resilience Guards Against Complacency
Perhaps the biggest security threat of all is our mindset, or a feeling that we have done enough and are winning the game. As Mark Hooker, a training/exercise branch manager with the Arkansas Department of Emergency Management, said, “Our biggest threat today is complacency, pure and simple. Our security will depend on our vigilance.”
With innumerable threats against homeland security, one thing is certain: resilience in the face of the unknown will be key in the days ahead.
“Uncertainty is what everyone should be focused on in 2019, with resilience-based preparation as the way to mitigate the wide number of threats that face every organization,” said Pete O’Dell, president of situational awareness software firm Swan Island Networks. “As we continue to adopt advanced technologies and have an increasingly complex world, one incident can cascade across many other areas, triggering loss of life, property and reputation.”
“Cyber and physical are rapidly becoming intertwined in many areas and not having power or communications can cause major shortfalls in response,” O’Dell said, stressing the need to communicate and share information proactively as well as during emergencies.