As I am traveling this week I am observing the activities of employees at the airports I pass through. What I’ve seen has worried me a bit and has made me think about the insider threat at airports.
For instance, pilots and flight attendants are intimately familiar with TSA security-screening procedures and have unrestricted access to the interior of an aircraft. They are extremely knowledgeable of their work environment and could easily conceal any illegal intentions.
Ground crews are largely unseen by the general public. But like flight crews, they have intimate knowledge about their work environment. They also have unrestricted access to the exterior and interior of an aircraft. These ground-crew employees usually gain access through an employee entrance. It appears that this entrance sometimes has a guard present and is accessed by a key, coded lock, biometric device, or other door-locking mechanism. However, it is not considered a screening checkpoint because its only purpose is to restrict access to unauthorized personnel, not to inspect employees or their belongings.
The Department of Homeland Security has categorized Insider Threat as an Advanced Persistent Threat (APT). As we travel on a regular basis we have become very aware of the changes in security at airports in a post 9/11 world. Each time we remove our belts and shoes, and send our bags through the x-ray machines we are reminded of the security precautions in place, for travelers. However, it appears to me that the insider access at the airport is a vulnerability that can be easily exploited when much of the focus at airports is focused on the outsider threat. The “bad guys” are probably aware of this fact and news reports often show how they test the limits of security at airports.
Insider threats come in many variations at airports, but the perpetrator is often the same: a clever airport employee. Hidden in plain sight, insider threats can cause great damage to our physical and logical systems. Like computer information systems, airport insiders have privileged access to airport processes and procedures, access to secured areas, and the inside scoop on an airport’s vulnerabilities.
Airports spend millions of dollars to put security measures in place. Measures that include tighter security checkpoints, facial recognition software, full-body scanners, access control systems, intrusion detection systems, alarms, closed-circuit monitors and video surveillance and an increase in security personnel. While these measures provide additional layers of security, they only address external physical threats, with little protection against threats from privileged insiders.
Effective airport security requires a multi-faceted approach to address a variety of both insider and external threats. Insider threats require a heightened, innovative approach. While airports have made great strides to secure the ‘front door’ at airports, the greatest threat, the insider threat, to airports remains virtually unaddressed.
Please follow us on Twitter!