Posts

Nothing Found

Sorry, no posts matched your criteria

CORE-Observatory

AVIATION SECURITY – Transportation Security Administration Has Strengthened Planning to Guide Investments in Key Aviation Security Programs, but More Work Remains, GAO 2008 (CORE1067)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: This GAO report discusses the impact of the 26 billion USD that the Transportation Security Administration (TSA) has spent on aviation security since 2004. The report focuses especially on the current status and the future challenges of passenger screening, air cargo security and passenger watch-list matching program known as Secure Flight. The air cargo security discussion is the report’s most relevant section from the CORE’s viewpoint. The information in the report, that has been published as early as July 2008, is anyhow largely outdated: it discusses challenges that TSA and the air cargo community need to overcome before starting the 100% screening of air cargo that flies on board passenger planes, a legal requirement that become into force in August 2010 and that was set by the Implementing Recommendation of the 9/11 Commission Act of 2007 (aka the 9/11 Act). The report also recommended strengthening the security of US-bound foreign air cargo (into the US from the rest of the world), to bring it on a par with outbound air cargo security (from the US to rest of the world). More recent regulations and initiatives have corrected this weakness in the US air cargo security: today, third country air carriers must screen cargo up to US standards (or national standards if the country of origin and the US recognize each other’s air cargo regimes) before loading cargo on US-bound planes. The source document is available at: http://www.gao.gov/products/GAO-08-1024T.

[s2If is_user_logged_in()]

Full review: This GAO report provides useful background information about the US air cargo security regime. This information is going to be useful for the CORE demonstration 17.1 that is about time-critical express shipping of military aircraft parts from the US to Spain. In the demonstration, the express operator DHL ships the parts by plane, and thus compliance with the US air cargo security requirements is one of the key themes of this demo. Also WP 1 might use this GAO report to describe evolution of the US air cargo regime over the years. But though this analysis would be interesting, it is not going to be the essential content in the deliverable of the WP1.

 Cross-references:

  • GAO, Aviation Security: Federal Coordination for Responding to In-flight Security Threats Has Matured, but Procedures Can Be Strengthened, (Washington, D.C.: July 31, 2007).
  • G_A_O_, Aviation Security: Transportation Security Administration May Face Resource and other Challenges in Developing a System to Screen All Cargo Transported on Passenger Aircraft
  • GAO, Aviation Security: Federal Efforts to Secure U.S.-Bound Air Cargo Are in the Early Stages and Could Be Strengthened, GAO-07-660 (Washington, D.C.: April 2007).
  • GAO, Aviation Security: Progress Made in Systematic Planning to Guide Key Investment Decisions, but More Work Remains, GAO-07-448T (Washington, D.C.: February 13, 2007).

Full citation:

U.S. Government Accountability Office (GAO), 2008. Aviation Security – Transportation Security Administration Has Strengthened Planning to Guide Investments in Key Aviation Security Programs.

CORE1067

Additional keywords: Air cargo security, Certified Cargo Screening Program (CCSP)

[/s2If]

SUPPLY CHAIN SECURITY: Feasibility and Cost-Benefit Analysis Would Assist DHS and Congress in Assessing and Implementing the Requirement to Scan 100 Percent of U.S.-Bound Containers, GAO (October 2009, CORE1066)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: The document provides a comprehensive outlook on the past and recent US initiatives on container security. The report focuses on the challenges that prevent global implementation of the 100% scanning of US-bound containers in foreign ports with both non-intrusive inspection (NII) technologies and radiation detection devices, as mandated by the SAFE Port Act and the 9/11 Acts. The 100% scanning is believed to deter and detect terrorist attempts of smuggling weapons of mass destruction (WMD) into the United States inside a cargo container. The reports dates back to late 2009, so the description of the current state of the US container security it provides is not necessarily no longer accurate. The report anticipates that the implementation of the 100% scanning requirement will be delayed due to various problems that were identified during the precursory Secure Freight Initiative (SFI) pilots. These problems are related mainly to port logistics (routing of containers through scanning sites), employee safety (radiation of screening equipment) and technical constraints (equipment failures and poor quality of scanning images). Today, we know that the US authorities have deferred the implementation already twice, first to 2014 and for the second time until 2016. Altogether, this GAO report describes in detail the challenges of the 100% scanning law and elaborates some ongoing alternative risk-based approaches to container security: (1) the strategic trade lane strategy that aims to establish 100% scanning only in high terrorist risk foreign sea ports and (2) the “10 + 2” data requirements that importers and ocean carriers must submit to the US Customs and Border Protection (CBP) prior to a container is loaded aboard a US-bound vessel so that the US authorities can calculate more precise risk for each shipping container. This report includes relevant information for all the CORE’s demonstrations that involve US-bound maritime transportation. The source document is available at: http://www.gao.gov/products/GAO-10-12.

[s2If is_user_logged_in()]

Full review: The GAO document provides interesting insights on the evolution of the US container security regulations over the years. This is useful supportive information for CORE demonstrations that involve maritime shipping of containers into the US. The GM demonstration of the WP9 for example covers exports of automobile parts from the EU into the US by transatlantic ocean transport. If the US Congress does not repeal or defer the 100% scanning requirement, the port of Felixstove that participates in the demonstration, need to start scanning also all GM’s US-bound containers. Likewise, the FALACUS demo (WP14), which is about shipping of ceramic tiles from Italy to the US, must take into consideration the possible effects of the 100% scanning requirement. This demonstration is particularly interesting from the 100% scanning requirement standpoint because some ceramic tiles are naturally radioactive, and thus they tend to trigger false alarms in the radiation controls. Also the P&G demonstrator in the WP17, that focuses on shipping of consumer goods into the US, the possible impact of the 100% scanning regulation.

Besides the demonstrations, the CORE’s risk cluster might benefit from the detailed analysis of the risk-based approaches to the US container security, such as the strategic trade lane strategy and the “10 + 2” data requirement. All demonstrations might benefit from lessons learnt how GAO has advises DHS and CBP to carry out cost-benefit analyses for the US container security programs (especially the Secure Freight Initiative).

Cross-references:

  • Combating Nuclear Smuggling: Efforts to Deploy Radiation Detection Equipment in the United States and in Other Countries. GAO-05-840T. Washington, D.C.: June 21, 2005.
  • Container Security: A Flexible Staffing Model and Minimum Equipment Requirements Would Improve Overseas Targeting and Inspection Efforts. GAO-05-557. Washington, D.C.: April 26, 2005.
  • Bakshi, N., Flynn, S. E., & Gans, N. (2011). Estimating the operational impact of container inspections at international ports. Management Science, 57(1), 1-.‐‑20.

Full citation:

U.S. Government Accountability Office (GAO), 2009. Supply Chain Security Feasibility and Cost-Benefit Analysis Would Assist DHS and Congress in Assessing and Implementing the Requirement to Scan 100 Percent of U.S.-Bound Containers.

CORE1066

Additional keywords: Ocean transportation, counter-terrorism, non-intrusive inspection

[/s2If]

Review on “MARITIME CRITICAL INFRASTRUCTURE PROTECTION – DHS Needs to Better Address Port Cybersecurity”, Report to the Chairman, Committee on Commerce, Science, and Transportation, U.S. Senate, United States Government Accountability Office, June 2014 (CORE1098)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , /by

CORE1098-Summary: Actions taken by the Department of Homeland Security (DHS) and two of its component agencies, the U.S. Coast Guard and Federal Emergency Management Agency (FEMA), as well as other federal agencies, to address cybersecurity in the maritime port environment have been limited. Report is available at: http://www.gao.gov/assets/670/663828.pdf

[s2If is_user_logged_in()]

Full review: While the Coast Guard initiated a number of activities and coordinating strategies to improve physical security in specific ports, it has not conducted a risk assessment that fully addresses cyber-related threats, vulnerabilities, and consequences. Coast Guard officials stated that they intend to conduct such an assessment in the future, but did not provide details to show how it would address cybersecurity. Until the Coast Guard completes a thorough assessment of cyber risks in the maritime environment, the ability of stakeholders to appropriately plan and allocate resources to protect ports and other maritime facilities will be limited.

Maritime security plans required by law and regulation generally did not identify or address potential cyber-related threats or vulnerabilities. This was because the guidance issued by Coast Guard for developing these plans did not require cyber elements to be addressed. Officials stated that guidance for the next set of updated plans, due for update in 2014, will include cybersecurity requirements. However, in the absence of a comprehensive risk assessment, the revised guidance may not adequately address cyber-related risks to the maritime environment.

The degree to which information-sharing mechanisms (e.g., councils) were active and shared cybersecurity-related information varied. Specifically, the Coast Guard established a government coordinating council to share information among government entities, but it is unclear to what extent this body has shared information related to cybersecurity. In addition, a sector coordinating council for sharing information among nonfederal stakeholders is no longer active, and the Coast Guard has not convinced stakeholders to reestablish it. Until the Coast Guard improves these mechanisms, maritime stakeholders in different locations are at greater risk of not being aware of, and thus not mitigating, cyber-based threats.

Under a program to provide security-related grants to ports, FEMA identified enhancing cybersecurity capabilities as a funding priority for the first time in fiscal year 2013 and has provided guidance for cybersecurity-related proposals. However, the agency has not consulted cybersecurity-related subject matter experts to inform the multi-level review of cyber-related proposals—partly because FEMA has downsized the expert panel that reviews grants. Also, because the Coast Guard has not assessed cyber-related risks in the maritime risk assessment, grant applicants and FEMA have not been able to use this information to inform funding proposals and decisions. As a result, FEMA is limited in its ability to ensure that the program is effectively addressing cyber-related risks in the maritime environment.

Why GAO Did This Study? U.S. maritime ports handle more than $1.3 trillion in cargo annually. The operations of these ports are supported by information and communication systems, which are susceptible to cyber-related threats. Failures in these systems could degrade or interrupt operations at ports, including the flow of commerce. Federal agencies—in particular DHS—and industry stakeholders have specific roles in protecting maritime facilities and ports from physical and cyber threats. GAO’s objective was to identify the extent to which DHS and other stakeholders have taken steps to address cybersecurity in the maritime port environment. GAO examined relevant laws and regulations; analyzed federal cybersecurity-related policies and plans; observed operations at three U.S. ports selected based on being a high-risk port and a leader in calls by vessel type, e.g. container; and interviewed federal and nonfederal officials.

What GAO Recommends? GAO recommends that DHS direct the Coast Guard to (1) assess cyber-related risks, (2) use this assessment to inform maritime security guidance, and (3) determine whether the sector coordinating council should be reestablished. DHS should also direct FEMA to (1) develop procedures to consult DHS cybersecurity experts for assistance in reviewing grant proposals and (2) use the results of the cyber-risk assessment to inform its grant guidance. DHS concurred with GAO’s recommendations.

Full citation:  “MARITIME CRITICAL INFRASTRUCTURE PROTECTION – DHS Needs to Better Address Port Cybersecurity”, Report to the Chairman, Committee on Commerce, Science, and Transportation, U.S. Senate, United States Government Accountability Office, June 2014.

CORE1098

Keywords: Maritime Security, Port Security, Cyber – Security, CBP U.S. – Customs and Border Protection, Coast Guard U.S., DHS-Department of Homeland Security, FEMA-Federal Emergency Management Agency, ISAC-information sharing and analysis center, IT-information technology, MTSA-Maritime Transportation Security Act of 2002, NIPP-National Infrastructure Protection Plan, AFE Port Act-Security and Accountability for Every Port Act of 2006, TSA-Transportation Security Administration

[/s2If]

Review on The Critical Infrastructure Gap: U.S. Port Facilities and Cyber Vulnerabilities, Policy Paper, July 2013, Center for 21st Century Security and Intelligence (CORE1095)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary: In a 50-page policy paper by the Brookings Institute and authored by Commander Joseph Kramek of the U.S.Coast Guard and a Federal Executive Fellow at the institute, the current state of affairs related to vulnerabilities at our national seaports is discussed and options to shore up cyber security are presented. In the executive summary, Commander Kramek writes that today’s U.S. port facilities rely as much upon networked computer and control systems as they do upon stevedores to ensure the flow of maritime commerce that the economy, homeland, and national security depend upon. Yet, unlike other sectors of critical infrastructure, little attention has been paid to the networked systems that undergird port operations. Report is available at: http://www.brookings.edu/~/media/research/files/papers/2013/07/02%20cyber%20port%20security%20kramek/03%20cyber%20port%20security%20kramek.pdf

[s2If is_user_logged_in()]

Full review: No cybersecurity standards have been promulgated for U.S. ports, nor has the U.S. Coast Guard, the lead federal agency for maritime security, been granted cybersecurity authorities to regulate ports or other areas of maritime critical infrastructure. In the midst of this lacuna of authority is a sobering fact: according to the most recent National Intelligence Estimate (NIE) the next terrorist attack on U.S. Critical Infrastructure and Key Resources (CIKR) is just as likely to be a cyber attack as a kinetic attack.

The potential consequences of even a minimal disruption of the flow of goods in U.S. ports would be high. The zero-inventory, just-in-time delivery system that sustains the flow of U.S. commerce would grind to a halt in a matter of days; shelves at grocery stores and gas tanks at service stations would run empty. In certain ports, a cyber disruption affecting energy supplies would likely send not just a ripple but a shockwave through the U.S. and even global economy.

Given the absence of standards and authorities, this paper explores the current state of cybersecurity awareness and culture in selected U.S. port facilities. The use of the post-9/11 Port Security Grant Program (PSGP), administered by the Federal Emergency Management Agency, is also examined to see whether these monies are being used to fund cybersecurity projects.

Full citation:   The Critical Infrastructure Gap: U.S. Port Facilities and Cyber Vulnerabilities, Policy Paper, July 2013, Center for 21st Century Security and Intelligence.

CORE1095

Keywords: Maritime Security, Cyber-security, Port Security Grant Program (PSGP), Port facility, Coast Guard, Maritime Transportation Security Act (MTSA).

[/s2If]

Drug trafficking in the Caribbean – the Full circle (the Economist May 2014, CORE2005)

/0 Comments/in , , , , , , , , , , , , , , , , /by

Summary

Anti-drug officials report rising cocaine imports into the US through the Caribbean islands. The officials ascribe the increasing popularity of the Caribbean route to the strengthened enforcement of alternative trafficking routes. The South American cocaine smuggling routes have displaced several times over the years due, and now again the Caribbean route is the same one than traffickers used two decades ago. The new wave of trafficking through is expected to increase violence and undermine anti-corruption efforts in the Caribbean.

The drug traffickers move significant amounts of their cocaine from Colombian coca farms and laboratories to Venezuela by jungle trails, riverboats and small aircraft. From the Venezuelan coast, the contraband is smuggled to Caribbean islands by speedboats, planes, sometimes hidden inside commercial cargo. The cocaine traffickers use then yachts, mules, cruise ships, fast boats and commercial cargo vessels to smuggle the illegal drugs into the US and Europe. The new wave of trafficking through is expected to increase violence and undermine anti-corruption efforts in the Caribbean. Review by Toni Männistö (CBRA)

[s2If is_user_logged_in()]

Full review

Anti-drug officials report rising cocaine imports into the US through the Caribbean islands. The officials ascribe the increasing popularity of the Caribbean route strengthened law enforcement of alternative trafficking routes. Because traffickers prefer smuggling routes that offer the highest profit-to-risk ratios, the South American cocaine smuggling networks are evolving constantly. Routes have displaced several times over the years, and now the route is again the same than two decades ago.

Today, traffickers move again significant amounts of their cocaine from Colombian coca farms and laboratories to Venezuela by jungle trails, riverboats and small aircraft. From the Venezuelan coast, the contraband is smuggled to Caribbean islands by speedboats, planes and sometimes hidden inside commercial cargo. The cocaine traffickers use then yachts, mules, cruise ships, fast boats and commercial cargo vessels to smuggle the illegal drugs into the US and Europe.  The new wave of trafficking through is expected to increase violence and undermine anti-corruption efforts in the Caribbean. The new wave of trafficking through is expected to increase violence and undermine anti-corruption efforts in the Caribbean.

Trends of international drug trafficking often influence intensity of law enforcement efforts in global supply chains. Thus, changes in South American drug trafficking may affect also the two CORE trade lanes that import goods from the region into Europe, (1) imports of fresh cut flowers from Colombia to the Netherlands (WP11) and (2) imports of coffee and cocoa beans from South America to Europe (WP13). These trade lanes may become subject to more intense anti-drug controls over the following years. Besides the CORE demo cluster, also the CORE risk cluster benefit from the insight this article provides on the recent trends in routes, volumes and methods of the South American drug trafficking. This information may be useful for CORE’s activities that are developing educational and training material.

Reference

Drug trafficking in the Caribbean – the Full circle, the Economist, May 24th 2014

CORE2005

[/s2If]

ECSIT Report Summary (CORE3005)

/0 Comments/in /by

Summary: This reference project review focuses on German national funded research project ECSIT: Enhancing container security through non-contact inspection at the seaport terminal. The work done in ECSIT in non-intrusive inspection devices should be continued and refined in CORE ST2.3 Next Generation Scanning System. Furthermore the ECSIT AP7 Demonstration of the system might be used as a good working example for organization and operating plans towards the CORE ST 2.3.4 Field Demonstration. More support from ECSIT might be given to CORE T7.3 Scenario-based simulation and towards US-based Demo WPs for the broadly discussed and approved scenarios how to survey container with a multi-layered inspection approach in mind. The authors of the review are Marcus Engler and Matthias Dreyer, ISL. You can find the full review and original files in CORE e-library, with the coding CORE3005. More information on the project at: https://www.isl.org/en/projects/ecsit
Read more

Report to Congress on Integrated Scanning System Pilots (Security and Accountability for Every Port (SAFE) Act of 2006, Section 231), U.S. Customs and Border Protection (CORE1039)

/0 Comments/in /by

Summary: The document reports the pilot of an integrated scanning system at three foreign ports during the six month pilot period beginning in October of 2007, which were directed by the US Congress to the Secretary of the Department of Homeland Security (DHS), in coordination with the Secretary of the Department of Energy (DOE), as necessary, and the private sector and host governments when possible. Full review report, and the original source file, can be found in CORE e-library with the code CORE1039. Source file at: http://155.14.72.204/security/documents/sfi_finalreport.pdf
Read more

Material Handling Logistics US Roadmap (CORE1038)

/0 Comments/in /by

Summary: This report describes the conditions and circumstances the Material Handling and Logistics (MH&L) Industry is likely to face in the coming years up to 2025. This report might impact all CORE Demo WPs concerned with US transports containing a hinterland leg, depending on the actual layout of the trade lane. The WPs having visibility, planning of transports, resilience with future tracking systems, the theme big data and predictive analytics in focus might benefit from this report. As usual, you can find the full analysis, with the original report, at the CORE e-library, with the code CORE1038. Source file at: http://www.mhlroadmap.org/roadmap.html
Read more

Review of Critical Issues in US Transportation, 2013 (CORE1037)

/0 Comments/in /by

Summary: CRITICAL ISSUES IN TRANSPORTATION, 2013, Transportation Research Board (TRB) of the National Academies. This report might impact all Demo WPs concerned with US transports containing a hinterland leg, depending on the actual layout of the trade lane. From the six areas – Reliability, Innovation, Environment, Safety, Funding, and R&D investment – the first three might be taken into account for CORE. Coding is CORE1037, in the e-library of the CORE-project. Source file at: http://onlinepubs.trb.org/Onlinepubs/general/criticalissues13.pdf

Read more

The Foreign Corrupt Practices Act, US (CORE1023)

/0 Comments/in /by

Summary: FCPA: A Resource Guide to the U.S. Foreign Corrupt Practices Act. Foreign Corrupt Practices Act of 1977 (15 U.S.C. §§ 78dd-1, et seq.). The document underlines corruption as a facilitating element for other crimes such as human trafficking and smuggling. Relevant mainly for CORE WP19 on education and training. Full review and sources file are coded as CORE1023. Source file at: http://www.justice.gov/criminal/fraud/fcpa/docs/fcpa-english.pdf
Read more

Interviews

Nothing Found

Sorry, no posts matched your criteria