CORE-Observatory

La solución de ventanilla única de Zambia y Zimbabwe para impulsar el comercio entre los países africanos, The Guardian (CORE2008)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Resumen

El reportaje de The Guardian resume los beneficios y desafíos de la ventanilla única, ubicada en el cruce fronterizo de Chirundu cruzando el río Zambezi entre Zambia y Zimbabwe. En el puesto fronterizo, funcionarios de ambos países inspeccionan solo el tráfico de entrada, por ejemplo, autoridades de Zimbabwe controlan solo el tráfico entrante a Zimbabwe. Gracias a esta disposición de ventanilla única, camiones y barcazas están obligados a detenerse únicamente una vez y se someten a un solo conjunto de trámites fronterizos. El sistema de ventanilla única ha acelerado el cruce fronterizo enormemente, desde dos o tres días de espera hasta 30 minutos. Por otra parte, la rapidez de los trámites fronterizos se ha traducido en un mayor tráfico en el puesto fronterizo (de 2000 camiones al mes cuando inició a 14000 en la actualidad) y mayores ingresos fiscales y arancelarios asociados a este incremento. Pero lo más importante, la agilización y simplificación de los trámites fronterizos ha facilitado el comercio de muchos comerciantes a pequeña escala, quienes comúnmente comercial pequeñas cantidades de alimentos, ropa y otros bienes de consumo. Hoy en día, estos pequeños comerciantes se enfrentan a menos retrasos, trámites engorrosos y medidas arbitrarias y pagos que deshonestos funcionarios pueden imponer a sus bienes. Este progreso ha traído muchos comerciantes informales, quienes antes utilizaban el contrabando para sus mercancías, y ahora han vuelto a la esfera de la economía formal. Aún así, el contrabando sigue siendo un problema importante en África: el artículo sugiere que hay rutas de contrabando establecidas para que camiones de 30 toneladas las utilicen para evadir los controles aduaneros, y que esta economía informal de contrabando representa un asombroso tercio del producto interno bruto (PIB) del África. El artículo sugiere que la proporción de la economía informal podría reducirse aún más mediante la consolidación de bloques comerciales africanos (ya hay varios), la armonización y simplificación de trámites fronterizos y el reforzamiento de la agencia de cooperación en frontera. El reportaje está disponible (en inglés) en: http://www.theguardian.com/global-development/2012/may/29/zambia-zimbabwe-intra-african-trade.

Reseña por Toni Männistö.

[s2If is_user_logged_in()]

Full review

This Guardian article showcases a great example of successful border agency cooperation in Africa. The CORE WP12, the “demonstrator Schipol” focusing on shipping of fresh cut flowers from Kenya to the Netherlands, might choose to study this African one-stop border concept in more detail. Closer analysis may reveal key success factors and obstacles that characterize the border agency cooperation in Africa. Also CORE’s WP19, that produces material for training and education, may use this African one-stop border as an illustrative example of border agency cooperation in developing countries. The CORE’s risk and IT clusters might need to explore this case in more detail to understand technical aspects of this one-stop border post concept.

Reference

The Guardian, Zambia and Zimbabwe’s single-stop solution to boosting intra-African trade, the Guardian, 29. May, 2012. Retrieved from http://www.theguardian.com/global-development/2012/may/29/zambia-zimbabwe-intra-african-trade

CORE2008

[/s2If]

Comentario de “Protección de la Infraestructura Crítica Marítima – El Departamento de Seguridad Nacional necesita dirigir mejor la seguridad cibernética Portuaria”, Informe al Presidente, Comisión de Comercio, Ciencia y Transporte, Senado de los Estados Unidos, Oficina de Rendición de Cuentas del Gobierno de los Estados Unidos, junio de 2014 (CORE1098)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , /by

Resumen: Las medidas adoptadas por el Departamento de Seguridad Nacional (DHS, por sus siglas en inglés) y dos de las agencias que lo componen, la Guardia Costera de los Estados Unidos y la Agencia Federal para el Manejo de Emergencias (FEMA, por sus siglas en inglés), así como otras agencias federales, para hacer frente a la seguridad cibernética en el entorno marítimo portuario, han sido limitadas. Reporte disponible (en inglés) en: http://www.gao.gov/assets/670/663828.pdf

[s2If is_user_logged_in()]

Full review: While the Coast Guard initiated a number of activities and coordinating strategies to improve physical security in specific ports, it has not conducted a risk assessment that fully addresses cyber-related threats, vulnerabilities, and consequences. Coast Guard officials stated that they intend to conduct such an assessment in the future, but did not provide details to show how it would address cybersecurity. Until the Coast Guard completes a thorough assessment of cyber risks in the maritime environment, the ability of stakeholders to appropriately plan and allocate resources to protect ports and other maritime facilities will be limited.

Maritime security plans required by law and regulation generally did not identify or address potential cyber-related threats or vulnerabilities. This was because the guidance issued by Coast Guard for developing these plans did not require cyber elements to be addressed. Officials stated that guidance for the next set of updated plans, due for update in 2014, will include cybersecurity requirements. However, in the absence of a comprehensive risk assessment, the revised guidance may not adequately address cyber-related risks to the maritime environment.

The degree to which information-sharing mechanisms (e.g., councils) were active and shared cybersecurity-related information varied. Specifically, the Coast Guard established a government coordinating council to share information among government entities, but it is unclear to what extent this body has shared information related to cybersecurity. In addition, a sector coordinating council for sharing information among nonfederal stakeholders is no longer active, and the Coast Guard has not convinced stakeholders to reestablish it. Until the Coast Guard improves these mechanisms, maritime stakeholders in different locations are at greater risk of not being aware of, and thus not mitigating, cyber-based threats.

Under a program to provide security-related grants to ports, FEMA identified enhancing cybersecurity capabilities as a funding priority for the first time in fiscal year 2013 and has provided guidance for cybersecurity-related proposals. However, the agency has not consulted cybersecurity-related subject matter experts to inform the multi-level review of cyber-related proposals—partly because FEMA has downsized the expert panel that reviews grants. Also, because the Coast Guard has not assessed cyber-related risks in the maritime risk assessment, grant applicants and FEMA have not been able to use this information to inform funding proposals and decisions. As a result, FEMA is limited in its ability to ensure that the program is effectively addressing cyber-related risks in the maritime environment.

Why GAO Did This Study? U.S. maritime ports handle more than $1.3 trillion in cargo annually. The operations of these ports are supported by information and communication systems, which are susceptible to cyber-related threats. Failures in these systems could degrade or interrupt operations at ports, including the flow of commerce. Federal agencies—in particular DHS—and industry stakeholders have specific roles in protecting maritime facilities and ports from physical and cyber threats. GAO’s objective was to identify the extent to which DHS and other stakeholders have taken steps to address cybersecurity in the maritime port environment. GAO examined relevant laws and regulations; analyzed federal cybersecurity-related policies and plans; observed operations at three U.S. ports selected based on being a high-risk port and a leader in calls by vessel type, e.g. container; and interviewed federal and nonfederal officials.

What GAO Recommends? GAO recommends that DHS direct the Coast Guard to (1) assess cyber-related risks, (2) use this assessment to inform maritime security guidance, and (3) determine whether the sector coordinating council should be reestablished. DHS should also direct FEMA to (1) develop procedures to consult DHS cybersecurity experts for assistance in reviewing grant proposals and (2) use the results of the cyber-risk assessment to inform its grant guidance. DHS concurred with GAO’s recommendations.

Full citation:  “MARITIME CRITICAL INFRASTRUCTURE PROTECTION – DHS Needs to Better Address Port Cybersecurity”, Report to the Chairman, Committee on Commerce, Science, and Transportation, U.S. Senate, United States Government Accountability Office, June 2014.

CORE1098

Keywords: Maritime Security, Port Security, Cyber – Security, CBP U.S. – Customs and Border Protection, Coast Guard U.S., DHS-Department of Homeland Security, FEMA-Federal Emergency Management Agency, ISAC-information sharing and analysis center, IT-information technology, MTSA-Maritime Transportation Security Act of 2002, NIPP-National Infrastructure Protection Plan, AFE Port Act-Security and Accountability for Every Port Act of 2006, TSA-Transportation Security Administration

[/s2If]

Comentario de Consideración y Adopción de Enmiendas al Convenio Internacional para la Seguridad de la Vida Humana en el Mar, 1974, Organización Marítima Internacional (CORE1097)

/0 Comments/in , , , , , , , , , , , , , , , , , , /by

Resumen: El Código Internacional de para la Protección de Buques e Instalaciones Portuarias (PBIP o ISPS, por sus siglas en inglés) establece nuevos estándares de seguridad para buques en el mar, así como las instalaciones portuarias de todo el mundo. Su objetivo es realizar actividades de transporte marítimo más seguras contra las amenazas del terrorismo, la piratería y el contrabando. La seguridad en el mar ha sido una preocupación para gobiernos, compañías navieras, autoridades portuarias, y exportadores e importadores a lo largo de los años. Los ataques terroristas del 11 de septiembre de 2001, fueron catalizadores para la formalización de nuevas y rigurosas medidas. En diciembre de 2002, la Organización Marítima Internacional (OMI), organización especializada de la Naciones Unidas (UN), realizó una conferencia para discutir temas relacionados con la seguridad en el mar. En este conferencia, los representantes de 150 naciones (los estados miembros), participaron en la redacción de las enmiendas a la Convención Internacional para la Seguridad de la Vida Humana en el Mar (SOLAS, en inglés) y se adoptó el Código PBIP. Los cambios a la Convención SOLAS incluyen enmiendas a los capítulos V y Xi, y el Capítulo XI fue dividido en los Capítulos XI-1 y XI-2. El Código, por su parte, está dividido en dos partes. La Parte A presenta los requisitos obligatorios y la Parte B contiene orientación con respecto a las disposiciones del capítulo XI-2 del Convenio y la Parte A del Código. Reporte disponible (en inglés) en: http://www.un.org/en/sc/ctc/docs/bestpractices/32.pdf

[s2If is_user_logged_in()]

Full review: The Code aims, among other things, to establish an international framework for co-operation between Contracting Governments, government agencies, local administrations and the shipping and port industries to detect security threats and take preventive measures against security incidents affecting ships or port facilities used in international trade and to establish relevant roles and responsibilities at the national and international level. ISPS provisions relating to port facilities relate solely to the ship/port interface. Also, ISPS provisions do not extend to the actual response to attacks or to any necessary clear-up activities after such an attack. In addition, for each ship and port authority affected, the ISPS Code requires:

  • The implementation of a Ship Security Plan (SSP),
  • The implementation of a Port Facility Security Plan (PFSP),
  • The appointment of a Ship Security Officer (SSO),
  • The appointment of a Company Security Officer (CSO),
  • The appointment of a Port Facility Security Officer (PFSO),
  • The installation of ship alarms, and
  • The installation of shipboard Automatic Identification Systems (AIS).

Enforcement Date: The ISPS Code went into effect on July 1, 2004.

Full citation:   Consideration and Adoption of Amendments to the International Convention for the Safety of Life at Sea, 1974, International Maritime Organization. SOLAS/CONF.5/32. 12 December 2002

CORE1097

Keywords: Maritime Security, Port Security, Ship Security Plan (SSP), Port Facility Security Plan (PFSP), Ship Security Officer (SSO), Port Facility Security Officer (PFSO), International Maritime Organization (IMO), Safety of Life at Sea (SOLAS).

[/s2If]

Comentario de “Contribuyendo a la seguridad en el envío de contenedores: ¿pueden los sensores pasivos brindar una solución? G. Janssens-Maenhout, F. De Roob, W. Janssens, Revista de Radioactividad Medioambiental, 2009 (CORE1096)

/0 Comments/in , , , , , , , , , , , , , , , , , /by

Resumen: el tráfico ilícito de material fisionable en carga de contenedores es reconocida como una debilidad potencial en seguridad nuclear. Atenuada por los atentados del 11 de septiembre de 2001, se tomaron medidas para mejorar la seguridad marítima en extensión a la Convención Internacional para la Seguridad de la Vida Humana en el Mar (SOLAS, en inglés) y en línea con las iniciativas de seguridad de contenedores de los Estados Unidos. Las técnicas efectivas de detección son necesarias para permitir que el inspector pueda interceptar el tráfico ilícito de componentes de armas nucleares o componentes de otros dispositivos nucleares explosivos. Reporte disponible (en inglés) en: https://www.researchgate.net/publication/38053693_Contributing_to_shipping_container_security_can_passive_sensors_bring_a_solution

[s2If is_user_logged_in()]

Full review: Many security measures focus on active interrogation of the container content by X-ray scan, which might be extended with the newly developed tagged neutron inspection system. Both active interrogation techniques can, with the current huge volume of container traffic, only be applied to a limited number of selected containers. The question arises whether a passive detection technique can offer an alternative solution.

This study investigates if containers equipped with a small passive detector will register during transport the neutron irradiation by fissionable material such as plutonium in a measurable way. In practice, 4/5 of the containers are about 1/8 filled with hydrogenous material and undergo a typical 2 months route. For this reference case, it was found that the most compatible passive detector would be an activation foil of iridium. Monte-Carlo simulations showed that for the reference case the activity of a 250 μm thin foil with 6 cm2 cross-section would register 1.2 Bq when it is irradiated by a significant quantity of Reactor-Grade PuO2. However this activity drops with almost two orders of magnitude for other fillings and other isotopic compositions and forms of the Pu-source. The procedure of selecting the target material for Pu detection is detailed with the theoretical methods, in order to be useful for other applications. Moreover the value of such additional passive sensors for securing maritime container transport is situated within the global framework of the First, Second and Third Line of Defense against illicit trafficking.

Full citation:   G. Janssens-Maenhout a, F. De Roob, W. Janssens (2009). Contributing to shipping container security: can passive sensors bring a solution?” Journal of Environmental Radioactivity 101(2):95-105 · OCTOBER 2009.

Keywords: Nuclear illicit trafficking, Maritime container transport, Passive detection technique

[/s2If]

Comentario de La Brecha en Infraestructura Crítica: Instalaciones Portuarias en Estados Unidos y Vulnerabilidades Cibernéticas, Documento de Política, Center for 21st Century Security and Intelligence (CORE1095)

/0 Comments/in , , , , , , , , , , , , , , , , /by

Resumen: En un documento de política de 50 páginas del Brookings Institute y elaborado por el Comandante Joseph Kramek de la Guardia Costera de los Estados Unidos y Miembro Ejecutivo Federal en la institución, se discute el estado actual de los asuntos relacionados con las vulnerabilidades en los puertos estadounidenses y se presentan las opciones para reforzar la seguridad cibernética. En el resumen ejecutivo, el Comandante Kramek escribe que las instalaciones portuarias estadounidenses de hoy en día se basan tanto de las redes y sistemas informáticos y de control como se basan de los estibadores para asegurar el flujo de comercio marítimo del que dependen el Estado, la economía y la seguridad nacional. Sin embargo, a diferencia de otros sectores críticos en la infraestructura, se ha prestado poca atención a los sistemas de redes que sustentan las operaciones portuarias. Reporte disponible (en inglés) en: http://www.brookings.edu/~/media/research/files/papers/2013/07/02%20cyber%20port%20security%20kramek/03%20cyber%20port%20security%20kramek.pdf

[s2If is_user_logged_in()]

Full review: No cybersecurity standards have been promulgated for U.S. ports, nor has the U.S. Coast Guard, the lead federal agency for maritime security, been granted cybersecurity authorities to regulate ports or other areas of maritime critical infrastructure. In the midst of this lacuna of authority is a sobering fact: according to the most recent National Intelligence Estimate (NIE) the next terrorist attack on U.S. Critical Infrastructure and Key Resources (CIKR) is just as likely to be a cyber attack as a kinetic attack.

The potential consequences of even a minimal disruption of the flow of goods in U.S. ports would be high. The zero-inventory, just-in-time delivery system that sustains the flow of U.S. commerce would grind to a halt in a matter of days; shelves at grocery stores and gas tanks at service stations would run empty. In certain ports, a cyber disruption affecting energy supplies would likely send not just a ripple but a shockwave through the U.S. and even global economy.

Given the absence of standards and authorities, this paper explores the current state of cybersecurity awareness and culture in selected U.S. port facilities. The use of the post-9/11 Port Security Grant Program (PSGP), administered by the Federal Emergency Management Agency, is also examined to see whether these monies are being used to fund cybersecurity projects.

Full citation:   The Critical Infrastructure Gap: U.S. Port Facilities and Cyber Vulnerabilities, Policy Paper, July 2013, Center for 21st Century Security and Intelligence.

CORE1095

Keywords: Maritime Security, Cyber-security, Port Security Grant Program (PSGP), Port facility, Coast Guard, Maritime Transportation Security Act (MTSA).

[/s2If]

Trade and money laundering uncontained (the Economist, May 2014, CORE2006)

/0 Comments/in , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , /by

Summary

International trade is becoming one of the main instruments for cross-border money laundering aside common bank transfers, remittances and cash smuggling. The ”trade-based money laundering” disguises illegal trading as seemingly legitimate commercial transactions. The most common technique is mis-invoicing in which fraudsters undervalue imports or overvalue exports to repatriate ill-gotten money from abroad. For example, official records show that Mexican exports to US are much higher than the US imports from Mexico, a discrepancy that signs fraud by Mexican criminals, most likely drug cartels. In general, the trade-based money laundering offers new financial tools for a broad range of drug traffickers, arms smugglers, corrupt politicians, terrorists and evaders of taxes, duties and capital controls. Review by Toni Männistö (CBRA)

[s2If is_user_logged_in()]

Full review

International trade is becoming one of the main instruments for cross-border money laundering aside common bank transfers, remittances and cash smuggling. The ”trade-based money laundering” disguises illegal trading as seemingly legitimate commercial transactions. The most common technique is mis-invoicing in which fraudsters undervalue imports or overvalue exports to repatriate ill-gotten money from abroad. For example, official records show that Mexican exports to US are much higher than the US imports from Mexico, a discrepancy that signs fraud by Mexican criminals, most likely drug cartels. In general, the trade-based money laundering offers new financial tools for a broad range of drug traffickers, arms smugglers, corrupt politicians, terrorists and evaders of taxes, duties and capital controls.

The new methods for cross-border money laundering and tax evasion concern most CORE demonstrations, especially those involving international cargo movements. The emerging risk of trade-based money laundering calls for new and more effective enforcement of trade transactions. CORE is developing new solutions (e.g., data pipeline and system-based supervision) for capturing and sharing trade information across logistics operators and law enforcement agencies. The new solutions likely improve law enforcement’s capability to detect suspicious trade transactions that may have something to do with the trade-based money laundering. However, building such capability requires IT integration (e.g., interoperability), risk awareness and education and training. CORE consortium addresses these complementary activities in work carried out in risk, IT and educational clusters.

Reference

Trade and money laundering uncontained, the Economist, May 3rd 2014

CORE2006

[/s2If]

Proyecto FP7, Resumen del informe e-Freight (CORE3003a)

/0 Comments/in /by

Resumen: Este documento trata sobre la revisión CORE de los proyectos de referencia y las especificaciones de los resultados reutilizables, en el proyecto FP7 e-Freight. Los autores son Marcus Engler y Oliver Klein, ambos de ISL. Los archivos originales se pueden encontrar en la biblioteca electrónica CORE, con la codificación CORE3003a. Más información sobre el proyecto en: http://www.efreightproject.eu/
Read more